[Bigbang-dev] Data sharing allowance

[Christoph Becker]

Hi all,
you might have noticed that here has been discussion on how we should share
the datasets we have collected of public mailing archives. Our data format
is quite different from how they are presented on GNU mailman or Listserv,
which creates certain points of concern we should not neglect.
I have been in contact with some people through the Prototype fund and have
obtained the following advise:

"""
Since you are dealing with "fully or partially automated processing of
personal data" (Art. 2 Para. 1 GDPR), you fall under the provisions of the
GDPR. Where you got the data from should be irrelevant for this point.
Since you have collected the data without the consent of the persons, Art.
14 GDPR (information obligation if the personal data was not collected from
the person concerned) could also be of interest. There are exceptions for
scientific purposes (Art. 89 GDPR), but here too you have to pay close
attention. Note that hashing mail addresses does not necessarily make the
data "less dangerous". It would be better to pseudonymized the whole thing.
My tip would be not to pass on any data, to refer to the scientific aspect
of the processing and to spend € 200-300 on legal advice.
"""

Through the Prototype fund we have the financial means to pay for legal
advise.
Please share your thoughts, comments, ideas.

Best Wishes,
Christoph


-- 
<><><><><><><><><><><><><><><><>
*Christoph Becker (he/him/his)*
*PostDoc at the*




*Institute for Biodiversity and Ecosystem Dynamics andInstitute for
Advanced StudyUniversity of AmsterdamP.O.Box 94248, NL - 1090 GE
AmsterdamThe Netherlandschristovis.github.io/
<https://christovis.github.io/>*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ghserv.net/pipermail/bigbang-dev/attachments/20210930/46d22b6a/attachment.htm>