[Community-Discuss] AFRINIC and the GDPR

Badru Ntege badru.ntege at nftconsult.com
Fri Apr 13 16:26:26 UTC 2018


Ashok 

Thanks for this clarification


On 4/12/18, 12:59 PM, "Ashok" <ashok at afrinic.net> wrote:

    Dear All,
    Mauritius has signed the the European Convention for Protection of 
    Individuals with regard to Automatic Processing of Personal Data 
    (commonly known as Convention 108), to which  it acceded to on 17 June 
    2016 at Strasbourg, France.
    On a side note, Convention 108 is the first and only international 
    legally binding instrument dealing explicitly with data protection and 
    currently has 51 signatories including 47 Council of Europe Member 
    States as well as Uruguay until Mauritius became the 49th State Party 
    and the first African country. The treaty entered into force on 1 
    October 2016 in Mauritius. [ Extract from Data Protection Office Document].
    This is how GDPR applies to Mauritius and since then The Data Protection 
    Act 2017 has incorporated same in our local law.
    Ashok.,
    
    On 11/04/2018 20:47, S Moonesamy wrote:
    > Hi Owen,
    > At 09:05 AM 11-04-2018, Owen DeLong wrote:
    >> Since AfriNIC isn't actually present in either location, it's up to 
    >> the government of Mauritius whether it would do any of the following:
    >> 1.Allow suit based on GDPR violation to be brought in an MU court.
    >> 2.Extradite AfriNIC for suit in a court of competent jurisdiction in 
    >> one of those countries.
    >
    > I doubt that (1) is how the data protection law works in Mauritius.
    >
    >> However, given the new information from Kirs that MU signed a safe 
    >> harbor treaty with EU subjecting MU to EU ICO->GDPR, then yes, 
    >> everyone and all organizations in MU are subject to GDPR by virtue of 
    >> the treaty requiring MU to do one of the two things above in such a 
    >> case.
    >
    > I gather that you are referring to the safe harbor framework [1] 
    > between the United States and the European Union.  I doubt that legal 
    > entities in Mauritius are subject to the GDPR per se [2] as they are 
    > not in the European Union.  Which treaty are you referring to?
    >
    > Regards,
    > S. Moonesamy
    >
    > 1. 
    > https://www.ftc.gov/tips-advice/business-center/privacy-and-security/u.s.-eu-safe-harbor-framework
    > 2. There may be exceptions to this.
    >
    > _______________________________________________
    > Community-Discuss mailing list
    > Community-Discuss at afrinic.net
    > https://lists.afrinic.net/mailman/listinfo/community-discuss
    
    
    _______________________________________________
    Community-Discuss mailing list
    Community-Discuss at afrinic.net
    https://lists.afrinic.net/mailman/listinfo/community-discuss
    





More information about the Community-Discuss mailing list