Let me give my perspective as part of the registration team. Note that
while I use "we", this is ultimately my point of view and not
necessarily that of the entire team .

August 11, 2018 4:01 AM, "John Paul Adrian Glaubitz" <glaub...@physik.fu-berlin.de> wrote:

On 08/11/2018 09:06 AM, Clayton wrote:

This was my first DebConf and I chose not to offer my last name on the
registration, or at any point during the conference, and nobody seemed
bothered. I believe(?) there were some registrants who were entirely
pseudonymous. If one does not want one's name exposed publicly in an
online community, then just don't give a real name.

What happens in case of an emergency then? Aren't organizers of large
events of this type required by law to keep lists of real name?

We keep names as provided by attendees in the conference registration
system. All we can go off is what we're given. Feel free to point me
towards legislation for any of the upcoming DebConf bids or DebConf 19
requiring us to collect full names/verify the accuracy of the data
provided. Knowing this in advance will help us inform attendees .

If, for example, an attendee of the conference has a serious accident
and other folk call emergency services, they will have a problem when
asked for the name and street address of an attendee. Or, even worse,
if an attendee died, organizers will not be able to contact someone
from the circle of their family etc.

It's up to an attendee to have made these sorts of arrangements.
Attendees are asked for emergency contact information, which may be
used/divulged as the situation requires. For specific situations, such
as daytrips, this information is collected as needed. When I signed up
for the river tracing daytrip, for example, I was asked to provide my
name as found in my passport, its number and my nationality. This wasn't
the case for all the daytrips.

Or imagine an attendee commits a felony, you need to be able to
identify them as well. There are probably countless occasions where
it's simply not enough to identify as "trumpet232" at the registration

The DebConf Registration team's job is not to collect data on attendees
on the off chance that one of them might maybe commit a crime. It's to
collect data that is useful for running DebConf. Additionally, as
someone who has staffed FD for two years now I've found that it is, in
fact, probably easier to identify yourself by username if your name
contains characters that I can't type on my keyboard.

I know many people in Debian are a huge fan of high privacy levels,
but there is often actually a valid reason beyond advertisement and
statistics why lists are kept with the name of attendees and people
who demand these high levels of privacy should keep that in mind.

We collect information that we know we'll need and we trust that
attendees are giving us this information in the spirit that it's being
collected in. An attendee could say that their nationality is Antarctic,
and while that would skew stats and make it somewhat harder to contact
their embassy [0] it's not as if we're going to ask to see their
passport to verify this. In addition, some attendees may have good
reasons to not provide this information.  If this means that a couple
people decide not to provide it because they simply don't want to (which
is a perfectly valid reason to me), that's okay. DebConf should be
accessible to anyone who is willing to abide by the Code of Conduct.

[0] https://en.wikipedia.org/wiki/List_of_country_calling_codes#Locations_with_no_country_code

Some requirements are imposed by the law and/or safety requirements,
so you cannot just ignore them, even if you a "digital native".

I think that many countries have the opposite problem. Collecting more
information than we need may very well violate their laws.


Reply via email to