...
The APAC Space web conference meeting was attended by 44 participants from the region, including registries, registrars, at-large community, business stakeholders, and government officials. The meeting discussed data privacy and protection in relation to ICANN, and focused on the General Data Protection Regulation (GDPR).
The meeting recording and presentation slides can be found at the APAC Space Community Wiki webpage here: https://icann-community.icannatlassian.orgnet/wiki/displayspaces/GSEAPAC/pages/114296860/APAC+Space.
Key action items following the meeting are as follows:
...
A dedicated community wiki page has also been set up for the subgroup to use at https://icann-community.icann.org/pages/viewpage.action?pageId=66072907atlassian.net/wiki/spaces/GSEAPAC/pages/114297670/Data+Privacy+Protection.
Introduction to Data Privacy & Protection
...
Sebastien Ducos (geoTLD.group) introduced the European Union (EU) General Data Protection Regulation (GDPR). As long as businesses or companies control or process data of citizens and/or residents from the EU, these entities would be subject to the GDPR. ICANN contractually (through the Registrar Accreditation Agreement and Registry Agreement) requires data collection. Hence, businesses should clearly define and document the reasons they are collecting the data, and why they require it. Ducos mentioned that the ICANN Policy Development Process (PDP) on Next-Generation gTLD Registration Directory Services (RDS) to Replace Whois is studying how to redefine the registration data collection process. Further to the ICANN59 Policy Forum (Johannesburg), there is also an internal ICANN review on data collection led by Theresa Swinehart (ICANN). A small group from the PDP recently met with the EU Commission to ask what data can or cannot be collected. Community members can review the geoTLD.group survey results on GDPR at: http://geoTLD.group/GDPR
...