You are right, Karl, and then what happens when other authorities start with their extra-territorial demands? Is the space going to turn into a regulation minefield? Is it going to cause a break-up of the Internet space? Or will it be so complex, only the largest players like the GAFAs have the resources to navigate the legislation thus killing off any smaller players and aiding consolidation, which we all agree is a bad thing for competition? Kindest regards, Olivier On 19/02/2021 10:59, Karl Auerbach wrote:

While it is easy to focus on the GDPR one must not forget that as a California public-benefit/non-profit corporation, ICANN is subject to California's new privacy protection law, the CCPA, which is considered by some to be GDPR on steroids.  While the CCPA's extent may not extend beyond California residents, the state does tend to have a large footprint.

https://oag.ca.gov/privacy/ccpa

    --karl--

On 2/19/21 12:39 AM, Olivier MJ Crépin-Leblond via At-Large wrote:

...

Hello all,

I recommended this Webinar as it feels somehow as a milestone in ICANN's history.

The GDPR - General Data Protection Regulation, that was rolled out and enforced by the European Commission, had a big impact on ICANN's registration directory services. Whilst a replacement to WHOIS, the database of domain name registrants, has been in research for many years, the GDPR has changed the game and ICANN had to create an "expedited policy development process - EPDP" in the GNSO to create new rules relating to the access to registration data. That work is still in progress