News

The Council of European National Top-Level Domain Registries (CENTR) will be holding its annual Registrar Day on 2 June 2022 from 9.00 - 17.00 at the Prague Grandior Hotel in Prague, Czech Republic.

In a nutshell: March was a particularly busy month in the cybersecurity sphere. The European Commission issued a call for evidence for an impact assessment on the upcoming Cyber Resilience Act and released a proposal for a Regulation laying down measures for a high common level of cybersecurity at the EU institutions, bodies, offices and agencies. In parallel, the NIS Cooperation Group issued its Technical Guidelines on Security Measures for Top-Level Domain Name registries, ENISA published a report on Security and Privacy for public DNS resolvers, and EU Ministers called for a strengthening of the EU's telecommunications and cybersecurity resilience. New documents were released regarding the trilogue negotiations on e-Evidence and the EUID proposal, and a political agreement between co-legislators was found on the Digital Markets Act. The European Commission and the United States agreed on a new Trans-Atlantic Data Privacy framework. Europol and the EUIPO issued a joint Intellectual Property Threat Assessment.

CENTR, which represents European national top-level domain name registries (ccTLDs) such as .si or .eu, has published a comment on the European Commission’s DNS abuse study, calling out some of the misleading analysis and unfortunate conclusions in the study.

What is the CENTR ‘signs of life’ domain crawler?

Domain crawling is the process of scanning the web content and technical characteristics of a domain name.  Running these scans regularly over millions of domains and multiple TLDs allows us to get a picture of how the domains managed by CENTR members (as well as others) are used.  The CENTR crawler aims to provide a simple technical analysis of domain usage based on a decision tree approach to classification.  The results of the crawler provide standardised data for any TLD which can be benchmarked and used in aggregated market analysis included long term trends.

This year marks 4 years since the GDPR entered into force: A regulation that has sent waves across Europe and beyond by restating EU data protection principles in place since 1995 and giving real enforcement powers to data protection authorities. Since data protection became a compliance issue for ICANN in 2018, the community is still discussing how to reconcile different interests at stake in 2022: domain name holders, contracted parties, rightsholders, law enforcement and governments, as evident during ICANN73. Access to accurate registration data has also become a political issue, with the EU negotiating its update to cybersecurity legislation - the NIS 2 Directive that puts a considerable emphasis on access to accurate, complete and potentially verified registration data. The root cause of registration data accuracy being on the agenda of EU policymakers: ICANN’s GDPR compliance activities that put WHOIS behind a locked door. Is there a registration data accuracy problem within the ICANN community and why does it matter? What is the role of ICANN when it comes to ensuring third-party access to registration data? And is there a chance that ICANN could put its GDPR compliance discussions behind anytime soon?

On 16 March 2022 we held our online 2022 CENTR Annual General Meeting (AGM). Part of the morning was dedicated to internal matters, including the approval of CENTR’s Position Development Process review and Board elections, and the second half focused on the area of DNS abuse and security, with several projects presented by CENTR members.

In a nutshell: The European Commission kickstarted the year with a set of publications of relevance for ccTLDs, such as the DNS Abuse Study and the Communication on an EU Strategy on Standardisation. The Commission also released proposals for a European Declaration on Digital Rights and a Data Act. Regarding intellectual property, the Commission issued a call for evidence on the upcoming EU Toolbox against Counterfeiting, whilst the European Parliament published a Study on the Cross Border Enforcement of Intellectual Property Rights in the EU. Co-legislators reached a provisional agreement on amending the Europol regulation, and IMCO published its Draft Report on the EUID proposal. The EDPB launched a coordinated enforcement action on the use of cloud services by the public sector.

The CENTR Board is following Russian military actions in Ukraine with concern and strongly condemns the violation of international law and Ukraine’s territorial integrity. Ukraine’s national TLD registry is a member of CENTR and we stand with Ukrainians in their efforts to resist Russia’s invasion. We hope for a swift and peaceful resolution of the conflict, and will continue to offer support and help to our Ukrainian colleagues.

In a nutshell: The upcoming months look busy on the legislative and policy front. France took over the presidency of the Council of the EU until the end of June with an ambitious digital agenda and the aim to finalise key legislative initiatives such as the DSA and NIS 2 before the national elections. The Council of the EU approved its General Approach on the CER Directive. The European Parliament adopted its position on the DSA and is ready to enter trilogue negotiations with the Council of the EU and the European Commission. The European Commission published its long-awaited call for proposals for the deployment of DNS4EU and is looking into proposing new legislative initiatives in the fields of cybersecurity, child protection and hate speech online. It is also expected to put forward an EU Toolbox against counterfeiting, and to publish its study on DNS abuse. 

Over 2021, CENTR decided to partner up with WeForest and commit to growing a tree in exchange for every completed survey response by its members. We are delighted to announce that we surpassed our initial goal of 1000 survey responses, and were able to contribute to growing 1200 trees!