The implementation of the General Data Protection Regulation (“GDPR”) and its potential impact on right holders’ access to full WHOIS data has been a very topical issue for our clients. We have been carefully monitoring the discussion and proposals surrounding this issue, from a company perspective and as part of ICANN’s Intellectual Property Constituency, the IAPP recent Global Privacy Summit, INTA, and from listening, as always, to our clients. The requirements and interpretation of the GDPR and the ability to continue to access full, publicly available information through the WHOIS system is under review by ICANN. At the recent ICANN 61 meeting in San Juan, it became clear that a resolution to this issue will not be imminent.
The need and right to access and use this information for legitimate interests by intellectual property and trademark owners in enforcing rights against third-party alleged infringers of trademarks and content or in relation to bad faith domain registration, is the essential issue to us. ICANN published an Interim Compliance Model and a “Cookbook” to arrive at possible solutions to the WHOIS access issues. Nonetheless, there is substantial conflict amongst interest groups and gaps in the ICANN Interim Model regarding key elements including, layered/tiered access and the establishment of an accreditation program (with a lack of agreement on the enforcement body and process for the proposed, author-supported, accreditation program). Due to this present conflict in resolution drivers, there will likely be a blackout period, which is due to subsist for six months or more, with the possibility that the accreditation program will not be in place until Q1 2019.