Privacy

Blogs

Heading Into Panama for ICANN62

Well amazingly, it's that time again. Next week, individuals from around the world with a keen interest in Internet policy will head to Panama City, Panama for the second ICANN meeting of the year. As always, Brandsight will be attending to follow all of the important policy work being carried out by the community. Before I head off to the meeting (which based on my research will actually be my 32nd ICANN meeting!), I'd like to share a preview of the major topics slated for discussion. more

ICANN vs EPAG: ICANN Seeks Appeal Plus Pushes for ECJ Referral

As I predicted ICANN is pursuing its case against EPAG. They're now not only appealing the case to a higher court in Germany but are also trying to get the entire thing referred to the European Court of Justice. In an announcement late last night ICANN made it very clear what their intentions are. While they're pursuing the appeal in the higher court in the German region, which makes sense at some level, it's also very clear that they're not taking "no" for an answer. more

WHOIS Users Facing Serious Challenges Caused by Post-GDPR Fragmentation

On May 25, 2018, the European General Data Protection Regulation (GDPR) came into effect, meaning that European data protection authorities (DPAs) can begin enforcing the regulation against non-compliant parties. In preparation, the ICANN Board passed a Temporary Specification for gTLD Registration Data - essentially a temporary policy amendment to its registrar and registry contracts to facilitate GDPR compliance while also preserving certain aspects of the WHOIS system of domain name registration data. more

Have You Had Your GDPR Training Today?

The suggestion was recently put to the GNSO Council: anyone who becomes a member of a proposed new Expedited Policy Development Process (EPDP) must be able to demonstrate that they have basic knowledge of privacy and data protection. This makes a lot of sense: Would you trust a lawyer who had never been to law school? Or a doctor who had never studied medicine? Of course not. Recently I asked members of our ICANN Community: have you had any GDPR training, classes, or certification? more

ICANN vs Epag/Tucows: German Court Rules Against ICANN

German courts seem to be pretty fast, so instead of having to wait weeks or months to see how they'd rule, we've already got the answer. The German court in Bonn has ruled that EPAG (Tucows) is not obliged to collect extra contacts beyond the domain name registrant. The decision, naturally, is in German, but there is a translation into English that we can use to understand how the court arrived at this decision. more

A Trebuchet Defence in the Age of the Augmented Reality Cyberwarrior

I've been ruminating on this for a while, this follow-up that was a decade in the offing. My article Trench Warfare in the Age of The Laser-Guided Missile from January 2007 did pretty good in terms of views since I wrote it. Less so in terms of how well the ideas aged or didn't, but that's the nature of the beast. Everything gets worse, and simultaneously, better, and so here we are: Using embarrassingly ancient approaches to next-generation threats. Plus ça change. more

ICANN vs EPAG/Tucows: Tucows Releases Statement on What They're Doing and Why

As I noted over the weekend, ICANN has instigated legal action against EPAG, an ICANN accredited registrar based in Germany that is part of the Tucows group. ICANN claims that the case is to "preserve WHOIS data", but Tucows asserts in their statement that the ICANN approach is flawed. It's not a frivolous statement, but one they've backed with fairly detailed rationale - and this is just their public statement and not a formal legal filing. more

GDPR PII Time-Bomb? Kill it With Fire!

Hi! My name is spamfighter. I investigate spam and phish in a post-GDPR dystopia. Recently, I invented Fire, to save you millions of €uros. One day, my Boss suggested I automate some of my processes. I, for one, welcome our Robot Overlords (and a happy boss), but I can be exacting about the tools I use. Perhaps not to the degree of the infamous Van Halen 'no brown M&M's' contractual clause but I have no patience for poorly-designed software, and truly dislike typing when... more

GDPR Your Domains For Sale? How to Keep Your Domain Name Lottery Ticket Alive

Have you ever sold a domain name that was just sitting in your registrar account? Maybe it was for that idea you had, but never found the time to develop. Perhaps it was for a business or website you once ran and then let go by the wayside. Then one day, out of the blue, that dormant domain turned into a winning lottery ticket. You got a random call or email from an interested party and the next thing you know that domain (which you've forgotten why you even renew it each year) is sold for $3,000 or $30,000 or more. more

GDPR, ICANN, and Registrar WHOIS

On Friday I was on a surprisingly interesting session at Rightscon 2018 in Toronto about GDPR and WHOIS. The panel consisted of Eleeza Agoopian from ICANN staff; Avri Doria who was recently appointed to the ICANN board; Elliot Noss who runs large registrar Tucows; Stephanie Perrin who has done a lot of privacy work for the Canadian government and as an ICANN volunteer, and me; Milt Mueller, who is now at Georgia Tech, moderated. more

Policymakers to Discuss Data Privacy at Caribbean Internet Governance Forum

Data privacy will be among the items topping the agenda at an upcoming Caribbean Internet Governance Forum to be held by the Caribbean Telecommunications Union (CTU) in Suriname this month. The meeting is part of an effort by several Caribbean countries to establish and strengthen policies to ensure that Internet users' personal information is collected, shared and used in appropriate ways. more

Why Are the EU Data Protection Authorities Taking Away Our Fundamental Right to be Safe?

What if we created a rule that gave everyone - good or bad - the right to hide their license plate, where they live, who they are, and just go incognito? What if we made it a right to walk into any building in the world, and simply say "No, thank you" when the security guards asked for one's identification? The criminals would celebrate, and we'd all be utterly alarmed. We would immediately be afraid for our personal safety. more

GDPR and WHOIS - We've Heard from the Article 29 Working Party, Now What?

Well, here we are on Friday the 13th and I couldn't think of a better way to spend the day than providing an update on GDPR, WHOIS and ICANN. There's lots to cover, so let's dive right in. As we have been talking about for a number of months now, the EU's new General Data Privacy Regulation (GDPR) will become enforceable on May 25th. The ICANN community has been struggling with how GDPR will impact the WHOIS system. more

Holocaust Remembrance Day

Today is Holocaust Remembrance Day. Today we remember that the Nazis rounded up Jews, Roma, political dissidents, and other "undesirables" using the best data and technology of the day and sent them off to concentration camps. We don't normally deal with this type of political reality in ICANN, but now is the time to do so. In 1995, the recently formed European Union passed the EU Data Protection Directive. more

Is It Time for a Data Sharing Clearinghouse for Internet Researchers?

Today's Senate hearing with Facebook's Mark Zuckerberg will start a long discussion on data collection and privacy from Internet companies. Although the spotlight is currently on Facebook, we shouldn't forget that the picture is broader: companies from device manufacturers to ISPs collect network traffic and use it for a variety of purposes. more

News Briefs

ACLU Released Guide for Developers on How to Respond to Government Demands That Compromise Security

ICANN Files Legal Action Against Domain Registrar for Refusal to Collect WHOIS Data

Major US Telcos Selling Customer Location Information to Third Party Companies, Reports Krebs

Internet Platforms Collecting User Data are Digital Sweat Factories, Says EU's Data Protection Chief

Researchers Discover Over 1.5 Billion Files Exposed Through Misconfigured Data Services

ICANN CEO "Cautiously Optimistic" EU to Provide Clear Guidance for Domain Industry GDPR Compliance

Close to 20% VPN Providers Reported Leaking Customer IP Addresses via WebRTC Bug

Facebook Announces New Privacy and Security Settings Amid Outcry Over Data Collection Practices

IBM Launches Quad9, a DNS-based Privacy and Security Service to Protect Users from Malicious Sites

Dutch Geographic TLDs Refuse Public Access to Whois Data

EU Privacy Case Could Backfire, Turn EU into Data Island, Say Experts

DHS Planning to Monitor, Collect Social Media Information on All Immigrants to US

EFF Resigns from World Wide Web Consortium (W3C) over EME Decision

U.S. Department of Justice Demands IP Addresses, Other Details on Visitors to Trump Resistance Site

Afghanistan Enacts Law Targeting Online Crime and Militancy

Trump Administration Doubles Down on Surveillance

Seattle Restores ISP Privacy Rules. Could be First of Many Cities to Defeat FCC's Privacy Roll Back

The Economist: Data, the Oil of the Digital Era

NSA to Stop Collecting American Emails To and From Overseas

Pirate Bay Founder and Other Internet Activists Launch Domain Privacy Service

Most Viewed

Help! My Domain Name Has Been Hijacked!

Do Not Enter - It's XXX

Whois Privacy vs. Anonymity

Adult-Related TLDs Considered Dangerous

Examining Two Well-Known Attacks on VoIP

Most Commented

Conflict of Opinion

DPI is Not a Four-Letter Word!

Hunting Unicorns: Myths and Realities of the Net Neutrality Debate

Whither DNS?

The Anti-Phishing Consumer Protection Act of 2008

Industry Updates

Participants – Random Selection