ICANN granted data retention waivers to 5 German registrars and Moniker that is US based but is owned by the European group KeyDrive S.A.:
- Key-Systems, LLC
- Key-Systems, GmbH
- InterNetworX Ltd. & Co. KG
- http.net Internet GmbH
- AZ.PL, Inc
- Moniker Online Services LLC
Moniker’s technical backend services provider as well as data storage and collection occur on servers hosted and operated in Germany, and is subject to German law. Accordingly, ICANN has determined that it is appropriate to grant the Registrar a data retention waiver. Moniker does not appear to have signed the 2013 RAA yet.
The 5 registrars submitted to ICANN a Registrar Data Retention Waiver Request pursuant to Section 3 of the Data Retention Specification of the 2013 RAA, which provides that if a registrar is subject to the same applicable law that gave rise to ICANN’s request to grant a previous data retention waiver under the 2013 Registrar Accreditation Agreement (RAA), a registrar may request that ICANN grant a similar waiver, which request shall be approved by ICANN, unless ICANN provides Registrar with a reasonable justification for not approving such request.
The Registrars Waiver Requests cite the previous data retention waiver granted by ICANN to RegistryGate GmbH, on the basis of its contention that compliance with the data collection and/or retention requirements of the Data Retention Specification in the 2013 RAA violates applicable law in Germany. See here.
The Registrars are domiciled in Germany and subject to German law, and ICANN has determined that it is appropriate to grant Registrar a data retention waiver similar to the waiver previously granted to RegistryGate GmbH.
ICANN hereby grants Registrar a limited waiver from compliance with certain provisions of the 2013 RAA on the following terms:
- ICANN agrees as follows:(a) The Registrar shall remain obliged to retain all data elements specified in Articles 1.1.1 through 1.1.8 of the Specification for the duration of its sponsorship of the Registration and for a period of two (2) additional years thereafter; however, Registrar will be permitted to block the data elements specified in Articles 1.1.1 through 1.1.8 of the Specification in accordance with blocking requirements under applicable law (see Sec. 35 para. 3 German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG) at the earliest after one year following the end of the Registrar’s sponsorship of the Registration, provided that the rights of data subjects under Sec. 35 para 2 second sentence BDSG shall remain unaffected.(b) Registrar may exclude from the data retention obligation in the Specification any data elements specified in Articles 1.2.2 and 1.2.3 of the Specification which constitute usage data in the meaning of Sec. 13 para. 4 no. 2 German Telemedia Act (Telemediengesetz – TMG), unless those data are subject to retention periods prescribed by law or statutes or agreed by contract between Registrar and registrant and retained in accordance with Sec. 13 para. 4 no. 2, sentence 2 TMG.(c) Registrar may block the data elements specified in Articles 1.2.1, 1.2.2 and 1.2.3 in accordance with blocking requirements under applicable law (see Sec. 35 para. 3 BDSG) at the earliest after one year following the end of the Registrar’s sponsorship of the Registration, provided that the rights of data subjects under Sec. 35 para 2 second sentence BDSG shall remain unaffected. (d) It is acknowledged that a transfer of any retained blocked data elements without consent of the data subject is permissible, if the requirements of the exception in Sec. 35 para. 8 BDSG are met.
- In all other respects the terms of the Specification will remain AS IS. The waiver granted to Registrar applies only to the post-sponsorship period of retention of the data listed in Articles 1.1.1 through 1.1.8 and Articles 1.2.1 through 1.2.3 inclusive of the Specification, and it does not constitute a waiver of any other provisions of the 2013 RAA or other ICANN policies applicable to registrars. Without limiting the foregoing, nothing in this waiver limits Registrar’s obligation to comply with Consensus Policies or Temporary Policies developed and adopted in accordance with ICANN’s Bylaws (“ICANN Policies”) or limits Registrar’s obligation to comply with any amendment, supplement or modification of the 2013 RAA approved and adopted in accordance with the terms of the 2013 RAA (“RAA Amendments”). In the event of any inconsistency between this waiver and the terms of any ICANN Policy or RAA Amendment, the terms of the ICANN Policy or RAA Amendment will control.
- The waiver granted to Registrar shall remain in effect for the duration of the term of the 2013 RAA signed by Registrar.
ICANN notes that the provisions of Section 3 of the Specification will apply to similar waivers requested by other registrars that are located in Germany and subject to German law.