MvdV>> At least that is the situation in The Netherlands. You may call MvdV>> it playing Russian roulette, but other than what I wrote about MvdV>> the location field in the nodelist, there is not much that I MvdV>> can do at the moment other than see how this evolves.
MR> To minimze risks you'd start with the worst case
Worst case is that I have to pull the plug on Fidonet. I am not prepaired to do that. Not yet...
MR> and follow the GDPR by the letter.
Impossible. Too vague and too much room for interpretation. As you already pointed out, we do not even know yet who is responsible for what part.
MR> As long as there are no court decisions easing up things
Or tightening it down...
MR> we can't do anything about it.
We can take a position. I think we all should take the position that we can only take responsibility for that what we do and can control. As a *C I have control over what is in my part of the nodelist. As a sysop I have control over my logs and the data I gather and store about my points and users. I have no control over what other sysops do on their systems and therefore I reject responsibility for that part.
The idea that a *C should be able to produce information about ALL personal data of processed by ALL fidonet sysops is ridiculous. I say that each sysop is responsible for what happens on his system and no one else. A position that is backed up by P4. That is the position I will defend when push comes to shove.
If I lose when push comes to shove, so be it.
Do I take a risk? Yas I do. But one can not live without taking risks.
I say we should all take the position that I outlined above. If we all take the same position, we will stand stronger.
MvdV>> Dutch saying: "De soep wordt nooit zo heet gegeten als ze wordt MvdV>> opgediend."
MR> Well known over here too. Another variant is: "Es wird nicht so heiss MR> gegessen wie gekocht wird."