Board Eyes Revamp of ICANN Vision; Talks Continue on GDPR Compliance
BARCELONA -- ICANN faces five key challenges for which it must rethink its vision, Chairman Cherine Chalaby said at Monday's opening of the internet body's weeklong meeting. He cited exponential growth in security problems that challenge security and stability of the Domain Name System; the possibility the multistakeholder system could become more expensive but less effective as it scales up; and that new unique identified regimes are emerging. He said growing importance of the internet to all sectors increases the possibility governments will try to control the DNS, and domain name market consolidation makes expansion of the generic top-level domain name (gTLD) space uncertain.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
Board members want an overarching new vision: To champion the single, open, globally interoperable internet and be the trusted steward of its unique identifiers, Chalaby said. The board plans to unveil a strategic plan for public comment by December, and a paper this fiscal year setting out its views on how ICANN's governance model is working, he said.
Proposals to distribute funds from auctions of new gTLDs raise several sensitive questions, stakeholders said. The cross-community working group on new gTLD auction proceeds published its final draft Oct. 8 and discussed it Monday Comments are due Nov 27. One recommendation is to create a new ICANN proceeds allocation department that would work either on its own or with an existing charity, or to establish a new structure such as an ICANN foundation, to process grant applications for such things as capacity-building in underserved areas.
One issue raised by the first two options is whether applicants in countries subject to U.S. or other sanctions would have to be excluded. And which model would keep grant awards out of the reach of ICANN's independent review process? Directors don't want auction funds consumed by challenges, said board member Becky Burr, Neustar deputy general counsel and chief privacy officer. A "very light" process may be needed to allow someone whose grant proposal was denied to question the decision, she said. ICANN must be kept accountable under bylaws but accountability mechanisms are sometimes "used pretty aggressively" by those unhappy about decisions, she said.
Talks on a policy for handling Whois data under the EU general data protection regulation continued. The group working on an expedited policy development process must confirm the technical specification approved May 25, 2016, said ePDP Chair Kurt Pritz. After that and responding to 52 "gating" questions from the Generic Names Supporting Organization, discussion can begin on standardized models for access to nonpublic Whois data, he said. Asked what happens if there's no compliant policy by April, another group member said "we have to be focused on success" and a contingency plan isn't within the group's mandate. Still-unresolved issues include whether Whois rules should be applied globally and whether there should be a distinction between legal and natural persons, said team member Emily Taylor: "We are nowhere near finished with these."
A draft unified access model in circulation infuriated civil society groups. The Noncommercial Stakeholders Group published a "blistering set of comments" on a model promoted by ICANN CEO Goran Marby, Internet Governance Project member Milton Mueller blogged Friday. The document's title, "Draft Framework for a Possible Unified Access Model for Continued Access to Full WHOIS Data," reflects "disturbing biases and assumptions that are inimical to data protection rights," he wrote. There's an "active debate" over whether a unified model is the best approach, and "continued" signals ICANN intends to maintain the same kind of access to Whois data that's illegal under the GDPR, he said: While Marby reportedly has denied he's pre-empting the ePDP, "actions speak louder than words."