ICANN Ignores Data Protection Experts as It Considers EU Privacy Rules, Privacy Advocates Say

Posted June 27, 2017

External Article: Washington Internet Daily

Milton Mueller, professor in the School of Public Policy in the Ivan Allen College of Liberal Arts at Georgia Tech, and Peter Swire, a Scheller professor with courtesy appointment in School of Public Policy, were quoted in “ICANN Ignores Data Protection Experts as It Considers EU Privacy Rules, Privacy Advocates Say” for Washington Internet Daily.

Excerpt:

ICANN “better be” thinking about how to comply with the GDPR, wrote Professor Milton Mueller for the Internet Governance Project. “Everyone knows ICANN’s Whois policies (see 1703100062), which require registries and registrars to provide indiscriminate public access to personal data about domain name registrants, violate European privacy laws.” This didn’t matter much previously because data protection laws “didn’t have much teeth when it came to ICANN and the domain name industry,” he said. Under the GDPR, such violations could result in fines of up to four percent of an organization’s revenue, he wrote. “Real money is on the table.”

Mueller slammed ICANN for listening only to registries and registrars, not privacy advocates or noncommercial domain name users, in dealing with data protection issues. Tuesday’s panel includes only lawyers representing top level domain registries, platform providers and internet service providers, and a law enforcement representative, he said. Although Mueller, a longtime player in ICANN’s noncommercial community, and others argued for a registrant or privacy activist on the panel, the request was denied, he said. This was “a deliberate decision to prevent the Whois/privacy problem from being discussed in a balanced and fair way,” he wrote. ICANN didn’t comment.

The panel’s organizer wrote Monday that he doesn’t “know where the crazy notion comes from that all contracted parties (registries and registrars) would be plotting a scheme together with ICANN to play down the effects of the GDPR.” The session’s point is to help registries and registrars determine how to deal with the regulation, not to hear presentations from panelists, Peter Vergote, legal and corporate affairs director at DNS Belgium, the .be registry, wrote on Mueller’s blog. “It’s the audience that is playing the lead.”

 “I have had privacy concerns about the WHOIS process since it was established,” emailed Peter Swire. As lead privacy official in the Clinton administration, he suggested more privacy-protective approaches to the Commerce Department officials working on ICANN’s creation, but those approaches weren’t adopted, he said. “I believe the stricter fines under GDPR are getting ICANN’s attention.” The organization would benefit from “careful attention” to insights from privacy experts, he added.

For the full article, read here.

Related Media

Milton Mueller

Scheller College Professor Peter Swire was chosen by President Obama to help review the nation’s intelligence and communications technologies.