03 May 18 15:32, Michiel van der Vlist wrote to Gerrit Kuehn:
MvdV> Prunig Fidonet logs would not be a problem. I do not keep them MvdV> forever anyway and writing a script to do it automatically is MvdV> doable.
That's the first step. However, this also needs to be documented in form of a so-called "register of processing information" that has to be kept with the person responsible for this (and we're still thinking about who this actually might be - node, NC, RC, ZC...).
MvdV> What comes to mind is "who will enforce this and how?". My logs are MvdV> not accessible from the outside. To see them one needs physival MvdV> access to the machine where they are stored. So the enforcer would MvdV> need a search warrant. I do not see anyone issuing a serach warrant MvdV> for such a minor issue.
I think the authorities (in Germany there are "data protection agencies" for this) are enabled to check these things. However, the first thing they'll ask for is to present them the mentioned "register of processing information".
GK>> I wouldn't buy into that too easily. We have a hierarchical structure GK>> that allows people in "higher up" positions to ask other further down GK>> the road to comply to certain rules. We do so for ages with stuff GK>> that is written in our policies.
MvdV> Yes, we have a hierachical structure but the powers of the *Cs are MvdV> very limited. A *C does not have the authority nor the means to MvdV> demand that sysops give him/her access to their logs. So how can MvdV> anyone other than the sysop be responsible for what is in those MvdV> logs?
I understand what you mean. However, I think an "official" request would go through the instances the organisation (i.e., FidoNet) offers, meaning it will start on ZC or RC level. This is why I said earlier that the register should be kept at that level. These people will be asked for it.
MvdV> I guess we will just have to see how this evolves. No doubt there MvdV> will be court rulings in the interpretation. Some parts of this new MvdV> law may turn out to be unwokable. For both the executioners and the MvdV> enforcers.
Maybe, maybe not. OTOH, ignoring the stuff altogether is certainly not the way to go.
