Because I am a little fed up with these dreary GDPR requests for
removing stuff from our list archives (which is not easy), I took a
closer look at the GDPR wrt email archiving.
Take a look at chapter 2, article 5, section 1, paragraph (b) of the
Personal data shall be:
- processed lawfully, fairly and in a transparent manner in relation to
the data subject (‘lawfulness, fairness and transparency’);
collected for specified, explicit and legitimate purposes and not
further processed in a manner that is incompatible with those purposes;
further processing for archiving purposes in the public interest,
scientific or historical research purposes or statistical purposes
shall, in accordance with Article 89(1), not be considered to be
incompatible with the initial purposes (‘purpose limitation’);
In my layman's view, our mailing list archives are in full compliance
with the above, specifically the last sentence beginning "further
processing for archiving purposes in the public interest ..."
I don't know if we have an issue of "pseudonymisation" for "data
minimisation" purposes, which I guess could mean replacing a name
with "GDPR redacted". I just have trouble seeing how my name in a text
is an example of keeping my "personal data".
Per Jessen, Zürich (0.6°C)
Member, openSUSE Heroes