On 4 May 2018 at 11:27, Andrew C Aitchison <and...@aitchison.me.uk> wrote: > [...] > If I understand correctly, the GDPR doesn't provide the same protection for > companies as it does for individuals, so I don't see how it > can affect role email addresses and registered corporate adddresses; > those should be able to stay in WHOIS.
Right, but the "Admin/Technical" contacts are named people, and even their simple Name and surname are data protected by the GDPR. There are also discussions about "individual businesses" where the name of the business is the name of the person, so it could be a data protected by the GDPR. BTW not every data processing/publication require consent according to GDPR. There's "legitimate interest" and it may have to be discussed if publishing that data do harms more than not-publishing it. This is not trivial, and it will take time to find how GDPR will be applied as there is an high level of iterpretation in the text. Also the GDPR is mainly concerned about protection than privacy. Privacy will be better discussed in the "e-privacy" regulation that should have been go public together to the GDPR but is still blocked. So we have an "half-law" with a lot of "will see" stuff... it will take years to really find the way. Stefano > -- > Andrew C. Aitchison Cambridge, UK > and...@aitchison.me.uk > > >> There are legitimate reasons for anonymous domains, but if there is no one >> listed to report problems related to that domain, it becomes a problem. IF >> you have to be anonymous, send mail out through a mail service that isn't >> anonymous (eg PTR reflects a domain where there is whois and contact >> information) >> >> And for the record, GDPR did not 'push' for WHOIS to dissappear, the >> registrars are just concerned that publishing that data in WHOIS may >> contravene the GDPR. >> >> However, the GDPR does allow for personal information to be shared, as >> long as it is for a legitimate reason, and the person who's information is >> displayed understands that and agrees to that. >> >> Now, if anyone takes that information, and uses in way that wasn't agreed >> to by the person, (eg a person stripping that data, whether a spammer or a >> 'data company') it is that party that is contravening the GDPR.... >> >> I expect it (the wrangling and legal arguments) to go on for some time >> yet, before this is all sorted out. > > > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop > _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop