.ie Domain Profile Report 2023

EU cyber regulations may overwhelm Ireland’s regulators and service providers [continued] As the national domain registry, .ie is already designated by the Irish government as an operator of essential services (OES) under NIS1, the predecessor Directive to the imminent NIS2. Diligently following NIST Guidelines, along with its ISO 27001 certification ensures that .ie is already compliant with the cybersecurity requirements of the new Directive. In addition, the company has long-established DNS abuse protocols with many national regulators to assist them in tackling issues with .ie domains that are alleged to engage in technical abuse or criminal activity. The impact of NIS2 risks bringing severe unintended consequences, particularly for small companies in Europe. The scope of NIS2 will apply to all top-level domains for the first time – including .com .net. and .org and to all of the country code top level domains (ccTLDs) across Europe. Accordingly, Ireland’s registrars and resellers which operate cross-border, will need to comply with NIS2 legislation applicable in all of those countries. For example, they will need to have a dedicated database of complete and accurate information on any registrant that signs up for a domain name. This also means that registries and registrars will need to have verification processes. One particular concern is how to provide ‘Legitimate Access Seekers’ with access to the requested registration information on data held by them within 72 hours. Because of the risk that NIS2, specifically Article 28, poses to Europe's domain name sector, the Council of European National Top- Level Domain Registries (CENTR) has developed a series of nine recommendations for national legislators in Member States and for the NIS Cooperation Group on how Article 28 should be implemented. For Ireland's EPRSs - entities providing registration services - it is important and urgent that the intended regulator is identified and commences its work without undue delay. .ie Domain Profile Report 2023 | 4 Conclusion At .ie we are committed to demonstrating leadership for our sector and providing good governance. This includes meeting all .ie's regulatory requirements, including NIS2. It is not an easy task for the channel, but .ie has a multi-stakeholder Policy Advisory Committee that ensures its technical and registration policies and procedures are consensus-driven and will help the channel to navigate the rough regulatory waters ahead. A dedicated working group is focused on advocacy, alignment and awareness- building. On this matter, .ie will leverage its established relationships with government departments to advocate for its stakeholders with national policymakers. Through its international partnerships, the company will continue to liaise and coordinate with cross-border partners and CENTR officials in order to ensure that the concerns of registrars, resellers and internet users are aligned within Europe’s implementing acts and Ireland's national legislation.