Experts at a CircleID and Edgemoor Research Institute webinar debated the challenges of domain registration data access in a post-GDPR world. Panelists explored the tension between privacy laws and legitimate data requests, the role of automation in disclosure decisions, and the need for a scalable, trust-based framework to balance compliance, cybersecurity, and enforcement interests.
Amid evolving privacy laws and rising cybersecurity threats, domain registration data disclosure remains a contentious issue. Beyond WHOIS: Filling the Gaps brings together experts to examine Project Jake's policy framework, aiming to balance privacy with legitimate access. Join industry leaders for insights on policy clarity, operational efficiency, and the future of domain name governance.
On January 17th in the closing days of the Biden Administration, NTIA issued the following Response for Information in connection with the .us ccTLD. While responses to the RFI will be held in confidence by NTIA per the RFI, some organizations such as M3AAWG made their response public. In the spirit of openness and transparency, Rick Lane and I are sharing our response on this important topic.
The European country code top-level domain (ccTLD) market is at a crossroads, facing a confluence of challenges that could reshape its trajectory in the coming years. From slowing growth and rising renewal prices to shifting user behaviour driven by AI, the market is undergoing profound changes. These trends suggest a potential decline in domain volumes and a shift in how domains are valued and used. Here's a closer look at the factors contributing to this "perfect storm" and what it means for the future of European ccTLDs.
The collection and disclosure of DNS registration data have evolved chaotically, influenced by GDPR and other privacy laws. The system, while improving privacy, has enabled bad actors and raised costs for registrars and registries. Join experts at this event as they explore Project Jake's framework for balancing privacy with legitimate data needs, emphasizing policy clarity, efficiency, and adaptability.
Are you interested in helping guide the future of the Public Interest Registry (PIR), the non-profit operator of a number of domains that serve the public interest, including .ORG, .NGO and .ONG? Or do you know of someone who would be a good candidate? If so, the Internet Society is seeking nominations for three positions on the PIR Board of Directors. The nomination deadline is 14 February 2025.
Senator Elizabeth Warren and Rep. Jerry Nadler recently wrote a letter complaining that VeriSign overcharges for .com domains due to its market power. They sent it to the Department of Justice and the National Telecommunications and Information Administration (NTIA). While you can make a reasonable case that the claim is true, two more interesting questions are "Why now?" and "Why bother?"
Africa's digital ecosystem is growing rapidly, with internet access becoming a central driver for innovation, business, and socio-economic development. As this digital adoption expands, so too does the importance of domain governance, particularly the effective management of Top-Level Domains (TLDs). Unfortunately, over the years, African registries have struggled to manage their TLDs, often leading to missed opportunities, inefficiencies, and a loss of competitive edge in the global domain market.
Abusive behavior that leverages the domain name system (DNS) continues to be a problem, with a reach that has been widely and credibly documented. There is little doubt that bad actors continue to use the DNS for nefarious and costly purposes. While the amendments made in 2024 to ICANN's Registry Agreement (RA) and Registrar Accreditation Agreement (RAA) were a step in the right direction, more advanced tools are needed to bring abuse rates down.
Over the past twenty years of my engagement in the ICANN multistakeholder process, one topic that has always been near and dear to me has been improving the accuracy and access to domain name registration data in a way that respects the legal rights of both registrants and requestors of registration data. Sadly, the glacial pace at which ICANN develops and implements policy has prevented a holistic solution to the problem.
AI is bringing changes to the domain registration process by enhancing user experience, improving registrar operations, and empowering registries. In recent years, AI has entered the industry via the huge growth of new website builders. Today, new developments in the field offer an opportunity to align the interests of all stakeholders, from end user to registry.
Over the past several weeks, there has been significant discussion about Verisign and its management of the .com top-level domain (TLD) registry. Much of this discussion has been distorted by factual inaccuracies, a misunderstanding of core technical concepts, and misinterpretations regarding pricing, competition, and market dynamics in the domain name industry.
On June 9 CircleID published an insightful article by Thomas Rickert entitled "Demystifying Art 28 NIS2." In that piece Thomas set forth two alternative interpretations of Article 28(6) of NIS2, and argued that TLD registries should not be required to maintain a separate database of the registrant data under NIS2. In my view, Thomas' approach is inconsistent with the remainder of Article 28, and would not achieve the goals of NIS2 to improve cybersecurity across the EU member states.
On December 14, 2022, the European Parliament adopted the Directive on measures for a high common level of cybersecurity across the Union (Directive (EU) 2022/2555) hereinafter referred to as "NIS2"), which was published in the official journal on December 27, 2022. Being a directive, NIS2 requires transposition into national law. According to Art. 41 of NIS2, the transposition into national law must take place by October 17, 2024 and the measures must be applied as of October 18, 2024.
Every day, there are tens of thousands of domain names registered across the globe -- often as a key first step in creating a unique online presence. Making that experience possible for Verisign-operated top-level domains (TLDs) like .com and .net is a powerful and flexible technology platform first introduced 25 years ago.