European Commission writes to ICANN on GDPR compliance

The European Commission, through its Directorate-General for Communications Networks, Content and Technology, has sent a letter to the Internet Corporation for Assigned Names and Numbers (ICANN), expressing concerns over the organisation’s proposed models for ensuring compliance between its WHOIS policy and the EU General Data Protection Regulation (GDPR). In the letter, the Commission asks ICANN to delay its final decision on an interim model, and to instead allow for further ‘discussion with all stakeholders involved, as well as the data protection authorities’. It also noted that the proposed models are abstract, and difficult to assess regarding their scope and impact, therefore encouraging ICANN to further develop possible options ‘to balance the various legal requirements, needs, and interests’.​ The letter came a few weeks after the EU Commissioner for Migration, Home Affairs and Citizenship, the Commissioner for Justice, Consumers and Gender Equality, and the Commissioner for the Security Union wrote to ICANN’s CEO on the same topic GDPR compliance.