|
From: | Keith Erekson |
Subject: | Re: [Sks-devel] Withdrawal of Service - keys.flanga.io |
Date: | Fri, 16 Nov 2018 11:19:13 -0500 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.3.0 |
Standard "I am not a lawyer" disclaimer applies, but it is my impression (both from speaking to people who know more than I do about this, and from reading article 17 of the GDPR) that the "right to be forgotten" isn't necessarily absolute. Meaning that if one were to receive such a request, and it is not possible to remove the data, this doesn't automatically mean that the only recourse is to shut down the service. Specifically, this language is the part that catches my attention: "the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers..." Perhaps someone who has access to a lawyer could ask for
clarification on this? Speculation about what implications GDPR
may or may not have for the SKS network isn't especially
productive, in my opinion. (I say this as someone who might be
shielded from liability by an employer's legal counsel, however.) Regarding the resource usage and/or instability of the SKS keyserver itself, there are some of us who don't need to care about this, thankfully ;-) I maintain a keyserver in a VM at work, where its
CPU/disk/bandwidth usage are a proverbial drop in the bucket. As
long as it keeps running with minimal oversight on my part, I'm
happy to provide this service. The same applies to the mirrors
that we operate. Obviously this is a luxury and is not the case for many (most?)
admins, and I would never blame anyone for ceasing to volunteer
their resources/time for a project like this, but it is not
necessarily a problem for all of us that these issues have
become (more) apparent in the last year or so. Just my two cents. ~Keith On 11/15/18 6:50 PM, Moritz Wirth
wrote:
I asked to be allowed to share some more details, however the request was to remove/prevent indexing of 2 keys stored on our keyservers - including copies of ID's to verify the request as required by the european data protection law. Since it is not possible to prevent the indexing of data, I think the only possible way to handle this request is to shut them down. I don't see a reason to fight this - it is the right of someone to get his/her data removed so we are required to do this regardless of how crappy that law might be. If someone decides to ignore it, it's up on them. Am 16.11.18 um 00:31 schrieb Mike:Fabian, im sure you can tell that nothings going to change :( But maybe these shutdowns in protest will provoke change, before its too late? On Thu, 15 Nov 2018 23:23:43 +0000 "Fabian A. Santiago" <address@hidden> wrote:Wow! I’d love to see that as well. I just saw Kristian’s post with his email exchange. It’s a shame the situation is going down like this. I do hope a proper solution can be found so I and hopefully others can return to contributing to the network, should the mode of operation dictate and stay this way. -- Thanks, Fabian S. OpenPGP: 0x643082042DC83E6D94B86C405E3DAA18A1C22D8F On Thu, Nov 15, 2018 at 5:58 PM, Georg Faerber <address@hidden> wrote:Hi, On 18-11-15 23:56:07, Moritz Wirth wrote:keys.flanga.io will cease operation - we received a request to remove some keys and since we are unable to do this, we will shutdown all keyservers and erase all relevant databases immediately.Would it be possible to share this request, omitting sensitive details? Cheers, Georg |
signature.asc
Description: OpenPGP digital signature
[Prev in Thread] | Current Thread | [Next in Thread] |