On 05/17/2018 02:56 AM, Bernd Petrovitsch wrote:
FWIW and IMHO, I think we are in violent agreement here.
In the old-school life: the sender (because s/he said it on her/his free
will) - I hope;-). But the person who overheard it may tell the story
to a third person. And it's just/only hear-say - even if it's actually
100% correct (which it is almost never ever the case). And there starts
actually the real "forgetting" or "doubts" ...
I agree that fan-out can be a problem. IMHO the root cause is the
person that said it, the sender.
But in a "everything is written" world, that is massively different:
In the old-school world, a "written proof" had a quite large value
because it wasn't trivial to have such a thing. Nowadays - with almost
every communication over the Internet - it's the normal, that there is a
"written proof" aka recorded/logged/whatever.
That's an interesting point, but I'm not seeing who's at fault, the
person who overheard what I said (the archive) or me for saying it in a
non-secure manner (the sender)?
I'm not diving into differences of "how some judge may value some so-
called proof" in some given (somewhat Western) country, but most people -
even in Spring 2018 - don't realize, what's really going on and try to
get back the world from the 1960s (or so;-) - well, "thinking before
talking" was always a hard job;-)
A court order may "force" you to not tell it to anyone but it can't make
you forget it (or write it down and hide it somewhere safe).
Where force = order under some form of penalty, sure.
So in general: No. And that's exactly the problem with the "right to
Good ideas usually start to have problems when they are taken too far.
Of course. But only for (somewhat obvious) very good (including legal)
reason like really hard law issues like - at least in .at and .de -
Nazi stuff and/or (everywhere I hope) certain forms of pr0n.
Even with those issues, the court can only order you, under some
penalty, to not do something. They still can't cause you to unsee or
At least I'm not aware of any such technology yet. (My ignorance of
such technology does not preclude it from existing.)
But for some claims of "please remove my email address?"? If that email
address can be found (via Google) on hundreds of sites, the removal of one
instance doesn't change anything. Ooops, and a chicken-egg problem ....
I think it does.
IMHO it's the issue of multiple people doing the same wrong thing does
not make the thing in question correct.
Case and point, is it wrong to ask someone specific to stop spamming me
when considering that multiple other people could be spamming me?
Or, more along the lines of your example, saluting in a Nazi-esq manner?
(I'm not saying I agree with anything there in, I'm just using it as
That question should be answered by some copyright/authors right lawyer.
I would be interested in what their take is.
I suspect it's going to come down to misrepresentation. Either trying
to falsely claim credit for someone else's work, or trying to attribute
something to someone who didn't say it.
Short of significant persuation to the contrary, I'm going to continue
to believe that admins / owners of system have the right to modify what
was said in very specific cases when it comes to what enters / passes
through / is stored on their systems. IMHO this MUST be done in a
manner that makes it clear that this was done.
Yes, and everyone writes that in the mailinglists charta (including
that all mails go into a public archive, are never edited, censored,
deleted, etc.). Just from that point of view, everyone sending mails
to the mailinglist has implicitly agreed to the rules including the
publication in a Google-indexed archive.
I have some issues with that.
- Corporate policy, regional laws, technical capabilities, etc. can
- Agreeing to a E.U.L.A. does not mean that you actually understand it.
(I'm hearing where this is being starting to be challenged in courts.)
- Index ability is independent of publicity.
BTW: I cannot do everything I want with it because I cannot choose to
plain simply ignore modification requests from a court.
Hence regional laws above.
Everyone can claim a lot of things - the hard question is how to proove
Any serious business won't send me any "newsletters" if I request that
without any legal backing (if only that I continue to buy from it in
the future and don't tell anyone that they ignore such simple things -
and because it's "just the right thing to do"(TM)).
Sadly, I've seen legitimate businesses fail and do exactly that. Use
contact details specifically for the contracted service inappropriately
for marketing reasons.
Yup, but there are other companies or folks using selling addresses and
other personal data (if only for "scientific purposes").
I feel like those companies should be required to collect the data from
somewhere other than what was used explicitly for contracted business.
Much like how HIPAA affords us the restriction to say that the
information can only be used for healthcare treatment, and the express
process associated there in (billing, insurance, etc.).
This does not extend to marketing or sales as that's not expressly
healthcare / treatment.
Selling and buying "sales leads" (which are actually contact addresses
at best) or personal data (as covered by the spirit of the GDPR) as
such should be forbidden that would solve more problems and is easier
I'm going to disagree with you.
I've been around all sorts of people that won't give you their password
if you ask them. But if you offer to give them an ice cream cone to buy
their password, they will happily trade with you.
The point being, I think there is a valid business model to legitimate
collect information under pretense that it will be provided (read: sold)
As long as that's clearly indicated up front, and I'm compensated (for
my eventual hassle), I might consider doing so. Especially if I have an
easy way to tell the people that contact me in the future to bugger off.
Who knows, I might actually find something useful in the noise.
ATM the companies are free to do (almost - also depending on the local
jurisdiction) anything with personal data and the effort to handle
misuse of it is shifted to the private person. It should be the other
way around ....
I should be able to earmark that my contact information can ONLY be used
for official business transactions and NOT for anything outside said
explicit business transaction.
IMHO this should be something like a bit in the database that indicates
if the info is available for other uses (read: marketing). Perhaps it
should be express contractual uses, general business uses, business
partner uses, and general.
Yeah, that's an interesting issue (which happen to apply to the next club
with normal member management): A member leaves (for whatever reason)
and - to minimize the data - expects that all data about him/her is
IMHO, expecting that it is deleted is asking too much in this day and
age. Expecting to not be contacted again might be too much.
I think that depends on the terms of the separation. I.e. non-renewing
a magazine subscription would likely be okay to offer renewal discounts
in 3 / 6 / 9 / 12 / 18 months. Conversely, asking a former member who
has been forcibly excommunicated (read: voted out by other members) for
a donation during the next fund raiser is probably a bad idea.
But if the same person comes back two years later, doesn't the club (or
company) have the right to know that that person was already a member
(and in which years)? And if a member is expelled, the club surely wants'
to remember that.
I think that the company has the right to know that information.
Note: Knowing that does not translate to using said information for
anything outside of the express business relationship.
I seem to keep coming back to the express business relationship.
Of course, that completely invalidates any "request on forgetting" per se
(and reduces it to "act like you don't know it").
I think the spirit of requesting to be forgotten really translates to
requesting to not be contacted in the future. At least for most (but
not all) situations.
A completely other approach (and solution;-) to "mailinglist archive
and the GDPR": Is an automatically generated mailinglist archive in HTML
actually subject to the GDPR? It's not that is really structured and/or
organized like e.g. some SQL- database.
I think that any data collection / aggregation is likely going to be
subject to GDPR, for better or worse, in some way.
I also feel like the structure of the data, or lack there of, is
somewhat immaterial. Especially in this day and age where people are
touting storing data in unstructured manner. Plus, extracting email
addresses (and associated names) from a mail archive, HTML or not, is
relatively easy. ;-)
Grant. . . .
unix || die
Mailman-Users mailing list Mailman-Users@python.org
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/