Update on a Proposed System for Accessing Domain Name Registration Data for Copyright Enforcement Update on a Proposed System for Accessing Domain Name Registration Data for Copyright Enforcement

As you may be aware, the Internet Corporation for Assigned Names and Numbers (ICANN) manages policy and technical implementation and oversight of the global Domain Name System (DNS – i.e. the system of internet domain names, like copyrightalliance.org). As part of this remit, ICANN has overseen the operation of the domain name registration data directory service (“RDDS”, also historically called the “WHOIS” system), which provides a database of information regarding registered domain names and who owns them.  This database had historically been freely and publicly accessible, providing important transparency and accountability to the DNS, including as a critical tool for consumer protection and intellectual property enforcement.

However, this all changed in 2018 when in response to the implementation of the European General Data Protection Regulation (GDPR), ICANN imposed global changes to the RDDS that resulted in the redaction of nearly all data enabling the identification and contact of domain name registrants, regardless of their location or legal status. This redaction was accompanied by a new temporary policy that was supposed to give third parties with a legitimate interest, including intellectual property owners and their agents, access to the domain name registration data contained within the WHOIS system to perform routine online IP enforcement, including to combat online piracy and copyright infringement, but this new policy has largely remained a dead letter, so these legitimate third parties have essentially lost access to non-public registration data.  Regaining this access remains one of the most critical issues for intellectual property owners right now.

Following its reactive changes to WHOIS to ostensibly comply with GDPR, ICANN established an “Expedited Policy Development Process” (EPDP) to develop a permanent Registration Data Policy as well as a standardized system for accessing non-public data.  In February 2020, the EPDP published for public comment its Initial Report on a Standardized System for Access/Disclosure (SSAD). The report is lengthy (114 pages) and the issue and report itself are quite complex, as is typical for ICANN policy matters.

During the public comment process, which closed on March 23, we encouraged as many intellectual property owners as possible to weigh in on the Initial Report, to ensure the IP community’s voice was heard on this key issue. We also worked with trade organizations like the International Trademark Association, as well as the ICANN Intellectual Property Constituency (IPC), to help prepare and submit comments.

If accessing WHOIS data is important to you or your company (perhaps because you have used it in the past to enforce your copyrights), you should be closely following the progress of the EPDP as it continues to try to develop the SSAD.  The EPDP published an addendum to its Initial Report on March 26, with a deadline for comments on Tuesday, May 5, 2020, and we are able to channel feedback on an ongoing basis through IPC representatives in the EPDP and other ICANN community allies.  The EPDP is due to publish its final report in June, before it is reviewed and likely adopted by ICANN in the Fall.

However, until a final SSAD is operationalized, the status quo will remain in effect – with only a modicum of registration data publicly available, and requests for disclosure of additional non-public data must be delivered to each registrar on a case-by-case basis for a manual determination.

If you would like to learn more about this issue, or have input to share, please write to us at internet@winterfeldt.law.