On April 22, 2012 ICANN released the final proposal for the new Registrar Accreditation Agreement (RAA) for gTLDs

ICANN has released the RAA to the public for comment until June 4, 2013.Although the RAA is specifically for registrars, there are also some updates relating to domain registrants, mostly in the realm of data accuracy and retention.

    First, registrars will be required to retain the following information for registered domain names: the names of the primary and secondary nameserver, the identity of the registrar, the original creation date of the registration, the expiration date, the name and postal address of the domain owner, and the name, postal address, email address, phone telephone number, and fax number (where applicable) for the domains technical and administrative contact. One of the biggest changes is that domain owners will be required to keep their contact information up-to-date, within seven days of a change actually. Domain owners will also be required to respond to the registrar’s request to verify the domain owner’s email address or telephone number is correct. If you do not comply with these, your domain can be suspended or cancelled.

    Domain Name owners should be aware that registrars will also be keeping your data for a long time; for as long as you have the domain and if the RAA is terminated, then for two years after that. Registrars will also  keep your data if you have terminated your registration or transferred the domain for two years. Where data retention is loosely defined with regards to what should and should not be retained, this could include credit card numbers, as well as records of written and electronic communication. There is a provision that this data retention may be limited by local law, so the term could be limited in some countries.

    Domain owners will be happy to know that some sections of the RAA deal with limiting third party access to bulk contact Whois information. Third parties can now only get this bulk information if ICANN finds that they can exercise “market power” and even then there are restrictions on how it can use that information, i.e. limitations against sending bulk spam emails. There are also further prohibitions against the use of data for unsolicited commercial emails.

    Finally, the big changes are going to happen with proxy services. The RAA leaves open the option of a Privacy and Proxy Accreditation Program, but does not really hint at what such a program will entail. However, in a presentation by ICANN on May 6, 2013, it stated that a minimum baseline accreditation program would require the disclosure of key service terms, publishing of infringement/abuse points of contact, publishing of business contact information, and that customer data be kept in escrow with a third party. Registrants will have to wait until the RAA is finalized to know what will actually change with regards to privacy services. Until then, comment remains open on the RAA until early June. Those interested in commenting may do so here. Be sure to watch ICANN for more updates on the discussion on the RAA and further information on the new gTLD launches.

- See more at: http://www.eranet.com/news/MessView.net?IDMessage=54771#sthash.x7wIuhxV.dpuf