May 03 15:40 2018, Michiel van der Vlist wrote to Markus Reschke:
MvdV> Yes, IP numbers are personel data. Confirmed by Dutch Court MvdV> rulings. And by extension so are Fidonet node numbers. Probably.
MvdV> But he fact that they are personal data, does not necesarely mean MvdV> that those numbers are stored and kept on behalf of the MvdV> organisation of Fidonet. That I am a member of Fdionet does not MvdV> mean that I can not store and keep data as a person.
Then you have to differentiate between what's related to your personal activity and what's is Fidonet related.
MvdV> Why the RC? Why not the NC? And if the resposibility floats to the MvdV> top why stop at the RC? Why not the ZC?
Yes, it could be also the ZC. That depends on how a judge would interprete our organizational structure.
MvdV> Yes, the las applies. But that does not mean that everything every MvdV> member does is the responsibility of the chairman.
Of course not, but the chairman is responsible that the club/society is GDPR compliant.
MR>> also correction and deletion of personal data. So the *C would have MR>> to ask all nodes to send him all personal data about a specific MR>> person. That wouldn't work reliably.
MvdV> Indeed, obviously that would not work. And if that how the law is MvdV> interpreted and enforced, that would be the end of Fidonet.
Exactly! And every person has the right to request a copy of personal data stored, the correction of false data or the deletion of data (unless the storage is required by other laws).
MvdV> But I am not that pessimistic. No doubt Fidonet will not be the MvdV> only one with this problem and surely there will be other MvdV> organisations with a much higher profile. I have confidence that MvdV> such problems will be worked out before Fidonet appears on the MvdV> radar of the enforcers...
Every sports club and what have you has the same problem. In our case it's more complex, because we aren't an official club/society (unclear responsibilities) and each member is processing and storing personal data. In a typical sports club only the board would do this (membership list, fees, ...).
