[Community-Discuss] AFRINIC and the GDPR

Arsène Tungali arsenebaguma at gmail.com
Fri Apr 13 14:48:33 UTC 2018

Reading this thread, I am still awaiting an official statement from the
Board telling us that AFRINIC is safe and at this stage is in compliance
with GDPR when it gets into enforcement next month. Or maybe did i miss
that one?

I am not a EU citizen nor do I live in any EU country but i do care very
much about privacy issues in terms of the way WHOIS handles personal data.

**Arsène Tungali* <http://about.me/ArseneTungali>*
Co-Founder & Executive Director, *Rudi international
CEO,* Smart Services Sarl <https://www.smart-kitoko.com/>*, *Mabingwa Forum
Tel: +243 993810967
GPG: 523644A0
*Goma, Democratic Republic of Congo*

2015 Mandela Washington Felllow
(YALI) - ISOC Ambassador (IGF Brazil
& Mexico
- AFRISIG 2016 <http://afrisig.org/afrisig-2016/class-of-2016/> - Blogger
<http://tungali.blogspot.com> - ICANN's GNSO Council
<https://gnso.icann.org/en/about/gnso-council.htm> Member. AFRINIC Fellow (
- *IGFSA Member <http://www.igfsa.org/> - Internet Governance - Internet

Check the *2016 State of Internet Freedom in DRC* report (English
<http://cipesa.org/?wpfb_dl=234>) and (French

2018-04-12 11:55 GMT+02:00 Ashok <ashok at afrinic.net>:

> Dear All,
> Mauritius has signed the the European Convention for Protection of
> Individuals with regard to Automatic Processing of Personal Data (commonly
> known as Convention 108), to which  it acceded to on 17 June 2016 at
> Strasbourg, France.
> On a side note, Convention 108 is the first and only international legally
> binding instrument dealing explicitly with data protection and currently
> has 51 signatories including 47 Council of Europe Member States as well as
> Uruguay until Mauritius became the 49th State Party and the first African
> country. The treaty entered into force on 1 October 2016 in Mauritius. [
> Extract from Data Protection Office Document].
> This is how GDPR applies to Mauritius and since then The Data Protection
> Act 2017 has incorporated same in our local law.
> Ashok.,
> On 11/04/2018 20:47, S Moonesamy wrote:
>> Hi Owen,
>> At 09:05 AM 11-04-2018, Owen DeLong wrote:
>>> Since AfriNIC isn't actually present in either location, it's up to the
>>> government of Mauritius whether it would do any of the following:
>>> 1.Allow suit based on GDPR violation to be brought in an MU court.
>>> 2.Extradite AfriNIC for suit in a court of competent jurisdiction in one
>>> of those countries.
>> I doubt that (1) is how the data protection law works in Mauritius.
>> However, given the new information from Kirs that MU signed a safe harbor
>>> treaty with EU subjecting MU to EU ICO->GDPR, then yes, everyone and all
>>> organizations in MU are subject to GDPR by virtue of the treaty requiring
>>> MU to do one of the two things above in such a case.
>> I gather that you are referring to the safe harbor framework [1] between
>> the United States and the European Union.  I doubt that legal entities in
>> Mauritius are subject to the GDPR per se [2] as they are not in the
>> European Union.  Which treaty are you referring to?
>> Regards,
>> S. Moonesamy
>> 1. https://www.ftc.gov/tips-advice/business-center/privacy-and-
>> security/u.s.-eu-safe-harbor-framework
>> 2. There may be exceptions to this.
>> _______________________________________________
>> Community-Discuss mailing list
>> Community-Discuss at afrinic.net
>> https://lists.afrinic.net/mailman/listinfo/community-discuss
> _______________________________________________
> Community-Discuss mailing list
> Community-Discuss at afrinic.net
> https://lists.afrinic.net/mailman/listinfo/community-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/community-discuss/attachments/20180413/df24add6/attachment.html>

More information about the Community-Discuss mailing list