| A | B | C | D | E | F | G | |
|---|---|---|---|---|---|---|---|
1 | Rec # | Rec Summary | In OneDoc? | Other Policy impacted | Implementation Method | Timeframe | Status & Notes |
2 | 1 | the following ICANN Purposes for processing gTLD Registration Data form the basis of the new ICANN policy: | no | ||||
3 | 2 | considering in Phase 2 of its work whether additional purposes should be considered to facilitate ICANN’s Office of the Chief Technology Officer (OCTO) to carry out its mission | no | ||||
4 | 3 | in line with Purpose #2, the EPDP Team undertakes to make a recommendation pertaining to a standardised model for lawful disclosure of non-public Registration Data | no | ||||
5 | 4 | requirements related to the accuracy of registration data under the current ICANN contracts and consensus policies shall not be affected | no | ||||
6 | 5 | the data elements listed below (as illustrated in the data elements workbooks in Annex D) are required to be collected by registrars. | 6 | ||||
7 | 6 | Registrar must provide the opportunity for the Registered Name Holder to provide its Consent to publish redacted contact information, as well as the email address, in the RDS for the sponsoring registrar. | 9.3.2 | ||||
8 | 7 | specifically-identified data elements under “[t]ransmission of registration data from Registrar to Registry”, as illustrated in the aggregate data elements workbooks, must be transferred from registrar to registry provided an appropriate legal basis exists and data processing agreement is in place. | 7 | ||||
9 | 8 | Enter into DPA with Escrow provider | no | ||||
10 | 8 | send info to escrow | 8 | ||||
11 | 9 | updates, if needed, are made to the contractual requirements concerning the registration data elements for registries and registrars to transfer to ICANN Org the domain name registration data that they process when required/requested for purpose 5 (Contractual Compliance). | no | ||||
12 | 10 | redaction must be applied as follows to the data elements that are collected. | 9.3 | ||||
13 | 11 | and redact the City field | 9.3 | ||||
14 | 12 | Org field notification and opt-in to publication | 9.3.5 | ||||
15 | 13 | Registrar MUST provide an email address or a web form to facilitate email communication with the relevant contact, but MUST NOT identify the contact email address or the contact itself; maintain log files | 9.3.3 | ||||
16 | 14 | include full info when affiliated P/P service is used | 9.3.4 | ||||
17 | 15 | data retention timeframes | 12 | ||||
18 | 16 | permitted to differentiate between registrants on a geographic basis, but are not obligated to do so. | Scope | ||||
19 | 17 | permitted to differentiate between registrations of legal and natural persons, but are not obligated to do so.; do a study for cost and feasibility | Scope | ||||
20 | 18 | Reasonable Requests for Lawful Disclosure of Non-Public Registration Data” | 10 | ||||
21 | 19 | ICANN Org negotiates and enters into required data protection agreements, as appropriate, with the Contracted Parties | Implementation Notes | Should this be part of the Policy? | |||
22 | 20 | inclusion of the data processing activities and responsible parties, outlined below, to be confirmed and documented in the relevant data protection agreements, | no | ||||
23 | 21 | review of all RPMs PDP WG to consider, as part of its deliberations, whether there is a need to update existing requirements to clarify that a complainant must only be required to insert the publicly-available RDDS data for the domain name(s) at issue in its initial complaint. | no | ||||
24 | 22 | ICANN Org must enter into appropriate data protection agreements with dispute resolution providers | no | ||||
25 | 23 | the following requirements MUST apply in relation to URS and UDRP until such time as these are superseded by recommendations from the RPMs PDP WG and/or policies from the EPDP regarding disclosure: | no | ||||
26 | 24 | the following requirements MUST apply in relation to the Transfer Policy until such time these are superseded by recommendations that may come out of the Transfer Policy review that is being undertaken by the GNSO Council: | no | ||||
27 | 25 | the GNSO Council, as part of its review of the Transfer Policy, specifically requests the review of the implications, as well as adjustments, that may be needed to the Transfer Policy | no | ||||
28 | 26 | DPA with non-CPs like EBERO and escrow | no | ||||
29 | 27 | updates are made to the following existing policies / procedures, and any others that may have been omitted | no | List of affected policies & next steps | |||
30 | 28 | the effective date of the gTLD Registration Data Policy shall be February 29, 2020. | 4 | ||||
31 | 29 | prior to eliminating Administrative Contact fields, all Registrars must ensure that each registration contains Registered Name Holder contact information. | 6.7 |