Skip to main content

ICANN- and Community-Proposed Compliance Models for Community Discussion

ICANN- and Community-Proposed Compliance Models for Community Discussion

This page includes proposed models for compliance with the GDPR and ICANN contracts. These models were developed by both ICANN and community members.

The ICANN-proposed models represent input from across the ICANN community, data protection authorities, legal analyses, and the community-proposed models that had been received prior to publication of the ICANN models, and which are posted below.

The community-proposed models were submitted in response to the 2 November statement from Contractual Compliance. For more information about these proposed models, please visit the Guidelines for Proposed Models to Address the GDPR section of our Data Protection/Privacy Issues webpage.

Click here to return to ICANN's Data Protection/Privacy Issues webpage.

ICANN-Proposed Compliance Models

8 March 2018 – Interim Model for Compliance with ICANN Agreements and Policies in Relation to the European Union's General Data Protection Regulation – WORKING DRAFT FOR CONTINUED DISCUSSION [PDF, 923 KB]

This document presents a unified approach for how ICANN and the industry of more than 1,000 generic top-level domain (gTLD) registries and registrars could comply with existing contractual requirements and community developed policies concerning the processing of registration data, which includes personal data, in light of the GDPR. It represents an interim solution and does not replace the multistakeholder policy development and implementation activities that are underway. ICANN is publishing this working draft for community feedback as it works to finalize a model for adoption. Please send input to

28 February 2018 – Proposed Interim Model for GDPR Compliance -- Summary Description [PDF, 728 KB]

This document providing a high-level summary of the proposed final interim model, including a proposal for an accreditation program for continued access to full Thick WHOIS data for accredited users/entities. The legal justification for collection and use of the WHOIS data included in the interim model is not included in this summary document, but will be based on legitimate interests of the controller or third parties, and will be detailed in an analysis accompanying the Final Interim Compliance Model. See also below, the updated Working Draft Non-Paper [XLSX, 21 KB], which is chart comparing ICANN- and community-proposed models based on various elements of registration data against the proposed final interim model.

Please send your feedback to, preferably prior to ICANN61, where we will continue this conversation on the direction we are taking toward interim compliance with the GDPR.

12 January 2018 – Proposed Interim Models for Compliance with ICANN Agreements and Policies in Relation to the European Union's General Data Protection Regulation [PDF, 624 KB]

These proposed models represent input from across the ICANN community, data protection authorities, legal analyses, and the proposed models we have received to date. This document represents a draft for community discussion and input. We are seeking your input on the proposals. From that input either variations or modifications to one of these models will be identified at the end of January for the path forward. To ensure we reach this goal, we need your feedback by 29 January 2018. Please send your feedback to

Community input, including proposed models for compliance, as well as the Hamilton firm's legal analyses, contributed to the development of these proposed models. Those documents are referenced below.

Community-Proposed Compliance Models

Model # Date Submitted Submitter Submitter Organization Documents
CM5 11 January 2018 Faisal Shah Focus IP, Inc. dba Appdetex

Cover Page [PDF, 70 KB]

Executive Summary [PDF, 70 KB]

Details of Proposal [PDF, 70 KB]

Template Questions [PDF, 70 KB]

CM4 11 January 2018 Frederick Felman Personal Capacity

Cover Page [PDF, 70 KB]

Executive Summary [PDF, 70 KB]

Details of Proposal [PDF, 70 KB]

CM3 11 January 2018 Thomas Rickert Eco Internet Industry Association

Cover Page [PDF, 70 KB]

Companies / Groups Involved in the Development of the Proposal [PDF, 70 KB]

Executive Summary and Proposal [PDF, 70 KB]

Domain Industry Playbook [PDF, 70 KB]

CM2 21 December 2017 Dean Marks Coalition for Online Accountability (COA)

Cover Page [PDF, 25 KB]

Executive Summary [PDF, 26 KB]

Details of Proposal [PDF, 102 KB]

Working Draft GDPR Compliant WHOIS Model [PDF, 70 KB]

CM1 11 November 2017 Greg Aaron iThreat Cyber Group

Strawman Proposal for WHOIS compliance with GDPR [PDF, 89 KB]

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."