Difference between revisions of "GDPR"

From XMPP WIKI
Jump to navigation Jump to search
(Creation of page 'Research on the GDPR for XMPP and the XSF', first outlines)
 
m
Line 14: Line 14:
Collaboration with IETF was mentioned during previous board meeting that started this ad-hoc group. Who is working on it, (how) should we collaborate with them?
Collaboration with IETF was mentioned during previous board meeting that started this ad-hoc group. Who is working on it, (how) should we collaborate with them?


== Q1: What consequences does the GDPR has for the Jabber network, Jabber server operators and what can/should the XSF do with that? ==
== Q1: What consequences does the GDPR has for the XMPP network, XMPP server operators and what can/should the XSF do with that? ==


=== Q1.1: What consequences does the GDPR has for the Jabber network? ===
=== Q1.1: What consequences does the GDPR has for the XMPP network? ===


=== Q1.2: What consequences does the GDPR has for the Jabber network, Jabber server operators ===
=== Q1.2: What consequences does the GDPR has for the XMPP network, XMPP server operators ===


=== Q1.3: What can/should the XSF do with it? ===
=== Q1.3: What can/should the XSF do with it? ===


== Q2: What consequences does the GDPR has for the XSF run Jabber server? ==
== Q2: What consequences does the GDPR has for the XSF run XMPP server? ==


== Q3: What consequences does the GDPR has for the work processes of the XSF itself (membership, voting, wiki etc)? ==
== Q3: What consequences does the GDPR has for the work processes of the XSF itself (membership, voting, wiki etc)? ==

Revision as of 20:18, 28 March 2018

Introduction

On may the 25th of 2018 the new EU General Data Protection Regulation (GDPR) will be enforced. This page is a growing page, collecting the research done on the consequences of the GDPR for XMPP and the XSF. There are three fields where the GDPR probably will have an impact and that will be of concert to the XSF:

  1. The public (federating) XMPP network
  2. The XSF run XMPP server
  3. The functioning of the XSF, like the membership applications and the voting

Methodology

We decided to roughly follow the lines of the Data Protection Impact Assessment (DPIA) as mandated by the GDPR:

  1. Check if the GDPR is applicable (jurisdiction)
  2. List what data is processed
  3. List what processing is done
  4. List legal grounds for the processing
  5. Analyse possible consequences

Collaboration with IETF was mentioned during previous board meeting that started this ad-hoc group. Who is working on it, (how) should we collaborate with them?

Q1: What consequences does the GDPR has for the XMPP network, XMPP server operators and what can/should the XSF do with that?

Q1.1: What consequences does the GDPR has for the XMPP network?

Q1.2: What consequences does the GDPR has for the XMPP network, XMPP server operators

Q1.3: What can/should the XSF do with it?

Q2: What consequences does the GDPR has for the XSF run XMPP server?

Q3: What consequences does the GDPR has for the work processes of the XSF itself (membership, voting, wiki etc)?

ToDo's

  1. Link with IETF and other projects with similar issues.


Contributors:

Ge0rG, jonasw, pep., peter.waher & winfried