ICANN78 Day Zero Workshop: NIS2 Directive – Impact on the DNS Industry

Datum 20.10.2023 09:00 - 18:00 Uhr ics/ical Download von ics/ical
Ort CCH - Congress Center Hamburg Congressplatz 1 20355 Hamburg
Veranstalter eco - Association of the Internet Industry
ICANN78 Day Zero Workshop: NIS2 Directive – Impact on the DNS Industry

ICANN78 Day Zero Workshop:
NIS2 Directive – Impact on the DNS Industry

20 October 2023

ICANN78 Day Zero Workshop: NIS2 Directive – Impact on the DNS Industry

eco – Association of the Internet Industry

invites you on Friday, 20 October for a Day Zero Workshop at ICANN78 in Hamburg to discuss the legislation that impacts the domain name industry in the European Union followed by an informal reception.

Please note, space is limited and registration is required.

A separate registration for the ICANN78 meeting is required to attend.

We look forward to welcoming you!

 

The NIS2 Directive is the EU-wide legislation on cybersecurity. It provides legal measures to increase the overall level of cybersecurity in the EU.

The EU cybersecurity legislation, which was introduced in 2016, was updated by the NIS2 Directive, which came into force in 2023. It modernized the existing legal framework to keep pace with increasing digitization and the evolving cybersecurity threat landscape. Extending the scope of cybersecurity rules to new sectors and entities will further improve the resilience and responsiveness of public and private entities, competent authorities and the EU as a whole.

In addition to its impact on the cybersecurity sector, the NIS2 Directive has implications for domain name registrations in the European Union. Article 28 of NIS2 contains requirements for domain name registrations, in particular registration data.

What makes NIS2 a challenge for the domain industry is its directive nature. A directive is a piece of legislation that sets a goal that all EU countries must achieve. However, it is up to the individual countries to develop their own laws on how to achieve these goals. This could potentially result in 27 different procedures for validating domain name registration data. Given that the domain name industry is a global ecosystem of domain name registries, registrars, resellers, etc. interacting with each other, validation procedures should follow proven industry best practices. The implementation of NIS2 by individual member states of the European Union should avoid the definition of 27 different processes.

The clock is ticking. The updated NIS2 Directive entered into force on January 16, 2023. Member States now have until October 17, 2024 to adopt new legislation to comply with NIS2. Businesses need to consider how the extended new regime will affect them, as it will take time to put compliant structures in place, and they will need to consider NIS2 jurisdictional rules in their compliance plans, contracts and relationships with third parties they rely on to protect their assets.

SPONSORS

We thank the sponsors for their support of eco's ICANN78 Accompanying Programme

MEDIA PARTNER

AGENDA

    • 9:00am CET
    • Registration & Coffee
    • 10:00am CET
    • Welcome to Part 1, Introduction & Methodology
    • 10:15am CET
    • Introduction to NIS2 and Art. 28 – Requirements & Expectations

       

      National legislative bodies are already working on draft legislation to implement the NIS2 Directive in their respective countries. What are the objectives and intentions of Art. 28 and how much guidance can the European Commission provide to national legislators? This session will provide an overview of the requirements of the NIS2 Directive with a focus on Art. 28 and its expectations.

    •  
    • Report from the GAC NIS2 Coordination Group

       

      As NIS2 is a Directive, it is up to individual countries to enact their own legislation to achieve its objectives, including Art. 28. This could potentially result in 27 different procedures for validating domain name registration data. The NIS2 Coordination Group is discussing the various national approaches and proposals. This session will provide an update on the status of the group's work, including the two task forces working on validation and legitimate access.

    •  
    • National Draft Legislative Proposal(s)

       

      NIS2 must now be transposed into national law by national legislators by 17 October 2024 and will apply from 18 October 2024. As a result, proposals for national legislation are already in the pipeline. This session will analyse and discuss selected draft proposals from different EU Member States in order to understand the national legislative processes and implementing legislation.

      More details coming soon.

    • 11:20am CET
    • Multistakeholder Organizations

       

      The language of NIS2 refers to multi-stakeholder organisations. In this session we will discuss the interplay between national/regional legislation and the global multistakeholder model, including ICANN, where community policies are already in place.

    • 11:50am CET
    • Summary of the morning
    • 12:00pm CET
    • Lunch break
    • 13:00pm CET
    • Welcome to Part 2
    • 13:15pm CET
    • Will Art. 28 be effective against DNS Abuse?

       

      Recital 110 states that “The availability and timely accessibility of domain name registration data to legitimate access seekers is essential for the prevention and combating of DNS abuse, and for the prevention and detection of and response to incidents.” How effective is the use of domain name registration data in combating DNS abuse? What other complementary measures are there?

    • Operational & Implementation Challenges

       

      TLD name registries and the entities providing domain name registration services will be required to have policies and procedures in place, including verification procedures, to ensure that databases contain accurate and complete information, to make domain name registration data that is not personal data publicly available, etc.

       

      What are the best practices and challenges in implementing and operating the required policies and procedures and what are the implications at the national, EU and global levels? Will EU-based companies be at a commercial disadvantage in the future? These and other questions will be discussed in this session.

    • 15:00pm CET
    • Coffee break
    • 15:30pm CET
    • Discussion of raised ambiguities
    • 17:20pm CET
    • Afternoon summary & Workshop Wrap Up
    • 17:30pm CET
    • End of Workshop & Reception
  • SPEAKER

    Beth Bacon
    Beth Bacon

    Senior Director, Policy and Privacy, Public Interest Registry (.ORG)

    Gemma Carolillo
    Gemma Carolillo

    Deputy Head of Unit, Next Generation Internet, European Commission, DG Communications Networks, Content and Technology

    Brian Cimbolic
    Brian Cimbolic

    Vice President, General Counsel, Public Interest Registry (.ORG)

    Samantha Demetriou
    Samantha Demetriou

    Senior Director - Policy, Verisign

    Steinar Grøtterød
    Steinar Grøtterød

    Director of Policy & Compliance, iQ Global AS

    Ashley Heineman
    Ashley Heineman

    Director, Global Policy, GoDaddy

    Dirk Jumpertz
    Dirk Jumpertz

    Security Officer, EURid

    Polina Malaja
    Polina Malaja

    Policy Director, CENTR

    Finn Petersen
    Finn Petersen

    Director of International ICT Relations, Division for Digital Regulation and Supervision

    Elena Plexida
    Elena Plexida

    Vice President, Government and IGO Engagement, ICANN

    Thomas Rickert
    Thomas Rickert

    Director Names & Numbers, eco – Association of the Internet Industry

    Owen Smigelski
    Owen Smigelski

    Head of ICANN Compliance & Relations, Namecheap

    Nick Wenban-Smith
    Nick Wenban-Smith

    General Counsel, Nominet UK

    Additional speakers to be announced soon
    Additional speakers to be announced soon

    HOSTS

    Christopher Mondini
    Christopher Mondini
    Vice President, Stakeholder Engagement & Managing Director, Europe, ICANN

    Steffen David
    Steffen David
    CEO, I/P/B Internet Provider Berlin

    Lukasz Krol
    Lukasz Krol
    Internews

    LOCATION

    CCH - Congress Center Hamburg
    Congressplatz 1
    20355 Hamburg

    REGISTRATION

    Subscribe here to the dotmagazine monthly newsletter with links to articles from dotmagazine and eco news and events.