Yao Wei <m...@debconf.org> writes: > Hi, > > I am thinking that this should be an opt-in rather than opt-out for > GDPR compliance. However it is difficult to accomplish in my > opinion... So opt-out can be really a compromise here.
I don't think I've ever come across an opt-out list that didn't contain people that (if properly informed) would prefer not to be on that list. Is it really a compromise to ignore that fact? Personally, now that I'm aware of this, I will opt-out myself and my family from an opt-out list, simply because I think opt-out lists are fundamentally unethical. On the other hand, if I'm given the chance to opt-in, along with a full-disclosure description of exactly how opting-in will help DebConf fund itself, I will almost certainly opt in (for myself at least). If there is some option to fuzz the data a bit, I might be able to persuade Gunde (my wife) that all four of us should opt in. Even if I don't get upset enough about "Debian" and "opt-in" being in the same sentence to blog about it, I'm pretty sure others will, and the resulting news reports will not be good for Debian's reputation. Is that aspect of our reputation worth more than 70k EUR? If so, we should definitely prefer telling them "No!", and paying the money out of Debian funds. However I suspect that there is a way of proving that the attendees were sufficiently international without handing over an improperly authorised list. I'd suggest that we should find out how that might be achieved. Cheers, Phil.  No guarantees about persuading Gunde though: She has initiated legal action in the past when someone used her data without proper permission. The saga of how/if one could discover if the UK's NHS had uploaded our kids data to "The Spine" is quite a long story -- Gunde tends not to give up on these things. I doubt she's unique among our attendees in this attitude. -- |)| Philip Hands [+44 (0)20 8530 9560] HANDS.COM Ltd. |-| http://www.hands.com/ http://ftp.uk.debian.org/ |(| Hugo-Klemm-Strasse 34, 21075 Hamburg, GERMANY
Description: PGP signature