Project

General

Profile

Issue #1951

Document more precisely GDPR compliance

Added by Denis 'GNUtoo' Carikli 10 months ago. Updated 2 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Infrastructure (web, git)
Target version:
-
Start date:
08/26/2019
Due date:
% Done:

0%

Estimated time:
Resolution:
Device:

History

#1

Updated by Denis 'GNUtoo' Carikli 10 months ago

TODO:
  • how and what kind of data we are using for what
  • how we can be contacted for requests
  • how you can gather your data
  • how you can disable/forget all your data This feature is available through the account interfaces of the various software we use.

This has been inspired from https://git.card10.badge.events.ccc.de/card10/meta/issues/1

#2

Updated by Fil Lupin 2 months ago

Denis 'GNUtoo' Carikli wrote:

  • how you can disable/forget all your data This feature is available through the account interfaces of the various software we use.

I saw another interesting question: how to forget personal information inside commits message.
The only solution I see currently is to avoid/forbid mail address allowing identification.

#3

Updated by Denis 'GNUtoo' Carikli 2 months ago

Fil Lupin wrote:

Denis 'GNUtoo' Carikli wrote:

  • how you can disable/forget all your data This feature is available through the account interfaces of the various software we use.

I saw another interesting question: how to forget personal information inside commits message.
The only solution I see currently is to avoid/forbid mail address allowing identification.

Commit messages are most of the time public so, as I understand it's not an issue for the GDPR.

What might be more interesting to tackle would be to have the ability to cloak users when contributing to upstream projects.

For instance an association for the public interest could gather copyright assignments and this way people could contribute anonymously to various upstream project that require a certificate of origin in the form of Signed-off-by.

Years ago, I've tried to convince several people involved in LGBTQI++ communities to do that through a 501C3-like association but as far as I understand no one did it yet.

Replicant is unfortunately not able to do that as it only legally exists through the agreement we have with the FSF.

Also available in: Atom PDF