Skip to main content
Resources

Registration Directory Service (RDS) Review (formerly WHOIS Review)

Sign up to learn more

RDS Review Wiki Workspace Page
Find the latest status updates, recordings of past meetings, and opportunities to participate
Introduction to Reviews
Learn more about Reviews, their purpose and process for conducting and opportunities to participate
RDS Review Meeting Schedule
Find the schedule to observe RDS Review Team Meetings
RDS Fact Sheet
See the progress of the RDS Review Team towards completing the Review
RDS-WHOIS2 Implementation Progress
 

 


Objectives of the RDS Review

According to the Bylaws (Section 4.6(e)), ICANN shall use commercially reasonable efforts to enforce its policies relating to registration directory services and shall work with Supporting Organizations and Advisory Committees to explore structural changes to improve accuracy and access to generic top-level domain registration data, as well as consider safeguards for protecting such data.

The Board shall cause a periodic review to assess the effectiveness of the then current gTLD registry directory service and whether its implementation meets the legitimate needs of law enforcement, promoting consumer trust and safeguarding registrant data (“Directory Service Review”).

The review team for the Directory Service Review (“Directory Service Review Team”) will consider the Organisation for Economic Cooperation and Development (“OECD”) Guidelines on the Protection of Privacy and Transborder Flows of Personal Data as defined by the OECD in 1980 and amended in 2013 and as may be amended from time to time.

The Directory Service Review Team shall assess the extent to which prior Directory Service Review recommendations have been implemented and the extent to which implementation of such recommendations has resulted in the intended effect.

The Directory Service Review shall be conducted no less frequently than every five years, measured from the date the previous Directory Service Review Team was convened, except that the first Directory Service Review to be conducted after [1 October 2016] shall be deemed to be timely if the applicable Directory Service Review Team is convened on or before 31 October 2016.

Review Progress and Milestones

The graphic below illustrates phases and status of each review - a Circle arrow 360 indicates that all activities within a given phase have been completed.  The chart that follows the graphic provides further details of key activities and milestones within each phase – you can view these details by clicking on each of the phases in the graphic.  The table also contains links to relevant documents.

RDS (formerly WHOIS)
PhaseActivityDescriptionStart DateDocuments
Assemble Review TeamCall for VolunteersPublic announcement inviting volunteers to submit application28 Oct 2016
Call for Volunteers ExtensionApplication extended for the Registration Directory Service Review Team6 Dec 2016
Call for Volunteers DeadlineDeadline extension for the Registration Directory Service Review Team11 Jan 2017
Call for Volunteers DeadlineDeadline extension for the Registration Directory Service Review Team22 Feb 2017
Appointment of Board DesigneeBoard appoints a member to the RDS Review Team3 Feb 2017
Review Team AnnouncedSelection of the Registration Directory Service (RDS/WHOIS2-RT) Review Team Members Announced2 Jun 2017
Plan ReviewTerms of ReferenceTerms of Reference and Work Plan submitted to ICANN Board.9 Feb 2018
Conduct ReviewDraft ReportRegistration Directory Service (RDS) - WHOIS2 Review Draft report4 Sep 2018
Public Comment ExtendedPublic Comment period extended for the Draft Report of Recommendations6 Nov 2018
Final ReportRegistration Directory Service (RDS)-WHOIS2 Review Final Report3 Sep 2019
RDS Final Report Executive SummaryExecutive summary of the RDS Final Report3 Sep 2019
Draft Report & Recommendations Public CommentPublic Comment period for the Review Team's draft report of recommendations4 Sep 2018
Board ActionPublic Comment on Final ReportFinal report and recommendations posted for Public Comment8 Oct 2019
Board Action on RecommendationsBoard takes action on 22 recommendations25 Feb 2020

Implementation of RDS-WHOIS2 Recommendations 

On 25 February 2020, the Board took action on each of the 22 recommendations. As noted in its resolution and the associated Scorecard, the Board resolved to:

  • Approve (2020.02.25.03) 15 recommendations, in whole or in part as listed below;
  • Reject (2020.02.25.06) two recommendations (R11.1, BY1);
  • Place (2020.02.25.04) four recommendations (R4.1, R4.2, R5.1, R10.1) into pending status;
  • Pass through (2020.02.25.05) two recommendations to the GNSO, in whole (CC.4) or in part (CC.1).

The table below includes information relating to the implementation of approved recommendations.

Rec #

Status

Description

Implementation Update as of 1 October 2021

R1.1

Completed

To ensure that RDS (WHOIS) is treated as a strategic priority, the ICANN Board should put into place a forward-looking mechanism to monitor possible impacts on the RDS (WHOIS) from legislative and policy developments around the world.

The corresponding activities are already part of ICANN's plans.

R1.2

Completed

To support this mechanism, the ICANN Board should instruct the ICANN org to assign responsibility for monitoring legislative and policy developments around the world and to provide regular updates to the ICANN Board.

ICANN org has already assigned responsibility for monitoring legislative and policy developments around the world and for providing regular updates to the ICANN Board.

R1.3

In Progress

The ICANN Board, in drafting the charter of a Board working group on RDS, should ensure the necessary transparency of the group’s work, such as providing records of meetings and meeting minutes, to enable future review of its activities.

The work of the previously chartered Board Working Group on Registration Directory Services has been integrated into the work of the Board Caucus on General Data Protection Regulation (GDPR) / Expedited Policy Development Process (ePDP). Work is underway to determine which measures are needed to ensure that appropriate information on Caucus group activities is provided to the community.

R3.1

Partially Completed

The ICANN Board should direct ICANN org to update all of the information related to RDS (WHOIS) and by implication other information related to the registration of second-level gTLDs. The content should be revised to make the information readily accessible and understandable, and it should provide details of when and how to interact with ICANN org or contracted parties. [...]

ICANN has updated the content and navigation of the registration data look up tool (i.e., the WHOIS Portal referred to in the RDS-WHOIS2 Review Team Final Report). The information formerly contained on that page has been reorganized and now appears on the Domain Name Registration Data Policies and Related Requirements page, which contains information regarding existing policies and requirements and ongoing policy development work.

R3.2

In Progress

With community input, the ICANN Board should instruct ICANN org to identify groups outside of those that routinely engage with ICANN org, and these should be targeted through RDS (WHOIS) outreach. An RDS (WHOIS) outreach plan should then be developed, executed, and documented. [...]

As the GNSO’s Expedited Policy Development Process on Temporary Specification for gTLD Registration Data (EPDP) and the Registration Data Access Protocol (RDAP) phased implementation could impact the information or the messaging to be delivered by ICANN to new target groups, work will begin as soon as the dependency on outcomes of the EPDP has been resolved.

R10.2

On Hold

Reviewing the effectiveness of the implementation of WHOIS1 Recommendation 10 should be deferred. The ICANN Board should recommend that review be carried out by the next RDS (WHOIS) Review Team after the Privacy and Proxy Services Accreditation Issues (PPSAI) policy is implemented.

The Board approved the ATRT3 recommendation to suspend any further RDS Reviews pending the outcome of the next ATRT, subject to prioritization and community agreement to the related Bylaw changes.

R11.2

Partially Completed

The ICANN Board should direct ICANN org to ensure that the common interface displays all applicable output for each gTLD domain name registration as available from contracted parties, including multiple versions when the outputs from registry and registrar differ. The common interface should be updated to address any policy or contractual changes to maintain full functionality.

Registration Data Access Protocol (RDAP) was designed with the ability to be updated to address any future policy or contractual changes. Regarding the common interface displays, ICANN org continues to review to determine resources required to make the recommended updates, including whether resources are required to program and/or build any necessary software.

R12.1

On Hold

Reviewing the effectiveness of the implementation of Recs #12-14 should be deferred. The ICANN Board should recommend that review to be carried out by the next RDS Review Team after RDAP is implemented, and the translation and transliteration of the registration data launches.

The Board approved the ATRT3 recommendation to suspend any further RDS Reviews pending the outcome of the next ATRT, subject to prioritization and community agreement to the related Bylaw changes.

R15.1

Partially Completed

The ICANN Board should ensure that implementation of RDS-WHOIS2 Review Team recommendations is based on best practice project management methodology, ensuring that plans and implementation reports clearly address progress, and applicable metrics and tracking tools are used for effectiveness and impact evaluation.

ICANN org’s newly created Implementation Operations function is deploying a foundational structure that allows for the work of implementation to be carried out thoroughly, effectively, and in a sustainable manner. In addition to the use of an improved project management system, ICANN org’s Implementation Operations function has also designed enhanced tools for its implementation planning related work and is working on developing a more frequent and detailed reporting mechanism.

LE.1

In Progress

The ICANN Board should resolve that ICANN org conduct regular data gathering through surveys and studies to inform a future assessment of the effectiveness of RDS (WHOIS) in meeting the needs of law enforcement. This will also aid future policy development (including the current Temporary Specification for gTLD Registration Data Expedited Policy Development Process and related efforts).

Implementation of this recommendation could not be completed in time to aid EPDP Phase 2, for which a final report was issued in August 2020. However, ICANN org, in consultation with the GNSO, will identify an appropriate timeline for any surveys and studies to inform future assessments of the effectiveness of RDS in meeting needs of law enforcement.

LE.2

In Progress

The ICANN Board should consider conducting comparable surveys and/or studies (as described in LE.1) with other RDS (WHOIS) users working with law enforcement on a regular basis.

Implementation of this recommendation could not be completed in time to aid EPDP Phase 2, for which a final report was issued in August 2020. However, ICANN org, in consultation with the GNSO, will identify an appropriate timeline for any surveys and studies of users working with law enforcement on a regular basis. Additionally, ICANN org continues to review whether this recommendation could be paired with the use of other survey and feedback mechanisms across ICANN org to ensure there is a coordinated process for surveying the community and stakeholders.

SG.1

In Progress

The ICANN Board should require that the ICANN org, in consultation with data security and privacy expert(s), ensure that all contracts with contracted parties (to include Privacy/Proxy services when such contracts exist) include uniform and strong requirements for the protection of registrant data and for ICANN to be notified in the event of any data breach. The data security expert(s) should also consider and advise on what level or magnitude of breach warrants such notification. [...]

This will be included in the next round of contractual negotiations with the contracted parties, insofar as it relates to ICANN receiving notification of data breaches in circumstances that threaten to undermine the stability, security, and resiliency of the Internet’s DNS.

CC.1

In Progress

The ICANN Board should initiate action intended to ensure that gTLD domain names suspended due to RDS (WHOIS) contact data which the registrar knows to be incorrect, and that remains incorrect until the registration is due for deletion, should be treated as follows: (1) The RDS (WHOIS) record should include a notation that the domain name is suspended due to incorrect data; and (2) Domain names with this notation should not be unsuspended without correcting the data.

This recommendation was approved in part and is to be included in the next round of contractual negotiations with the contracted parties. The Board passed through this recommendation to the Generic Names Supporting Organization (GNSO) Council to consider as a future policy development process. In its 3 July 2020 response, GNSO Council indicated that: “it will ensure Recommendation CC.1 is included for consideration in due course, if this item has not been addressed in the next round of contractual negotiations between ICANN org and the Contracted Parties (as directed by the Board)”.

CC.2

In Progress

The ICANN Board should initiate action intended to ensure that all gTLD domain name registration directory entries contain at least one full set of either registrant or admin contact details comparable to those required for new registrations under the 2013 Registrar Accreditation Agreement (RAA) (or any subsequent version thereof) or applicable policies.

This recommendation is part of EPDP Phase 1 implementation.

CC.3

Completed

The ICANN Board should take steps to ensure that ICANN Contractual Compliance is adequately resourced factoring in any increase in work due to additional work required due to compliance with GDPR or other legislation/regulation.

This recommendation is already included in the existing budgeting and planning process. Compliance will continue to request required resources as part of the existing planning process.

For information on the first WHOIS Review, click here: RDS1

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."