From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id ED4F7138334 for ; Wed, 20 Jun 2018 11:42:13 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 5FA8DE088B; Wed, 20 Jun 2018 11:42:12 +0000 (UTC) Received: from mail-pg0-f49.google.com (mail-pg0-f49.google.com [74.125.83.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 136F9E0877 for ; Wed, 20 Jun 2018 11:42:11 +0000 (UTC) Received: by mail-pg0-f49.google.com with SMTP id w8-v6so1372668pgp.7 for ; Wed, 20 Jun 2018 04:42:11 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=9joNUSVRZJwpYKThKTfgPhD9QLLeJNx8MmN0dXfAipg=; b=VFSqtZ59QII02+6bzoeobZbXZ3jn3Owfj4mpramANHWGF/iUq/Cl81/WxFaY7C2koT nBAYw4Q9x4/wnNb7bX/Q+OujC74Jg6JZnma+DOV+KLjLlBIKimVybNPtH4H458w0ckjf QQ6Cz1bdd+wsmQoyf0SF1nghV+9H4nhl4OOCtCP7g0AS2TaBL3fZ4+eyWdygiK6jsdpW 7XQGy6See/RwcWsl+vSzi8obM71mdGVl9bEfotKSWM1HMrutFsDp4aDXL6gjvPGUL0il hyPXfHgovDjgayz+7ZtP5zJn3xMlj8vNklmnvgmc1MD0USaHXqeesULx6Ed7Z2H/4Nck ie3Q== X-Gm-Message-State: APt69E0+QGT0+3GqN6u3IylPAv6ONku/+ZH2ozxoi9qkaxPsbLUPwND3 bqioYcXZN+KjE37Dv9xZcYGu5SR8Z4IIu6vw9D65ETZh X-Google-Smtp-Source: ADUXVKKJxKXPRvYXlwhiDRbMtWC9P2W9o1B7h+87NRPCBC8DMwKN5ejbe/Mhm95LY/OOq6QG6XUtRaO46EUdksf0CB0= X-Received: by 2002:a62:d97:: with SMTP id 23-v6mr22547828pfn.202.1529494930654; Wed, 20 Jun 2018 04:42:10 -0700 (PDT) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Project discussion list X-BeenThere: gentoo-project@lists.gentoo.org Reply-To: gentoo-project@lists.gentoo.org MIME-Version: 1.0 References: <1529482561.2506.17.camel@gentoo.org> <756a345e-0209-9643-c94f-1cf94321eb2a@gentoo.org> <1529483543.2506.23.camel@gentoo.org> <29af132e-824d-3be5-9d11-3c80880ce9be@gentoo.org> In-Reply-To: <29af132e-824d-3be5-9d11-3c80880ce9be@gentoo.org> From: Rich Freeman Date: Wed, 20 Jun 2018 07:41:59 -0400 Message-ID: Subject: Re: [gentoo-project] Date-of-birth in developer applications To: Kristian Fiskerstrand Cc: gentoo-project Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 70052e5d-9d16-4dde-8b75-7abb0ae0760e X-Archives-Hash: 7cf9a17a5176152e5b6f6dea214713d3 On Wed, Jun 20, 2018 at 7:12 AM Kristian Fiskerstrand wrot= e: > > On 06/20/2018 12:52 PM, Rich Freeman wrote: > > On Wed, Jun 20, 2018 at 4:32 AM Micha=C5=82 G=C3=B3rny wrote: > >> > >> Please tell me, how many times did we have to disambiguate two > >> developers using the same name? Even if we ever have to do that, do y= ou > >> really think we'd use one's birthday all over the place? > > > > Even if we've had two people from the same location with the same > > name, WHY would we ever have to use their date of birth to identify > > them? We already have their nicks which is what we use internally, > > and those are always unique. > > One morbid example would be someone getting a stone in the back of their > head, at which point the nick will likely not help much... But the > underlying need is likely to arise more due to other circumstances for > needing to contact, say a retired dev needs to provide evidence in a > copyright case and we need to track them down to get said statement. The "underlying need" is what I'm getting at. Do we REALLY need to track developers post-retirement? If we do, is DOB really the best way to do this? And what are we going to do when some retired developer asks us to forget about them? I don't think legally we need to go retract published info, but that DOB seems very much the sort of thing that would be risky to hold on to if somebody explicitly told us they don't want us to retain it. We'd probably need justification to do so. > > > > As far as I'm aware, under most privacy laws and policies I've seen, > > name+DOB is just as sensitive as a government ID number. If > > collecting the latter makes you recoil in horror, then you should be > > just as concerned about DOB collection. > > I'm not, but views of truestees might differ on that; we have reasons to > collect it, it is part of recruiting process known to developer, so the > legal matter wouldn't be on the collecting part but the storage part, > and here they differ quite a lot in practice (although it shouldn't as > even SSN is just a Primary Key in theory). WP has what appears to be a decent article, and it lists DOB as explictly personally-identifying: https://en.wikipedia.org/wiki/Personally_identifiable_information The US law explicitly lists DOB (cited there): Information which can be used to distinguish or trace an individual's identity, such as their name, social security number, biometric records, etc. alone, or when combined with other personal or identifying information which is linked or linkable to a specific individual, such as date and place of birth, mother=E2=80=99s maiden name, etc. It goes on to cite the EU: Article 2a: 'personal data' shall mean any information relating to an identified or identifiable natural person ('data subject'); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity; You brought up the scenario of tracking somebody down in the real world. It seems to me that if we actually collect enough info to be able to do this, then by definition we fall directly in the crosshairs of both. I'd start with the underlying issue: do we need to identify specific individuals and retain this identity? What exactly do we need (starting from zero), and what is the least amount of info we need to collect to get there? My understanding is that these are the basic principles of most modern privacy law, and if we stick to those we'll probably be fairly safe as these laws change (assuming we sufficiently protect the info we do need to collect). The principles cited in that article actually raise other thorny issues as well, such as name+location if the name is unique enough. I couldn't begin to tell you whether half of Oslo are named Fiskerstrand, or if you're the only one in the phone book. --=20 Rich