Tag Archives: .GS

CoCCA Software Update Allows Registry Partners to be GDPR-Compliant

CoCCA will be updating its backend registry software to enable its registry partners to be GDPR-compliant in time for the European Union’s General Data Protection Regulation (GDPR) that comes into effect on 25 May.

The principle of data minimisation, where only personal data that is adequate, relevant and necessary is collected, retained and disclosed has been adopted by the ccTLD managers using CoCCA shared infrastructure of the following ccTLDs: .af, .cx, .gs, .gy, .ht, .hn, .ki, .kn, .sb, .tl, .kn, .ms, .nf.

For the above ccTLDs, as of 15 May the only data collected from domain name registrants will be:
only registrant contact details are required, administrative, technical and billing contacts are optional.
existing administrative, technical and billing contacts may be deleted by registrars.
registrars will be able to associate two email addresses directly with a domain (for abuse reports and technical queries), these emails will be publicly disclosed.

Regarding data disclosure:

  • if a data subject is an EU resident or a non-EU resident who uses an EU registrar (or one of their resellers) personal data (name, email, phone and physical address) will be redacted from publicly available interfaces. For the avoidance of confusion, personal data will be redacted based both on the declared address of the contact and the location of the registrar.
  • if a data subject resides outside the EU and uses the services of a registrar outside the EU the personal data disclosure will not be impacted by GDPR.
  • if personal data has been redacted and the data subject would like to disclose it, the data subject will be provided with tools by CoCCA to disclose the redacted data.
  • if personal data has not been redacted and the data subject believes it should be (for example, a citizen of an EU country residing overseas), the data subject will be provided with tools by CoCCA to redact their personal data.

Access to redacted data will be available for:

  • law enforcement and the Secure Domain Foundation will be able to access redacted data via RDAP and port 43 WHOIS.
  • intellectual property owners or other entities who have a legitimate interest in redacted data will be able to order historical abstracts online for a nominal fee (provided they sign an attestation).

An updated version of the CoCCA software containing multiple GDPR configuration options will be released on 20 April with CoCCA able to assist registry operators to upgrade and configure their registry software to align with their GDPR compliance efforts.

CoCCA advise that it should not be assumed that all registry operators using CoCCA Tools will patch and configure the software for GDPR compliance. There are many registry operators who use dated and unsupported versions of CoCCA Tools.

Swedish Court Orders Seizure of Pirate Bay .SE Domains

A Swedish court has ordered .SE domain names used by The Pirate Bay be seized, but the prominent file sharing site has moved on thwarting the move already using other ccTLDs for their domains to keep the site going.The Stockholm District Court ordered the seizure on Thursday reported TorrentFreak. But in another report, TorrentFreak noted The Pirate Bay has already moved on being now available using the .gs, .la, .vg, .am, .mn and .gd domain names.”In 2013, Prosecutor Fredrik Ingblad, the man behind the operation that took the site down in December, filed a motion targeting ThePirateBay.se (the site’s main domain) and PirateBay.se (a lesser used alternative)”, reported TorrentFreak.The prosecutor alleged The Pirate Bay is an illegal operation with its domains “tools used by the site to infringe copyright. Noting that Punkt SE supplies and controls the domains and is therefore liable for their (mis)use, the domains should be dealt with in the same way that other criminal tools would be, Ingblad argued.”But the court did not uphold the prosecutor’s claim against .SE. The registry notes though the two domain names will be forfeited from their domain owner and be transferred to the ownership of the Swedish state.”We are pleased that the city court ruled in our favour and agreed with our argument that, in our role as the top-level domain administrator, it is not our responsibility to decide on what is or is not unlawful in specific cases” says Elisabeth Ekstrand, Senior Legal Counsel at .SE.”In its ruling to the domain owner in this case, the city court decided that the right to these two domain names was to be forfeited,” .SE said in a statement. “The domain names are also to be transferred to the state, something that has never previously been tried.””.SE will follow the judicial decision once it gains legal force, and over the next few weeks we will determine the actions to be taken in practical terms,” says Elisabeth Ekstrand.However, .SE also stated in their statement they believe “the forfeiture of a domain name is an ineffective method for combating online criminal activities. It is very easy to transfer one site to another top-level domain. And even if the domain were to be closed, the content would still be available via the Internet using both the IP number and via search engines.”

Six More ccTLDs Signed With DNSSEC

They may only be some of the smaller ccTLDs around the world, but six more have been signed with DNSSEC and now have DS records in the root zone, according to a post on the ISOC website.

This means that people and businesses with domains registered in these ccTLDs can now receive the higher level of security possible with DNSSEC. The ccTLDs are:

The post notes for registrants that have a domain registered in those ccTLDs, their registrar should now be able to pass the required DS record up to the ccTLD registry.

As the ISOC post notes, congratulations to Garth Miller and the teams associated with the various TLDs for making these signed TLDs happen. As per ICANN’s TLD Report, 111 out of 318 TLDs are now signed which is excellent progress.