Home / Blogs

It's Time for Privacy Progress in ICANN

Don Blumenthal

Privacy issues have been important to parts of the ICANN community for many years. I can attest to that fact as a long time veteran of Whois debates as far back as 1998 when I was with the U.S. Federal Trade Commission. However, they have started to receive the general ICANN community visibility only relatively recently. These efforts must continue in order to protect rights, to avoid increasing potential conflicts between ICANN rules and applicable laws, and to generally maintain trust in the Internet as a place to be.

Previously, privacy questions were discussed within groups or at forums. They arose in discussions about possible legitimate reasons for falsifying domain registration information and in conversations regarding whether privacy and proxy services should be allowed and for what kinds of registrations. Unfortunately, we who worked on the Thick Whois PDP Working Group, for which I served as Chair of the Data Protection and Privacy Subteam, found little evidence of any systematic analysis within the ICANN community of the intersection between ICANN practices and privacy protections.

ICANN has been active in privacy issues on the surface, such as through promulgations of the ICANN Procedure for Handling Whois Conflicts with Privacy Laws. In addition, questions have arisen in Registry Service Evaluation Process proceedings concerning .cat and .tel. However, these activities have happened on one-off bases.

Relatively recently though, suggestions and opportunities for thorough examination of privacy questions have stepped up significantly. The report of the ICANN Whois Policy Review Team noted data protections concerns and public comments that had been submitted about them. The Expert Working Group on gTLD Directory Services has spent much time on questions related to data protection, and continues to examine them.

The Thick Whois PDP group conducted as thorough a look at the questions as its resources and expertise allowed, both with respect to maintaining data registration data and transferring it across borders. The 2013 Registrar Accreditation Agreement expanded the ability of registrars to seek exemptions from Whois contract requirements in the event of conflicts. Some level of data protection and privacy review also will be part of the work of the Privacy and Proxy Services Accreditation Issues PDP Working Group, which I chair.

This increased formal ICANN attention to privacy questions is essential and long overdue. However, there must be follow through and it must be done systematically. A comprehensive catalogue of data protection and privacy laws and how they might affect all parts of the ICANN community and all contracts or rules is impossible, but some level of consideration and guideline development must be done. These guidelines must be developed with due consideration for the laws of all nations and full examinations of their strengths and weaknesses. A growing number of countries around the world have data protection regimes or are part of international compacts that govern relevant issues. In addition, sometimes entities that are cited as weak on privacy protection in fact have stronger safeguards with respect to certain topics than others that are held out as examples of model practices.

I am discussing privacy related to ICANN, its practices, and its community here. The topic is not about surveillance practices of any government, the United States or elsewhere. No amount of work within ICANN or changes to its structure will obviate those kinds of privacy risks. ICANN arguably is very late to the game in giving data protection and privacy their due regard, but confluence of activities that have occurred over the last year or so, and are continuing now, make this period a perfect time to address legitimate concerns.

By Don Blumenthal, Senior Policy Advisor at PIR

Related topics: Privacy, Whois


Don't miss a thing – get the Weekly Wrap delivered to your inbox.

Related Blogs

Related News

Explore Topics

Dig Deeper


Sponsored by Verisign

DNS Security

Sponsored by Afilias

IP Addressing

Sponsored by Avenue4 LLC

Mobile Internet

Sponsored by Afilias Mobile & Web Services

Promoted Posts

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s. more»

Industry Updates – Sponsored Posts

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

2016 U.S. Election: An Internet Forecast

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

Dyn Weighs In On Whois

Protect Your Privacy - Opt Out of Public DNS Data Collection

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Verisign Named to the Online Trust Alliance's 2015 Honor Roll

Afilias Supports the CrypTech Project - Ambitious Hardware Encryption Effort to Protect User Privacy

New from Verisign Labs - Measuring Privacy Disclosures in URL Query Strings

Verisign Named to the OTA's 2014 Online Trust Honor Roll

MarkMonitor Named a Top Trusted Website in OTA's 2013 Online Trust Honor Roll

Top-Level Domain Survey Findings Not Surprising, But Still Concerning

Neustar Names Becky Burr as its Chief Privacy Officer

Identify Infringing Domains to Optimize Online Search Marketing Spend

Consider Planning Now for Internationalized Top-Level Domains

MarkMonitor AntiFraud Solutions Combine Proven Antiphishing and Expert Antimalware Capabalities

COCC Partners with MarkMonitor for Anti-Phishing Services

ICANN Mexico City Meeting Brings a Significant Shift in Direction for Brand Rights Holder Issues

MarkMonitor Year-in-Review Report Finds Online Abuse of Major Brands Was a Growth Industry for Fraud

Protect Your .ORG Campaign Attracts Registrars Worldwide