ICANN proposes possible models to ensure WHOIS compliance with the GDPR

In a blog post by its president and CEO, Goran Marby, the Internet Corporation for Assigned Names and Numbers (ICANN) announced that it has developed three possible models for how gTLD registries and registrars could collect domain name registration data and implement registration directory services while respecting both contractual obligations with ICANN, and the provisions of the EU General Data Protection Regulation (GDPR). All three models proposed a tiered/layered access to domain name registration data (also called WHOIS data), thus departing from the current policies which allow broad access to such data. The three models differ based on what contact information is publicly displayed, their applicability (whether at a global level or only for registrants/registries/registrars in the European Economic Area), the duration of data retention, and what data is not displayed to the public. Comments on these models can be submitted until 29 January 2018.