ccTLD registries discuss technical approaches to dealing with GDPR
This month, the 11th CENTR R&D workshop took place in Luxembourg. The 1.5 day workshop was hosted by RESTENA (.lu) and ran alongside the annual Hack.lu conference.
Significant time was spent on technical approaches to dealing with GDPR (the General Data Protection Regulation), which will enter into force in May 2018. Anonymisation, pseudonymisation and other techniques of processing DNS/query log data were suggested and discussed allowing ccTLD registries to weigh the pros and cons of different methods. SIDN (.nl) outlined their own approach to GDPR through specific activities such as the setting up of a Privacy Board, filtering/aggregating and hard anonymisation of data, siloing of data for different purposes and other work. The discussion also moved around the rationale for data retention and use cases (e.g. fighting abuse).
Other topics covered in the workshop included anomaly detection & machine learning, data visualisation and a series of ‘lightning talks’ where registries shared details on many of their new and existing R&D projects. Some of these include: the ENTRADA network analytics platform (SIDN Labs), the OpenINTEL DNS management project, query log analysis/detection tools, categorisation of domains, web crawling tools, Zonemaster, SPIN (Security & Privacy for In-home Networks), DNS abuse work and more.
About the CENTR R&D Working Group – The R&D working group deals with forward-looking technology topics, within a wide perimeter of CENTR members’ businesses, in either disruptive or evolutionary ways, and in a medium- to long-term timescale. The group meets once or twice per year. The next meeting will be held as part of the CENTR Jamboree (30 May – 1 June 2018).