naphtalina / iStockphoto.com
In doing so, the court upheld an earlier decision made by a court in Bonn.
ICANN announced the decision on Friday, August 3.
The organisation filed a lawsuit against EPAG in May to seek clarity on how the Whois system should operate in relation to the EU’s new General Data Protection Regulation (GDPR).
On appeal from an earlier ruling, the Cologne court stated that the interpretation of GDPR provisions was not part of its decision, according to ICANN.
As a result, the court said there is no obligation to refer the case to the Court of Justice of the European Union.
ICANN said it is considering additional filings before the German courts.
The organisation filed its claim against EPAG in Bonn on May 25—the same day that the GDPR came into force. The purpose of the lawsuit was to attempt to clarify how the regulation should be interpreted.
ICANN asked whether EPAG should be required to continue its practice of collecting administrative and technical contact information for new domain name registrations after the GDPR was introduced.
EPAG had indicated that it would delete the contact information.
Tucows Group, parent company of EPAG, said that it built a new registration system which is in line with the GDPR’s “principles”.
Less than a week after ICANN filed its complaint, the Regional Court in Bonn refused to issue an injunction, on May 30.
According to ICANN, the Regional Court said that it did not require EPAG to collect administrative and technical data for new registrations. However, the organisation also said that the Regional Court did not indicate whether collecting such data would be a violation of the GDPR.
The Regional Court in Bonn said that ICANN had failed to demonstrate that it is necessary to collect additional information for administrative and technical registrations.
In response, ICANN filed an appeal against the decision at the Higher Regional Court of Cologne in June.
ICANN, EPAG, Whois, GDPR, online, domain name, Higher Regional Court in Cologne