[chair hat off] I didn’t want to influence this call for adoption with my personal opinion, but I do have a use case that I think is important to consider. According to the GDRP, any individual has a right to make a request to an entity that gathers data to have insight in what data is stored from him or her. This is to protect the consumers so that he knows which data he needs to control. For an entity to be able to deliver this data to an individual, it needs to do a reverse search.
So, my argument here is that not being able to do a reverse search means you do not comply with GDRP guidelines….. That only the individual itself can order this reverse search to be done is policy, not technical. That’s why RDAP has the concept of federated access. To be able to comply to that sort of policies of who can do what. - -- Antoin Verschuren Tweevoren 6, 5672 SB Nuenen, NL M: +31 6 37682392 > Op 25 jan. 2019, om 17:21 heeft Niels ten Oever <li...@digitaldissidents.org> > het volgende geschreven: > > Hi Thomas, > > On 1/25/19 4:18 PM, Thomas Corte wrote: >> Hello Niels, >> >> On 1/25/19 15:39, Niels ten Oever wrote: >> >>> But if the IETF produces protocols which are non-GDPR compliant upon >>> implementation, and are violating human rights, that is imho not something >>> we should want. >> >> Why should the IETF, a *global* organization, restrict its protocols to >> ensure GDPR compliance, i.e. a piece of legislation only applicable in >> the *European Union* and nowhere else? >> > > I fully agree that the IETF does not need to restrict its protocols to the > legislations of one geographical area. But I think the IETF should help > implementers to not violate the human rights of end-users, and consider > regulation when implementing. The IETF can seek to do so by thoroughly > analyzing the potential impacts of the protocols that are produced in and > published by the IETF and report on the in privacy, security and human rights > considerations. > > Best, > > Niels > > PS The legislation not only applicable in the European Union, but anywhere in > the world where the data of EU citizens or residents is held. > > >> Best regards, >> >> Thomas >> > > -- > Niels ten Oever > Researcher and PhD Candidate > Datactive Research Group > University of Amsterdam > > PGP fingerprint 2458 0B70 5C4A FD8A 9488 > 643A 0ED8 3F3A 468A C8B3 > > _______________________________________________ > regext mailing list > regext@ietf.org > https://www.ietf.org/mailman/listinfo/regext
_______________________________________________ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
