Re: GDPR issues of mailing lists ? - Was: Why used DHCPv6 when RA has RDNSS and DNSSL?

2020-04-01 Thread Mohácsi János 
Sorry. RFC8058 and/or RFC 2369

On 2020. 04. 01. 10:50, Janos Mohacsi wrote:

Hi Jordi,

In  my opinion to adhere the GDPR regulations each mailing list (maybe 
mailing list operator) should have a data management policy and implement some 
simple rules. The data management policy  should be made available during the 
subscription. If anything changes in the regulation or in the policy all 
subscribed users should be notified and allow them to unsubscribe. 
Unsubscription can be done with any mail receiving from the particular mailing 
list  since the modern mailing list managers follow the RFC 8058 


Regards,
Janos Mohacsi

On 2020. 04. 01. 10:33, JORDI PALET MARTINEZ wrote:

Hi Tore,

I've taken a quick look, because I don't know it by memory, but:

1) Before 25 May 2018, every EU citizen or resident must get a confirmation 
from any database holder with his personal data, to re-confirm the 
authorization. I'm not sure if that was done for this list. I believe this is 
art. 39 and some further text in the following articles.

2) Right to object. Art. 59, but also many others. It is not probably clearly 
said that it must be in a footer but it must be clearly available how to.

https://gdpr-info.eu/

I don't have any problem myself, but I think it is good for the host of the 
list to comply with GDPR, to avoid any DPA fine.

Regards,
Jordi
@jordipalet



El 1/4/20 10:11, "Tore Anderson" 

 escribió:

* JORDI PALET MARTINEZ

> It is true however, that this list must follow GDPR, and this means 
having an explicit unsubscription link in the footer

Which GDPR article requires that, exactly?

Tore




**
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or 
confidential. The information is intended to be for the exclusive use of the 
individual(s) named above and further non-explicilty authorized disclosure, 
copying, distribution or use of the contents of this information, even if 
partially, including attached files, is strictly prohibited and will be 
considered a criminal offense. If you are not the intended recipient be aware 
that any disclosure, copying, distribution or use of the contents of this 
information, even if partially, including attached files, is strictly 
prohibited, will be considered a criminal offense, so you must reply to the 
original sender to inform about this communication and delete it.





--
János Mohácsi
International R Officer
GÉANT activity coordinator in Hungary, EOSC GB member

T: +36 30 555 7599
mohacsi.ja...@kifu.gov.hu

Kormányzati Informatikai Fejlesztési Ügynökség

--
János Mohácsi
International R Officer
GÉANT activity coordinator in Hungary, EOSC GB member

T: +36 30 555 7599
mohacsi.ja...@kifu.gov.hu

Kormányzati Informatikai Fejlesztési Ügynökség



Ezen üzenet és annak bármely csatolt anyaga bizalmas, jogi védelem alatt áll, a 
nyilvános közléstől védett. Az üzenetet kizárólag a címzett, illetve az általa 
meghatalmazottak használhatják fel. Ha Ön nem az üzenet címzettje, úgy kérjük, 
hogy telefonon, vagy e-mail-ben értesítse erről az üzenet küldőjét és törölje 
az üzenetet, valamint annak összes csatolt mellékletét a rendszeréből. Ha Ön 
nem az üzenet címzettje, abban az esetben tilos az üzenetet vagy annak bármely 
csatolt mellékletét lemásolnia, elmentenie, az üzenet tartalmát bárkivel 
közölnie vagy azzal visszaélnie.

This message and any attachment are confidential and are legally privileged. It 
is intended solely for the use of the individual or entity to whom it is 
addressed and others authorised to receive it. If you are not the intended 
recipient, please telephone or email the sender and delete this message and any 
attachment from your system. Please note that any dissemination, distribution, 
copying or use of or reliance upon the information contained in and transmitted 
with this e-mail by or to anyone other than the recipient designated above by 
the sender is unauthorised and strictly prohibited.

GDPR issues of mailing lists ? - Was: Why used DHCPv6 when RA has RDNSS and DNSSL?

2020-04-01 Thread Mohácsi János 
Hi Jordi,

In  my opinion to adhere the GDPR regulations each mailing list (maybe 
mailing list operator) should have a data management policy and implement some 
simple rules. The data management policy  should be made available during the 
subscription. If anything changes in the regulation or in the policy all 
subscribed users should be notified and allow them to unsubscribe. 
Unsubscription can be done with any mail receiving from the particular mailing 
list  since the modern mailing list managers follow the RFC 8058 


Regards,
Janos Mohacsi

On 2020. 04. 01. 10:33, JORDI PALET MARTINEZ wrote:

Hi Tore,

I've taken a quick look, because I don't know it by memory, but:

1) Before 25 May 2018, every EU citizen or resident must get a confirmation 
from any database holder with his personal data, to re-confirm the 
authorization. I'm not sure if that was done for this list. I believe this is 
art. 39 and some further text in the following articles.

2) Right to object. Art. 59, but also many others. It is not probably clearly 
said that it must be in a footer but it must be clearly available how to.

https://gdpr-info.eu/

I don't have any problem myself, but I think it is good for the host of the 
list to comply with GDPR, to avoid any DPA fine.

Regards,
Jordi
@jordipalet



El 1/4/20 10:11, "Tore Anderson" 

 escribió:

* JORDI PALET MARTINEZ

> It is true however, that this list must follow GDPR, and this means 
having an explicit unsubscription link in the footer

Which GDPR article requires that, exactly?

Tore




**
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or 
confidential. The information is intended to be for the exclusive use of the 
individual(s) named above and further non-explicilty authorized disclosure, 
copying, distribution or use of the contents of this information, even if 
partially, including attached files, is strictly prohibited and will be 
considered a criminal offense. If you are not the intended recipient be aware 
that any disclosure, copying, distribution or use of the contents of this 
information, even if partially, including attached files, is strictly 
prohibited, will be considered a criminal offense, so you must reply to the 
original sender to inform about this communication and delete it.





--
János Mohácsi
International R Officer
GÉANT activity coordinator in Hungary, EOSC GB member

T: +36 30 555 7599
mohacsi.ja...@kifu.gov.hu

Kormányzati Informatikai Fejlesztési Ügynökség



Ezen üzenet és annak bármely csatolt anyaga bizalmas, jogi védelem alatt áll, a 
nyilvános közléstől védett. Az üzenetet kizárólag a címzett, illetve az általa 
meghatalmazottak használhatják fel. Ha Ön nem az üzenet címzettje, úgy kérjük, 
hogy telefonon, vagy e-mail-ben értesítse erről az üzenet küldőjét és törölje 
az üzenetet, valamint annak összes csatolt mellékletét a rendszeréből. Ha Ön 
nem az üzenet címzettje, abban az esetben tilos az üzenetet vagy annak bármely 
csatolt mellékletét lemásolnia, elmentenie, az üzenet tartalmát bárkivel 
közölnie vagy azzal visszaélnie.

This message and any attachment are confidential and are legally privileged. It 
is intended solely for the use of the individual or entity to whom it is 
addressed and others authorised to receive it. If you are not the intended 
recipient, please telephone or email the sender and delete this message and any 
attachment from your system. Please note that any dissemination, distribution, 
copying or use of or reliance upon the information contained in and transmitted 
with this e-mail by or to anyone other than the recipient designated above by 
the sender is unauthorised and strictly prohibited.

Re: GDPR issues of mailing lists ? - Was: Why used DHCPv6 when RA has RDNSS and DNSSL?

2020-04-01 Thread JORDI PALET MARTINEZ 
Exactly, and I don’t think this data management policy, and GDPR compliance has 
been published in the list, and is available in the list web site when you 
register, etc.

 

The RFC is good, but GDPR is “agnostic” of RFCs … The DPA can say, even if you 
are RFC-folks, the list is open for any other folks to subscribe, and they 
don’t need to know that the list unsubscribe info is in the header, they may 
not even know how to see the header …

 

Believe me, I got similar resposes from the DPAs around the EU. 

 

Regards,

Jordi

@jordipalet

 

 

 

El 1/4/20 10:50, "Mohácsi János"  escribió:

 

Hi Jordi, 

In  my opinion to adhere the GDPR regulations each mailing list (maybe 
mailing list operator) should have a data management policy and implement some 
simple rules. The data management policy  should be made available during the 
subscription. If anything changes in the regulation or in the policy all 
subscribed users should be notified and allow them to unsubscribe. 
Unsubscription can be done with any mail receiving from the particular mailing 
list  since the modern mailing list managers follow the RFC 8058 

Regards, 

Janos Mohacsi 

 

On 2020. 04. 01. 10:33, JORDI PALET MARTINEZ wrote:
Hi Tore,
 
I've taken a quick look, because I don't know it by memory, but:
 
1) Before 25 May 2018, every EU citizen or resident must get a confirmation 
from any database holder with his personal data, to re-confirm the 
authorization. I'm not sure if that was done for this list. I believe this is 
art. 39 and some further text in the following articles.
 
2) Right to object. Art. 59, but also many others. It is not probably clearly 
said that it must be in a footer but it must be clearly available how to.
 
https://gdpr-info.eu/
 
I don't have any problem myself, but I think it is good for the host of the 
list to comply with GDPR, to avoid any DPA fine.
 
Regards,
Jordi
@jordipalet
 
 
 
El 1/4/20 10:11, "Tore Anderson" 
 escribió:
 
    * JORDI PALET MARTINEZ
    
> It is true however, that this list must follow GDPR, and this means 
having an explicit unsubscription link in the footer
    
Which GDPR article requires that, exactly?
    
Tore
    
 
 
 
**
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company
 
This electronic message contains information which may be privileged or 
confidential. The information is intended to be for the exclusive use of the 
individual(s) named above and further non-explicilty authorized disclosure, 
copying, distribution or use of the contents of this information, even if 
partially, including attached files, is strictly prohibited and will be 
considered a criminal offense. If you are not the intended recipient be aware 
that any disclosure, copying, distribution or use of the contents of this 
information, even if partially, including attached files, is strictly 
prohibited, will be considered a criminal offense, so you must reply to the 
original sender to inform about this communication and delete it.
 
 
 
-- 
János Mohácsi
International R Officer
GÉANT activity coordinator in Hungary, EOSC GB member   
 
T: +36 30 555 7599
mohacsi.ja...@kifu.gov.hu
 
Kormányzati Informatikai Fejlesztési Ügynökség
 


Ezen üzenet és annak bármely csatolt anyaga bizalmas, jogi védelem alatt áll, a 
nyilvános közléstől védett. Az üzenetet kizárólag a címzett, illetve az általa 
meghatalmazottak használhatják fel. Ha Ön nem az üzenet címzettje, úgy kérjük, 
hogy telefonon, vagy e-mail-ben értesítse erről az üzenet küldőjét és törölje 
az üzenetet, valamint annak összes csatolt mellékletét a rendszeréből. Ha Ön 
nem az üzenet címzettje, abban az esetben tilos az üzenetet vagy annak bármely 
csatolt mellékletét lemásolnia, elmentenie, az üzenet tartalmát bárkivel 
közölnie vagy azzal visszaélnie.

This message and any attachment are confidential and are legally privileged. It 
is intended solely for the use of the individual or entity to whom it is 
addressed and others authorised to receive it. If you are not the intended 
recipient, please telephone or email the sender and delete this message and any 
attachment from your system. Please note that any dissemination, distribution, 
copying or use of or reliance upon the information contained in and transmitted 
with this e-mail by or to anyone other than the recipient designated above by 
the sender is unauthorised and strictly prohibited.




**
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or 
confidential. The information is intended to be for the exclusive use of the 
individual(s) named above and further non-explicilty authorized disclosure, 
copying, distribution or use of the contents of this information, even if 
partially, including attached files, is strictly

Re: GDPR issues of mailing lists ? - Was: Why used DHCPv6 when RA has RDNSS and DNSSL?

2020-04-01 Thread Gert Doering 
Hi,

On Wed, Apr 01, 2020 at 10:56:09AM +0200, JORDI PALET MARTINEZ wrote:
> The RFC is good, but GDPR is ???agnostic??? of RFCs ??? The DPA can say, even 
> if you are RFC-folks, the list is open for any other folks to subscribe, and 
> they don???t need to know that the list unsubscribe info is in the header, 
> they may not even know how to see the header ???

This domain is called "cluenet.de", it implies "can quote, and understands
e-mail".  No?

Gert Doering
-- NetMaster
-- 
have you enabled IPv6 on something today...?

SpaceNet AG  Vorstand: Sebastian v. Bomhard, Michael Emmer
Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279