On 1/23/19 8:26 PM, John Levine wrote:
> In article <0f07073e-9e96-3dee-2c39-9aef91dc9...@digitaldissidents.org> you
> write:
>> There is also no limitation or specific use defined, which makes this
>> protocol in direct violation of with the GDPR.
>
> I'm sorry, but that assertion is not even wrong.
>
> The GDPR affects entities that process or control data related to EU
> people. It is not about technical specifications that someone subject
> to the GDPR might use at some future time. It's up to the processors
> and controllers to figure out if they're subject to the GDPR and if so
> how their processing complies with it (keeping in mind that "consent"
> is pretty low on the list of criteria.)
>
> I don't plan to further engage with this unfounded line of argument.
>
> For anyone interested in actual work, the ICANN EPDP on this topic is
> grinding along and it seems reasonably likely that they will have sort
> of reverse search, maybe plain text, maybe hashed identifiers so you
> can ask questions like what are all the domains with the same contact
> address as this one without knowing what the contact address is.
>
I totally agree with John here: let's await what comes out of the ICANN EPDP
and see whether this is actually something that is warranted and build it to
that spec.
Best,
Niels
> R's,
> John
>
> _______________________________________________
> regext mailing list
> regext@ietf.org
> https://www.ietf.org/mailman/listinfo/regext
>
--
Niels ten Oever
Researcher and PhD Candidate
Datactive Research Group
University of Amsterdam
PGP fingerprint 2458 0B70 5C4A FD8A 9488
643A 0ED8 3F3A 468A C8B3
_______________________________________________
regext mailing list
regext@ietf.org
https://www.ietf.org/mailman/listinfo/regext
