<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Allison, this is a completely different animal, and you know it,
but I am still glad you brought it up, since it allows me to point
out the central difference:</p>
<p>LAW!</p>
<p>Basically, the disclosures in the companies house are mandated by
laws that make these disclosures a requirement. Similarly, the
European legal requirements to publish on any website used for
commercial purposes an imprint containing much of the same data is
mandated by law. <br>
</p>
<p>Whois data on the other hand is not required under any law.</p>
<p>Privacy laws have one big gate, which is legally mandated
disclosures. You may not store private data unless it is needed to
provide the service to the customer (billing data, etc), or unless
there is a legal mandate to store it (data retention laws, for
example). The same applies to any other form of processing and
handling. <br>
</p>
<p>The basic rule for handling, processing, publishing or storing
private details is very simple: It is forbidden unless it is
expressly allowed. <br>
</p>
<p>Best,</p>
<p>Volker</p>
<p>PS: And no, consent does not fix this, since consent is also
bound by very tight rules that do not fit current practices. But
we have danced that dance enough on the list already.<br>
</p>
<br>
<div class="moz-cite-prefix">Am 26.09.2017 um 17:25 schrieb allison
nixon:<br>
</div>
<blockquote type="cite"
cite="mid:CACLR7wLfmS7mh82WYALAmYTPYyan6c8OL3fxF_8UWJs8FAfLbw@mail.gmail.com">
<div dir="ltr">I dont know if there have been regulatory rulings
about WHOIS but Companieshouse in the UK might be something
comparable. Here's an example company listing (I searched
"lloyds bank"):
<div><br>
</div>
<div><a
href="https://beta.companieshouse.gov.uk/company/00002065"
moz-do-not-send="true">https://beta.companieshouse.gov.uk/company/00002065</a><br>
</div>
<div><a
href="https://beta.companieshouse.gov.uk/company/00002065/officers"
moz-do-not-send="true">https://beta.companieshouse.gov.uk/company/00002065/officers</a><br>
<div><br>
</div>
<div>So you have a physical address, a list of people's names,
their physical addresses, and their entire filing history.
Is this "leaked" data as well? Or is this information
necessary to comply with the regulations of that country? Is
Companieshouse going to shut down to comply with GDPR?</div>
<div><br>
</div>
<div>Is data really "leaked" when everyone knew it was going
to be public in the first place? Does the definition of
"leak" now mean every instance of publicly released data?</div>
<div><br>
</div>
<div>Do these privacy laws outlaw the release of public data,
and do they have no allowance for the concept of publicly
releasing data, when the user is informed prior to them
giving the data?</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Tue, Sep 26, 2017 at 11:12 AM,
Andrew Sullivan <span dir="ltr"><<a
href="mailto:ajs@anvilwalrusden.com" target="_blank"
moz-do-not-send="true">ajs@anvilwalrusden.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex"><span
class="">On Tue, Sep 26, 2017 at 10:59:15AM -0400, Dotzero
wrote:<br>
> predecessor regulations have been around for quite
some time and if the<br>
> whois privacy issues we have been debating are truly
a significant problem<br>
> to the extent that some represent them to be, I would
expect that there<br>
> would have been at least some sort of precedents
specific to whois.<br>
<br>
</span>I think that, regardless of any legal cases, the
current whois leaks<br>
way too much information. ICANN has an enormous bureaucracy
around<br>
"whois accuracy" partly (but only partly) because ordinary
people<br>
don't want to pay extra to keep their home telephone numbers
off from<br>
being wide open on the Internet, so they lie about it.
There is _no<br>
reason_ that we are still using an ancient protocol that was
designed<br>
for a completely different network environment.<br>
<br>
The IAB recommends, in RFC 6973, that protocols do something
about<br>
data minimization (see section 6.1). The evidence we have
is that<br>
greater exposure of data provides a vector for attacks we
haven't even<br>
thought about. Therefore, we should not expose data to
everyone<br>
unless we are sure that it is necessary (and some of this
data _is_<br>
necessary to expose to everyone); and we should be able to
track who<br>
got the data if we're exposing data that is not published to
everyone.<br>
<br>
I don't think any of this should be news, and I think it is
really<br>
strange that we seem still to be discussing whether it is
something we<br>
need to embrace.<br>
<span class=""><br>
Best regards,<br>
<br>
A<br>
<br>
<br>
--<br>
Andrew Sullivan<br>
<a href="mailto:ajs@anvilwalrusden.com"
moz-do-not-send="true">ajs@anvilwalrusden.com</a><br>
______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org"
moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a><br>
</span><a
href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature" data-smartmail="gmail_signature">_________________________________<br>
Note to self: Pillage BEFORE burning.</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
gnso-rds-pdp-wg mailing list
<a class="moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a>
<a class="moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a></pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
Mit freundlichen Grüßen,
Volker A. Greimann
- Rechtsabteilung -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: <a class="moz-txt-link-abbreviated" href="mailto:vgreimann@key-systems.net">vgreimann@key-systems.net</a>
Web: <a class="moz-txt-link-abbreviated" href="http://www.key-systems.net">www.key-systems.net</a> / <a class="moz-txt-link-abbreviated" href="http://www.RRPproxy.net">www.RRPproxy.net</a>
<a class="moz-txt-link-abbreviated" href="http://www.domaindiscount24.com">www.domaindiscount24.com</a> / <a class="moz-txt-link-abbreviated" href="http://www.BrandShelter.com">www.BrandShelter.com</a>
Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
<a class="moz-txt-link-abbreviated" href="http://www.facebook.com/KeySystems">www.facebook.com/KeySystems</a>
<a class="moz-txt-link-abbreviated" href="http://www.twitter.com/key_systems">www.twitter.com/key_systems</a>
Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534
Member of the KEYDRIVE GROUP
<a class="moz-txt-link-abbreviated" href="http://www.keydrive.lu">www.keydrive.lu</a>
Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
--------------------------------------------
Should you have any further questions, please do not hesitate to contact us.
Best regards,
Volker A. Greimann
- legal department -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: <a class="moz-txt-link-abbreviated" href="mailto:vgreimann@key-systems.net">vgreimann@key-systems.net</a>
Web: <a class="moz-txt-link-abbreviated" href="http://www.key-systems.net">www.key-systems.net</a> / <a class="moz-txt-link-abbreviated" href="http://www.RRPproxy.net">www.RRPproxy.net</a>
<a class="moz-txt-link-abbreviated" href="http://www.domaindiscount24.com">www.domaindiscount24.com</a> / <a class="moz-txt-link-abbreviated" href="http://www.BrandShelter.com">www.BrandShelter.com</a>
Follow us on Twitter or join our fan community on Facebook and stay updated:
<a class="moz-txt-link-abbreviated" href="http://www.facebook.com/KeySystems">www.facebook.com/KeySystems</a>
<a class="moz-txt-link-abbreviated" href="http://www.twitter.com/key_systems">www.twitter.com/key_systems</a>
CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534
Member of the KEYDRIVE GROUP
<a class="moz-txt-link-abbreviated" href="http://www.keydrive.lu">www.keydrive.lu</a>
This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
</pre>
</body>
</html>