[Community-Discuss] AFRINIC and the GDPR
Alan Barrett
alan.barrett at afrinic.net
Wed Apr 11 14:00:43 UTC 2018
> On 11 Apr 2018, at 17:54, Mike Silber <silber.mike at gmail.com> wrote:
>
> No issue with doing a proper information audit (what there is, where it is stored, how it can be accessed and by whom). That is just good information security practice.
>
> However I am still not certain that holding any of that information actually makes AfriNIC a controller in terms of the GDPR.
I am pretty sure that AFRINIC is a data controller in terms of the Mauritius Data Protection Act, which is aligned with GDPR.
Yes, we are auditing the information we hold and the way we process it, and I expect to be able to report on progress at the AIS meeting in early May.
Alan
More information about the Community-Discuss
mailing list