Magecart Strikes Again
Ticketmaster, British Airways, and Newegg have all been compromised. Who’s next? Read our research to see how we discovered the breaches.
IDG Connect: 2017 State of Enterprise Digital Defense Report
Findings quantify the security management gap and business impact of external web, social, and mobile threats.
Get the Research Report
Frost & Sullivan: The Digital Threat Management Platform Advantage
The material benefits of a platform-based approach to security outside the firewall.
Read the Report
2018 Holiday Shopping Season Threat Activity: A Snapshot
The 2018 holiday shopping season was the largest ever for online retailers, but threat actors filled their pockets, too.
So what did the threat activity around this shopping frenzy look like?
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
EMA Radar™ Q4 2017 Report
RiskIQ ranked a technology and value leader in digital threat intelligence management.
Get the Analyst Report
Download the PDF
Mr. Göran Marby
ICANN President and CEO
Mr. Cherine Chalaby
March 28, 2018
Request for Adequate Assurances Relating to WHOIS and GDPR
Dear Messrs. Marby and Chalaby:
We and other digital threat management professionals, such as the security and anti-abuse community, intellectual property professionals and their respective rights’ holders, including our customers (“we” or “us”), rely on WHOIS data as an essential element in discovering, identifying, tracking, and mitigating threats online.
With less than sixty days left, having a draft document reflecting “over-compliance” with GDPR is an egregious violation of ICANN consensus policies. This unmistakenly undermines the stability and security operations of the Internet’s unique identifier systems. ICANN is damaging the openness, interoperability, resilience, security, and stability of the DNS, which is not required by law.
ICANN is accountable to the Internet community for operating in accordance with its Articles of Incorporation and the Bylaws, including its Mission. We draw your attention to the March 15, 2018, GAC Communiqué – San Juan, Puerto Rico, particularly GAC Consensus Advice to the Board with respect to WHOIS and the GDPR, including the rationale for the Consensus Advice on pages 9-10 therein. If ICANN were to adopt the “Calzone” model or a substantially similar iteration that suffers from the same flaws, ICANN would be taking “an action that is not consistent with”1 (i.e., rejecting) GAC Advice. Under the ICANN Bylaws, GAC Consensus Advice may only be rejected by a vote of no less than 60% of the Board,2 and the GAC and the Board are required to “then try in good faith, and in a timely and efficient manner, to find a mutually acceptable solution.”3
ICANN must have a means to compel the registrars and registry operators to provide access to WHOIS data to the extent allowed by applicable law, and to participate in the tiered access model. We fear registrars are going to mask their data come May. We must know that ICANN will be in a position to enforce its agreements with the Registries and Registrars consistent with applicable law.
We respectfully request that the interim model be revised so that it is not “over-compliant” with GDPR and protects data in accordance with applicable law, including an appropriate method of tiered access that will allow us to maintain the “stability and security” of the Internet.
Very truly yours,
Trouble viewing the survey? Click Here
1 ICANN Bylaws, as amended, § 12.2(a)(x).