Latest news of the domain name industry

Recent Posts

Could a new US law make GDPR irrelevant?

Kevin Murphy, August 29, 2018, 21:03:22 (UTC), Domain Policy

Opponents of Whois privacy are pushing for legislation that would basically reverse the impact of GDPR for the vast majority of domain names.
Privacy advocate Milton Mueller of the Internet Governance Project today scooped the news that draft legislation to this effect is being circulated by “special interests” in Washington DC.
He’s even published the draft (pdf).
Mueller does not call out the authors of the bill by name — though he does heavily hint that DomainTools may be involved — saying instead that they are “the same folks who are always trying to regulate and control the Internet. Copyright maximalists, big pharma, and the like.”
I’d hazard a guess these guys may be involved.
The bill is currently called the Transparent, Open and Secure Internet Act of 2018, or TOSI for short. In my ongoing quest to coin a phrase and have it stick, I’m tempted to refer to its supporters as “tossers”.
TOSI would force registries and registrars to publish Whois records in full, as they were before May this year when ICANN’s “Temp Spec” Whois policy — a GDPR Band-aid — came into effect.
It would capture all domain companies based in US jurisdiction, as well as non-US companies that sell domains to US citizens or sell domains that are used to market goods or services to US citizens.
Essentially every company in the industry, in other words.
Even if only US-based companies fell under TOSI, that still includes Verisign and GoDaddy and therefore the majority of all extant domains.
The bill would also ban privacy services for registrants who collect data on their visitors or monetize the domains in any way (not just transactionally with a storefront — serving up an ad would count too).
Privacy services would have to terminate such services when informed that a registrant is monetizing their domains.
But the bill doesn’t stop there.
Failing to publish Whois records in full would be an “unfair or deceptive act or practice” and the Federal Trade Commission would be allowed to pursue damages against registries and registrars that break the law.
In short, it’s a wish-list for those who oppose the new regime of privacy brought in by ICANN’s response to the General Data Protection Regulation.
While it’s well-documented that the US executive branch, in the form of the National Telecommunications and Information Administration, is no fan of GDPR, whether there’s any interest in the US Congress to adopt such legislation is another matter.
Is this an IP lawyer’s pipe-dream, or the start of a trans-Atlantic war over privacy? Stay tuned!

Tagged: , , , , , , , ,

Comments (5)

  1. John Berryhill says:

    There are currently only 35 more days of “business” scheduled for the House of Representatives in 2018.
    Good luck.

  2. James Bladel says:

    The irony of requiring NTIA to protect the multi-stakeholder model of Internet governance…
    …by overriding its policy development process with US legislation.

    • Michele says:

      Yeah – let’s protect the MSM model by completely circumventing it..
      There are so many things in that document that were on various people’s wishlists BUT were denied in the past (and for good reason)
      But as John points out the clock is ticking on the current Congress, so how far this will get now is debatable.

  3. Ivan says:

    Passing laws is a complex process, but this is not a partisan issue like Tax Reform. Once the dust settles after November, there is still a good chance this could make the floor and pass.
    Even if it doesn’t, the US Government can still move through an agency regulation. I see real risk here in terms of geographical fragmentation where companies will be restricted to doing business within particular borders. A functional compromise is essential.

  4. Gerard L says:

    Legally there is nothing you can do against whois privacy.
    Companies could just take over the domain and for example lease them to the website owners, with the option to buy them back.
    It’s just the regular consumers who get screwed over again, as they might lose their privacy. While spammers and businesses won’t even care.

Add Your Comment