ICANN : Call for Volunteers for Implementation Advisory Group to Review Existing ICANN Procedure for Handling WHOIS Conflicts with Privacy Laws

ICANN seeks volunteers to serve on an Implementation Advisory Group (IAG) to review and suggest potential changes to the implementation of the ICANN Procedure for Handling WHOIS Conflicts with Privacy Laws (the Procedure.)

 

What This Team Will Do

The IAG will work with ICANN staff on reviewing the current steps of the Procedure and identifying possible changes to the procedure to facilitate resolution of issues where WHOIS requirements conflict with applicable laws. The IAG is expected to explore whether any of the Procedure’s elements ought to be amended in order to strike this balance. Any recommended changes made will need to be in line with the Procedure’s underlying policy, which was adopted by the GNSO Council in 2005. As a result, recommended changes to the implementation of the procedure, if any, will be shared with the GNSO Council to ensure that these do not conflict with the intent of the original policy recommendations.
How This Team Will Work

Like other ICANN working groups, the Implementation Advisory Group will use transparent, open processes. The meetings of the IAG are expected to take place via conference calls which will be recorded, and the recordings will be available to the public. Initially, it is expected the group will meet once every two weeks, but the IAG will then determine its preferred schedule and methodology. The mailing list for the IAG will be archived publicly. Observers are welcome to join the mailing list to monitor the discussions. These observers will receive emails from the group, but will not be able to post messages or attend meetings. IAG members are expected to submit Statements of Interest (SOI). The group will collaborate using a public workspace.
How To Join

ICANN invites interested parties to join the IAG, which will be open to anyone interested to join. ICANN urges interested community members willing to work on this initiative and with a range of views to join and contribute to the group’s work. As noted above, you can join the IAG either as a member or an observer. Please contact
This email address is being protected from spambots. You need JavaScript enabled to view it.
if you wish to join the IAG.
Background

In November 2005, the Generic Names Supporting Organization (GNSO) concluded a policy development process (PDP) on WHOIS conflicts with privacy law which recommended that “In order to facilitate reconciliation of any conflicts between local/national mandatory privacy laws or regulations and applicable provisions of the ICANN contract regarding the collection, display and distribution of personal data via the gTLD WHOIS service, ICANN should:

    Develop and publicly document a procedure for dealing with the situation in which a registrar or registry can credibly demonstrate that it is legally prevented by local/national privacy laws or regulations from fully complying with applicable provisions of its ICANN contract regarding the collection, display and distribution of personal data via WHOIS.
    Create goals for the procedure which include:
        Ensuring that ICANN staff is informed of a conflict at the earliest appropriate juncture;
        Resolving the conflict, if possible, in a manner conducive to ICANN’s Mission, applicable Core Values, and the stability and uniformity of the WHOIS system;
        Providing a mechanism for the recognition, if appropriate, in circumstances where the conflict cannot be otherwise resolved, of an exception to contractual obligations to those registries/registrars to which the specific conflict applies with regard to collection, display and distribution of personally identifiable data via WHOIS; and
        Preserving sufficient flexibility for ICANN staff to respond to particular factual situations as they arise”.

The ICANN Board adopted the recommendations in May 2006 and the final Procedure was made effective in January 2008. Although to date no registrar or registry operator has formally invoked the Procedure, concerns have been expressed both by public authorities as well as registrars and registry operators concerning potential conflicts between WHOIS contractual obligations and local law.

Given that the WHOIS Procedure has not been invoked and yet numerous concerns have arisen from contracted parties and the wider community, ICANN launched a review as part of the Procedure. The review was launched with the publication of a paper for public comment on 22 May 2014. The paper outlined the Procedure’s steps and invited public comments on a series of questions. The body of public comment was analyzed by ICANN staff, and the proposed next step is the formation of an IAG to consider changes to how the Procedure is enacted and used. ICANN staff found common themes among some of the suggestions in the public comments, which may allow for changes to implementation of the Procedure in line with the underlying policy.

On 22 September 2014, the GAC noted [PDF, 55 KB] that the issues around the WHOIS Conflicts with National Law Procedure warrant further time and attention, as they touch on significant public policy matters associated with national laws and the legitimate uses of WHOIS data. The IAG is open to participation and GAC members and other government stakeholders are encouraged to take part in the group to contribute to advancement of the work in this area.

The IAG’s recommendation will then be shared with the GNSO Council to determine the next steps.

This announcement was sourced from :

https://www.icann.org/news/announcement-2014-10-14-en

ICANN : Report of Second String Similarity Review for ελ IDN ccTLD Application Through Extended Process Similarity Review Panel (EPSRP) Released

As required under Final Implementation Plan for the IDN ccTLD Fast Track Process , ICANN releases the report for the second string similarity review of the IDN ccTLD application for ελ  in Greek by the Ministry of Infrastructure, Transport and Networks of Greece.

The report presents the finding of the independent Extended Process Similarity Review Panel (EPSRP) of the IDN ccTLD Fast Track Process.
About the Internationalized Domain Name (IDN) country code Top Level Domain (ccTLD) Fast Track Process

The IDN ccTLD Fast Track Process was launched on 16 November 2009. As of that date, eligible countries and territories were able to request their respective IDN ccTLD(s) through the process.

Following extensive public consultations, the ccNSO Council adopted in April 2013 [PDF, 118 KB] the Final Report on the IDN ccNSO PDP [PDF, 376 KB]. This work has taken into account the experiences and reviews of the IDN ccTLD Fast Track Process as well as the Governmental Advisory Committee’s advice on the matter.

On 27 June 2013, the ICANN Board approved an amendment to the IDN ccTLD Fast Track Process Final Implementation Plan. The amendment implements a two-panel process for string similarity review in the IDN ccTLD Fast Track Process, and was proposed following the conclusion of the IDN Country Code Names Supporting Organization (ccNSO) Policy Development Process (PDP). The ICANN Board also resolved on 27 June 2013 that all pending and future IDN ccTLD Fast Track applicants have the option to request evaluation by the Extended Process Similarity Review Panel (EPSRP).

On 5 November 2014, ICANN published an updated Final Implementation Plan for the IDN ccTLD Fast Track Process [PDF, 879 KB] that includes the changes required for the implementation of the two-panel string similarity review process, as approved by the ICANN Board, including EPSRP for the second review based on the Guidelines for the Extended Process Similarity Review Panel [PDF, 86 KB]. In accordance with Section 4.3 of the latest version of the Final Implementation Plan for the IDN ccTLD Fast Track Process and the Guidelines mentioned, ICANN is required to publish the findings of the EPSRP, within one (1) week after receiving them.

This announcement was sourced from :

https://www.icann.org/news/announcement-4-2014-10-14-en

Check which .Brussels and .Vlaanderen Domain Names You Can Register As A Private Individual

DNS Belgium, the company behind .BE extension, announced that it will give every Belgian the opportunity to apply for a personal domain name.

 

You can read the announcement after the jump :

“DNS Belgium wants to give every Belgian the opportunity to apply for a personal domain name. That is why you will be able to submit an application for a .vlaanderen or .brussels domain name based on your name, starting on Thursday 13 November 2014 (10:00 CET) and running until 15 December 2014 (10:00 CET).

To make the registration of a personal .vlaanderen  or .brussels domain name as simple as possible and since the use of the eID is clearly gaining in popularity, DNS Belgium has developed an eID wizard that will guide you through the entire registration process.

Free card readers

All you need to register a .vlaanderen or .brussels domain name is a valid Belgian eID card and an eID card-reader. Using the eID wizard at the DNS Belgium website, you can then apply for a .vlaanderen or .brussels domain name that corresponds with your official name.

During this phase, for example, Jan Vandam can apply for: vandam.vlaanderen, vandamjan.vlaanderen, janvandam.vlaanderen, vandamj.vlaanderen and jvandam.vlaanderen. The .brussels variants can also be applied for in the same way.

To make it even more straightforward for you to register a .vlaanderen or .brussels domain name, DNS Belgium is giving 1000 card-readers away via its website. You can simply request yours by completing the form.

Check which domain names you can soon register

From 13 October to 12 November inclusive, using a valid Belgian eID card and the eID card-reader, you can check to see whether your computer has the right settings so that when this phase actually begins on 13 November, you can use the eID wizard to scan the details from your identity card.

Once your settings have been tested and are correct, you can view the list of domain names based on your name that you can apply for during the demo phase and decide which one(s) you would like to reserve from 13 November onwards. Go to the eID demo.

Sweden Holds Auction of 349 Previously Blocked .SE Domains

Sweden is auctioning 349 previously blocked .SE domain names. The auction features 349 .SE domains and will run for 10-13 days.

 

All 349 .SE domain names have been blocked since 2003. The auction started Monday, October 13,2014 and will run 10-12 days .Each domain name has a starting price of 1 krona. Both individuals and companies will be able to acquire a .SE domain name.

According to SwedishWire.com, the domain names are being auctioned off in batches on Tradera.

Some interesting domain names included in the auction are:

AI.se
Aregentina.se
Ba.se
USA.se
HR.SE
CD.se
Jamaica.se
Bahamas.se
ER.se
Ga.se
IT.se
Kenya.se

You can see the entire inventory here.

Germany Registry DENIC Attains ISO 27001 Certification

DENIC, the .de registry operator has had its information and security management system (ISMS) certified in accordance with the provisions of the ISO/IEC 27001:2013 standard under a full-scope audit by the German certification body TÜV Nord.

The main focus of ISO 27001 is to establish, implement, maintain and continually improve an information security management system. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of an organisation.

Its importance was addressed in an article earlier this year that asked “how much does it cost to get?” by Jos van Schaik, a founding partner at CumulusTrust. In his article he said he likes to reply with a question: “how much does it cost when you don’t have it?”

“The answer to the first question is easy”, writes van Schaik, “but the answer to the second one is more complicated. As a financial I am interested in the business case. If the cost of not having an ISO 27001 certification is higher than the cost of getting and maintaining one, you can actually make a profitable investment by getting certified.”

The certification was attained on 10 October 2014 when DENIC had its information and security management system (ISMS) certified in accordance with the provisions of the ISO/IEC 27001:2013 standard under a full-scope audit by the German certification body TÜV Nord. Covered by the audit were all the tasks, infrastructures and processes that are required to provide DENIC’s services of domain registration, name resolution and lookup services as well as its infrastructure services for operators of other name spaces.

“At DENIC, information security has always been of paramount importance and an integral part of all business processes. The certification according to the internationally recognized ISO/IEC 27001:2013 standard underscores the high-level implementation of our ISMS, which the auditors said to stand out by a large number of ‘good practices’,” says DENIC CEO Dr. Jörg Schweiger.

“The regular follow-up monitoring audits will assure ourselves, the members of our Cooperative and the Internet community that our business processes and our information security will consistently meet the high requirements of the ISO standard,” adds Chief Information Security Officer Boban Krsic, who has established the Information Security Management System at DENIC and brought it to certification readiness, together with his team.

The audit was successfully completed on 10 October 2014. Next to a systematic holistic approach for controlling security-related processes across the organization, TÜV Nord attests DENIC full transparency and traceability of its processes as well as an information security risk management that is in compliance with the requirements of the ISO/IEC 27001:2013 standard.