-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Paul
On Saturday 6 March 2010 at 8:55:48 AM, you wrote: > On Sat, 27 Feb 2010 03:52:02 +0000 MFPA wrote: >> > (b) the person owns the information has the right to >> > control how it is disseminated, and This was someone's re-interpretation of my point. Spot the extra ">"? The concept of *owning* your personal information makes little sense. For example, there may be many organisations with copies of your personal information in their databases. They each own their respective databases. In a lot of countries, there are legal measures in place to control what they are allowed to do with your personal information. In most European countries, they will only be allowed to use the information for the purpose for which you were told it would be used, can only keep it as long as reasonably required for that purpose, must not disclose it to third parties (except as allowed in the T&Cs covering your relationship, or allowed or required by law), must allow you to see what info they hold (fee usually payable - here it is "up to" 10 GBP), must allow you to correct the info, ... I have posted several relevant links in my message that yours was a reply to. >> >> The data subject does have various rights concerning the personal >> information that is about him. > Hello MFPA, > How far do the "rights" of the key holder go? Exactly as far as everything else that would fall under the basic right to privacy (described in Article 8 of the European Convention of Human Rights as "the right to respect for private and family life"). The OECD's "Guidelines on the Protection of Privacy and Transborder Flows of Personal Data" is a slightly more international view. http://www.oecd.org/document/20/0,3343,en_2649_34255_15589524_1_1_1_1,00.html The use, storage or dissemination of personal information is the subject of specific laws in many places, as mentioned above and linked from earlier in the thread. I'm referring to the personal information that is often present in key UIDs. Others may wish to extend similar discussion to cover the key ID/fingerprint, which I view as problematic. The key ID/fingerprint is not personal information in and of itself. But if the key is on a server, the de facto standard for key UIDs leads to, in most cases, personal information being revealed to anybody in possession of the key ID. > You say that the key's originator should control the dissemination > of the key to the keyserver, (I would point out that other opinions are available and have been shared in this thread. Also, the conditional "should" is important since anybody in possession of the key has the *ability* to upload it whether they "should" or not.) I say that if the key's originator does not disseminate said key to said keyserver, nobody else is in a legitimate position to make that decision on their behalf. If the originator actively *wanted* their key to be on that server (or network of servers), they would probably have uploaded it there. The originator may have been unaware of that server's existence. They may simply have taken no action regarding keyservers. They may have considered a particular keyserver (or network) and made a decision that they did not want their key on it. They may not want their key on any keyserver. The point is, without referring to the key originator, a third party cannot know their intentions and should not have the arrogance to presume. The OpenPGP standard and GnuPG can both be seen to concede that the key originator could have some say in the matter: the "keyserver-no-modify" flag was defined quite a while ago in RFC 2440 as meaning "the key holder requests that this key only be modified or updated by the key holder or an administrator of the key server," and has long been set by default in GnuPG. Unfortunately, I don't see evidence that any keyservers honour this flag. > but what about from the keyserver? Isn't the keyserver unwittingly > sharing the key without the originator's permission? Difficult to answer. Say, for example, I was to print out your photograph, name, address, phone number, etc. and display it on a public noticeboard in the church. Would you consider that the noticeboard was unwittingly sharing your personal information without permission? Or am I solely at fault? Or does the church share some blame? > And if the keyserver should control dissemination, what are the > limits of the originator's "rights"? I don't believe the keyservers should restrict dissemination of keys once they are admitted to the server. I believe servers should perform some sort of originator-verification before listing fresh or updated keys with the keyserver-no-modify flag set (including where set on the existing but not the updated copy). Where keyservers synchronise, there would need to be a way of passing on the originator-verification result along with the updated key. If a user makes the conscious decision to allow indiscriminate publishing/updating of their key, unsetting the keyserver-no-modify flag should achieve this. If they already uploaded it to the servers with that flag set, they would need to pass the originator-verification one last time to propagate the change. > If the originator does have "rights" to control copying and sharing, are > there any "fair use rights" for the person who has a copy of the public > key? Should these "rights" of the originator be enforced by some > governing body, or should they be merely courtesy or suggestion? I am not advocating anything remotely equivalent to copyright provisions, just protection of personal information. As with all other situations where you give somebody your personal information, it depends on the circumstances. In the context of family/friends/casual acquaintances, we are simply talking about trust, courtesy, honour, etc. In the case of a business relationship where the individual provides personal information for a particular purpose, the standard privacy/data protection laws apply in addition. Note again that I am talking about the personal information attached to the key, not the key itself. This could all be avoided if an option were available to create UIDs which revealed no personal information, but which still enabled somebody who knew your email address to retrieve your key from a server. See http://www.hauke-laging.de/ideen/gpg-hash/index_1_1.en.html and http://marc.info/?t=125471254900001&r=1&w=2 and http://www.imc.org/ietf-openpgp/mail-archive/msg36986.html - -- Best regards MFPA mailto:expires2...@ymail.com He's an environmentalist - his arguments are 100% recycled -----BEGIN PGP SIGNATURE----- iQCVAwUBS5KED6ipC46tDG5pAQqZjAP+PU7zpnqvLWsYc+ahAN9PD2xMzuD+YI/P 4Sps6E03iiZoA7rE4UV5IkFE/OOCQ27oFPIhbnem8aywpJlCE2wfuHDhLsFT7JP+ Zmyo1mMOm0Cgm62KKoheXRfD5cjx9+18N7NUKWHmHsXkxaUewXTsqpHBG14zbuMs XTCXEYWl2Ig= =6hSm -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
