nanog mailing list archives

Re: Whois vs GDPR, latest news

From: "Constantine A. Murenin" <mureninc () gmail com>
Date: Wed, 16 May 2018 16:10:13 -0500

I think this is the worst of both worlds.  The data is basically still
public, but you cannot access it unless someone marks you as a
"friend".

This policy is basically what Facebook is.  And how well it played out
once folks realised that their shared data wasn't actually private?

C.

On 16 May 2018 at 16:02, Brian Kantor <Brian () ampr org> wrote:

A draft of the new ICANN Whois policy was published a few days ago.

https://www.icann.org/en/system/files/files/proposed-gtld-registration-data-temp-specs-14may18-en.pdf

From that document:

"This Temporary Specification for gTLD Registration Data (Temporary
Specification) establishes temporary requirements to allow ICANN
and gTLD registry operators and registrars to continue to comply
with existing ICANN contractual requirements and community-developed
policies in light of the GDPR. Consistent with ICANN’s stated
objective to comply with the GDPR, while maintaining the existing
WHOIS system to the greatest extent possible, the Temporary
Specification maintains robust collection of Registration Data
(including Registrant, Administrative, and Technical contact
information), but restricts most Personal Data to layered/tiered
access. Users with a legitimate and proportionate purpose for
accessing the non-public Personal Data will be able to request
such access through Registrars and Registry Operators. Users will
also maintain the ability to contact the Registrant or Administrative
and Technical contacts through an anonymized email or web form. The
Temporary Specification shall be implemented where required by the
GDPR, while providing flexibility to Registry Operators and Registrars
to choose to apply the requirements on a global basis based on
implementation, commercial reasonableness and fairness considerations.
The Temporary Specification applies to all registrations, without
requiring Registrars to differentiate between registrations of legal
and natural persons. It also covers data processing arrangements
between and among ICANN, Registry Operators, Registrars, and Data
Escrow Agents as necessary for compliance with the GDPR."

Current thread:

Whois vs GDPR, latest news Brian Kantor (May 16)
- Re: Whois vs GDPR, latest news Constantine A. Murenin (May 16)
  - Re: Whois vs GDPR, latest news bzs (May 16)
    - Re: Whois vs GDPR, latest news Owen DeLong (May 16)
    - Re: Whois vs GDPR, latest news bzs (May 16)
    - Re: Whois vs GDPR, latest news Niels Bakker (May 17)
    - Re: Whois vs GDPR, latest news bzs (May 17)
    - Re: Whois vs GDPR, latest news Mike Hammett (May 17)
    - Re: Whois vs GDPR, latest news Niels Bakker (May 17)
    - Whois vs GDPR, latest news Zbyněk Pospíchal (May 17)
    - Re: Whois vs GDPR, latest news Sander Steffann (May 17)
    - Re: Whois vs GDPR, latest news Zbyněk Pospíchal (May 17)

(Thread continues...)