yakamo/keyserver-fs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added more info

Browse Source 
references to article 24,25,26
This commit is contained in:
yakamok 2018-07-15 16:37:17 +02:00 committed by GitHub
parent af328b8177
commit 3bbb95f87b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
GDPR.md
View File

@ -4,17 +4,21 @@ Anyone is welcome to contribute to this document as long as it is not baseless o
### All information here is taken from the GDPR its self. ### All information here is taken from the GDPR its self.
__Section 59__ highlights the requirements for those processing personal data to have mechanisms in place to allow them to comply with the GDPR. __Article24 (1)__ highlights the requirements for those processing personal data to have mechanisms in place to allow them to comply with the GDPR.
Currently no such mechanisms exist in current key-servers specificly the SKS key-servers.
(59) Modalities should be provided for facilitating the exercise of the data subject's rights under this Regulation, (59) Modalities should be provided for facilitating the exercise of the data subject's rights under this Regulation,
including mechanisms to request and, if applicable, obtain, free of charge, in particular, access to and rectification including mechanisms to request and, if applicable, obtain, free of charge, in particular, access to and rectification
or erasure of personal data and the exercise of the right to object. The controller should also provide means for or erasure of personal data and the exercise of the right to object. The controller should also provide means for
requests to be made electronically, especially where personal data are processed by electronic means. The requests to be made electronically, especially where personal data are processed by electronic means. The
controller should be obliged to respond to requests from the data subject without undue delay and at the latest controller should be obliged to respond to requests from the data subject without undue delay and at the latest
within one month and to give reasons where the controller does not intend to comply with any such requests. within one month and to give reasons where the controller does not intend to comply with any such requests.
__Article 25's__ title explaines every thing well (__Data protection by design and by default__)
I think __Article 26__ points out something interesting "Joint Controllers", i think technically since all key servers sync together with new subject data and their is a collaboration with most servers in one way or another. (1) - "They shall in a transparent manner determine their respective responsibilities for compliance with the obligations under this Regulation"
Currently no such mechanisms exist in current key-servers specificly the SKS key-servers.
__Article 17__ (Right to eraseure('right to be forgotten')) __Article 17__ (Right to eraseure('right to be forgotten'))
sections 1(b)/2 - the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or sections 1(b)/2 - the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or