Registration Data Policy for All gTLDs - EPDP Phase 1 Implementation

This is the collaborative work space for the Policy Implementation Team for the gTLD Registration Data Policy Implementation project. We refer to this project as RegDataPolicy and do not use an acronym. This is the policy implementation for what is often referred to as the EPDP Phase 1. 

BACKGROUND:

On 4 March 2019, the GNSO Council adopted the Expedited Policy Development Process (EPDP) on gTLD Registration Data Team's Phase 1 Final Report. Following a Public Comment period, the ICANN Board passed a resolution on 15 May 2019 to authorize the implementation of 27 of the 29 recommendations contained within the Report. Of the two recommendations not adopted in full, the Board identified portions of the recommendations that require further consultation with the GNSO (see the ICANN Board's scorecard for the EPDP's Phase 1 recommendations here).

ICANN org implemented the Interim Registration Data Policy for gTLDs pursuant to the Board's 15 May 2019 resolution. The interim policy maintains requirements from the Temporary Specification for gTLD Registration Data, which detailed how registries and registrars must handle gTLD registration data as a result of privacy legislation, and which expired on 20 May 2019. The implementation is currently engaged in analysis of the recommendations to produce an implementation plan to be published for public comment.

The EPDP Team completed the Phase 2 of their work and published the final report consisting of 22 recommendations. A subset of the recommendations termed "Priority 2" are related to the EPDP Team's Phase 1 work on the Temporary Specification for gTLD Registration Data. On 21 June 2021, the Board adopted the Recommendations 19-22 and the implementation of these recommendations were added to Registration Data Policy Implementation scope of work. On 24 February 2022, the Board adopted the GNSO Council's Supplemental Guidance on EPDP Recommendation 12, concerning the deletion of registrant data in the Organization field as it addresses the Board's overarching concern of loss of essential data.

The Registration data Policy implementation plan encompasses 34 policy recommendations from the following three ICANN Board Resolutions:

• EPDP Phase 1: Board Resolution in May 2019 (29 recommendations)

• EPDP Phase 2: Board Resolution in June 2021 (4 recommendations)

• Supplemental Recommendation 12: Board Resolution in February 2022 (1 recommendation) 

The implementation plan includes:

• Draft policy language for Registration Data Policy

• Revisions to 20 impacted policies and procedures

• A new policy advisory to replace the existing advisory

• Revised Registration Data Access Protocol (RDAP) Technical Implementation Guide

• Registration Data Access Protocol (RDAP) Response Profile

ICANN org worked on the implementation plan with support from an Implementation Review Team (IRT) consisting of members of the PDP Working Group and interested community members, in line with the Consensus Policy Implementation.

A Public Comment period for the Registration Data Policy implementation plan opened on 24 August 2022, and closed on 5 December 2022. The EPDP Phase 1 Implementation team published a Public Comment Report summarizing 269 comments received from 14 commenters on 20 January 2023.

On 28 April 2023, ICANN org published a report titled ICANN org Review of Public Comments on the Registration Data Policy Implementation wiki. In addition to publishing on the Registration Data Policy Implementation wiki, ICANN org published ICANN org Review of Public Comments as an addendum to the Public Comment Report on 1 May 2023.

Along with the Public Comment Report Addendum, the IPT published an updated redline of the Registration Data Policy reflecting the changes resulting from Public Comment.

CURRENT STATUS:

The Registration Data Policy went into effect on 21 August 2025.

On 21 February 2024, the Registration Data Policy for gTLDs was published. 

Alongside the publication of the Registration Data Policy, an Implementation Resources webpage and FAQ document was published as a resource for contracted parties to assist in their implementation of the Registration Data Policy and for the broader community's awareness.

NEXT STEPS:

ICANN org continues to meet with the IRT for this policy to discuss and align on proposed language regarding an appropriate timeline to address Urgent Requests for lawful disclosure of nonpublic registration data. The Urgent Requests topic is being addressed in two parallel tracks, where:

• Discussions regarding the response time for Urgent Requests are continuing within the Registration Data Policy IRT. 

• The GAC Public Safety Working Group (PSWG) is discussing options for a scalable authentication mechanism for requestors.

IMPORTANT LINKS:

• Registration Data Policy

• Registration Data Policy-Implementation Resources

• Registration Data Policy Wiki

• EPDP Team Charter

• 2013 RAA

• GNSO EPDP on the Temporary Specification for gTLD Registration Data

• EPDP Phase 1 Final Report

• EPDP Phase 2 Final Report

• EPDP Wiki

• Interim Registration Data Policy for gTLDs

• Registration Data Policy: Frequently Asked Questions