Image generated by DALL E 3 Microsoft version
In 2018, the introduction of the General Data Protection Regulation in 2018 strengthened the protection of individuals’ personal data within the European Union and imposed strict restrictions on the processing and disclosure of such data without explicit consent. As WHOIS information often includes personal data of domain name holders, much information has been made inaccessible or has been anonymised to comply with the GDPR (name, contact details). In addition, this standardised protocol makes it possible to search for registration information associated with domain names, IP addresses or related entities on the Internet.
In response to these restrictions, the Registration Data Request Service (RDRS), introduced on 28 November by the ICANN Board, has been set up to provide controlled, RGPD-compliant access to certain data masked by WHOIS.
This system processes requests for access to non-public registration data relating to generic top-level domains (gTLDs), such as the contact name, postal and email address, and telephone number associated with a domain name, by linking requesters with ICANN-accredited registrars.
The conditions for accessing this data are as follows :
– Domain names must be registered in the generic top-level domains (.com, .net, .info, etc.);
– Only ICANN-accredited registrars who adhere to the system are concerned;
– The disclosure must relate to non-public data;
– The applicant must demonstrate his or her rights and prove a legitimate interest in accessing this public data;
– Finally, the applicant must have the power of representation to act on behalf of trademark holders or other legitimate stakeholders.
If this system is successful, ICANN will then consider adopting more permanent solutions such as the Standardized System for Access/Disclosure (SSAD) recommended by the Generic Names Supporting Organization’s (GNSO) Expedited Policy Development Process (EPDP).
RDRS user experience
The statistics provided by ICANN highlight the significant use of the RDRS system. Since its introduction, there have been approximately 219 requests via 72 registered registrars. In particular, 32% of requests have come from the intellectual property community, underlining the importance of RDRS in defending trademark rights.
However, according to a January 2024 ICANN report ‘RDRS Usage Metrics’, only 11% of applications have been approved since the RDRS was launched last November.
This low approval rate can be explained in particular by certain notable disparities observed between the various registrars. In addition, some registrars automatically refuse applications relating to trademarks and intellectual property, for example by referring them to their own complaints and disclosure procedures.
Other registrars request additional information to determine whether the domain name is being used in a way that infringes the customer’s intellectual property rights in order to re-evaluate the request. However, according to the applicable regulations, a registrar should only verify the existence of a legitimate claim for access to information, without judging the merits of the legal problem, which falls within the remit of the courts or UDRP panelists.
There are also a number of technical difficulties to overcome, such as the minimum character limits for justifying complaints, the insufficient number of participating registrars, the impossibility of entering grouped requests, or refusals received without explanation.
Although participation is currently voluntary, registrars who have not yet joined the new system are strongly advised to do so.
Conclusion
Potential changes to RDRS could significantly influence the way Internet domain data is managed, affecting registrars, registrants, and the Internet ecosystem as a whole.
Join us on social media !