[Community-Discuss] AFRINIC and the GDPR

Alan Barrett alan.barrett at afrinic.net
Wed Apr 11 14:00:43 UTC 2018

> On 11 Apr 2018, at 17:54, Mike Silber <silber.mike at gmail.com> wrote:
> No issue with doing a proper information audit (what there is, where it is stored, how it can be accessed and by whom). That is just good information security practice.
> However I am still not certain that holding any of that information actually makes AfriNIC a controller in terms of the GDPR.

I am pretty sure that AFRINIC is a data controller in terms of the Mauritius Data Protection Act, which is aligned with GDPR.

Yes, we are auditing the information we hold and the way we process it, and I expect to be able to report on progress at the AIS meeting in early May.


More information about the Community-Discuss mailing list