On 03/01/2019 01:25 AM, Rupert Gallagher wrote:
A future-proof list that complies with GDPR would automatically rewrite the To header, leaving the list address only.
Doesn't GDPR also include things like signatures? Thus if the mailing list is only modifying the email metadata and not the message body (thus signature), then it's still subject to GDPR.
I also feel like it is a disservice to the mailing list to hide who the message is from. But I have no idea of the legalities of (not) doing such.
Any other recipient will still receive it from the original sender.
I presume you're talking about (B)CC and additional To recipients.I never did hear, how does GDPR play out in such a scenario. Does the sender need to make a request to all To / (B)CC recipients for them to forget the sender? Also, does the mailing list operator have any responsibility to pass the request on to all subscribers to purge the requester from their personal archives? I feel like there's a LOT of unaddressed issues here, and that singling out the mailing list is somewhat unfair. But life's unfair. So … ¯\_(ツ)_/¯
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
