Whois vs GDPR, latest news

niels=nanog at bakker.net niels=nanog at bakker.net
Sun May 27 19:54:35 UTC 2018


* owen at delong.com (Owen DeLong) [Sun 27 May 2018, 21:42 CEST]:
>The way GDPR is written, if you want to collect (and store) so much 
>as the IP address of the potential customer who visited your 
>website, you need their informed consent and you can’t require that 
>they consent as a condition of providing service.

You have this the wrong way around.  You'll need permission to store 
their IP address in logs that you keep and to inform third parties 
about their visits to your site.  And that is because that 
information belongs to the visitor, not to you.


>Basically, the regulation is so poorly written that it is utterly 
>nonsensical and I wonder how business in Europe intend to function 
>when they can’t make collecting someone’s address a condition of 
>allowing them to order something online.

Basically, this example is so bad that it's not even wrong.


	-- Niels.



More information about the NANOG mailing list