Privacy and Proxy Services Accreditation
Implementation Project Status
Updated 15 March 2021
- Implementation of the Privacy and Proxy Service Provider Accreditation Program is currently on hold, pending community discussions.
- EPDP Phase 1 Recommendation 27 provided that existing policies and procedures impacted by the Phase 1 recommendations be considered for updates as relevant. This analysis is in progress and is being discussed and reviewed with the community. This includes the PPSAI Recommendations. See EPDP Phase 1 Implementation Status page.
Upon resumption of the implementation, the following draft materials are expected to be published for public comment, along with questions for community feedback:
- Privacy and Proxy Service Provider Accreditation Policy
- Privacy and Proxy Service Provider Accreditation Agreement
- Privacy and Proxy Service Provider Accreditation Program Applicant Guide
- Privacy and Proxy Service Provider Suspension, De-Accreditation and Transition Procedure
- Board Approval: 9 August 2016
- Draft implementation plan/framework distributed to IRT: 14 October 2016 (available on the community wiki, login required for access)
- IRT kickoff meeting: 18 October 2016
- Public comment period on proposed implementation of Privacy and Proxy Service Provider Accreditation Program: TBD
The 2013 Registrar Accreditation Agreement (RAA) includes a Specification on Privacy and Proxy Registrations that contains requirements for privacy and proxy service registrations offered through affiliates and resellers of registrars accredited under the 2013 RAA.
These requirements will be replaced by the Privacy and Proxy Accreditation Program. ICANN is implementing this program based on Final Recommendations [PDF, 1.24 MB] that were developed by the GNSO Privacy & Proxy Services Accreditation Issues PDP Working Group, adopted by the GNSO Council and approved by the ICANN Board.
New accreditation program requirements will include:
- Detailed frameworks for provider responses to requests from law enforcement authorities and intellectual property holders
- Standardized requirements for providers' relay of communications from third parties to privacy and proxy service customers
- Provider data escrow and data retention requirements
- A new Registration Data Directory Service label to identify registrations involving a privacy and or proxy service
- Required provider notices to privacy and proxy service customers and third-party requesters
- A mandatory provider educational program