As you may know the .eu ccTLD is a little different, in that it operates under contract to the European Commission. The EC in turn operates based on treaties, directives, regulations and a bunch of other legislative devices. More than 15 years ago the EC and European Parliament started work on what would become the .eu ccTLD. In order to do that they issued legislation and it’s on the basis of that legislation that the current .eu ccTLD operates. The legislation also mandates a number of aspects of the .eu ccTLD’s policies, including registration eligibility.
A few days ago the EC and EP issued an updated regulation which makes some fairly substantial changes to how the .eu ccTLD will have to operate.
The single biggest change is around registrations themselves.
Within the next 6 months the registration policy will be expanded to allow European Union citizens no matter where they are in the world to register .eu domain names.
It’s not clear at the moment how the registry or registrars are expected to validate that, though the sanest way to do so would be via some form of self-declaration.
There are also other changes that may or may not have broader implications:
The regulation calls for the establishment of “The .eu Multistakeholder Advisory Group” which will be made up:
of representatives of stakeholders that are established in the Union. Those representatives shall be drawn from the private sector, the technical community, civil society and academia, as well as Member States’ authorities and international organisations. Representatives other than those drawn from Member States’ authorities and international organisations shall be appointed by the Commission on the basis of an open, non-discriminatory and transparent procedure, taking the utmost account the principle of gender equality.
This new group will have a level of oversight on .eu moving forward and act in an advisory capacity:
The .eu Multistakeholder Advisory Group shall have the following tasks:
(a) to advise the Commission on the implementation of this Regulation;
(b) to issue opinions to the Commission on strategic matters relating to the management, organisation and administration of the .eu TLD, including issues relating to cybersecurity and data protection;
(c) to advise the Commission on matters relating to the monitoring and supervision of the Registry, in particular with regard to the audit referred to in point (l) of Article 10;
(d) to advise the Commission on best practices as regards policies and measures against abusive registrations of domain names, in particular registrations without rights or legitimate interests and registrations used in bad faith.
There’s also quite a bit of new language in the regulation referring to both DNS abuse and IP rights infringement.
It’ll take several months for the various aspects of this new regulation to come into effect, but the change to registrant criteria is expected to be made within 6 months. The change to registrant rules might help UK residents, though the current Brexit timelines are too short.
Other parts of the document won’t come into force until 2022.
Here’s the full text of the document: