John C Klensin wrote: > > I strongly encourage the > IASA to avoid ever holding an IETF meeting in Germany again > without first obtaining appropriate legal advice that it is > acceptable given our existing conditions to record the names and > identities of anyone participating in any IETF activity, That does _not_ require a photo. > > whether they are explicitly sign something, > are photographed, are identified by RFID, Keep in mind that if it isn't _voluntary_ consent, it will be legally void, even with a signature on it. > > have their names written down after they say something at a microphone > or on Jabber, raise their hands (presumably in the expectation of being > identified), or can be identified in some other way. What is wrong about simply archiving the information that participants are providing voluntarily, such as it has been the last 20 years? In Germany, an employer is not entitled to have and use a photo or picture of an employee without explicit, voluntary and anytime revocable consent of that employee (with very few and very narrow exceptions carefully scoped by the legislator). Writing something to a different effect into the employment contract will be legally void, because the consent to use the picture MUST be voluntary and anytime revocable. > > Of course, an acceptable alternative to "no meetings in Germany > or any other country with the rules you suggest apply" would be > explicit permission on registration forms as a condition of > attendance. Or, presumably, a Chair could make an announcement > that anyone who continues to sit in a particular room is giving > permission for such identification. Please do not confuse any necessity to identify an originator of a contribution (which is where data protection laws would apply) and the personal privacy rights of individuals about photos&portraits of themselves. -Martin