<div><div><a href="https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-rectification/">https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-rectification/</a></div><div dir="auto"><br></div><div dir="auto">In the case of git, the data (email addresses) were accurate at the time. It may also reflect an organization member’s code contributions - historical data that one has a reason for tracking (OpenStack does this). </div><div dir="auto"><br></div><div dir="auto">The legitimate interest for processing is still relevant in later articles - data subject requests are influenced by whether the legitimate interest still holds. </div><div dir="auto"><br></div><div dir="auto">If coder Ms.Foo used a company email to contribute, then changed email addresses, a correct email address for future contributions may suffice. </div><div dir="auto"><br></div><div dir="auto">Cheers,</div><div dir="auto"> K. Reilly </div><br><div class="gmail_quote"><div>On Mon 21. May 2018 at 22:13, <<a href="mailto:gdpr@sheogorath.shivering-isles.com">gdpr@sheogorath.shivering-isles.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 05/21/2018 06:22 PM, Jonas Wielicki wrote:<br>
> On Montag, 21. Mai 2018 17:57:42 CEST Winfried Tilanus wrote:<br>
>> Git has the pressing need of<br>
>> maintaining code integrity and traceability. The final decision will be<br>
>> up to a judge, but my bets are on the need of maintaining the code.<br>
>> Something similar will be the case with Bugzilla.<br>
><br>
> So I was wondering about Git and the Right for Rectification. In<br>
contrast to<br>
> the Right to be Forgotten, the Right for Rectification, does not have any<br>
> exceptions I am aware of.<br>
><br>
> Now what if somebody commits code to a Git repository (so the commit<br>
includes<br>
> their name and email address) and they change for example email<br>
addresses. In<br>
> that case, from my understanding, the Right for Rectification would<br>
trigger<br>
> and the controller of the Git repository may be forced to rectify the<br>
> information.<br>
><br>
> This would require re-writing all history since that commit, which is<br>
a huge<br>
> issue.<br>
><br>
> One argument against that which I heard that:<br>
><br>
> - The email address was valid at the time the commit was made and is<br>
thus an<br>
> accurate representation of the history at the time the commit was made<br>
(which<br>
> is timestamped) and thus doesn’t need to be rectified.<br>
><br>
> - It is expected that the user would provide accurate information and<br>
if they,<br>
> for example, have a typo in e.g. their name in the commit metadata, it<br>
is kind<br>
> of their fault and this does not need to be corrected.<br>
><br>
<br>
Well, whose fault is is doesn't really matter to the GDPR.<br>
<br>
But no matter what, for git repositories, the solution is as easy as<br>
old: mailmaps.<br>
<br>
If someone wants to correct their mail address, just add a .mailmap file.<br>
<br>
For details check: <a href="https://www.git-scm.com/docs/git-check-mailmap" rel="noreferrer" target="_blank">https://www.git-scm.com/docs/git-check-mailmap</a><br>
<br>
I think this should be enough on top of HEAD<br>
<br>
<br>
-- <br>
Signed<br>
Sheogorath<br>
<br>
_______________________________________________<br>
gdpr-discuss mailing list<br>
<a href="mailto:gdpr-discuss@earth.li" target="_blank">gdpr-discuss@earth.li</a><br>
<a href="https://www.earth.li/mailman/listinfo/gdpr-discuss" rel="noreferrer" target="_blank">https://www.earth.li/mailman/listinfo/gdpr-discuss</a><br>
</blockquote></div></div>