hi, first of all: many thanks for all your work on dc18, before, during and after the event! On Fri, Aug 10, 2018 at 12:27:39PM +0800, Yao Wei wrote: > We are requested by National Chiao Tung University (NCTU) and National > Centre of High-performance Computing (NCHC) for the list of attendees > along with their nationality for applying fundings. NCTU also applies > government funds MEET TAIWAN [1] which they requires such information > for checking if our event matches their qualification for funding > (they requires more than certain number of foreign people attending > the event as one of the requirements). what is this 'certain number' exactly? 23? 100? 1000? 23%? 50%? please do not give out all / too many names until you know how many they require. > While giving such information to the government and university, even > the initial of the names, could be a violation of data protection law > such as GDPR. besides maybe violating laws, it also violates the privacy and/or privacy expections of (some) Debian people, without their consent. > If we don't give them such data, we will have to cover > at least 50,000 USD for the loss of the funds. Did you know when applying for the funds that they want names in return? If so, why didnt you tell this to the attendees in _advance_ and ask for their consent? If not, why not? -- cheers, Holger
Attachment:
signature.asc
Description: PGP signature