denis walker via db-wg wrote on 16/06/2022 16:05:
I have listened to your comments in recent discussions and had some preliminary talks with the RIPE NCC about what could be implemented. So now we have a second version of my proposal on personal data.
There are some fairly serious structural issues with the justification in this proposal, for example: - that there's something new with GDPR that wasn't there before - that the RIPE database is not GDPR compliant - repeated claims that "In almost all cases, personal data is not needed". - etc GDPR, and previously the 1995 Data Protection Directive, has been addressed continuously by the RIPE NCC over the years. There are some blog posts on the RIPE NCC web site which provide an overview of the current lawful basis for holding and publishing the information:
https://www.ripe.net/about-us/legal/corporate-governance/gdpr-and-the-ripe-n...
So in the absence of firm reasoning to the contrary, this policy needs to step back quite far from claiming or hinting at GDPR non-compliance. There are numerous other cases where the current justification presents opinions without providing an adequate factual basis. Incidentally, I'm not arguing that there shouldn't be changes to the scope and style of information contained in the ripe database, but as it stands, the scope of this policy proposal isn't justified by the rationale provided. Nick