[Osmf-talk] GDPR introduction
Robert Kaiser
kairo at kairo.at
Thu Apr 26 20:27:33 UTC 2018
Andrew Harvey schrieb:
> The OSMF mission statement includes "protecting the OSM database, and
> making it available to all". Usernames and timestamps of edits are an
> important part of the OSM database, ensuring OSM is truly is an open and
> transparent about the edits that have taken place and when and where these
> came from. I feel it's the OSMF's role to do everything possible to
> continue to make the OSM database available to all and not redact part of
> that database from the public feeds/dumps.
I fully agree with you, but EU law (which BTW in this specific case of
the GDPR, the UK has said to adhere to even with Brexit) disagrees with
us. By that law that anyone involved with EU countries or residents need
to follow, people can retract the right to use any personally
identifiable information of them and that data has to be actually
deleted (not just hidden) - which includes things like nicknames, IP
addresses, locations and more. Even seeing that a certain person
identified by an ID or similar moniker has edited a specified set of
locations at specified times is probably unlawful if that person
retracted their consent to use their data. For the OSM database this is
certainly problematic but solvable. For things like Git repos (or
blockchains, which OSM doesn't operate), this can be really tough.
Cheers,
KaiRo
More information about the osmf-talk
mailing list