Re: [Doh] GDPR and DoH
S Moonesamy <sm+sdo@afrinic.net> Sun, 07 April 2019 12:30 UTC
Return-Path: <sm@afrinic.net>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC2B9120469 for <doh@ietfa.amsl.com>; Sun, 7 Apr 2019 05:30:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k5SOSRCdX_JE for <doh@ietfa.amsl.com>; Sun, 7 Apr 2019 05:30:16 -0700 (PDT)
Received: from board.afrinic.net (board.afrinic.net [IPv6:2001:42d0:0:404::83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B95C0120098 for <doh@ietf.org>; Sun, 7 Apr 2019 05:30:15 -0700 (PDT)
Received: from [197.226.55.247] (port=57759 helo=DESKTOP-K6V9C2L.afrinic.net) by board.afrinic.net with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.84_2) (envelope-from <sm@afrinic.net>) id 1hD6w6-0006Nx-5f; Sun, 07 Apr 2019 16:30:10 +0400
Message-Id: <6.2.5.6.2.20190407040436.0ee955e0@elandnews.com>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Sun, 07 Apr 2019 05:29:42 -0700
To: doh@ietf.org
From: S Moonesamy <sm+sdo@afrinic.net>
Cc: Vittorio Bertola <vittorio.bertola@open-xchange.com>
In-Reply-To: <608310409.9575.1554626586437@appsuite.open-xchange.com>
References: <1700920918.12557.1552229700654@appsuite.open-xchange.com> <7667c4d7-2e78-0a27-84af-cf1c00fd4897@cs.tcd.ie> <1991054337.12802.1552259263075@appsuite.open-xchange.com> <eea64b30-aad0-a030-5360-1b1484f1d0e3@huitema.net> <CAPsNn2WhjHSEHJUEL8GB6X0d24fkajgPnY4YgkOQbXjyxb5q8Q@mail.gmail.com> <CACfw2hj07TDCxK9bm0T=JguKyuCEfW2zb_yRJnewjOYL4oxdjA@mail.gmail.com> <CACsn0cmk7NbF+ti0dU7Fp0PK8Gt4P5knC5hrHVLDY59-jaYYzA@mail.gmail.com> <6030358E-24FF-4033-B0A1-AB1123FED964@rfc1035.com> <5ce0d730-aac2-95c9-fead-64cbffa03d52@cs.tcd.ie> <D6EE01DE-EE98-4CDE-A869-6205AD3D584A@gmail.com> <6654d063-de2d-9aeb-2ad5-bea3d5c7bea3@cs.tcd.ie> <F838CF7D-9389-4A4A-ADA6-824E7BA4FE21@gmail.com> <ead4d1b3-f8b7-3d8e-877b-734ffa132c67@cs.tcd.ie> <BFEDACF7-F539-4466-A9F3-5688EA4993B8@gmail.com> <346c2bdb-1c9c-369f-1959-a3ec964c0c52@nostrum.com> <608310409.9575.1554626586437@appsuite.open-xchange.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/Dd6whl95T8CTrhXO7K7viHOnFzk>
X-Mailman-Approved-At: Tue, 09 Apr 2019 08:16:07 -0700
Subject: Re: [Doh] GDPR and DoH
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Apr 2019 12:30:18 -0000
Hello, At 01:43 AM 07-04-2019, Vittorio Bertola wrote: >This said, since I am also one of the people that raised the GDPR >issue, let me provide a general view. > >GDPR (article 6.1: see >http://www.privacy-regulation.eu/en/article-6-lawfulness-of-processing-GDPR.htm >) requires that any processing of personal information related to a >European citizen happens only after the citizen has provided >explicit and informed consent (as defined in article 4.11 >http://www.privacy-regulation.eu/en/article-4-definitions-GDPR.htm#a4_nr11 >), except for a number of situations in which consent is not >required (legal obligations, life at stake, "legitimate interest"...). >When someone signs up for Internet access with an ISP, the ISP gets >them to sign a contract, which, in Europe, definitely includes >privacy clauses; that is the place where the user provides explicit >and informed consent to data processing, including for the DNS. There is a privacy clause in a contract with a service provider when the latter has to comply with the data protection regulations of the country in which it is operating. The contract I am familiar with mentions the law which applies instead of the E.U. General Data Protection Regulation (GDPR). It is up to the "data controller" and "data processor" to assess whether informed consent is needed. The data protection angle of the DNS over HTTPS case is debatable. It could be argued that DNS over HTTPS could be used for privacy-unfriendly purposes. There might also be a dissonance with respect to BCP 188. Regards, S. Moonesamy
- Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… nalini elkins
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… nalini elkins
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… nalini elkins
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Vixie
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Christian Huitema
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… nalini elkins
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Vixie
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… nalini elkins
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Brian Dickson
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… nalini elkins
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Eliot Lear
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Daniel Stenberg
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Eric Rescorla
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Vixie
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [Doh] [EXTERNAL] [dns-privacy] [DNSOP] New: d… Eliot Lear
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [Doh] [dns-privacy] [EXTERNAL] [DNSOP] New: d… Konda, Tirumaleswar Reddy
- Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Stephane Bortzmeyer
- Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Stephane Bortzmeyer
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Stephane Bortzmeyer
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephane Bortzmeyer
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Neil Cook
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Eric Rescorla
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Jim Reid
- Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Neil Cook
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Jim Reid
- Re: [Doh] [dns-privacy] [EXTERNAL] [DNSOP] New: d… Eliot Lear
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Neil Cook
- Re: [Doh] [EXTERNAL] Re: [dns-privacy] [DNSOP] Ne… Winfield, Alister
- Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Stephane Bortzmeyer
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Ralf Weber
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Michael Sinatra
- Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Yishai Beeri (yishaib)
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Stephen Farrell
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Stephen Farrell
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Brian Dickson
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Stephen Farrell
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Mark Andrews
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Wouters
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Wouters
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Raymond Burkholder
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Vittorio Bertola
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… nalini elkins
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Vittorio Bertola
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Raymond Burkholder
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Christian Huitema
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Vittorio Bertola
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Christian Huitema
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Eliot Lear
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Brian Haberman
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Raymond Burkholder
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Livingood, Jason
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Brian Dickson
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Brian Dickson
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Michael Sinatra
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Adam Roach
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Michael Sinatra
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… william manning
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Watson Ladd
- [Doh] GDPR and DoH Jim Reid
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] GDPR and DoH Brian Dickson
- Re: [Doh] GDPR and DoH Watson Ladd
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] GDPR and DoH Brian Dickson
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] GDPR and DoH Brian Dickson
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] GDPR and DoH Brian Dickson
- Re: [Doh] GDPR and DoH Adam Roach
- Re: [Doh] GDPR and DoH Brian Dickson
- Re: [Doh] GDPR and DoH Christian Huitema
- Re: [Doh] GDPR and DoH Vittorio Bertola
- Re: [Doh] GDPR and DoH Jim Reid
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] GDPR and DoH Christian Huitema
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] GDPR and DoH Adam Roach
- Re: [Doh] GDPR and DoH Adam Roach
- Re: [Doh] GDPR and DoH Jim Reid
- Re: [Doh] GDPR and DoH Jim Reid
- Re: [Doh] GDPR and DoH Jim Reid
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] GDPR and DoH Vittorio Bertola
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] GDPR and DoH S Moonesamy
- Re: [Doh] GDPR and DoH Livingood, Jason
- Re: [Doh] GDPR and DoH Livingood, Jason