= Сообщение: 6346 из 12549 ====================================== ENET.SYSOP = От : Michiel van der Vlist 2:280/5555 03 May 18 17:39:01 Кому : Markus Reschke 03 May 18 17:39:01 Тема : GDPR FGHI : area://ENET.SYSOP?msgid=2:280/5555+5aeb31be На : area://ENET.SYSOP?msgid=2:240/1661+5ae9a193 = Кодировка сообщения определена как: CP850 ================================== Ответ: area://ENET.SYSOP?msgid=2:240/12+5a80aa96 ============================================================================== Hello Markus,
On Thursday May 03 2018 16:31, you wrote to me:
MvdV>> But he fact that they are personal data, does not necesarely MvdV>> mean that those numbers are stored and kept on behalf of the MvdV>> organisation of Fidonet. That I am a member of Fdionet does not MvdV>> mean that I can not store and keep data as a person.
MR> Then you have to differentiate between what's related to your personal MR> activity and what's is Fidonet related.
Yes and I think that would not be impossible. The activities performed as "chairman" are laid down in P4. Collecting and distributing the data for the nodelist and the handling of complaints. Anything else is done in the capacity of an individual sysop.
MvdV>> Why the RC? Why not the NC? And if the resposibility floats to MvdV>> the top why stop at the RC? Why not the ZC?
MR> Yes, it could be also the ZC. That depends on how a judge would MR> interprete our organizational structure.
For a judge to come into play, there would have to be someone starting a legal procedure.
MvdV>> Yes, the law applies. But that does not mean that everything MvdV>> every member does is the responsibility of the chairman.
MR> Of course not, but the chairman is responsible that the club/society MR> is GDPR compliant.
For those activities performed by or on behalf of the club...
MR>>> also correction and deletion of personal data. So the *C would MR>>> have to ask all nodes to send him all personal data about a MR>>> specific person. That wouldn't work reliably.
MvdV>> Indeed, obviously that would not work. And if that how the law MvdV>> is interpreted and enforced, that would be the end of Fidonet.
MR> Exactly! And every person has the right to request a copy of personal MR> data stored, the correction of false data or the deletion of data MR> (unless the storage is required by other laws).
And if the person making the request is not satisfied, it could eventually end up on the desk of a judge who would then have to decide if the right to ask for the copy only applies to the records on the system of the person to whom the request was submitted, or to the reords stroed by all the members of Fdionet. I can see it go either way. So we will just have to wait for jurisdiction to evolve...
MvdV>> But I am not that pessimistic. No doubt Fidonet will not be the MvdV>> only one with this problem and surely there will be other MvdV>> organisations with a much higher profile. I have confidence MvdV>> that such problems will be worked out before Fidonet appears on MvdV>> the radar of the enforcers...
MR> Every sports club and what have you has the same problem. In our case MR> it's more complex, because we aren't an official club/society (unclear MR> responsibilities) and each member is processing and storing personal MR> data. In a typical sports club only the board would do this MR> (membership list, fees, ...).
There are lots of other informal organisations where the collection and storage of personal data is not limited to to whoever is the "chairman" or the board. Radioamateurs keep logs of the contacts they make. Surely a HAM radio call sign is personal data. So logging the call sign of the other party and time and duration of the contact plus frequency and mode of modulation is not much different from what happens in Fidonet. It is impossible for the chairman of the International Amateur Radio Union, to produce a copy of all the personal data stored in the logs of all radio amateurs.
There are less than a thousand Fidonet members in the EU. The estimated number of HAM radio operators in the EU is between half a million and a million.
