[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: anonymify a PGP key legally correctly // Re: ... GDPR takedown reque
|
From: |
Gabor Kiss |
|
Subject: |
Re: anonymify a PGP key legally correctly // Re: ... GDPR takedown request |
|
Date: |
Wed, 15 Jun 2022 13:42:58 +0200 (CEST) |
|
User-agent: |
Alpine 2.11 (DEB 23 2013-08-11) |
On Wed, 15 Jun 2022, Steffen Kaiser wrote:
> The problem is that the entity processing the data (e.g. stores them) is
> responsible for deletion the possbility to connect the data to a person.
> Actually, I don't know in which way one has to prove the act *legally*
> (aka to be accepted in court); but one is responsible to make the data
> unable to be connected to a person. IMHO it would be enough to strip any
Ths question is: which person?
Several peoples may have identical name.
At least 3 different "Gabor Kiss"-es uploaded their keys to the key servers.
Assuming one of them wants to delete all "Gabor Kiss" keys, should I
remove even the mines? This is absurd.
I think if someone cannot show any evidence - aside the matching name -
about the key or e-mail address belongs to him/her then the record
cannot be connected to him/her. The case can be regarded as
attempt of identity theft.
> person-identifying information (the uid's alone ??) from a PGP key.
This is impossible. The record will be corrupted. On the other hand
a public key without personal information is useless.
> To delete the data is just one way to make it un-connectable.
No. This is the only way.
There is no problem with this unless somebody tries to delete
other peoples' keys.
Gabor