consensus
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNU/consensus] [RFC][SH] User Data Manifesto

From: Michael Rogers
Subject: Re: [GNU/consensus] [RFC][SH] User Data Manifesto
Date: Fri, 01 Feb 2013 12:26:50 +0000
User-agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20130107 Thunderbird/17.0.2 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/02/13 09:07, Frank Karlitschek wrote:
>> In contrast, European data protection law describes rights
>> belonging to the *subject* of the data, which must be respected
>> by those who store and process it. I hope those two sets of
>> rights can be reconciled, since it seems to me that both the
>> creator and the subject have an interest in how the data's used;
>> but I'm not sure ownership is the best approach to reconciling
>> such conflicting interests, since it tends to produce binary
>> outcomes (either you own something or you don't).
> 
> I'm not an expert in that. Do you have a suggestion to to rephrase
> that?

I'm not an expert either, so please don't give too much weight to what
I say. :-) However, if you agree that the manifesto should address the
rights of the data subject as well as the data creator, some deep
changes might be required.

For the sake of argument, let me suggest a definition based on point 1
of the manifesto: "Personal data is any data that is directly or
indirectly created by a person (the data creator), or that represents
or refers to a person (the data subject), or both."

If you apply that definition to the other points in the manifesto,
some conflicts arise. For example, the data creator and the data
subject may disagree about where the data should be stored, or who
should have access to it.

>> Second, having the source code to server software doesn't enable
>> you to confirm that it works as specified; it's not possible to
>> know whether the binary running on the server corresponds to the
>> source code you've downloaded. I still think we should insist on
>> free software, but we should recognise that it only protects us
>> if the server operator is acting in good faith.
> 
> I agree. The idea is to describe here what the right of the users
> are. How to do this in reality might be tricky but this doesn't
> change the principals

Good point!

Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJRC7SKAAoJEBEET9GfxSfMjgwH/Ax9KIQsxl8m/wqab3l1AsDI
UcbarVWDzk/JQSvRa1f6dXSxtoAIDhkyqe5mDvzfa3eLpu/PpBCk0E4Y1OZyQbcR
WHiRsyoh1Oa3wzYHX2gFJ4PWOdXPQNAZ15Bm/Kai+Rvf4E268Xh5j+e5wNSS/I6C
/IfSsgXKPwef4knlQlvhQJIFxValWENs8ZDiCfveZCIwKrUWI3zOSWDxF1Tet7iw
M2FKauOPcaeY5ulUcE3XUizUWocasXHp9Cx3mUIwaTNjoVKB52YKe4FOrMfPtNKT
14Wx6n+lhQ903JM899rtV0T4rFfNI9HEOSNzLNVtCFofwhQBp9MCFS8st8074WM=
=x4z4
-----END PGP SIGNATURE-----
reply via email to
[Prev in Thread] Current Thread [Next in Thread]