The General Data Protection Regulation is a European Union (EU) law regulating the way personal data of EU citizens and residents can be gathered, used, stored and transferred.
GDPR is a EU Regulation, which is a binding legislative act that must be applied in its entirety across all EU Member states. (Compared to a Directive, which sets a goal but leaves it to the individual Member states to devise their own legislation on how to reach the goal).
The Regulation is relevant for all organisations based in the EU that collect or process data from EU residents, but also applies to organisations based outside the EU if they collect, store or process personal data of EU residents. GPDR entered into force on 25 May 2016 and will be enforceable starting 25 May 2018.
See all the results at geoTLD.group – GDPR survey report – June2017
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC
The geoTLD.group launched a survey to gather information on the awareness and state of preparations within the domain name industry for the General Data Protection Regulation (GDPR).
The online survey was launched on 5 April 2017. It was amongst other announced on the mailing list of different Supporting Organisations (SOs) and Stakeholder Groups in the ICANN community and on the geoTLD.group website.
This report reflects the feedback we received on the survey between its launch on 5 April and the end of May 2017.
The geoTLD.Group survey aims at getting an indication of GDPR awareness within the domain name industry and the state of preparations of industry players for the 25 May 2018 deadline for GDPR enforcement.
The survey collects information on issues Registries, Registrars and other players identified and on the measures they intend to implement on legal, policy, technical or other levels.
This survey report is not a legal analysis of GDPR nor a guide for individual companies on measures or required changes to policy or processes for the collection, processing and storage of data on EU residents and domain holders in line with the new EU legislation. It is either our intent to assess the merits of the different solutions.
We hope that this survey report contributes by raising awareness on GPDR, by showing how different players assess the impact of GDPR on their business, by listing what issues they identify and what measures they plan to take. We also hope that the information in this report is relevant and practical input for the community policy discussions at ICANN 59 in Johannesburg and beyond.