Re: [Sks-devel] Keyservers and GDPR

[Jim Popovitch]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Mon, 2019-05-27 at 14:28 +0100, Andrew Gallagher wrote:
> On 27/05/2019 12:47, deloptes wrote:
> > it is a matter of an agreement between the person and the authority
> > hosting the information of the public key
> 
> This is the problem though: there is no single identifiable authority
> (data controller in GDPR jargon) with whom to make such an agreement.
> Keyservers are distributed not just operationally and geographically,
> but also legally. Furthermore, it is not always the data owner who
> uploads it to the keyserver network, so neither party to the GDPR
> consent model need be present during the transaction, or need even exist.

Is that a binding legal opinion or a personal one?  I ask, because in
the USA (and presumably most western countries) there need not be a
single identifiable entity necessary to bring suit. Doe subpoenas and
multi-party lawsuits are real things.

- -Jim P.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEECPbAhaBWEfiXj/kxdRlcPb헹ᐔॳ꾩ꀀ⠤䇔数
fkX8ORAAmWG9BMllnQdBCaxZ7rbauKtcnM2WAuIZwyQCF0y1IfPMIuO4IjcfFBZj
B/dvzDNdXZho/7ugDTSA7Ilل殫ᮼ펾쮪⿋䀩䨷�元뜿䕯
d/PJz두걢㠱뇞뀹꜄粈ᰴ䀪㎗䉝쿋�빤ᓘ뷲̆抆楹츁
TzcchQ6ZMYyoDxrSP6TCdN瀑䍮壾慵�媓울⽆习⻎컲◪衴蕩
1YcFrgmJ0h8CD5dGoJAfxkWVyyLSDrAfKhkRhWGKIUKP7tCqQWgA4x9ojB濱
kGtXqeCtMNiA㟏籞㑈㖰瑻ぞ嚕⮯땑먣᪘떰䐒끕ꅐ⴪
BKtb/JFszauaMumDuMSMn33Tp8HIQmjxCG91bsIw1sl1TAEYjIMjRwRPHy9fwTys
67S7L1tzGsyL68YN1EZ9tEbUZgDtmji7NsHb5HLaei4E9Kn3k6j9FOilze1w/8D3
w4ioVbwl/EHlDCN4LYm8faVT3negT0nAqC4Tw3MlP6R5Wtu㸃⥺⣳辬
6YESgVmXf8B88KGF72BHcsIwZLmjyᜳ㤜믆磖ﰭ䘨ᵚ鶼⦝ᘧ푘
AdKYb2PpsVumbsdkdSP224vYAK2p/Qw0qcJGt6hTSqxuiJUsIJE=
=xrBX
-----END PGP SIGNATURE-----