On 2018-08-11 17:41, John Paul Adrian Glaubitz wrote:
> On 08/11/2018 11:03 AM, Thomas Kuiper wrote:
>>> What happens in case of an emergency then? Aren't organizers of large
>>> events of this type required by law to keep lists of real name?
>> It depends on the country but I've never had that in Taiwan.
>> Martial law is over since a long time.
>> There's an 'old' "assembly act" but that's for anything political.
>> "Freedom of assembly/association" that exists in most democratic countries
>> means you don't have to keep such lists.
> This is a matter of liability. If you have some going crazy and start
> demolishing
> property at the conference venue, you will most certainly want to have someone
> whom you can make pay for it.
The procedure is that the police will question him, take his personal
information and the venue/organizers may start legal proceedings.
You can also sue someone that you don't know the name of. Just because you know
their name doesn't mean they will pay either!
Liability is something else.
So knowing someone's name won't stop vandalism unless you think that someone
behaves better cause their name is known... ?
> If you're fine with carrying the costs yourself, that's ok. But I think it's
> a bit of naive to assume that everyone who attends such a large event is
> of good will and nothing will ever happen.
no, for such cases there's this thing called third party liability insurance.
> This seems to be a typical case of a rule that is not going to be enforced
> unless there is going to be the first incident which would have prevented
> by it. You know, like these signs at certain beaches where it says "No
> swimming.".
So far I'm not convinced by knowing someone's name or address changes anything.
Otherwise will you have to give your name to someone when you take a bus or go
for a swim?!
>
>>> If, for example, an attendee of the conference has a serious accident
>>> and other folk call emergency services, they will have a problem when
>>> asked for the name and street address of an attendee. Or, even worse,
>>> if an attendee died, organizers will not be able to contact someone
>>> from the circle of their family etc.
>> I don't think this falls under the responsibility of the organizers, unless
>> there is a Debconf on a ship or airplane.
>> For such a long conference it makes sense to provide an OPTIONAL emergency
>> contact though!
>> Also there should be people that know how to do CPR at the venue (it can be
>> trained).
> So, if you have someone who goes by "trumpet232" and they become so seriously
> injured that you need to call an ambulance, you just shrug your shoulders
> when it comes to contacting their relatives?
No, ideally he has friends at the conference that can identify him.
There's also consular offices (in case that is a foreigner) and many other
means to identify someone.
I'm assuming that the ambulance has the right to search his belongings and find
stuff like an ID or credit cards.
> From my personal experience, you sometimes need to protect people from
> their own mistakes. Especially younger folk will underestimate the
> importance of safety precautions.
That's what parents or babysitters are for. ;-) .
>>> Or imagine an attendee commits a felony, you need to be able to
>>> identify them as well. There are probably countless occasions where
>>> it's simply not enough to identify as "trumpet232" at the registration
>>> desk.
>> Why? That's up to the police to investigate. Any Data Protection Assessment
>> (DPA)
>> would show that the mass collection of people's addresses is by far worse
>> than
>> the risk of having someone commit a felony.
> So, you are saying all this fancy encryption technology with USB keys,
> fingerprint sensors and whatnot in the hands of Debian Developers is
> not trustworthy enough?
Why you think that I'm saying that? I'm pointing out that any collection of
private data must have a previous assessment.
This is part of the new EU GDPR by the way:
https://www.itgovernance.co.uk/privacy-impact-assessment-pia
(its PIA btw not DPA, sorry). There's a fine for not doing it now... ;-)
I don't get your connection with encryption keys to this issue.
> How does it work at your company? Do they also allow just nicknames
> for customers and employees and if something happens, you just trust
> for the police to investigate this data? Don't you think that the police
> or insurance companies will at least say "Hey, why didn't you keep a
> record of the people you're making business with so that you know who
> is going to be liable?"
I don't get your point. Are you leaving your address to every place you visit?!
;-)
> Also, in Germany, you are legally required to be able to identify
> yourself in public (Ausweispflicht) and if you're not to, police
> can arrest you and take you to the next station:
You don't really need to carry it with you (news for you probably).
Its the police/legal authorities that is authorized to check someone identity.
Not someone organizing a conference!
>
>> https://de.wikipedia.org/wiki/Ausweispflicht
> Also, legally, anyone leaving their home country within the European
> Union is required to carry an ID:
>
> "Bürger jener Staaten, in denen das Freizügigkeitsabkommen der EU gilt (d. h.
> der Europäischen Union einschließlich des Europäischen Wirtschaftsraums wie
> auch
> der Schweiz), müssen nach § 8 des Freizügigkeitsgesetzes/EU während ihres
> Aufenthaltes einen Pass oder anerkannten Passersatz besitzen und diesen bei
> der
> Einreise in die Bundesrepublik mitführen, um ihn beim Grenzübertritt auf
> Verlangen vorzeigen zu können."
Yes, it says "while passing the border - beim Grenzübertritt" they must show a
passport if asked. They also must own one.
Its does not say "show it at the border of the conference venue" ;-)
>
>>> I know many people in Debian are a huge fan of high privacy levels,
>>> but there is often actually a valid reason beyond advertisement and
>>> statistics why lists are kept with the name of attendees and people
>>> who demand these high levels of privacy should keep that in mind.
>>>
>>> Some requirements are imposed by the law and/or safety requirements,
>>> so you cannot just ignore them, even if you a "digital native".
>> I would be very interested if you can point those laws out?
>> I'm not aware such stuff exists in Germany (basic law article 8 has freedom
>> of assembly)
>> so does Taiwan (which is a copy/paste from the German basic law).
> Again, you are just referring to the basic laws of the constitution
> but those don't apply ultimately. There are still laws building on top
> of the constitution which can limit them, e.g. police can take away
> your freedom in some cases and especially in Germany, freedom of speech
> is also not unlimited. Plus, your insurance company will want to have
> a word with you as well.
Of course there are many exceptions but this constitutional freedom is there.
I've never given away my address or full name when I went to the cinema...
I'm back in Germany in September and will let you know if thats still the case
:P
Thomas
