Registration Data Accuracy Scoping Team: Difference between revisions

Line 44:

The team also reviewed findings from the WHOIS ARS reports, relevant sections of the RDS-WHOIS2 and SSR2 review reports, and existing ICANN Contractual Compliance statistics related to accuracy.<ref name="rda-writeup"></ref>

=== Assignments #1 and #2 ===

Most of the Scoping Team’s active work focused on Assignments #1 (enforcement and reporting) and #2 (measurement of accuracy). After a series of meetings through 2021–2022, the team submitted a consolidated “Deliberations and Findings for Assignments #1 and #2” report to the GNSO Council, dated September 2, 2022 and transmitted on September 5, 2022.

The report documented, among other points:

* differing views on whether accuracy had improved or deteriorated after GDPR and redaction of public WHOIS data;

* the impact of pausing WHOIS ARS and the limited availability of data for measuring accuracy;

* the absence of a shared definition of “accuracy” beyond operability of contact data; and

* the constraints imposed by existing contracts and data protection laws on large-scale access to registration data.

The report made three key recommendations to the GNSO Council:

* Voluntary registrar survey (Recommendation #1): Request ICANN org to carry out a voluntary survey of registrars about their registration data validation and verification practices, including how they handle accuracy complaints and what additional measures (if any) they employ beyond contractual requirements.

* Registrar audit (Recommendation #2): Collaborate with ICANN org on the design of a targeted Contractual Compliance audit assessing registrar compliance with existing validation and verification obligations under the RAA, potentially expanding on the use of data already collected in compliance audits.

* Pause work requiring access to registration data (Recommendation #3): Pause the Scoping Team’s work on proposals that require access to registration data (including Recommendations #1 and #2) until key dependencies had been addressed, including:

** completion of a Data Processing Agreement (DPA) between ICANN org and Contracted Parties,

** outreach to the European Data Protection Board (EDPB), and

** completion of Data Protection Impact Assessments (DPIAs) on proposed accuracy study scenarios.<ref name="rda-writeup"></ref>

Assignments #3 and #4 (assessing the effectiveness of existing requirements and considering possible policy or programme changes) were not fully completed, with the Scoping Team viewing additional data from Recommendations #1 and #2 as necessary to inform any further work.<ref name="rda-writeup"></ref>

== References ==

@@ Line 44: / Line 44: @@
 The team also reviewed findings from the WHOIS ARS reports, relevant sections of the RDS-WHOIS2 and SSR2 review reports, and existing ICANN Contractual Compliance statistics related to accuracy.<ref name="rda-writeup"></ref>
+=== Assignments #1 and #2 ===
+Most of the Scoping Team’s active work focused on Assignments #1 (enforcement and reporting) and #2 (measurement of accuracy). After a series of meetings through 2021–2022, the team submitted a consolidated “Deliberations and Findings for Assignments #1 and #2” report to the GNSO Council, dated September 2, 2022 and transmitted on September 5, 2022.
+The report documented, among other points:
+* differing views on whether accuracy had improved or deteriorated after GDPR and redaction of public WHOIS data;
+* the impact of pausing WHOIS ARS and the limited availability of data for measuring accuracy;
+* the absence of a shared definition of “accuracy” beyond operability of contact data; and
+* the constraints imposed by existing contracts and data protection laws on large-scale access to registration data.
+The report made three key recommendations to the GNSO Council:
+* Voluntary registrar survey (Recommendation #1): Request ICANN org to carry out a voluntary survey of registrars about their registration data validation and verification practices, including how they handle accuracy complaints and what additional measures (if any) they employ beyond contractual requirements.
+* Registrar audit (Recommendation #2): Collaborate with ICANN org on the design of a targeted Contractual Compliance audit assessing registrar compliance with existing validation and verification obligations under the RAA, potentially expanding on the use of data already collected in compliance audits.
+* Pause work requiring access to registration data (Recommendation #3): Pause the Scoping Team’s work on proposals that require access to registration data (including Recommendations #1 and #2) until key dependencies had been addressed, including:
+** completion of a Data Processing Agreement (DPA) between ICANN org and Contracted Parties,
+** outreach to the European Data Protection Board (EDPB), and
+** completion of Data Protection Impact Assessments (DPIAs) on proposed accuracy study scenarios.<ref name="rda-writeup"></ref>
+Assignments #3 and #4 (assessing the effectiveness of existing requirements and considering possible policy or programme changes) were not fully completed, with the Scoping Team viewing additional data from Recommendations #1 and #2 as necessary to inform any further work.<ref name="rda-writeup"></ref>
 == References ==