[db-wg] Privacy proposal, concerns

Dennis,

You are welcome and I’m glad you see the point was  trying to make.

> But, beyond this principle, I still see a need to change the elements
> of personal data that are processed for the different purposes of the
> database. I understand what you say about IP addresses being
> considered as PII, as well as the business phone number of a 1 person
> company. So let me try to expand on my underlying thoughts. It seems
> we are all now surrounded by a multitude of PII elements. Name, home
> address, personal/private phone number and email, business related
> phone number and email, your IP addresses, etc. Even though all of it
> can be considered to be PII, which parts do you never want to end up
> in the public RIPE Database registry and what absolutely must be in
> the database?

You are right that a change (in mentality and in the database) seems to be in order.

The point I made about certain elements still being PII was not to argue that you should store them. I made the argument to illustrate that regardless of what policy is adopted, there will always be PII in this database and it needs to protected and is and remains governed by GDRP no matter what.

This bring with it a duty of care. Major parts of that duty of care is that the DB/RIPE (NCC?) should not process/hold more information than needed, that subjects have the right to see their data, correct mistakes and have their data deleted (right to be forgotten) if it is no longer needed. All these changes seem to be supporting these important principles.

> This is what I mean by separating personal details from business
> details and only publishing business details in the database. Whether
> this can be expressed in general legalistic, or even in practical,
> terminology I don't know (yet). I believe the intent of this proposal
> is good (although some would disagree), but I don't think the current
> wording is good enough.

It is good that RIPE reminds people that it is better to put business information in their rather than personal details. However there is a difference between a practice and a policy. If you make it policy that personal details should not be entered into the database, that one can make the case that RIPE acted against it’s policy when such data does show up in the database.

But if RIPE reminds the subjects that it is good practise to enter business details instead of personal data, you can claim that the subject themselves made the decision to enter personal detail, that in doing so they made con conscious decision and that RIPE performed their due care in preventing this. And seizing to accept new PERSON records in favour of CONTACT records is a good step.

If I can help in any way to make this proposal better, let me know.

Frank

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/db-wg/attachments/20221027/10f7c58f/attachment-0001.html>