Policy & Regulation

Policy & Regulation / Featured Blogs

Alternative Insights on Article 28 of the NIS2 Directive

On June 9 CircleID published an insightful article by Thomas Rickert entitled "Demystifying Art 28 NIS2." In that piece Thomas set forth two alternative interpretations of Article 28(6) of NIS2, and argued that TLD registries should not be required to maintain a separate database of the registrant data under NIS2. In my view, Thomas' approach is inconsistent with the remainder of Article 28, and would not achieve the goals of NIS2 to improve cybersecurity across the EU member states. more

Demystifying Art. 28 NIS2

On December 14, 2022, the European Parliament adopted the Directive on measures for a high common level of cybersecurity across the Union (Directive (EU) 2022/2555) hereinafter referred to as "NIS2"), which was published in the official journal on December 27, 2022. Being a directive, NIS2 requires transposition into national law. According to Art. 41 of NIS2, the transposition into national law must take place by October 17, 2024 and the measures must be applied as of October 18, 2024. more

The UN’s AI Leadership

In the same way monarchs are proclaimed - by powerful stakeholders attending a coronation and not objecting - the UN's International Telecommunication Union (ITU) took a mandate last week to coordinate AI Safety worldwide, with most industry leaders and relevant UN agencies were present when it did so. more

NIS 2.0 and Its Impact on the Domain Name Ecosystem

I recently appeared on the 419 Consulting podcast to discuss the European Union's NIS 2.0 Directive and its impact on the domain name ecosystem. I encourage all TLD registries, domain name registration service providers, and DNS operators to listen to the recording of that session which Andrew Campling has made available. more

13th Registration Operations Workshop: Join Us Online on June 4th, 2024

As a member of the ROW Planning Committee, I am writing this post on behalf of the Committee and welcome all community members to join us on June 4th. We are celebrating ROW's 10th anniversary! A decade of collaboration and inspiration! Thank you to the incredible community that has fueled this journey! more

What Defines a Stakeholder in Internet Governance? (Netmundial+10 Special)

What defines a stakeholder in Internet governance? Is it a professional occupation, an ideology, or a specific methodology? One of the key themes emerging in the Netmundial+10 event has been that of stakeholder involvement, participation and representation in different IG mechanisms. The numeric increase in contributors to these processes since the original Netmundial is palpable. However, questions remain about the definition of a stakeholder and the premises under which these actors should engage in policy work together. more

How Much Did the U.S. Wireless Carriers “Earn” From “Location Information Aggregators”?

The FCC lawfully fined U.S. facilities-based wireless carriers nearly $200 million for selling highly intrusive location data about subscribers without their "opt-in" consent. In Section 222 of the Communications Act, Congress comprehensively specified how the carriers bore an affirmative duty of care not to disclose clearly defined Customer Proprietary Information ("CPNI"). The Act explicitly required the FCC, and no other agency, to protect telecommunications consumers. more

The Hidden Costs of Digital Convenience

In today's digital age, the Internet is a ubiquitous presence in our lives, playing a pivotal role in how we communicate, work, learn, and entertain ourselves. However, the convenience and benefits of the Internet come with a hidden cost to the environment, which is often overlooked by end users. This article explores the environmental impact of online activities and highlights the importance of adopting more sustainable digital practices. more

New EU WHOIS Verification Recommendations Take Center Stage

The EU has once again turned its attention to domain name registration data (WHOIS) -- this time reinforcing requirements to collect, maintain, verify, and disclose WHOIS for IP enforcement purposes through its "Commission Recommendation" on measures to combat counterfeiting and enhance the enforcement of IP Rights. Published last month, this regulatory action demonstrates the EU's commitment to restore WHOIS despite... more

Meeting Report: ICANN’s Registration Data Request Service Requestor Experiences

During CSG Open Working Session at ICANN79, Members from the ICANN Community were invited to an open meeting to share their experiences with Registration Data Request System (RDRS) from the Requestor side. As President of the Edgemoor Research Institute (ERI), I had the honor to present the keynote address and I am pleased to be able to provide you with ERI's report of the meeting. more