[gdpr-discuss] Git and the Right for Rectification
Winfried Tilanus
winfried at tilanus.com
Mon May 21 20:37:45 BST 2018
On 05/21/2018 07:01 PM, Jens Kubieziel wrote:
Hi,
> So you could argue with Art. 12 (5) lit. b GDPR:
> »Where requests from a data subject are manifestly unfounded or
> excessive, […], the controller may either:
> […]
> refuse to act on the request.«
> However this is quite a weak argument and will probably not work for a
> git archive.
>
> If it is not possible to correctly identify the person, the request must
> be rejected (think of nicknames).
Article 12 would also be my first place to look for exceptions, but the
'excessive' clause is not easily met, excessive is about the frequency
of requests, not about administrative work to fulfil the request.
>> - The email address was valid at the time the commit was made and is thus an
>> accurate representation of the history at the time the commit was made (which
>> is timestamped) and thus doesn’t need to be rectified.
>>
>> - It is expected that the user would provide accurate information and if they,
>> for example, have a typo in e.g. their name in the commit metadata, it is kind
>> of their fault and this does not need to be corrected.
>
> I think both arguments are not valid, because the data subject has this
> right independent from what was correct or not not. If the data is
> incorrect now, the data subject has the right to rectification and also
> the controller has a duty to process correct data.
An e-mail address that was valid at the time of commit is not subject to
the right of correction, because it is correct somebody had that e-mail
address at the time of the commit. The issue arises when somebody
commits with a typo in the e-mail address or with the e-mail address of
somebody else.
Winfried
--
privacy consultant e-health
+31.6.23303960
https://www.tilanus.com/
More information about the gdpr-discuss
mailing list