[address-policy-wg] Personal Data and 2012-05
- Previous message (by thread): [address-policy-wg] Personal Data and 2012-05
- Next message (by thread): [address-policy-wg] 2012-05 New Draft Document and Impact Analysis Published (Transparency in Address Block Transfers)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Turchanyi Geza
turchanyi.geza at gmail.com
Wed Sep 5 13:59:11 CEST 2012
Jim, thanks for your clarifications, I better understand your concerns. However, business related ID should be accessible publicly. If I know well, all public procurement require the correct ownership data, etc in Europe, and not just hidden, disguised ones. Best, Géza On Wed, Sep 5, 2012 at 11:00 AM, Jim Reid <jim at rfc1035.com> wrote: > On 5 Sep 2012, at 07:16, Turchanyi Geza wrote: > > I share Milton's view that a name (etc) of a person acting in business is >> not personal only, however, a business ID, what is public information. >> This is the rule in my country which is not in the US and won't be. >> > > There are many views on what is and isn't Personal Data, even amongst > European Data Protection Authorities who are working off the same EU > Directives. Don't make the mistake of assuming everyone shares your view or > that of your local DPA. Or that those views might or might not change > tomorrow. > > Strictly speaking any data which identifies a living person constitutes > Personal Data. Therefore that data falls within scope of the EU Directives > and the prevailing national laws which enacted them. However some, but by > no means all, European DPAs take a pragmatic view and consider end user > expectations and/or the intent behind publishing Personal Data when > deciding what is and isn't acceptable. Other DPAs may take a much more > literal approach to what's in the Directive and local law. So what's > "legal" in one jurisdiction may well be "illegal" in another even though > both positions are based on the same EU Directives. This situation might > well apply in non-EU countries which have Data Protection legislation too. > > Things can get even murkier if you go into greater detail. For instance my > former ISP added contact details for me to the RIPE database when they gave > me a /29. This was OK from the DPA's perspective since the intent was > reasonable: maintaining an accurate, public database of who was using > address space. However it was also not OK because the entries were added > without my consent and I had no clear way to update them. Those entries > were still in the database several months after the space had been handed > back. That wasn't OK either. > > Schrodinger's cat has/had a very happy home in Data Protection. :-) > > Anyway, this latest rat-holing is somewhat irrelevant. If contact > information for IP address resources need to be obscured for whatever > reason -- commercial confidentiality, data protection/privacy, preventing > spam, etc -- methods for that already exist and could be applied. In some > cases, they already are in use. Others may well be invented. Just look at > the "imaginitive" solutions found in the domain name world for obfuscating > whois data. If we look in the real world, the public registers of physical > assets such as shares and property regularly contain entries for things > like lawyers's offices, nominee accounts, offshore companies/trusts and so > on so that the details of the real owner remain hidden. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.ripe.net/ripe/mail/archives/address-policy-wg/attachments/20120905/63c1f17e/attachment.html>
- Previous message (by thread): [address-policy-wg] Personal Data and 2012-05
- Next message (by thread): [address-policy-wg] 2012-05 New Draft Document and Impact Analysis Published (Transparency in Address Block Transfers)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]