[Community-Discuss] Data protection

[S. Moonesamy]

Dear Ish,
At 10:24 AM 12-07-2019, Ish Sookun wrote:

>The email mentions the following:

>

>     "The Board believes that these regulations are not a barrier to

>      publication of the WHOIS data [..]"

>

>and,

>

>     "The Board further believes that the biggest changes required by

>      AFRINIC are in documenting how personal data is used, and in

>      informing people at the time data is collected."

>

>I do not recall that there was any specific mention about how the

>personal data of resource members is used, at the time of registration.

>This leads me to believe that the current practice is not compliant with

>the data protection requirements.


The term "Resource Member" refers to the legal entity which meets the 
requirements for number resources.  The personal data aspect depends 
on how the legal entity manages that internally.  The Member Services 
department may be able to provide information what is collected and 
what will be included in WHOIS.

There are cases for which it may be useful to provide a point of 
contact.  An alternative to address regulatory requirements could be 
to provide the contact information of a role account.

Regards,
S. Moonesamy