Re: Question to all candidates: GDPR compliance review

To: debian-vote <debian-vote@lists.debian.org>
Cc: Adrian Bunk <bunk@debian.org>
Subject: Re: Question to all candidates: GDPR compliance review
From: Felix Lechner <felix.lechner@lease-up.com>
Date: Thu, 31 Mar 2022 14:52:50 -0700
Message-id: <[🔎] CAFHYt55iAS+9MTXJ=eQYW2vieOLA3YHDnoNusZkady65e-BYZQ@mail.gmail.com>
In-reply-to: <[🔎] 20220331200841.GE7660@localhost>
References: <[🔎] 20220331200841.GE7660@localhost>

Hi Adrian,

On Thu, Mar 31, 2022 at 1:24 PM Adrian Bunk <bunk@debian.org> wrote:
>
> The discussion starting in [1] is about privacy in Debian with a focus
> on the GDPR of the European Union.
>
> There seems to be a general agreement that privacy in Debian falls
> short of the legal minimum requirements at least in the EU.
>
> Even the exact scope of the problem is not clear.
>
> Question to all candidates:
>
> If elected, will you ask our Data Protection team and our GDPR lawyer to
> jointly do a review of all handling of personal data in Debian regarding
> GDPR compliance, and make the results of the review available to all
> developers?

Yes.

The release of any findings may be redacted, or may be a summary.
Recipients may be required to sign a confidentiality agreement coupled
with an indemnity in the event of a breach, and a release of claims,
or both.

In all cases, I reserve the right to act on the advice of counsel—but
with an explanation to you.

I will treat you the same way that I would wish to be treated if our
roles were reversed. I am committed to transparency when possible.

Kind regards,
Felix Lechner

Reply to:

References:
- Question to all candidates: GDPR compliance review
  - From: Adrian Bunk <bunk@debian.org>

Prev by Date: Question to all candidates: GDPR compliance review
Previous by thread: Question to all candidates: GDPR compliance review
Index(es):
- Date
- Thread