Re: [dp-tf] Quadlogy of person proposals
-
To: Leo Vegoda <>
-
From: "Larisa A. Yurkina" <>
-
Date: Fri, 15 Jun 2007 17:28:32 +0400 (MSD)
-
Cc: Denis Walker <>, <>
On Fri, 15 Jun 2007, Leo Vegoda wrote:
> Denis,
>
> On 15 Jun 2007, at 12:44pm, Denis Walker wrote:
>
> [...]
>
> > So before we go too far down the road on issues of authentication,
> > authorisation, permissions and contracts, maybe we need to answer
> > these
> > basic questions:
> >
> > * what personal data do we need
> > * who needs access to it and by what means
> > * what do we need it for
>
> Surely this last question should be considered before the other two.
> Depending on the answer to it the other two many not apply at all.
> For instance, if the main purpose is to provide contact information
> to third parties who many need it for network troubleshooting
> purposes, role information may be sufficient and personal data is not
> needed at all. That would eliminate the need for the first question.
Right,
the Directive states the same thing:
... personal data must be:
(b) collected for specified, explicit and legitimate purposes and not further processed
in a way incompatible with those purposes.
there also is a next point:
(c) adequate, relevant and not excessive in relation to the purposes for which they are
collected and/or further processed;
Please note, "not excessive".
Don't you think that person object exactly falls under "excessive" category?
>
> Regards,
>
> --
> Leo Vegoda
> IANA Numbers Liaison
>
>
With respect,
Larisa Yurkina
---
RIPN Registry center
-----
|
you are here: RIPE -> RIPE Maillists > Archives
