Today is Holocaust Remembrance Day. Today we remember that the Nazis rounded up Jews, Roma, political dissidents, and other “undesirables” using the best data and technology of the day and sent them off to concentration camps. We don’t normally deal with this type of political reality in ICANN, but now is the time to do so.

In 1995, the recently formed European Union passed the EU Data Protection Directive. It was a commitment to the idea that society would never again misuse its data in the destruction of its citizens. Privacy is a fundamental human right. It’s true in Europe, and with the passage of comprehensive data protection laws in more than 120 countries, it’s been secured as such around the world.

On Tuesday, Mark Zuckerberg, Facebook’s founder and CEO, sat in front of a joint session of Senate Committees for more than five hours. Again and again, he admitted to his company’s sale of the personal data of tens of millions of Facebook users to a private contractor, where it was grossly misused. Zuckerberg was told by Senator Markey and others that new privacy laws are being drafted in the US and, with a pause, he agreed to support many of them. These laws will help raise the privacy rights of US citizens to the level of the rest of the world.

But Mark Zuckerberg’s company has already been the subject of review. It was Facebook’s misuse of European citizens’ data that led Austrian lawyer Max Schrems to sue in the European Court of Justice, which led this highest court to strike down the EU-US Safe Harbor as illegal—reaffirming that the transmission of data from Europe to the US and elsewhere must be done in accordance with the law and must be done in ways that protect fundamental right of privacy of EU citizens.

Yet privacy rights were not the issue raised in the discussion convened by the IPC/BC on their proposed model for ‘accreditation’ to access Whois data. Instead, last Friday, we heard - yet again - how to give unlimited access to Whois data to any law enforcement, any cybersecurity firm, any trademark owner; basically to anyone who seeks it. The potential that journalists might use the non-public WHOIS data was recognized and credited; the potential that journalists might be the subject of a fishing expedition by a government or individual they criticized in a publication was not. The IPC/BC lawyers heading the meeting then heard that the GDRP rejects unlimited access to data—and they, in turn, unilaterally rejected the interpretation and advice of the legal advisor to ICANN, in the Hamilton Memo (#3). They told 150 people listening to the meeting that ICANN could give unlimited access to non-public Whois data to those the IPC/BC chose in their accreditation model.

We need real community consultation and on neutral ground—at ICANN—where we can again discuss what the law requires and what real compliance involves. Most importantly, we need to stop talking about who wants access to domain name data and start talking about how to respect the privacy rights of registrants. On this day of all days, on this week of all weeks, it’s time for ICANN to be on the right side of law, the right side of principle and the right side of history. We hold the personal and sensitive data of almost 200 million domain name registrants. Today we must recognize that the privacy of this data could be the difference between protection and suppression.