I would agree with that completely

The Mauritius DPA is actually aligned with the old EU Data Privacy Directive 
and not the GDPR.

There are some interesting changes from the DPD to the GDPR. Most are quite 
minor in language (but could be more significant in application - time will 
tell).


> On 11 Apr 2018, at 16:00, Alan Barrett <alan.barr...@afrinic.net> wrote:
> 
> 
> 
>> On 11 Apr 2018, at 17:54, Mike Silber <silber.m...@gmail.com> wrote:
>> 
>> No issue with doing a proper information audit (what there is, where it is 
>> stored, how it can be accessed and by whom). That is just good information 
>> security practice.
>> 
>> However I am still not certain that holding any of that information actually 
>> makes AfriNIC a controller in terms of the GDPR.
> 
> I am pretty sure that AFRINIC is a data controller in terms of the Mauritius 
> Data Protection Act, which is aligned with GDPR.
> 
> Yes, we are auditing the information we hold and the way we process it, and I 
> expect to be able to report on progress at the AIS meeting in early May.
> 
> Alan
> _______________________________________________
> Community-Discuss mailing list
> Community-Discuss@afrinic.net
> https://lists.afrinic.net/mailman/listinfo/community-discuss


_______________________________________________
Community-Discuss mailing list
Community-Discuss@afrinic.net
https://lists.afrinic.net/mailman/listinfo/community-discuss

Reply via email to