[gdpr-discuss] Undeleteable data
TJ
0.gdpr-discuss at iam.tj
Fri Apr 13 17:09:48 BST 2018
On 13/04/18 14:03, Jonathan McDowell wrote:
> On Fri, Apr 13, 2018 at 01:07:21PM +0200, Daniel Stone wrote:
>> We've been looking into GDPR compliance for fd.o, which has been ... fun.
>
> Yeah. I've been involved with looking at it for Debian. Fun isn't the
> word I'd use; I've ended up with a lot of questions and no real answers
> at this stage.
>
>> The biggest stumbling block for us is probably Bugzilla and Mailman.
>> Deleting messages and profiles from those just isn't practical for us,
>> especially at any kind of scale. We could write a script to censor
>> those, but once it has been posted to either, then it's all over the
>> public internet anyway.
>>
>> We don't control distribution once messages hit Mailman - it's
>> forwarded raw to a potentially unlimited distribution list - and
>> deleting messages from Mailman is also a manual nightmare. Rebuilding
>> the archives is out since it breaks URLs. Hand-editing it all sucks
>> beyond belief. And then people have quoted it in replies anyway ...
>>
>> Does anyone know if there's some kind of GDPR 'out' for, 'by posting
>> here you agree that everything is going to be made public, so as
>> there's nothing we can do about its distribution, it's not useful or
>> practical for us to undo that'? And are there any kind of credible
>> Bugzilla/Mailman deletion tools?
>
> For posting and distributing I think the "You posted to a list,
> therefore it's going to be sent out to anyone on the list" is reasonable
> - it's a point in time thing, it's the way lists work and there's no
> retention.
I agree; I don't think anything needs to change because the user takes a
"clear affirmative action" to subscribe:
GDPR Rec.32; Art.4(11)
"The consent of the data subject" means any freely given, specific,
informed and unambiguous indication of his or her wishes by which the
data subject, either by a statement or by a clear affirmative action,
signifies agreement to personal data relating to them being processed.
But I think it needs to be stated that any emails they send to the list
can and likely will be retained by every other subscriber, and that
there is also a public archive of those emails kept which is an
essential part of the service (to retain historic technical and other
data about the topic in the community/public interest).
The subscriber should also be reminded that other services (search
engines, public and private archives) may well make copies which the
data controller has no (contractual) relationship with.
The primary requirement from the point of view of the data
controller/processor is having an efficient automated way to receive and
handle deletion requests - bugzilla to track bugzilla anyone?!
In summary, it needs 'small print' and sensible interpretation.
More information about the gdpr-discuss
mailing list