[License-discuss] For Public Comment: The Cryptographic Autonomy License

John Cowan cowan at ccil.org
Tue Mar 19 16:06:46 UTC 2019

On Tue, Mar 19, 2019 at 10:47 AM VanL <van.lindberg at gmail.com> wrote:

On Mon, Mar 18, 2019 at 12:47 PM Henrik Ingo <henrik.ingo at avoinelama.fi>
> wrote:
> This is not at all the case. Say you received this software, and use it to
>> keep a log of correspondence you've had with me. YOUR log is now MY
>> personal data/user data, and under GDPR I have a right to receive a copy of
>> it. Yet, I have never been anywhere close to the software, so I am not a
>> recipient or user of it.
> This is incorrect, because you are not a (cap-R) Recipient. Per the
> current clause 2.3:

It doesn't happen to be true under the GDPR either. Recital (i.e. official
opinion) 62 (online at <https://gdpr-info.eu/recitals/no-62/>) says that
the processor need not provide information that the data subject already
has.  You already know the contents and metadata of any correspondence
between you and me (or if you don't, it's certainly not my fault), so
either of us can log it without being required to provide the log to the
other one.

As always, IANAL and TINLA.

John Cowan          http://vrici.lojban.org/~cowan        cowan at ccil.org
Ambassador Trentino: I've said enough. I'm a man of few words.
Rufus T. Firefly: I'm a man of one word: scram!    --Duck Soup
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-discuss_lists.opensource.org/attachments/20190319/714b2a37/attachment.html>

More information about the License-discuss mailing list