[Mailman-Developers] GDPR

noskcaJ leahciM JACKSON at encompasserve.org
Fri Sep 15 20:25:31 EDT 2017 

Barry Warsaw wrote:
| noskcaJ leahciM wrote:
| > GDPR  is  nearing  the  last  7  months  of  its  2  year   transitional
| > implementation  before  becoming  part of the law in EU countries (inc.,
| > despite Brexit, the UK),  affecting  0.5bn  citizens  together  with  US
| > enterprises  in under Privacy Shield (replacing Safe Harbour) as well as
| > enterprises in EEA member countries and, outside of the  EEA,  countries
| > whose  privacy laws have been assessed for adequacy.  Operators of lists
| > such as MM are as much called-to-account as are  the  vast  corporations
| > behind  popular  social media that currently absolve themselves as being
| > mere publishers.
| 
| GDRP may be well-intentioned, and may even be a good idea, but I know
| for a fact that many organizations both commercial and volunteer are
| struggling mightily to comply within the required timeframe.  I suspect
| that many such organization will simply not be able to comply.

No disagreement there then.  (I've written a paper predicting it based on an
estimate of current non-compliance with the existing Data Protection Act in
the UK, 20 years after it came onto the UK's statute book.  German-speaking
countries have had existing tighter rules so will be in better-shape, though
I haven't attempted an international comparison.)

| Realistically, there is no way the GNU Mailman project can comply given
| our available resources.  One outcome could be that our downstream
| consumers take over that responsibility.  Another is that volunteers in
| our community step up with offers to provide us with their expertise,
| guidance,

Well, hopefully I've provided a little input and am happy to continue to.

| and code.  We will welcome such volunteers and help ensure
| that the legal requirements align with project goals, sensibilities, and
| timelines.
| 
| So, if you want to see a GDPR compliant GNU Mailman, please find some
| people to help us.

I'm less pessimistic.

For those that have seen the requirements for the first time, it's entirely
understandable to react to it coming-in left-of-field and see it as daunting.

However some of the changes required may, with a little consideration, be
seen to be not as extensive as first feared; and others, to be a good idea.

| 
| Cheers,
| -Barry
| 

leahciM

More information about the Mailman-Developers mailing list