On Tue, 28 Jan 2020 at 00:43, Benjamin TERRIER <[email protected]> wrote: > > > > On Mon, 27 Jan 2020 at 23:23, Ville Voutilainen <[email protected]> > wrote: >> >> >> Correct. Necessary for specific purpose seems to be what article 5 >> requires, and then you get explicit consent for that >> specific purpose, and GDPR's articles 5 and 6 are covered (of course >> the rest of article 5's requirements need to be covered). >> You're not necessarily going to like that specific purpose (or the >> outcome of all this, including the consent query), >> but GDPR requirements don't seem too difficult to fulfil, and there's >> nothing particular in the new offering that would >> instantly and obviously go even close to violating GDPR, based on my >> layman reading of it. I don't think GDPR >> will change the course of the offering, so if you want to change that >> course, I think you need a different avenue >> of argumentation. > > > Well it depends on how you interpret the GDPR, a strict interpretation is > that since The Qt Company does > not technically needs email addresses to distribute binary packages, > requiring users' email addresses > does violates the GDPR. > > A loose interpretation is that The Qt Company does require the email > addresses for its business model and it is enough to > be GDPR compliant. > > I guess we will not know which is the correct one until there is a trial with > a ruling of the CJEU. > Until then I do not see the GDPR changi any company business model and > offering.
Article 5 doesn't say "technically". I did read it, and I think your interpretation, and description of what is strict and what is loose, is highly subjective. _______________________________________________ Development mailing list [email protected] https://lists.qt-project.org/listinfo/development
