Berlin Group to ICANN, WHOIS is not your only GDPR problem

Posted on 9 March 2018

Just before ICANN 61, ICANN and its community received essential information regarding WHOIS and the GDPR and more.
The latest statement and recommendations are from the Berlin Group (International Working Group on Data Protection in Telecommunications and Media or IWGDPT).

The Berlin Group started out in 1983 on the initiative of some national data protection authorities; nowadays members include government agencies, representatives of international organizations and IT experts from all over the world.

So basically we have the opinion on ICANN and registrant data and WHOIS vetted by all the members of the International Conference of Data Protection and Privacy …

Update on ICANN and WHOIS

Posted on 6 March 2018

Kevin Murphy from DomainIncite has written an excellent article about the all the ins and outs how WHOIS might look like in May this year, which you can read here.

I do not entirely agree with Kevin if privacy services are going to be free.
In the current setup, our privacy proxy service still has added value when it comes to spam prevention.
I think it is more accurate, that if ICANN no longer requires personal data to be displayed in the WHOIS the need use a privacy service to prevent such display of personal data becomes obsolete, after …

ICANN Registrars express GDPR concerns to ICANN

Posted on 16 February 2018

Today the Registrar Stakeholder Group (RrSG) has joined its colleagues in the Registry Stakeholder Group, Eco Association of the Internet Industry and the Internet Infrastructure Coalition in raising its concerns with ICANN about GDPR.

The letter was drafted last week and got so much support from the registrar members that we could officially support it as a stakeholder group. Realtime Register B.V. was one of the supporters.

The letter to the ICANN CEO located here, can be described as “spicy,” or “\strong.” And I think it is with good reason. Since March 2016 a dedicated small group of registrars and …

Update on publication of personal data in the WHOIS / RDS

Posted on 18 January 2018

There has been a considerable debate whatever ICANN will enforce the contractual agreement between registrars and registries to display personal data in the WHOIS.

Publication of personal data in the WHOIS is usually in conflict with many data protection laws around the world.

The EU GDPR and its substantial non-compliance fines seem to sway the discussion into a direction where ICANN needs to come up with solutions. And they did: ICANN published several models that propose to limit the publication of personal data in the WHOIS. The next step is that the ICANN community analyzes these models.

The models created …

GDPR update, legal definitions and possible action items.

Posted on 18 January 2018

Below, a quick update and some information which is crucial to you as a reseller regarding the GDPR.

Privacy notice
We should have the privacy notice ready for you at the end of February.

Processing agreement
We expect to send this to our resellers at the end of February, given the vast amount of different jurisdictions and number of registries this may be delayed by a few weeks.

The processing agreement is required for your contractual agreements between you and our customers.

Legal definitions

  • ICANN, joint data controller
  • gTLD registries, joint data controller
  • ccTLD registries, data controller
  • Realtime Register (registrar), …

Why Registrars require an EU based Escrow provider

Posted on 12 October 2017

Domain names, registrant data and data protection, they all have a long history in the ICANN universe. Let’s do some time traveling and let me take you back in time, starting a decade ago…

March 2007
ICANN de-accredits RegistryFly, this disaster demonstrates clearly that Registrars should escrow registrant data to an escrow provider in case a registrar goes “down.”

To counter the RegistryFly disaster, ICANN introduced escrow requirements, ICANN picks up the bill, but of course, indirectly the registrars are paying for it, how much is unknown though, as we do not know how much ICANN is paying Iron …

GDPR and domain name resellers, 20 million reasons to read this.

Posted on 12 October 2017

Companies will face very harsh punishments for infringements under the GDPR. Art. 83 Paragraph 5 of the GDPR offers the supervising authorities the possibility of imposing fines of up to 20 million Euro or, for corporations, up to 4% of the worldwide turnover of the preceding financial year.

 

Tick tock, tick tock, goes the clock
The EU GDPR will go into effect May 25th, 2018. It looks like there is still a lot of time, but actually, there is not much time left to prep your organization for the GDPR!

Most of your company’s operations will be affected by …

Realtime Register Release and New Features

Posted on 27 September 2017

This page is dedicated to the relevant changes, added features and fixes of the Realtime Register front and back end. Please visit regularly to stay up to speed. The API Changes are documented in more detail on the API Docs Change Log pages and additional documentation. Please note, login is required.

26/09/2017
Improvement: Privacy Protect v2 allows transfer out without exposing registrants date. In preparation for GDPR.
Bugfix: Denic, some unsupported Unicode characters in address contacts will now give the proper error message.
Improvement: NicIT, NS check now inline with registry policy.
Improvement: NicIT, Client hold option removed.
Bugfix: …

EU GDPR, is consent the Silver Bullet for Domain Name Registrations?

Posted on 27 September 2017

Update:28-11-2017

According to the Dutch DPA, consent is not the silver bullet. 

https://autoriteitpersoonsgegevens.nl/en/news/dutch-dpa-unlimited-publication-whois-data-violates-privacy-law

This will make ccTLD registrations outside of the EU for natural persons very problematic and perhaps such registrations should be avoided, though this is not legal advice in any shape or form. 

Consent is often cited as the Silver Bullet to transfer data outside of the EU.The requirements, however, can be rather complex given the fact how registries/ICANN process and control the data.

The rules according to Art.6.1(b).

Data subjects are provided with a clear explanation of the processing to which they are consenting; The consent mechanism …

FAQ Privacy Protect support

Posted on 27 September 2017

Realtimeregister.com tracks users anonymously using Google Analytics cookies. Please view our Privacy Statement for more information.