Skip to main content
Resources

Registration Directory Service (RDS) Review (formerly WHOIS Review)

Sign up to learn more

RDS Review Wiki Workspace Page
Find the latest status updates, recordings of past meetings, and opportunities to participate
Introduction to Reviews
Learn more about Reviews, their purpose and process for conducting and opportunities to participate
RDS Review Meeting Schedule
Find the schedule to observe RDS Review Team Meetings
RDS Fact Sheet
See the progress of the RDS Review Team towards completing the Review
RDS-WHOIS2 Implementation Progress
 

 


Objectives of the RDS Review

According to the Bylaws (Section 4.6(e)), ICANN shall use commercially reasonable efforts to enforce its policies relating to registration directory services and shall work with Supporting Organizations and Advisory Committees to explore structural changes to improve accuracy and access to generic top-level domain registration data, as well as consider safeguards for protecting such data.

The Board shall cause a periodic review to assess the effectiveness of the then current gTLD registry directory service and whether its implementation meets the legitimate needs of law enforcement, promoting consumer trust and safeguarding registrant data (“Directory Service Review”).

The review team for the Directory Service Review (“Directory Service Review Team”) will consider the Organisation for Economic Cooperation and Development (“OECD”) Guidelines on the Protection of Privacy and Transborder Flows of Personal Data as defined by the OECD in 1980 and amended in 2013 and as may be amended from time to time.

The Directory Service Review Team shall assess the extent to which prior Directory Service Review recommendations have been implemented and the extent to which implementation of such recommendations has resulted in the intended effect.

The Directory Service Review shall be conducted no less frequently than every five years, measured from the date the previous Directory Service Review Team was convened, except that the first Directory Service Review to be conducted after [1 October 2016] shall be deemed to be timely if the applicable Directory Service Review Team is convened on or before 31 October 2016.

Review Progress and Milestones

The graphic below illustrates phases and status of each review - a Circle arrow 360 indicates that all activities within a given phase have been completed.  The chart that follows the graphic provides further details of key activities and milestones within each phase – you can view these details by clicking on each of the phases in the graphic.  The table also contains links to relevant documents.

RDS (formerly WHOIS)
PhaseActivityDescriptionStart DateDocuments
Assemble Review TeamCall for VolunteersPublic announcement inviting volunteers to submit application28 Oct 2016
Call for Volunteers ExtensionApplication extended for the Registration Directory Service Review Team6 Dec 2016
Call for Volunteers DeadlineDeadline extension for the Registration Directory Service Review Team11 Jan 2017
Call for Volunteers DeadlineDeadline extension for the Registration Directory Service Review Team22 Feb 2017
Appointment of Board DesigneeBoard appoints a member to the RDS Review Team3 Feb 2017
Review Team AnnouncedSelection of the Registration Directory Service (RDS/WHOIS2-RT) Review Team Members Announced2 Jun 2017
Plan ReviewTerms of ReferenceTerms of Reference and Work Plan submitted to ICANN Board.9 Feb 2018
Conduct ReviewDraft ReportRegistration Directory Service (RDS) - WHOIS2 Review Draft report4 Sep 2018
Public Comment ExtendedPublic Comment period extended for the Draft Report of Recommendations6 Nov 2018
Final ReportRegistration Directory Service (RDS)-WHOIS2 Review Final Report3 Sep 2019
RDS Final Report Executive SummaryExecutive summary of the RDS Final Report3 Sep 2019
Draft Report & Recommendations Public CommentPublic Comment period for the Review Team's draft report of recommendations4 Sep 2018
Board ActionPublic Comment on Final ReportFinal report and recommendations posted for Public Comment8 Oct 2019
Board Action on RecommendationsBoard takes action on 22 recommendations25 Feb 2020

Implementation of RDS-WHOIS2 Recommendations 

On 25 February 2020, the Board took action on each of the 22 recommendations. As noted in its resolution and the associated Scorecard, the Board resolved to:

  • Approve (2020.02.25.03) 15 recommendations, in whole or in part as listed below subject to prioritization;
  • Reject (2020.02.25.06) two recommendations (R11.1, BY1);
  • Place (2020.02.25.04) four recommendations (R4.1, R4.2, R5.1, R10.1) into pending further Board action status;
  • Pass through (2020.02.25.05) two recommendations to the GNSO, in whole (CC.4) or in part (CC.1).

The table below provides information relating to the implementation of approved recommendations, including the priority level assigned to each recommendation as a result of the pilot prioritization exercise (more information on this process can be found here).

Implementation status of recommendations should be understood as follows:

  • Complete: a recommendation implemented in full and for which implementation documentation is available.
  • In progress: a recommendation for which work has started to address deliverables identified during the implementation design. Implementation design is the preparatory phase for implementation during which a cross-functional project team develops guidelines that include deliverables for implementation, costing out resources, risk assessment, as well as an inventory of existing work etc.
  • Not started: Work has not started because of a dependency on another recommendation and/or process.

Rec #

Implementation Status

Priority level assigned by the community (where P1 corresponds to the highest priority and P4 to the lowest - See Pilot Prioritization here)

Description

Implementation Update as of 28 June 2022

*This updated table reflects current and reclassified implementation status categories of "Complete", "In Progress", and "Not started". Previously, it showed implementation design status. Because of this update, the status of some recommendations may have changed from prior reporting to now represent their implementation status.

R1.1

Complete

n/a

To ensure that RDS (WHOIS) is treated as a strategic priority, the ICANN Board should put into place a forward-looking mechanism to monitor possible impacts on the RDS (WHOIS) from legislative and policy developments around the world.

The corresponding activities are already part of ICANN's plans. Implementation documentation is in progress.

R1.2

Complete

n/a

To support this mechanism, the ICANN Board should instruct the ICANN org to assign responsibility for monitoring legislative and policy developments around the world and to provide regular updates to the ICANN Board.

ICANN org has already assigned responsibility for monitoring legislative and policy developments around the world and for providing regular updates to the ICANN Board. Implementation documentation is in progress.

R1.3

Complete

P4

The ICANN Board, in drafting the charter of a Board working group on RDS, should ensure the necessary transparency of the group's work, such as providing records of meetings and meeting minutes, to enable future review of its activities.

The work of the previously chartered Board Working Group on Registration Directory Services has been integrated into the work of the Board Caucus on General Data Protection Regulation (GDPR) / Expedited Policy Development Process (ePDP). Implementation documentation is in progress.

R3.1

In progress

P4

The ICANN Board should direct ICANN org to update all of the information related to RDS (WHOIS) and by implication other information related to the registration of second-level gTLDs. The content should be revised to make the information readily accessible and understandable, and it should provide details of when and how to interact with ICANN org or contracted parties. [...]

ICANN has updated the content and navigation of the registration data look up tool (i.e., the WHOIS Portal referred to in the RDS-WHOIS2 Review Team Final Report). The information formerly contained on that page has been reorganized and now appears on the Domain Name Registration Data Policies and Related Requirements page, which contains information regarding existing policies and requirements and ongoing policy development work. ICANN Contractual Compliance has included the links to this information on their Complaint Submission page found here https://www.icann.org/compliance/complaint.

R3.2

Not started

Not eligible for prioritization

With community input, the ICANN Board should instruct ICANN org to identify groups outside of those that routinely engage with ICANN org, and these should be targeted through RDS (WHOIS) outreach. An RDS (WHOIS) outreach plan should then be developed, executed, and documented. [...]

As the GNSO's Expedited Policy Development Process on Temporary Specification for gTLD Registration Data (EPDP) and the Registration Data Access Protocol (RDAP) phased implementation could impact the information or the messaging to be delivered by ICANN to new target groups, work will begin as soon as the dependency on outcomes of the EPDP has been resolved.

R10.2

Not started

Not eligible for prioritization

Reviewing the effectiveness of the implementation of WHOIS1 Recommendation 10 should be deferred. The ICANN Board should recommend that review be carried out by the next RDS (WHOIS) Review Team after the Privacy and Proxy Services Accreditation Issues (PPSAI) policy is implemented.

The Board approved the ATRT3 recommendation to suspend any further RDS Reviews pending the outcome of the next ATRT, subject to prioritization and community agreement to the related Bylaw changes.

R11.2

Complete

P4

The ICANN Board should direct ICANN org to ensure that the common interface displays all applicable output for each gTLD domain name registration as available from contracted parties, including multiple versions when the outputs from registry and registrar differ. The common interface should be updated to address any policy or contractual changes to maintain full functionality.

Implementation documentation is in progress.

R12.1

Not started

Not eligible for prioritization

Reviewing the effectiveness of the implementation of Recs #12-14 should be deferred. The ICANN Board should recommend that review to be carried out by the next RDS Review Team after RDAP is implemented, and the translation and transliteration of the registration data launches.

The Board approved the ATRT3 recommendation to suspend any further RDS Reviews pending the outcome of the next ATRT, subject to prioritization and community agreement to the related Bylaw changes.

R15.1

In progress

P4

The ICANN Board should ensure that implementation of RDS-WHOIS2 Review Team recommendations is based on best practice project management methodology, ensuring that plans and implementation reports clearly address progress, and applicable metrics and tracking tools are used for effectiveness and impact evaluation.

ICANN org's Implementation Operations department is deploying a foundational structure that allows for the work of implementation to be carried out thoroughly, effectively, and in a sustainable manner. In addition to the use of an improved project management system, ICANN org's Implementation Operations has also designed enhanced tools for its implementation design related work and is working on developing a more frequent and detailed reporting mechanism.

LE.1

Complete

P4

The ICANN Board should resolve that ICANN org conduct regular data gathering through surveys and studies to inform a future assessment of the effectiveness of RDS (WHOIS) in meeting the needs of law enforcement. This will also aid future policy development (including the current Temporary Specification for gTLD Registration Data Expedited Policy Development Process and related efforts).

ICANN org conducted a study on the topic of differentiation of legal vs. natural persons' registration data which was used to inform the EPDP Phase 2A working group deliberations. Additionally, ICANN org conducted two surveys and reached out to the ICANN community to inform its work on the Standardized System for Access and Disclosure (SSAD) Operational Design Phase (ODP). Implementation documentation is in progress.

LE.2

Complete

P4

The ICANN Board should consider conducting comparable surveys and/or studies (as described in LE.1) with other RDS (WHOIS) users working with law enforcement on a regular basis.

Implementation documentation is in progress.

SG.1

Not started

P2

The ICANN Board should require that the ICANN org, in consultation with data security and privacy expert(s), ensure that all contracts with contracted parties (to include Privacy/Proxy services when such contracts exist) include uniform and strong requirements for the protection of registrant data and for ICANN to be notified in the event of any data breach. The data security expert(s) should also consider and advise on what level or magnitude of breach warrants such notification. [...]

This will be included in the next round of contractual negotiations with the contracted parties, insofar as it relates to ICANN receiving notification of data breaches in circumstances that threaten to undermine the stability, security, and resiliency of the Internet's DNS.

CC.1

Not started

P4

The ICANN Board should initiate action intended to ensure that gTLD domain names suspended due to RDS (WHOIS) contact data which the registrar knows to be incorrect, and that remains incorrect until the registration is due for deletion, should be treated as follows: (1) The RDS (WHOIS) record should include a notation that the domain name is suspended due to incorrect data; and (2) Domain names with this notation should not be unsuspended without correcting the data.

This recommendation was approved in part and is to be included in the next round of contractual negotiations with the contracted parties. The Board passed through this recommendation to the Generic Names Supporting Organization (GNSO) Council to consider as a future policy development process. In its 3 July 2020 response, GNSO Council indicated that: "it will ensure Recommendation CC.1 is included for consideration in due course, if this item has not been addressed in the next round of contractual negotiations between ICANN org and the Contracted Parties (as directed by the Board)".

CC.2

Not started

Not eligible for prioritization

The ICANN Board should initiate action intended to ensure that all gTLD domain name registration directory entries contain at least one full set of either registrant or admin contact details comparable to those required for new registrations under the 2013 Registrar Accreditation Agreement (RAA) (or any subsequent version thereof) or applicable policies.

This work will be included in the implementation of EPDP Phase 1 – Registration Data Policy for gTLDs, which addresses the collection, transfer, and publication of gTLD registration data. ICANN org anticipates that the public comment on the implementation plan for the Registration Data Policy is likely to open in Q3 022 with an estimated implementation time frame beginning in Q2 2023.

CC.3

Complete

n/a

The ICANN Board should take steps to ensure that ICANN Contractual Compliance is adequately resourced factoring in any increase in work due to additional work required due to compliance with GDPR or other legislation/regulation.

This recommendation is already included in the existing budgeting and planning process. Compliance will continue to request required resources as part of the existing planning process. Implementation documentation is in progress.

For information on the first WHOIS Review, click here: RDS1

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."