Hi Elvis
We don't need to 'update' any existing policy it could be a new policy
concerning personal data in the RIPE Database. I've been thinking about this
since the last meeting so yes I am fine working with you Elvis on a proposal.
cheersdenisco-chair DB-WG
On Friday, 22 February 2019, 22:14:27 CET, Elvis Daniel Velea via db-wg
<db-wg@ripe.net> wrote:
Hey Hans,
thanks for following up on this.
Before we start working on this, is a policy proposal really needed? I'm not
sure which policy proposal should be updated.
I would be happy to make a policy proposal - I will need your help or Marco's.
@Denis - do you want to co-author?
Elvis
On 2/22/19 06:40, Hans Petter Holen via db-wg wrote:
Following Denis’s presentation at the last database working group meeting and
Elvis’s messages to the RIPE NCC members list I think it is time to have a new
discussion on the need for personal objects in the RIPE Database.
https://ripe77.ripe.net/presentations/63-PERSONobjects.pdf
https://ripe77.ripe.net/archives/video/2298/
https://www.ripe.net/ripe/mail/archives/members-discuss/2019-February/003295.html
This is not questioning previous legal assessments of GDPR compliance, but
taking a step back and looking at how would we do this if we were to design the
RIPE Database with today's privacy requirements in mind.
The ccTLD for .NO, Norid made an update to their service last year to
completely remove person objects from their database.
https://www.norid.no/uploads/2017/12/Datamodell-revidert-en-v2.pdf
In terms of the RIPE Database, that would mean that resources would refer to
organisational objects and roles, not to personal objects.
Perhaps Denis and/or Elvis would propose a policy change in this respect?
Hans Petter
