More news about ICANN and WHOIS

In  a recent blog I mentioned that, on behalf of the UK’s children’s organizations, I had written to the Chair of the Article 29 Working Group expressing concerns about the way the GDPR was being interpreted in respect of WHOIS data.  Remember WHOIS is the database law enforcement agencies and different elements of the internet security industry have used since the internet’s year dot to combat online crimes of every kind as well as a wide variety of scams.

The problem with WHOIS is that  maintaining it as an accurate and up to date record represents a cost and a lot of bother to Registries and Registrars. They would rather be shut of it altogether. As long as the punters pay for their domains why  should they care?  Registries and Registrars are ICANN’s effective paymasters  so ICANN is forever kicking the can down the road whenever WHOIS gets a mention. (John – aren’t you being a little harsh? Maybe, but I was provoked. Btw it is not a good idea to talk to yourself in public like this. People will get entirely the wrong/right idea).

Anyway I have had a message  from the Chair of Article 29 saying that a full reply is on its way (watch this space) but the same message also pointed me toward a statement  issued last week by Article 29.

Two interesting snippets from the statement:

Article 29 say they have been “offering guidance” to ICANN on the matter of WHOIS since  2003. They go on to note, however, that

ICANN’s GDPR compliance process appears to have been formally initiated in the course of 2017, which may be part of the reason why stakeholders are concerned over the entry into application of the GDPR on 25 May 2018.”

Ouch. Does this speak to ICANN’s arrogance or incompetence? Perhaps both.

Finally Article 29 points out that no data protection authority has the power to suspend or delay the implementation of the law but adding

“Data protection authorities may, however, take into consideration the measures which have already been taken or which are underway when determining the appropriate regulatory response upon receiving…complaints.”

The match is not over but I would say Article 29 won that set hands down.

About John Carr

John Carr is one of the world's leading authorities on children's and young people's use of digital technologies. He is Senior Technical Adviser to Bangkok-based global NGO ECPAT International, Technical Adviser to the European NGO Alliance for Child Safety Online, which is administered by Save the Children Italy and an Advisory Council Member of Beyond Borders (Canada). Amongst other things John is or has been an Adviser to the United Nations, ITU, the European Union, the Council of Europe and European Union Agency for Network and Information Security and is a former Executive Board Member of the UK Council for Child Internet Safety. He is Secretary of the UK's Children's Charities' Coalition on Internet Safety. John has advised many of the world's largest internet companies on online child safety. In June, 2012, John was appointed a Visiting Senior Fellow at the London School of Economics and Political Science. This was renewed in 2018. More:
This entry was posted in Internet governance, Privacy, Regulation, Self-regulation. Bookmark the permalink.