You are here
ICANN is in the process of implementing a new accreditation program for privacy and proxy service providers, pursuant to policy recommendations developed by a community Policy Development Process (PDP) working group. The PDP working group published its recommendations in a Final Report that was approved by the GNSO Council and adopted by the ICANN Board.
Once launched, this program will require all entities that offer privacy and/or proxy services to apply for and obtain accreditation by ICANN.
On This Page
Privacy and proxy services are for people and organizations who wish to keep certain information about them from being published in public Registration Data Directory Services (including WHOIS). Privacy and proxy services are used for different reasons, including:
- Individuals who prefer not to have their personal data published on the Internet as part of a WHOIS record.
- Organizations within a religious, political or ethnic minority, or sharing controversial moral or sexual information.
- Companies planning upcoming mergers, new product or service names, new movie names or other product launches.
There are two general types of these services:
Until the adoption of the 2013 Registrar Accreditation Agreement (RAA), there were few ICANN rules or policies applicable to these types of services, which at times resulted in unpredictable outcomes for stakeholders affected by these services. The 2013 RAA includes an Interim Specification that describes a minimum set of requirements for privacy and proxy services offered by a registrar or its affiliates. These requirements were adopted on a temporary basis (expiring on 1 January 2018), to allow for the GNSO to recommend, and ICANN org to implement appropriate policies to apply to the provision of these services.
- A privacy service lists alternative, reliable contact information, like an address or phone number, in WHOIS while keeping the domain name registered to its beneficial user as the registrant.
- A proxy service registers the domain name itself and licenses use of the domain name to its customer. The contact information of the service provider is displayed rather than the customer’s contact information. The proxy service provider maintains all rights as a registrant (such as to manage, renew, transfer and delete the domain name), and assumes all responsibility for the domain name and its manner of use.
- Process of Adopting Policy Recommendations
ICANN is in the process of implementing an accreditation program for privacy and proxy service providers, pursuant to policy recommendations in a Final Report that was approved by the GNSO Council in January 2016 and adopted by the ICANN Board in August 2016.
The Final Report was developed by a working group comprised of over 80 volunteers, representing each of the GNSO Stakeholder Groups and Constituencies. Members of ICANN’s At-Large Advisory Committee also participated on the working group.
The policy development working group commenced its work in late 2013. The number of public comments on the working group’s initial report--well over 11,000--was the largest ever received during an ICANN public comment forum. A summary of the comments received is available at: https://www.icann.org/en/system/files/files/report-comments-ppsai-initial-11sep15-en.pdf [PDF, 406 KB]. The working group also received input from the Governmental Advisory Committee.
The working group completed its Final Report in December 2015.
- Policy Recommendations Summary
The GNSO’s Final Report instructed ICANN staff to develop an accreditation program for privacy and proxy service providers. The Report includes many requirements that will be implemented via a governing Privacy and Proxy Service Provider Accreditation Policy and a Privacy and Proxy Service Provider Accreditation Agreement.
The Final Report contains nearly 100 pages of recommendations and notes to guide ICANN’s implementation of this program. The Final Report includes recommendations that:
- ICANN-accredited registrars shall only knowingly accept registrations that involve privacy and/or proxy services if the entity offering the privacy and/or proxy service is accredited by ICANN.
- Domain name registrations involving privacy and/or proxy service providers should be clearly labelled as such in WHOIS.
- Privacy and proxy customer data must be validated and verified in a manner consistent with the requirements for ICANN-accredited registrars.
- Accredited privacy and proxy service providers must clearly communicate terms of service to their customers, including their processes and requirements for domain name transfers and renewals.
- Accredited privacy and proxy service providers must maintain a point of contact for abuse reporting purposes and must publish their contact information on their websites.
- Accredited privacy and proxy service providers must adhere to a uniform set of minimum mandatory criteria for third-party reports of abuse and third-party requests.
- Accredited privacy and proxy service providers must relay to their customers, at a minimum, all communications required by the Registrar Accreditation Agreement and ICANN Consensus Policies, as well as all electronic requests received from law enforcement authorities and third parties containing allegations of domain name abuse.
- Accredited privacy and proxy service providers must follow additional processes with respect to requests from intellectual property holders.
- Proposed Accreditation Program Overview
ICANN is currently working with an Implementation Review Team (IRT), comprised of 40+ community volunteers, to implement the Final Report’s recommendations. IRTs are convened to ensure that ICANN’s implementation of policy recommendations is consistent with the community’s intent in drafting those recommendations. IRTs are also available to answer questions surrounding the intent of Policy Recommendations, to consider operational issues and to escalate any topics that may require additional examination by the GNSO Council.
ICANN plans to develop an accreditation program that will require privacy and proxy service providers to enter into a contract (an Accreditation Agreement) with ICANN. This contract means that ICANN’s Contractual Compliance department will have direct enforcement authority over accredited privacy and proxy service providers to ensure that these entities are compliant with the program’s requirements.
- Next Steps
Information about the IRT’s work and the status of this project is available on the Privacy and Proxy Services Accreditation implementation status page, https://www.icann.org/resources/pages/ppsai-2016-08-18-en, and on the community wiki, https://community.icann.org/display/IRT/Privacy+and+Proxy+Services+Accreditation+Implementation.