News

In a nutshell: The Council adopted its position for the ‘Path to the Digital Decade’ 2030 policy programme. The European Parliament and the Council of the EU reached a political agreement on the NIS 2 Directive and continued negotiating for consensus on the CER Directive. The European Data Protection Supervisor issued its opinion on the Proposal for a Regulation on cybersecurity measures in the EU institutions. The European Commission issued its proposal for a CSAM Regulation and its Strategy for a better internet for kids. Europol published a report on misleading invoice fraud targeting the owners of intellectual property rights. The 2^nd Additional Protocol to the Budapest Convention opened for signature in Strasbourg, whilst the European Union and the United States issued a Joint Statement at the Trade and Technology Council in Paris.

From 31 May to 2 June CENTR held its annual Jamboree meeting in Prague, kindly hosted by CZ.NIC, the Czech national domain name registry. With more than 190 in-person participants and over 90 online, this is the first time the whole community has gathered in-person since the Jamboree in 2019.

CENTR’s longstanding co-chair of the Technical Working Group, Ulrich Wisser, recently left Internetstiftelsen to start a new chapter. We took the opportunity to look back at his time in the CENTR community and his invaluable contribution as a Working Group chair, and to ask him a few questions.

The CENTR Board of Directors met in Ljubljana on 11 and 12 May for a strategic offsite meeting. The focus of the meeting was to review the 2022 strategic and longer-term financial plan, and to consider various strategic questions such as CENTR’s external engagement, engagement within the membership and CENTR’s vision and mission statements. For part of the meeting, the Board was also joined by CENTR staff, who delved into some concrete questions with strategic implications in their areas of expertise.

In a nutshell: The European Commission opened a public consultation on the cross-border enforcement of consumer protection law and issued proposals to reform the EU framework on geographical indications. The European Court of Auditors published the conclusions of its report on intellectual property rights in the EU. The CJEU reaffirmed the prohibition of the general and indiscriminate retention of electronic communications data and held that online content-sharing service providers’ obligation to monitor content under the Copyright Directive is compatible with freedom of expression. The European Parliament and the Council of the EU reached a political agreement on the DSA. The European Parliament adopted the Data Governance Act in plenary, and JURI issued its Draft Opinion on the proposal for an EUID. ENISA issued its report on Coordinated vulnerability disclosure policies in the EU. The EU, the US and other international partners issued a Declaration for the Future of the Internet.

The CENTRstats Global TLD Report Edition 1/2022 has been published. It covers the global status and registration trends in all top-level domains (legacy gTLDs, new gTLDs and ccTLDs), with a specific focus on the European ccTLD market.

The Council of European National Top-Level Domain Registries (CENTR) will be holding its annual Registrar Day on 2 June 2022 from 9.00 - 17.00 at the Prague Grandior Hotel in Prague, Czech Republic.

In a nutshell: March was a particularly busy month in the cybersecurity sphere. The European Commission issued a call for evidence for an impact assessment on the upcoming Cyber Resilience Act and released a proposal for a Regulation laying down measures for a high common level of cybersecurity at the EU institutions, bodies, offices and agencies. In parallel, the NIS Cooperation Group issued its Technical Guidelines on Security Measures for Top-Level Domain Name registries, ENISA published a report on Security and Privacy for public DNS resolvers, and EU Ministers called for a strengthening of the EU's telecommunications and cybersecurity resilience. New documents were released regarding the trilogue negotiations on e-Evidence and the EUID proposal, and a political agreement between co-legislators was found on the Digital Markets Act. The European Commission and the United States agreed on a new Trans-Atlantic Data Privacy framework. Europol and the EUIPO issued a joint Intellectual Property Threat Assessment.

What is the CENTR ‘signs of life’ domain crawler?

Domain crawling is the process of scanning the web content and technical characteristics of a domain name.  Running these scans regularly over millions of domains and multiple TLDs allows us to get a picture of how the domains managed by CENTR members (as well as others) are used.  The CENTR crawler aims to provide a simple technical analysis of domain usage based on a decision tree approach to classification.  The results of the crawler provide standardised data for any TLD which can be benchmarked and used in aggregated market analysis included long term trends.

This year marks 4 years since the GDPR entered into force: A regulation that has sent waves across Europe and beyond by restating EU data protection principles in place since 1995 and giving real enforcement powers to data protection authorities. Since data protection became a compliance issue for ICANN in 2018, the community is still discussing how to reconcile different interests at stake in 2022: domain name holders, contracted parties, rightsholders, law enforcement and governments, as evident during ICANN73. Access to accurate registration data has also become a political issue, with the EU negotiating its update to cybersecurity legislation - the NIS 2 Directive that puts a considerable emphasis on access to accurate, complete and potentially verified registration data. The root cause of registration data accuracy being on the agenda of EU policymakers: ICANN’s GDPR compliance activities that put WHOIS behind a locked door. Is there a registration data accuracy problem within the ICANN community and why does it matter? What is the role of ICANN when it comes to ensuring third-party access to registration data? And is there a chance that ICANN could put its GDPR compliance discussions behind anytime soon?