[Mailman-Users] [Mailman-cabal] GDPR
gtaylor at tnetconsulting.net
Mon May 14 18:25:37 EDT 2018
On 05/14/2018 04:02 PM, Ángel wrote:
> IMHO they would mostly fail under §18 and GDPR wouldn't apply:
What happens if a subsequent data breach (malware / infection) causes
said individual archives to become public information? }:-)
> Of course, if a company was using the mailing list to process personal
> data, it should have been stated the whole time.
I half way suspect this happens much more commonly than you might think.
I've seen info@ or sales@ or the likes positional addresses be front
ends for mailing lists (of one form or another) that redistributes the
email to multiple (usually) internal (usually) employees. I have never
seen these types of expansion contacts disclosed as such.
> Being nitpicky. What about sysadmins subscribed to this list as part
> of their professional activity ?
I know that this happens. But I would argue that the SA should not
subscribe themselves. Instead there should be an additional monitoring
email address specifically for that purpose.
I'd really like to see an intelligent Mailing List Manager have the
ability to subscribe an address like this that is used as a feedback
loop. I.e. Did the MLM receive a copy of the message that it sent
yesterday. I'd assume that it would be something like
<$list>-fbl@<$list_domain> to avoid recursive loops.
That would allow the MLM to self monitor and escalate if there's a problem.
Grant. . . .
unix || die
More information about the Mailman-Users