Home / Blogs

European Privacy Authorities Object to ICANN Whois Proposals

Brenden Kuerbis

In response to a letter from ICANN's Noncommercial Users Constituency (NCUC) to data protection authorities concerning overreaching requests of law enforcement agencies in ICANN's ongoing Registrar Accreditation Agreement negotiations, the Article 29 Data Protection Working Party has written the ICANN Board. Their comments focused on two new requirements proposed by LEAs for domain name registrars, namely that they re-verify registrant contact details and that they retain registrant data for a period of two years after a contract for a domain has ended.

Regarding re-verification the Working Party noted that the problem of inaccurate WHOIS data can only be solved by addressing the unlimited public accessibility of private contact details in the WHOIS database. It also disagreed with the notion that the re-verification request originated from LEAs when the purpose of the WHOIS database is to facilitate contact about technical issues:

The fact that WHOIS data can be used for other beneficial purposes does not in itself legitimise the collection and processing of personal data for those other purposes.

The Working Party finds the proposed new requirement ... excessive and therefore unlawful.

Concerning data retention, the Working Party found the proposed specification to have very broad scope, suggesting it may well facilitate the collection of information like credit card data, Skype handles, and communication log files and registration data. They noted that the requirement did not stem from any legal requirement in Europe, but "is explicitly introduced by ICANN to accommodate wishes from law enforcement." As such,

The Working Party strongly objects to the introduction of data retention by means of contract issued by a private corporation in order to facilitate (public) law enforcement..."

You can read the Working Party's entire letter here.

By Brenden Kuerbis, Fellow in Internet Security Governance, Citizen Lab, Univ of Toronto. Kuerbis is also a contributor to the Internet Governance Project blog.

Related topics: Domain Names, ICANN, Internet Governance, Policy & Regulation, Privacy, Whois

 
   

Don't miss a thing – get the Weekly Wrap delivered to your inbox.

Comments

Cannot be mandatory Alessandro Vesely  –  Oct 02, 2012 11:26 PM PDT

Obtuse as it may seem, WP29's response has the merit to point out that one-size-fits-all solutions are inadequate. We don't need verified data for all domain name holders, but just for those domains that do email, e-commerce, and similar activities that may affect netizens at large. We don't need unlimited access to personal data, just to the abuse-contact. (Actually, we may just be happy to know whether accurate contact data might be obtained for a given domain.)

Sadly, I note that it's not by chance that WP29 replied by paper. It is because of how they consider the Internet.

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Dig Deeper

Afilias Mobile & Web Services

Mobile Internet

Sponsored by Afilias Mobile & Web Services
Verisign

Cybersecurity

Sponsored by Verisign
Afilias

DNS Security

Sponsored by Afilias

Promoted Posts

Now Is the Time for .eco

.eco launches globally at 16:00 UTC on April 25, 2017, when domains will be available on a first-come, first-serve basis. .eco is for businesses, non-profits and people committed to positive change for the planet. See list of registrars offering .eco more»

Industry Updates – Sponsored Posts

Radix Announces Global Web Design Contest, F3.space

Global Domain Name Registrations Reach 330.6 Million, 1.3 Million Growth in First Quarter of 2017

.TECH Gets Its Big Hollywood Break

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Why the Record Number of Reverse Domain Name Hijacking UDRP Filings in 2016?

UDRP: Better Late than Never - ICA Applauds WIPO for Removing Misguided 'Retroactive Bad Faith'

The Rise and Fall of the UDRP Theory of 'Retroactive Bad Faith'

.PRESS Supports Press Freedom Day for 3rd Consecutive Year

Leading Internet Associations Strengthen Cooperation

5 Afilias Top Level Domains Now Licensed for Sale in China

Radix Announces Largest New gTLD Sale with Casino.Online

2016 Year in Review: The Trending Keywords in .COM and .NET Domain Registrations

Global Domain Name Registrations Reach 329.3 Million, 2.3 Million Growth in Last Quarter of 2016

i2Coalition to Present Tucows CEO Elliot Noss With Internet Community Leadership Award

A Look at How the New .SPACE TLD Has Performed Over the Past 2 Years

Michele Neylon Appointed Chair Elect of i2Coalition

2016 U.S. Election: An Internet Forecast

Afilias Chairman Jonathan Robinson Wins ICANN's 2016 Leadership Award at ICANN 57

MarkMonitor Supports Brand Holders' Efforts Regarding .Feedback Registry

8 Tips to Find Your Perfect .COM Domain Name