[Community-Discuss] AFRINIC and the GDPR

Owen DeLong owen at delong.com
Wed Apr 11 17:29:56 UTC 2018

> On Apr 11, 2018, at 09:47 , S Moonesamy <sm+afrinic at elandsys.com> wrote:
> Hi Owen,
> At 09:05 AM 11-04-2018, Owen DeLong wrote:
>> Since AfriNIC isn't actually present in either location, it's up to the government of Mauritius whether it would do any of the following:
>> 1.Allow suit based on GDPR violation to be brought in an MU court.
>> 2.Extradite AfriNIC for suit in a court of competent jurisdiction in one of those countries.
> I doubt that (1) is how the data protection law works in Mauritius.
>> However, given the new information from Kirs that MU signed a safe harbor treaty with EU subjecting MU to EU ICO->GDPR, then yes, everyone and all organizations in MU are subject to GDPR by virtue of the treaty requiring MU to do one of the two things above in such a case.
> I gather that you are referring to the safe harbor framework [1] between the United States and the European Union.  I doubt that legal entities in Mauritius are subject to the GDPR per se [2] as they are not in the European Union.  Which treaty are you referring to?
> Regards,
> S. Moonesamy
> 1. https://www.ftc.gov/tips-advice/business-center/privacy-and-security/u.s.-eu-safe-harbor-framework
> 2. There may be exceptions to this. 

I’m not referring to any specific treaty. I’m stating that the mechanism by which MU could subject its citizens to EU jurisdiction would be a treaty signed by EU and MU.


More information about the Community-Discuss mailing list