IGF 2018 WS #159
TLDs Registrant Data GDPR Gcompliance: Impact on End users

Organizer 1: Civil Society, African Group
Organizer 2: Civil Society, African Group

Speaker 1: Steven DelBianco, Private Sector, Western European and Others Group (WEOG)
Speaker 2: Farzaneh Badii, Civil Society, Asia-Pacific Group
Speaker 3: Mohamed Elbashir, Civil Society, African Group
Speaker 4: Marie Noemie Marques, Private Sector, Western European and Others Group (WEOG)
Speaker 5: Olga Cavalli, Government, Latin American and Caribbean Group (GRULAC)


Round Table - 90 Min


Speakers will be given the floor at the beginning of the session to express their views and discuss their different opinions as in favor or against the full transparency or for absolute privacy and data protection, then the session will be opened for the wider audience to debate and discuss their viewpoints.


• Organizers
o The 2 organizers are from developing countries
o One of the organizers is young (29 years old)
o They are gender balanced
o One is Civil Society, the other is from Academia
• Speakers
o Three Women and two Men
o Geographically diverse as the speakers are from 5 geographic regions (Africa, Asia Pacific, Latin America and Caribbean, Europe and North America)
o Represent various multistakeholder groups (Civil Society, Business, Government, Technical Community, Academia)
o Different viewpoints, Some are advocates of transparency, Open data and others are lobbying for more data protection
• Moderators
o The onsite moderator is a man from Africa, Civil Society, activist
o The online moderator is a woman from Europe, Local authority
• Rapporteur
o a young woman (29 years old), academia from Africa

The session will be a round table format where the moderator will briefly introduce the necessity for the TLD registrant whois data to comply with the European regulation on personal data protection that just entered into effect on 25 May 2018 and explain the current situation, then give the floor to the speakers to provide their views from their diverse perspectives regarding the importance of the privacy and data protection versus transparency for the Internet end-users’ interest, and then give the floor to the session participants in the room and participating remotely for a wide discussion and debate on the impact of the compliance of the registrant data with GDPR on the end-users.

Opening and introduction : Onsite Moderator : 8 min
Speakers discussion: Moderated by the onsite moderator: 40 min
Wide debate: All participants (including remote participants) moderated by the Onsite Moderator with the help of the remote moderator: 40 min
Closing: Onsite Moderator: 2 min

The session will be a roundtable where the onsite moderator will briefly introduce the topic and the speakers (8 min), then give them the floor to have a discussion confronting their different / opposite opinions (40 min), and then give the floor to the participants in the room and participating remotely for a wide debate (40 min). The onsite moderator will then sum the debate and close the session (2 min).

The Domain Name registrant data (Whois) have always been massively collected, processed and publicly accessible without limitation. This situation will change starting 25 May 1018, date on which the new European Regulation on Personal Data Protection “GDPR” will be effective. All registries/Registrars serving European citizens or persons residing in Europe will be obliged to comply with the GDPR in terms of data collection, storage, processing, access, transfer, etc. The impact of this on Internet end-users is expected to be in the following aspects:
• The privacy of the users holding domain names will be better protected
• Transparency will be negatively affected as an important amount of data couldn’t be collected (GDPR restriction), and thus, criminal use of domain names will not be easily combated as before.
Two opinions are confronted between those advocating for privacy and personal data protection and the others who consider transparency as a key for the protection of the Internet end users from all kinds of cybercrimes.

Online Participation

The remote participants will have exactly the same rights and treatment as the onsite participants.
Since the venue of IGF and its dates are not yet announced, even if all speakers confirmed their face to face participation, some mentioned that their participation will depend on IGF venue and date.
This will not be a problem as the speakers who can’t attend in person can participate remotely. So we may have some remote speakers who will be treated as if they are present in the room.
The general debate will be conducted in a manner that 2 microphone queues will be available for the participants: one in the room and the second for remote participants. The floor will be given to participants alternatively through the in-room mic and the remote participants one.
Our remote moderator will be properly trained to facilitate efficiently the remote interventions.