[Mailman-Users] [Mailman-cabal] GDPR

Grant Taylor gtaylor at tnetconsulting.net
Mon May 14 18:54:55 EDT 2018 

On 05/14/2018 04:11 PM, Bernd Petrovitsch wrote:
> Seriously, these folks don't know what they imply.

Nope.  Politicians (almost) never fully understand what's going on.

> And to be honest: If person X fullquotes and the email ends in an archive, 
> who's fault is it?
> 
> Obviously the archive's (or more it's owners), not?

I don't think so.

Who's at fault in this scenario:  The person who overheard what I said 
(the archive) or me for saying it in a non-secure manner (the sender)?

Is there any legal method that I can use to compel a person to forget 
what they overheard me say?

> For the author's rights side to it: I answer an email (and happen to 
> quote just the relevant parts of other emails) to a public mailinglist 
> with a public archive.
> 
> I don't think that the archive's admin or anyone else should have the 
> right (let alone the duty) to edit or change my email in there - or even 
> worse: remove it completely.

I disagree.

I believe that the admins / owners of the archive have the right to 
remove something from the archive (or prevent it from going into the 
archive in the first place).

I don't believe that admins / owners have the general right to modify 
what was said.

I do believe that the admins / owners have the right to modify what was 
said in very specific cases, like REDACTING something.  As long as they 
do so in a manner that is clearly identifiable that something was REDACTED.

After all, it is their system, they administer / own it and can do what 
ever they want to with it.

They should go out of their way to not misrepresent what you said / did.

They could also claim that your message was modified before it got to them.

Enter rabbit hole.

> PS: The whole "right to be forgotten" idea is absurd per se - think about 
> private archives (and I don't think about 3-letter organizations only). 
> Can't we define the public archive to be an necessary and important part 
> of a public mailinglist and be done with it?!  For almost everyone else, 
> some "important reason" is good enough too.

I feel like the idea that you can compel someone to forget something is 
absurd.

I think you can compel businesses to no longer use your contact 
information.  —  Which is my naive understanding of part of what the 
spirit of GDPR is.

I can see a scenario where a company completely removes any and all 
traces of someone, then buys sales leads which contain said person, and 
ultimately contact said person again.  —  Is the company in violation of 
GDPR?  They did (and can prove *) that they removed the person's contact 
information and thus forgot about them.

Or should the company have retained just enough information to know that 
they should not contact the person again?  I.e. a black list.

(* Don't talk to me about proving the negative.  Assume a 3rd party 
oversight of some sort.)



-- 
Grant. . . .
unix || die

More information about the Mailman-Users mailing list