Privacy and Proxy Services Accreditation
Implementation Project Status
Updated 9 August 2019
- Implementation of the Privacy and Proxy Service Provider Accreditation Program is currently on hold, pending related EPDP work on an access model for nonpublic gTLD registration data
- Once the draft accreditation program requirements are complete, the following draft materials are expected to be published for public comment, along with questions for community feedback:
- Privacy and Proxy Service Provider Accreditation Policy
- Privacy and Proxy Service Provider Accreditation Agreement
- Privacy and Proxy Service Provider Accreditation Program Applicant Guide
- Privacy and Proxy Service Provider Suspension, De-Accreditation and Transition Procedure
- During the public comment period, the IRT will discuss issues related to the Transfer Policy that were referred to the IRT by the GNSO Council.
- Board Approval: 9 August 2016
- Draft implementation plan/framework distributed to IRT: 14 October 2016 (available on the community wiki, login required for access)
- IRT kickoff meeting: 18 October 2016
- [TBD] Public comment period on proposed implementation of Privacy and Proxy Service Provider Accreditation Program.
- Completion of IRT's work and announcement of final requirements and effective date will depend on the results of the public comment forum.
The 2013 Registrar Accreditation Agreement (RAA) includes a Specification on Privacy and Proxy Registrations that contains requirements for privacy and proxy service registrations offered through affiliates and resellers of registrars accredited under the 2013 RAA.
These requirements will be replaced by the Privacy and Proxy Accreditation Program. ICANN is implementing this program based on Final Recommendations [PDF, 1.24 MB] that were developed by the GNSO Privacy & Proxy Services Accreditation Issues PDP Working Group, adopted by the GNSO Council and approved by the ICANN Board.
New accreditation program requirements will include:
- Detailed frameworks for provider responses to requests from law enforcement authorities and intellectual property holders
- Standardized requirements for providers' relay of communications from third parties to privacy and proxy service customers
- Provider data escrow and data retention requirements
- A new Registration Data Directory Service label to identify registrations involving a privacy and or proxy service
- Required provider notices to privacy and proxy service customers and third-party requesters
- A mandatory provider educational program