Whois vs GDPR, latest news

Michel 'ic' Luczak lists at benappy.com
Sun May 27 19:56:16 UTC 2018


> On 27 May 2018, at 21:41, Owen DeLong <owen at delong.com> wrote:
> 
> The way GDPR is written, if you want to collect (and store) so much as
> the IP address of the potential customer who visited your website, you
> need their informed consent and you can’t require that they consent as
> a condition of providing service.

What we were told is that since security > GDPR, storing IPs in logs is obviously OK since it’s a legal requirement.

Storing them in a database for targeting / marketing is not.

What is a gray area so far is any use of IDS/IPS…

+




More information about the NANOG mailing list