[Community-Discuss] AFRINIC and the GDPR

Mike Silber silber.mike at gmail.com
Wed Apr 11 14:19:17 UTC 2018


I would agree with that completely

The Mauritius DPA is actually aligned with the old EU Data Privacy Directive and not the GDPR.

There are some interesting changes from the DPD to the GDPR. Most are quite minor in language (but could be more significant in application - time will tell).


> On 11 Apr 2018, at 16:00, Alan Barrett <alan.barrett at afrinic.net> wrote:
> 
> 
> 
>> On 11 Apr 2018, at 17:54, Mike Silber <silber.mike at gmail.com> wrote:
>> 
>> No issue with doing a proper information audit (what there is, where it is stored, how it can be accessed and by whom). That is just good information security practice.
>> 
>> However I am still not certain that holding any of that information actually makes AfriNIC a controller in terms of the GDPR.
> 
> I am pretty sure that AFRINIC is a data controller in terms of the Mauritius Data Protection Act, which is aligned with GDPR.
> 
> Yes, we are auditing the information we hold and the way we process it, and I expect to be able to report on progress at the AIS meeting in early May.
> 
> Alan
> _______________________________________________
> Community-Discuss mailing list
> Community-Discuss at afrinic.net
> https://lists.afrinic.net/mailman/listinfo/community-discuss




More information about the Community-Discuss mailing list