[gnso-rds-pdp-wg] ICANN Legal Opinion on GDPR - Part 1
Tapani Tarvainen
ncsg at tapani.tarvainen.info
Thu Oct 19 19:33:38 UTC 2017
On Thu, Oct 19, 2017 at 12:18:29PM -0700, Michael Peddemors (michael at linuxmagic.com) wrote:
> It seems that if during registration, that the person purchasing/renewing
> the domain information, clearly understands what information will used, and
> that the usage (eg whois) is clearly specified and explicit, that there
> should be no problem..
That is necessary but not quite sufficient. The intended use must
still be necessary, justified, even informed consent is not enough
by itself. Indeed you can't even ask for consent for using personal
data unless it is justified as per GDPR.
--
Tapani Tarvainen
More information about the gnso-rds-pdp-wg
mailing list