Op dinsdag 22 mei 2018 20:51:30 CEST schreef John Ralls: > > On May 22, 2018, at 11:42 AM, Frank H. Ellenberger > > <frank.h.ellenber...@gmail.com> wrote:> > > Am 22.05.2018 um 19:21 schrieb Geert Janssens: > >>> IRC includes IP addresses, which the GDPR explicitly mentions as > >>> personal > >>> information, in “joined” messages, and those get logged. ISTM those > >>> messages aren’t important as they’re not part of the conversation and we > >>> could easily stop logging them delete them from the existing logs. > >> > >> Yes, I think we should do that. > > > > It depends: most private used IPv4 are dynamic IPs - changing at least > > daily. They are useless without the dial in protocol of the provider. > > That is the reason, anti terror laws try to force them to store them. > > Then again courts declare the anti terror law unconstitutional. > > > > I don't know the current practice of providers with IPv6. > > > > Question: How will you behave, if you see, last night XXX announced an > > terror attack on our channel? > > Even with dynamically-allocated IP addresses the ISP can identify which > customer has an address -IPv4 and IPv6-given the address and the timestamp. > IP addresses are specifically mentioned in article 30. > > I would notify local law enforcement who will pass it up the chain to the > appropriate level. Article 19 excludes criminal activity from being > protected under the GDPR. > > Regards, > John Ralls
And to make the link with whether or not we should keep the IP addresses in our logs for that reason, I don't think so. We don't host the irc service. It's hosted by universities coming together under the GIMPnet. In case of criminal activity I would expect law enforcement to request the logs directly from the owners of the servers running the service. If Derek were to host his own irc server then yes he should probably keep irc logs (off line) for the legally required time or at least the necessary meta data. The ip data is not relevant for the gnucash project in any way so we should remove it. We're not making law enforcement more difficult by doing so but we would be in a better position with regards to the GDPR. Geert _______________________________________________ gnucash-devel mailing list gnucash-devel@gnucash.org https://lists.gnucash.org/mailman/listinfo/gnucash-devel