ICANN Files Lawsuit to Clarify WHOIS Data Collection Under GDPR
The State of Security
ICANN filed a lawsuit in which it asks a German court for assistance in interpreting GDPR as it relates to WHOIS data collection.
On 25 May, the Internet Corporation for Assigned Names and Numbers (ICANN) announced it had filed legal action against EPAG, an ICANN-accredited registrar based in Germany that is part of the Tucows Group. It submitted the lawsuit after EPAG stopped collecting administrative and technical contact information for new domain name registrations presumably out of concern of violating the European Union’s General Data Protection Regulation (GDPR). ICANN said it requires this information as part of a contract with EPAG to sell generic top-level domain (gTLD) name registrations.