The Internet Corporation for Assigned Names and Numbers (ICANN) has published a Proposed Temporary Specification for gTLD Registration Data, outlining temporary requirements concerning the collection and publication of registration data for domain names registered under generic top-level domains (gTLDs). The temporary requirements, subject to approval by the ICANN Board of Directors, are aimed to 'allow ICANN and gTLD registry operators and registrars to continue to comply with existing ICANN contractual requirements and community-developed policies in light of the EU General Data Protection Regulation (GDPR)'. In line with the specification, robust domain name registration data will continue to be collected (including registrant, administrative, and technical contact information), but personal data will be restricted to layered/tired access. Users with legitimate purposes for accessing non-public personal data would have to request such access through registries and registrars, and there would also be the possibility for users to contact the registrant or the administrative or technical contact of a domain name through anonymised e-mails or web forms. Applicable to the registration of domain names by both legal and natural persons, these requirements would be implemented 'where required because of a nexus to the European Economic Area, while providing flexibility to Registry Operators and Registrars to apply the requirements on a global basis based on implementation, commercial reasonableness and fairness considerations'. The Temporary Specification is aimed to serve as an interim solution until the ICANN community develops a consensus policy for a revised WHOIS model.
Privacy and data protection are two interrelated Internet governance issues. Data protection is a legal mechanism that ensures privacy. Privacy is usually defined as the right of any citizen to control their own personal information and to decide about it (to disclose information or not). Privacy is a fundamental human right. It is recognised in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and in many other international and regional human rights conventions. The July 2015 appointment of the first UN Special Rapporteur on the Right to Privacy in the Digital Age reflects the rising importance of privacy in global digital policy, and the recognition of the need to address privacy rights issues the the global, as well as national levels.