It has been a long time since I put anything at all on this blog, so there is quite a bit to catch up on. The Expedited Policy Development Process for coming up with a replacement for the 2015 temporary specification which replaced the WHOIS requirements of the 2013 Registrar Accreditation Agreement (RAA) is nearing an end. It is about time to put on the record what has been happening, from the perspective of a privacy advocate. Stay tuned for updates, the final report on the instrument being designed to standardize the disclosure of information requested by third parties (SSAD, the closest thing to a WHOIS replacement that we are going to see) is being negotiated right now. Whatever happens, there will be plenty of unanswered questions handed to the Implementation Review Team. I hope to discuss some of those issues here in the weeks to come.
Since my last blog post, I changed the topic of my doctoral dissertation to The Struggle for WHOIS Privacy: Understanding the Standoff Between ICANN and the World’s Data Protection Authorities. This prompted me to delve deeply into the history of the WHOIS conflicts at ICANN, which helped me to understand (and tolerate) the very, very slow progress ICANN has made in complying with European privacy law, in the case of the EPDP the General Data Protection Regulation or GDPR. It has been painful; I am glad the EPDP will soon be over, but I suspect the struggle to protect the human rights of registrants is not.