On Fri, 8 Jun 2018, Peter Backes wrote:
On Fri, Jun 08, 2018 at 12:42:54AM -0700, David Lang wrote:
Wrong, if you have to delete info, you are not allowed to keep a private
copy.
Yes you are allowed. See Art. 17 (3) lit e GDPR.
There is _nothing_ in the GDPR about publishing information,
everything in it is about what you are allowed to store privately, how you
are required to protect it (or more precisely, what you are required to do
if private data gets hacked), and how you are required to keep it available.
Nope, the GDPR is not at all restricted to private copies.
If the GDPR doesn't restrict private copies, then Google and Facebook are free
to keep all data about everyone. That is explicitly what the GDPR is trying to
prevent.
The GDPR has special jargon for publishing; the GDPR calls it
"disclosure (Art. 4 (2) GDPR) to an unspecified number of unspecified
recipients (Art. 4 (9) GDPR), including ones in third countries
(Chapter 5) in a repetitive (Art 49 (1) GDPR) fashion".
disclosure is what the person who submits the patch is doing, torturing the
language of the GDPR to say that hanging on to data that people want you to
delete is legal, and echoing public data that people have asked to be public is
not legal is not going to be a successful line of argument, it's the exact
opposite of the stated goals of the GDPR.
David Lang
