[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Question to all candidates: GDPR compliance review

]] Jonathan Carter 

> So, I would appreciate it if the data protection team could look into
> all of the issues we know of in Debian, but I'd also like there to be
> a process where people can file issues with the data protection
> team. I'll admit I had to search a bit to find the data-protection
> email address, it doesn't seem to prominently feature anywhere on our
> website.

www.debian.org → Contact → privacy (not sure why the footer is missing
from the front page) and it's there, so while not _very_ prominently,
it's not very hidden either.

> But it would be great if it was clear that someone could file
> a bug with a tag, or whether they should use the data-protection
> alias, so that it's possible to file and keep track of data protection
> issues that need to be resolved.

This isn't the role of the data protection team, though, any more than
owner@bugs is responsible for fixing all the bugs in all the packages.
I'm quite happy to act as a redirector (as per the first part of the
delegation) as well as advising service owners.  I have below-zero
interest in auditing all our services and tracking everything relevant
to data privacy throughout Debian.

I can't speak for the other team members, but I have not seen them
express enthusiasm about this idea either.

Even if you got a team that would perform that tracking and auditing,
what good would it be?  They wouldn't be able to compel any service
owners to fix their service.

Tollef Fog Heen, for himself
UNIX is user friendly, it's just picky about who its friends are

Reply to: