On Thu, Jun 07, 2018 at 10:28:47PM +0100, Philip Oakley wrote: > Some of Peter's fine distinctions may be technically valid, but that does > not stop there being legal grounds. The proof of copyright is a legal > grounds. Again: The GDPR certainly allows you to keep a proof of copyright privately if you have it. However, it does not allow you to keep publishing it if someone exercises his right to be forgotten. There is simply no justification for publishing against the explicit will of the subject, except for the rare circumstances where there are overriding legitimate grounds for doing so. I hardly see those for the average author entry in your everyday git repo. Such a justification is extremely fragile. > Unfortunately once one gets into legal nitpicking the wording becomes > tortuous and helps no-one. That's not nitpicking. If what you say were true, the GDPR would be without any practical validity at all. > If one starts from an absolute "right to be forgotten" perspective one can > demand all evidence of wrong doing , or authority to do something, be > forgotten. The GDPR has the right to retain such evidence. Yes, but not to keep it published. > I'll try and comment where I see the distinctions to be. You're essentially repeating what you already said there. > Publishing (the meta data) is *distinct* from having it. Absolutely right. That is my point. > You either start off public and stay public, or you start off private and > stay there. Nope. The GDPR says you have to go from public to private if the subject wishes so and there are no overriding legitimate grounds. That is the entire purpose of the GDPR's right to be forgotten. Best wishes Peter -- Peter Backes, rtc@xxxxxxxxxxxxxxxxxxx
