“Should the IANA Stewardship Transition be unwound? If yes, why and how? If not, why not?” – that was the question that was put forward for discussion by the National Telecommunications and Information Administration (NTIA). The deadline for this public discussion is July 2. In September 2016, NTIA refused to be the IANA overseer, handing over control of the DNS root to internet community structures under the auspices of ICANN.
This decision raised sharp criticism from conservative American politicians. They claimed the US’ refusing this oversight role would allow China, Iran and other countries to jeopardize the freedom of speech and spread of information in the internet. This definitely has not happened once in the past two years, but now the US has a more serious reason to be unhappy. In late May, the General Data Protection Regulation (GDPR), which had already been adopted in the EU countries, entered into force. As previously reported, its requirements contradict Whois requirements. Domain registrars and registries can no longer make data of domain name registrants from EU countries public. Moreover, recent court decisions made it clear that registrars and registries have the right not to store this data at all.
This sharply contradicts the interests of law enforcement agencies and major US businesses, since they are used to using Whois data for their own purposes. Restricted access to this data will seriously affect, for instance, the life of the companies that own protected trademarks and brand names – they will have a significantly harder time dealing with rights infringement in the domain zone. NTIA itself is also insisting on preserving Whois in its entirety. Nevertheless, it is difficult to understand how the review of the decision on IANA Stewardship Transition can impact this situation. “GDPR is not ICANN policy, after all – it’s a European Union law that applies to all companies doing business in Europe,” sarcastically notes Kevin Murphy, author of the article published on Domain Incite. “Even if the US were to fully nationalize ICANN tomorrow and rewrite Whois policy to mandate the death penalty for any contracted party that refused to openly publish full Whois records, that would not make GDPR go away, it would probably just kick off a privacy trade war or mean that all US contracted parties would have to stop doing business in Europe. That sounds like an extreme scenario, but Trump.”
