From: demerphq <demerphq@gmail.com>
To: "Randall S. Becker" <rsbecker@nexbridge.com>
Cc: Jason Pyeron <jpyeron@pdinc.us>, Git <git@vger.kernel.org>,
Matthew Horowitz <mhorowitz@pdinc.us>,
Jakub Trzebiatowski <cubuspl42.1@gmail.com>
Subject: Re: Is git compliant with GDPR?
Date: Fri, 3 Jul 2020 08:22:47 +0200 [thread overview]
Message-ID: <CANgJU+XM2Y-Dp5odRfSecqYeZQ+Ft0okvB6RNUs=hyAdJDJ-gw@mail.gmail.com> (raw)
In-Reply-To: <03df01d6508f$873cc320$95b64960$@nexbridge.com>
On Thu, 2 Jul 2020 at 18:42, Randall S. Becker <rsbecker@nexbridge.com> wrote:
> I am not speaking for the Git Foundation here, nor am I a lawyer; However, to use some practices from some of my customers who have this concern, the team members are directed to use tokenized names and email addresses that can be resolved by their security teams during an audit. Obviously the team members recognize the tokens so they know who is making what change. This means that externally, any names/emails that might get pushed upstream are non-identifying.
I think this is a really good point. I think git could make itself
much more GDPR friendly by having some support for this type of idea
built in.
Not sure how it could work, maybe some kind of object that can be
deleted after the fact which maps an identifier used for the author
with name and email. If that name and email change the object can be
updated, and if there is a need to "forget" the author, the object can
be deleted. The object would not be shared on clone, so it would stay
private to the repo that held it.
I guess you can argue that this isnt git's problem. But at a corporate
level, it will be seen as git's fault regardless if it cause a big
disruption. It could/would also be a reason that european companies
might decide not to use git.
cheers,
Yves
--
perl -Mre=debug -e "/just|another|perl|hacker/"
next prev parent reply other threads:[~2020-07-03 6:23 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-02 15:58 Is git compliant with GDPR? Jakub Trzebiatowski
2020-07-02 16:28 ` Jason Pyeron
2020-07-02 16:40 ` Randall S. Becker
2020-07-03 6:22 ` demerphq [this message]
2020-07-03 13:52 ` Randall S. Becker
2020-07-02 17:06 ` Jakub Trzebiatowski
2020-07-02 18:38 ` Paul Smith
2020-07-02 19:25 ` Jason Pyeron
2020-07-03 6:29 ` demerphq
2020-07-02 18:47 ` Jason Pyeron
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CANgJU+XM2Y-Dp5odRfSecqYeZQ+Ft0okvB6RNUs=hyAdJDJ-gw@mail.gmail.com' \
--to=demerphq@gmail.com \
--cc=cubuspl42.1@gmail.com \
--cc=git@vger.kernel.org \
--cc=jpyeron@pdinc.us \
--cc=mhorowitz@pdinc.us \
--cc=rsbecker@nexbridge.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).