Re: Whois vs GDPR, latest news

[Owen DeLong <owen () delong com>]

How is it false?

If you don’t do business in the EU or with EU persons, then you are not included in the class of organizations which 
GDPR says are subject to GDPR.

Owen


> On May 23, 2018, at 4:36 PM, K. Scott Helms <kscott.helms () gmail com> wrote:
>
> Owen,
>
> That's false, please don't spread misinformation.  
>
> Scott Helms
>
> On Wed, May 23, 2018, 7:34 PM Owen DeLong <owen () delong com <mailto:owen () delong com>> wrote:
>
>
> > On May 23, 2018, at 9:29 AM, Anne P. Mitchell Esq. <amitchell () isipp com <mailto:amitchell () isipp com>> wrote:
> >
> >
> >
> > > On May 23, 2018, at 10:21 AM, Daniel Brisson <dbrisson () uvm edu <mailto:dbrisson () uvm edu>> wrote:
> > >
> > > > Also, don't forget the private right of action.  Anyone can file anything in the U.S. courts... you  may get it 
> > > > dismissed (although then again you may not) but either way, it's going to be time and money out of your pocket 
> > > > fighting it.  MUCH better to just get compliant than to end up a test case.
> > >
> > > Isn't "better" a factor of how much it costs to become compliant with GPDR?  I'm no expert, but some of the things 
> > > I've heard sounded not trivial to implement (read potentially BIG investment).
> > >
> > > -dan
> >
> > In our experience, orgs that are already following all industry best practices are, generally, at least 70% of the 
> > way to becoming compliant already.   Where it can get expensive for the ones who aren't is in hardening their 
> > systems to provide for better security/privacy.  U.S. companies are used to being able to drink at the firehose of 
> > data that is collected here in the U.S., and use it however they want.. this is the real major change.  I suppose 
> > you could say it's expensive in that it is reducing the ways they can monetize that data. 
>
> Of course a perfectly valid alternative is to refuse to do business with EU persons. Then GDPR compliance becomes 
> entirely unnecessary.
>
> Owen
>
> > Anne
> >
> > Anne P. Mitchell, 
> > Attorney at Law
> > CEO/President, 
> > SuretyMail Email Reputation Certification and Inbox Delivery Assistance
> > GDPR Compliance Consultant
> > GDPR Compliance Certification
> > http://www.SuretyMail.com/ <http://www.suretymail.com/>
> > http://www.SuretyMail.eu/ <http://www.suretymail.eu/>
> >
> > Attorney at Law / Legislative Consultant
> > Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
> > Author: The Email Deliverability Handbook
> > Legal Counsel: The CyberGreen Institute
> > Legal Counsel: The Earth Law Center
> > Member, California Bar Cyberspace Law Committee
> > Member, Colorado Cybersecurity Consortium
> > Member, Board of Directors, Asilomar Microcomputer Workshop
> > Member, Advisory Board, Cause for Awareness
> > Member, Elevations Credit Union Member Council
> > Former Chair, Asilomar Microcomputer Workshop
> > Ret. Professor of Law, Lincoln Law School of San Jose
> >
> > Available for consultations by special arrangement.
> > amitchell () isipp com <mailto:amitchell () isipp com> | @AnnePMitchell
> > Facebook/AnnePMitchell  | LinkedIn/in/annemitchell