[AfriNIC-rpd] Regional Internet Registry Privacy

[sm+afrinic at elandsys.com]

Hi Walu,
At 17:54 05-05-2012, Walubengo J wrote:
>a) which example of data at AfriNIC is currently "private"? i.e. 
>give example since am not getting what data you wish to protect 
>here, having rightly excluded "whois" data. If its administrative 
>data e.g financial membership data, I believe that is covered under 
>Financial and Data Privacy laws of the host country?

I could not find any information about privacy on the www.afrinic.net 
web site.  I'll use you as an example.  If AfriNIC has your home 
address, can it store that information and other "private" 
information about you for the next 20 years even though you no longer 
have any relationship with it?  Can it transfer the information to 
other parties?

There was a data leakage at ICANN recently.  Would there be a 
notification if there was a data leakage at AfriNIC?  What are the 
requirements for such notifications?  Is there any information about 
all that being given adequate treatment under "Financial and Data 
Privacy" laws?  According to a survey I read, a web site you may have 
visited may be vulnerable to the BEAST attack.

>b) Any RIR with a simlar Policy? Not always a must but sometimes 
>comforting to know.

I'll ask the other RIRs about whether there is any policy about 
Personally Identifiable Information.

Regards,
S. Moonesamy