[Community-Discuss] AFRINIC and the GDPR

Abibu R. Ntahigiye abibu at tznic.or.tz
Wed Apr 11 11:36:14 UTC 2018 

Dear Andrew, Members and the whole Afrinic community,

Andrew has raised a very important issue for Afrinic operations - Thanks 
so much Andrew.

The Board would like to inform you that the issue was discussed within 
the Board at the Afrinic 27 meeting in Lagos and the Management was 
tasked to work on the issue.

The Board has also been made aware that the Mauritius Data Protection 
Act 2017 is already in effect and is aligned with the EU GDPR 
regulations.  The Board believes that these regulations are not a 
barrier to publication of the WHOIS data, and it has noted the RIPE NCC 
study that made such a finding.  The Board further believes that the 
biggest changes required by AFRINIC are in documenting how personal data 
is used, and in informing people at the time data is collected.

The AFRINIC management will provide further updates on the issues at AIS 
2018 in Senegal.

Further to the above, the Board expects to receive more insights on 
GDPR  related issues at the joint Boards (AfriNIC and RIPE NCC) meeting 
planned in Senegal.

Kind regards


On 11/04/2018 08:42, Andrew Alston wrote:
>
> Hi AfriNIC Board,
>
> Can this board please **urgently** inform this community as to what 
> preparations they have made as regards to compliance with the General 
> Data Protection Regulations passed by the European Commision and the 
> board will be in a position to give this community a full and complete 
> report as to their GDPR compliance status and what will be changing 
> before the 25^th of May to ensure that when the GDPR comes into force 
> AfriNIC is compliant.
>
> Considering that the regulation comes into force on the 25^th of May 
> 2018 – and AfriNIC is 100% holding data of EU Citizens, which makes 
> them subject to the regulations irrespective of the fact that they are 
> domiciled in Mauritius – this is an urgent and critical issue.  It has 
> direct impact on the whois database, abuse contact information, 
> handling of data submitted during application process and potentially 
> even the proposed review policy, just to name a few things that I can 
> think of off the top of my head – and cannot be ignored.  I would in 
> fact have liked to have seen discussions by the board in the minutes 
> that have been published about the GDPR long before now – considering 
> the impact – but failing that – the question is now being asked.
>
> Andrew
>
> _______________________________________________
> Community-Discuss mailing list
> Community-Discuss at afrinic.net
> https://lists.afrinic.net/mailman/listinfo/community-discuss

-- 
Abibu R. Ntahigiye

CEO, tzNIC / Interim Chairman, Afrinic.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/community-discuss/attachments/20180411/aef4d7de/attachment.html>

More information about the Community-Discuss mailing list