Formal Minutes are still to be approved by the ICANN Board.
Note: This has not been approved by the Board and does not constitute minutes but does provide a preliminary attempt setting forth the unapproved reporting of the resolutions from that meeting. Details on voting and abstentions will be provided in the Minutes, when approved at a future meeting.
NOTE ON ADDITIONAL INFORMATION INCLUDED WITHIN PRELIMINARY REPORT – ON RATIONALES – Where available, a draft Rationale for each of the Board's actions is presented under the associated Resolution. A draft Rationale is not final until approved with the minutes of the Board meeting.
A Special Meeting of the ICANN Board of Directors was held telephonically on 3 May 2018 at 20:00 UTC.
Cherine Chalaby, Chair, promptly called the meeting to order.
In addition to the Chair, the following Directors participated in all or part of the meeting: Maarten Botterman, Becky Burr, Ron da Silva, Sarah Deutsch, Chris Disspain (Vice Chair), Avri Doria, Rafael Lito Ibarra, Khaled Koubaa, Akinori Maemura, Göran Marby (President and CEO), George Sadowsky, Léon Sanchez, Matthew Shears, and Lousewies van der Laan.
The following Directors sent their apologies: Mike Silber.
The following Board Liaisons participated in all or part of the meeting: Manal Ismail (GAC Liaison) and Jonne Soininen (IETF Liaison).
The following Board Liaisons sent their apologies: Ram Mohan (SSAC Liaison) and Kaveh Ranjbar (RSSAC Liaison).
Secretary: John Jeffrey (General Counsel and Secretary).
The following ICANN Executives and Staff participated in all or part of the meeting: Akram Atallah (President, Global Domains Division), Susanna Bennett (Chief Operating Officer), Xavier Calvez (Chief Financial Officer), Gwen Carlson (Senior Director, GDD Communications), David Conrad (Senior Vice President and Chief Technology Officer), Samantha Eisner (Deputy General Counsel), Jamie Hedlund (SVP, Contractual Compliance & Consumer Safeguard and Managing Director - Washington D.C. Office), John Jeffrey (General Counsel and Secretary), Tarek Kamel (Sr Advisor To President & SVP, Government And IGO Engagement), Vinciane Koenigsfeld (Board Operations Content Manager), Trang Nguyen (Vice President, Strategic Programs), David Olive (Senior Vice President, Policy Development Support), Wendy Profit (Board Operations Specialist), Erika Randall (Associate General Counsel), Amy Stathos (Deputy General Counsel), Gina Villavicencio (Senior Director, Global HR Operations), and Christine Willett (Vice President, gTLD Operations).
- Main Agenda:
GAC Advice regarding European Union General Data Protection Regulation (GDPR): San Juan Communiqué (March 2018)
The Chair provided opening remarks about proposed actions ahead of the Board in the coming days concerning plans to address the European Union General Data Protection Regulation (GDPR) as it relates to ICANN's policies and agreements with registries and registrars. One such action before the Board is to address the advice from the Governmental Advisory Committee (GAC) in its San Juan Communiqué concerning WHOIS and the GDPR. The Board discussed the GAC's advice and determined that its current approach to GDPR compliance is, or could be viewed as inconsistent with the GAC's advice in the San Juan Communiqué. Board members asked questions about whether the GAC's advice was intended to apply to requirements that would be applicable to registries and registrars on 25 May 2018, or whether the advice was intended to apply to the compliance model that would ultimately be developed by the community through the policy development process. Board members suggested that additional clarity was needed on this point so that it could be considered in its deliberations about how to address the advice.
The Board discussed the process required when it determines to take an action that action that is not consistent with GAC advice, which includes a requirement for the Board and GAC to have an exchange on the matters at issue, and eventually a formal Bylaws Consultation, if needed. The Board discussed the procedural requirements for inititing the pre-consultation step, and considered a proposed timeline for having the required exchange with the GAC. After discussion, the Board took the following action:
Whereas, the Governmental Advisory Committee (GAC) met during the ICANN61 meeting in San Juan, Puerto Rico and issued advice to the ICANN Board in a Communiqué [PDF, 234 KB] on 15 March 2018 ("San Juan Communiqué").
Whereas, the San Juan Communiqué was the subject of an exchange between the Board and the GAC on 11 April 2018.
Whereas, the San Juan Communiqué includes advice concerning ICANN's proposed Interim Model for Compliance with ICANN Agreements and Policies in Relation to the European Union's General Data Protection Regulation [PDF, 922 KB] (the "Interim GDPR Compliance Model").
Whereas, the Board has identified items of GAC advice in the San Juan Communiqué that are or potentially could be inconsistent with proposed actions the Board is considering taking to adopt the Interim GDPR Compliance Model.
Whereas, the Bylaws require that "[i]n the event that the Board determines to take an action that is not consistent with Governmental Advisory Committee advice, it shall so inform the Governmental Advisory Committee and state the reasons why it decided not to follow that advice" and the Board and GAC are required to enter into a Bylaws Consultation process.
Resolved (2018.05.03.01), the Board has determined that it may take an action that is not consistent or may not be consistent with the GAC's advice in the San Juan Communiqué concerning the GDPR and ICANN's proposed Interim GDPR Compliance Model, and hereby initiates the required Board-GAC Bylaws Consultation Process [DOC, 42 KB] required in such an event. The Board will provide written notice to the GAC to initiate the process as required by the Bylaws Consultation Process.
All members of the Board present voted in favor of Resolution 2018.05.03.01. One member of the Board was unavailable to vote on the Resolution. The Resolution carried.
Rationale for Resolution 2018.05.03.01
Article 12, Section 12.2(a)(ix) of the ICANN Bylaws permits the GAC to "put issues to the Board directly, either by way of comment or prior advice, or by way of specifically recommending action or new policy development or revision to existing policies." In its San Juan Communiqué (15 March 2018), the GAC issued advice to the Board on various matters including ICANN's proposed approach to address compliance with ICANN's agreements with registries and registrars in relation to the European Union's General Data Protection Regulation (GDPR).
The ICANN Bylaws require the Board to take into account the GAC's advice on public policy matters in the formulation and adoption of the polices. If the Board decides to take an action that is not consistent with the GAC advice, it must inform the GAC and state the reasons why it decided not to follow the advice. Any GAC advice approved by a full consensus of the GAC (as defined in the Bylaws) may only be rejected by a vote of no less than 60% of the Board, and the GAC and the Board will then try, in good faith and in a timely and efficient manner, to find a mutually acceptable solution.
At this time, the Board's current thinking and approach to addressing the GDPR in relation to ICANN's agreements with registries and registrars is inconsistent or could be viewed as inconsistent with certain items of the GAC's advice in the San Juan Communiqué. Given this, the Board is taking action at this time to initiate the process that is required prior to the Board taking an action that is not consistent with the GAC's advice. As part of the process, the Board is required to, and will provide a written response to the GAC indicating: (1) whether it has any questions or concerns regarding such advice; (2) whether it would benefit from additional information regarding the basis for the GAC's advice; (3) and a preliminary indication of whether the Board intends to take such advice into account. The Board's response will be the subject of an exchange between the Board and the GAC.
In taking this action, the Board reviewed various materials, including, but not limited to, the following materials and documents:
- San Juan Communiqué (https://gac.icann.org/contentMigrated/icann61-gac-communique)
- Process for Consultations between the ICANN Board of Directors and the Governmental Advisory Committee (https://gacweb.icann.org/download/attachments/27132063/2013-04-07-Process forConsultations between ICANN and GAC.doc?version=1&modificationDate=1376102118000&api=v2 [DOC, 42 KB])
Taking this action will have a positive impact on the community because it will assist with resolving the advice from the GAC concerning ICANN's proposed approach for enforcing compliance with agreements with registries and registrars in relation to the GDPR. There are no foreseen fiscal impacts associated with the adoption of this resolution as the first step of the process, which requires an exchange between the Bord and the GAC, is anticipated to be conducted telephonically. Approval of the resolution will not impact security, stability or resiliency issues relating to the DNS. This is an Organizational Administrative function that does not require public comment. This action is in support of the public interest and ICANN's mission as it will assist in ensuring that public policy considerations are appropriately taken into account in proposed actions by the ICANN Board concerning GDPR compliance.
Any Other Business
The Board discussed additional GDPR-related matters that may come before the Board for a decision in the coming days. As part of the discussion, ICANN org members provided updates on what is anticipated prior to 25 May and after 25 May, as well as the Organization's work to study available remedies, including legal action in Europe to clarify ICANN's ability to continue to properly coordinate WHOIS.
The Chair called the meeting to a close.
Published on 14 May 2018