This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ripe-list@ripe.net/
[ripe-list] Confidentiality, or that lack thereof
- Previous message (by thread): [ripe-list] Confidentiality, or that lack thereof
- Next message (by thread): [ripe-list] Confidentiality, or that lack thereof
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ronald F. Guilmette
rfg at tristatelogic.com
Tue Aug 24 20:10:52 CEST 2021
In message <50A2DE7B-3184-406A-8AE0-78062A8074FE at v6x.org>, =?utf-8?Q?Andreas_H=C3=A4rpfer?= <ah at v6x.org> wrote: >The "Due Diligence" document > >https://www.ripe.net/publications/docs/ripe-748#5--confidentiality-and-privacy-issues Thank you. Here is the relevant section: 5. Confidentiality and Privacy Issues The RIPE NCC maintains a duty of confidentiality towards the legal or natural persons that request Internet number resources. Information passed to the RIPE NCC is securely stored and will not be distributed further than is necessary. Details of the process of handling personal data by the RIPE NCC can be found in the RIPE NCC Privacy Statement. This forces me to just reiterate the various questiions I raised in my immediately preceeding post, e.g.: *) Where did this purported "duty of confidentiality" come from and what is the legal or policy basis of it? *) Does this alleged "duty of confidentiality" only apply selectively, in certain cotexts or with respect to certain information, such that the public WHOIS records do not run afowl of this duty? >... together with a link to the RIPE privacy statement > > https://www.ripe.net/about-us/legal/ripe-ncc-privacy-statement Please note that the RIPE privacy statement appears to be -exclusively- about -personal- information of natural persons. It seems that the two documents that you have provided links to are together performing a sort of coordinated linguistic/HTTP sleight of hand. In Section 5 of the first document it is alleged that there is a "duty" towards -both- natural persons and also towards any an all -other- legal entities, even as it refers the reader to the second document (the RIPE NCC Privacy Statement) which quite obviously talks only about the privacy that shall be accorded to natural persons. I do not and shall not take issue with GDPR. It is the law of the land and provides reasonable privacy protections to all natural persons. But I do believe that it is safe to say that the overwehlming majority of RIPE members are not natural persons, and it still appears to be rather entirely opaque to me what duties of confidentiality are owed to these non-natural entities. If thare exist yet other documents that might further clarify that, I would greatly appreciate being directed to them. Regards, rfg
- Previous message (by thread): [ripe-list] Confidentiality, or that lack thereof
- Next message (by thread): [ripe-list] Confidentiality, or that lack thereof
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]