Colleagues There were 2 very long emails this weekend, both pretty much along the same lines. These points have been made several times. I believe I have adequately addressed these points in my earlier reply here: https://www.ripe.net/ripe/mail/archives/db-wg/2022-June/007482.html Now let's try to wrap this issue up with a reality check. In the text of the proposed policy, GDPR is not mentioned anywhere. The opening two lines of the proposed policy Abstract basically sum up what this proposed policy is about: "This policy arises from the need for the RIPE Database to avoid the publishing of unnecessary personal data. Personal data must not be entered into the RIPE Database unless this can be justified according to the acknowledged purposes of the RIPE Database." Regardless of what part of the RIPE region any data maintainer or data subject is based in, regardless of legal jurisdiction, regardless of what personal data protection laws apply, regardless of who is considered to be the data controller of the data contained within the RIPE Database, this policy proposal is suggesting that these are the basic principles that the RIPE Database should operate under across the region. I don't think anyone can argue against the RIPE Database not containing unnecessary personal data or personal data that cannot be justified by the agreed purposes of the database. The GDPR is a good guideline and benchmark to assess the database against as it does apply, without question, to a large part of the RIPE region and a large amount of the personal data contained within the database. But it is not the only consideration. To focus so heavily on the GDPR alone is a distraction. The bottom line is that this policy proposal is about establishing reasonable, common sense principles for processing personal data across the RIPE region, supported by the agreed purposes of the RIPE Database. cheers denis Proposal author