As we prepare to depart to San Juan for the ICANN61 meeting, I’m wanted to provide you with the latest update on our efforts related to compliance with the European Union’s General Data Protection Regulation (GDPR). There have been a number of webinars and calls organized by various constituencies in the last few days, in which ICANN org colleagues & I’m have participated, giving us a chance to further exchange views as we refine the proposed model.
On 2 March, we had a useful discussion with the Article 29 Working Party regarding our recent publication of a Proposed Interim Model for GDPR Compliance. During that conversation, we summarized the elements of our Proposed Interim Model and shared the valuable feedback we have received from community members, including where viewpoints on the proposed interim models have diverged. In addition, we emphasized the importance of a common approach for the organization together with the registries & registrars. The Article 29 representatives noted the progress we have made in developing a plan of action to comply with the regulation, & expressed their willingness to review the Proposed Interim Model in more detail, particularly regarding the purposes for the collection & publication of data, the data retention period, data processing agreements, and the justifications surrounding access to full registration data for accredited users. We are also looking forward to a deeper exchange with the Article 29 Working Party later in March on the rationale for the interim model. The data protection authorities will continue their internal coordination through March, taking into account further details coming from ICANN on the final model, and we plan to touch base with them then, and into April when the Art 29 WP holds its next plenary meeting. We hope that they will be able to publish feedback.
In the meantime, I'm am looking forward to continuing this discussion with you at the San Juan meeting, either in person or via remote participation.