Latest news of the domain name industry

Recent Posts

ICANN board talking GDPR “litigation”

Kevin Murphy, May 21, 2018, 15:23:26 (UTC), Domain Policy

ICANN’s board of directors is meeting today to discuss its “litigation strategy” concerning the General Data Protection Regulation, the EU privacy legislation due to make Whois unrecognizable come Friday.

Those two words are basically the only item on its agenda for a special board meeting today.

I’ve been unable to squeeze any further information out of ICANN, but I can speculate about a few different things it could mean.

The first thing that springs to mind is a blog post by CEO Goran Marby dated April 12, in which he wrote:

Without a moratorium on enforcement, WHOIS will become fragmented and we must take steps to mitigate this issue. As such, we are studying all available remedies, including legal action in Europe to clarify our ability to continue to properly coordinate this important global information resource. We will provide more information in the coming days.

To my knowledge, no additional information on this “legal action in Europe” has ever been released.

Could ICANN be ready to take a data protection authority to court preemptively, as a test case to insulate the industry against enforcement action from DPAs? Your guess is as good as mine at this stage.

Another possibility, still in speculative territory, is that the board will be discussing the many calls from the industry for some kind of legal or financial indemnification against GDPR-related regulatory actions. I’d assign a relatively low probability to that idea.

A third notion that springs to mind, slightly more realistically, is that the board could simply be discussing how ICANN would defend itself from incoming litigation related to its GDPR response.

It usually takes ICANN a few days to post the results of its board meetings, but on important hot topics it’s not hugely unusual to see same-day publication.

Tagged: , , , , ,

Comments (2)

  1. Rubens Kuhl says:

    It would be very unrealistic to request moratorium or lenience and yet sue DPAs. But on #3, it could be either under-enforcement of GDPR(brought by DPAs or privacy advocates) or over-enforcement of GDPR (brought by IP interests). ICANN should probably brace for impact on both sides.

  2. Rubens Kuhl says:

    Now we know:
    https://www.icann.org/news/announcement-2018-05-25-en

    LOS ANGELES – 25 May 2018 – The Internet Corporation for Assigned Names and Numbers (ICANN) today filed injunction proceedings against EPAG, a Germany-based, ICANN-accredited registrar that is part of the Tucows Group.

    And by doing this, ICANN violated RAA, that says that litigation can only be brought in California, with other courts only available for enforcement, not for decisions.

    “In all litigation involving ICANN concerning this Agreement (whether in a case where arbitration has not been elected or to enforce an arbitration award), jurisdiction and exclusive venue for such litigation shall be in a court located in Los Angeles, California, USA; however, the parties shall also have the right to enforce a judgment of such a court in any court of competent jurisdiction.”

Add Your Comment