Tim Bray wrote:
What is different is the volume of snakeoil lawyers, consultants and
people who don't have a clue deciding on new `rules` that you must do today.
Oh you are not wrong there.... to give you some sort of idea got this
the other day...
We're currently using Sorbs.net in our **** Mail Server.
As we exchange IP addresses and customer data, i believe we need a
GDPR agreement from you.
I have looked on your website but i cannot seem to find this - is this
something you can send us per e-mail?
I replied with the following:
=====
Checking with our lawyers, but it is very unlikely that we would need to
have such a thing as you're not exchanging data with us.
...and just so you're aware of the implications, if we are required to
provide this to you, then you will be required to have every website.
email and DNS server provider to supply GDPR agreements with you as
well.... as you're performing lookups to DNS which are also done by
every webserver, email server and DNS server in the world...
=====
Of course this just shows how little knowledge and how much
scaremongering there is out there... I got a reply to my email for
those interested...
Thank you for your response.
Actually - i have contacted the 3 BL services we're using and everyone
says the same.
With your explanation, that actually also makes sense!
Thank you for your time - have a great weekend! :)
Which goes to show its a matter of eduation that the GDPR is really not
much more than is out there already just it covers all of Europe and is
designed to take a lot of the individual country differences/laws etc
out of the equation and provide a Europe wide data protection policy
targeting all those wishing to do business in Europe.... and lets not
forget here... The GDPR is about data protection across the board its
not just for online transactions... It to protect personal data and
privacy generally and addresses the specific issue of data being
exported outside of the EU (which most country level DPAs don't/are not
able to address).... it also stops people/companies from choosing the
jurisdiction for the DPA that is most conducive to their business
model... but when you have Google Ads showing the 'sponsored ads' when
searching 'GDPR' as:
*
GDPR Has Worldwide Impact | Learn How to Prepare w/IBM
<https://www.ibm.com/security/data-security/gdpr>
* Adwww.ibm.com/Data-Security/GDPR-SolutionsFree solution. Data
compliance issues resolved in minutes.
*
*GDPR* May Apply to You Even If You're Not in the EU. Learn How to
Get *GDPR*-Ready!
Types: Guardium GDPR Accelerator, GDPR Readiness Assessment, Data
Risk Manager, Vulnerability Assessment
*
Beautiful Free GDPR Guide | For Australian Businesses
<https://www.virtualcabinet.com/document-management-info/gdpr-for-australian-businesses>
Adwww.virtualcabinet.com/GDPR-Guide/For-Businesses
*
Cut Through *GDPR* Confusion. Visual Guide, Practical Info For
Aussie Businesses.
Types: GDPR Rights, Personal Data, Privacy By Design, Compliance
Checklist
o Talk To A Specialist
<https://www.virtualcabinet.com/document-management/demo>
o Guide For GDPR Software
<https://www.virtualcabinet.com/gdpr/software-for-gdpr>
*
Are your GDPR ready? | Download our free guide | sage.com
<http://go.sage.com/SageGeneralDataProtectionRegulation>
Adget.sage.com/GDPR/GDPR-Guide
*
Understand & get ready for *GDPR* with The Sage™ quick start guide
for businesses
Book Telephone Diagnostic · 24/7 Technical Support · Key Business
Insights · Online Support
o About Us <http://www.sage.com/company/about-sage>
o Events Information <http://www.sage.com/company/events>
o Business Builders <http://www.sage.com/company/business-builders>
o Products Available <http://www.sage.com/company/products>
o Career Opportunities <http://www.sage.com/company/careers>
*
Avoid GDPR Compliance Costs | Block EU traffic |
ezigdpr.com <https://www.ezigdpr.com/>
Adwww.ezigdpr.com/
... is there any wonder why people are concerned about this 'new' thing ...?
Seriously its very simple (especially with domain registration)... eg:
To buy/own a domain the ownership details have to be published
publicly. The domain has to be owned by an individual or company. An
address and phone number/email has to be provided for the individual or
company, these can be PO Boxes, disposable phones, or hotmail email
addresses etc, but be aware that important information is often sent to
these so ensure they always work or you might find that you are unable
to use/renew your domain in the future. If your enter fake details your
domain registration maybe deleted without warning, refund will not be
provided in these cases.
Do you wish to proceed? [Yes/No]
The way I see it (and of course IANAL) consent to publish the
information publicly trumps the DPA/GDPR everywhere/everytime. People
using the information for anything (including just storing it for
reference/research) that is not part of the purchase contract are
violating the GDPR... ie if I get a copy of the Whois Database (whether
downloading it from a registrar officially or by scraping it over time)
*I* am violating the GDPR unless *I* have permission to take that data
by ALL the *EU subjects* of that data... and that doesn't matter whether
I am an entity doing business solely in the EU or not... Of course the
last link above is the amusing one... "Hey, avoid the GDPR, stop doing
business in the EU and block all EU traffic!" Doh!
--
Michelle Sullivan
http://www.mhix.org/
_______________________________________________
mailop mailing list
[email protected]
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
