LOS ANGELES – The group overseeing internet addresses is scrambling to balance the privacy of website owners and the right to know who is behind online pages.
The nonprofit Internet Corporation for Assigned Names and Numbers (ICANN) began a weeklong meeting Monday focused on the fate of the public Whois database, which shows contact information for those who own websites.
A General Data Protection Regulation (GDPR) set to take effect in the European Union on May 25 could make revealing personal information about website owners in Whois illegal.
This week’s ICANN meeting in Puerto Rico is the last before the GDPR deadline.
“We will try to find a path forward,” ICANN global domains division president Akram Atallah told AFP in a telephone interview.
“There is a lot of work still to be done, but we are working as fast as possible.”
While the GDPR backs the right of people to “be forgotten” online, it raises the question of whether to shield personally identifying information about website owners listed in a Whois directory created by ICANN for transparency.
The GDPR applies to people, not organizations with fictitious names, but comes into play if individuals are somehow identified, according to ICANN.
Problems arise, for example, if a company name or email address is the same as the person who owns it.
If ICANN were to simply discontinue the Whois index in Europe, that could create a haven for those from other parts of the world who want to hide which websites they own.
ICANN’s understanding is that Whois information can be published, as long as the nonprofit group can justify that doing so is in the public interest.
“We propose trying to keep as much of the policy we have unchanged while being in compliance with the law,” Atallah said.
ICANN is refining a plan to divide Whois into two tiers — one open to the public as is currently the case and a second that could be accessed as needed by police, researchers or others with legitimate queries.
It remained to be determined whether journalists would get access, according to Atallah.
“We are asking data protection agencies in Europe for their advice on the plan and if it works,” Atallah said.
Some behind websites complain that having contact information available to the public at Whois brings the potential for spam or even physical violence, according to ICANN.
Meanwhile, much focus has been put being able to find out who is behind websites or services to guard against cons or malicious manipulation of public opinion.
“We are trying to strike a balance,” Atallah said.
ICANN contracts with registered website owners require them to provide identifying information for Whois, but that clause would be invalid if it was made illegal.
“We hope that we can actually get the ICANN community to agree on a middle ground,” Atallah said.
“This is forcing the issue.”
The ICANN meeting ends Friday.