Russ Allbery <[EMAIL PROTECTED]> writes: > Thomas Bushnell BSG <[EMAIL PROTECTED]> writes: > >> I understand why it must be optional, but I'm unclear why that means >> that the default must be opt-in. Can you explain? > >> We are talking about Debian Developers, who are supposed to read their >> email. We can easily give people fair warning, and then make the >> change. > > Would not changing a privacy policy in that fashion with only opt-out > notification be illegal in countries with real privacy laws? I know I > personally would consider it akin to the sorts of games that commercial > companies play with my personal information.
I suppose this is what I mean by "we are talking about Debian Developers". We're not keeping personal information on customers, or people with a peripheral relationship; these are *members* of the organization. I don't know what I think about it, but the question of whether it violates a law is not the question that Ted was raising. If we don't know of actual laws that control, then that isn't the thing that's in play here. Also, the opt-out procedure is not like they have to opt-out of the organization entirely. Still, I tend to think that the reasons for making it public are pretty weak, so I'm not so much in favor of that at all, if the alternative is developers' ceasing to give the information as the only way of keeping it private. But that's a separate question from whether it should be opt-in or opt-out once a decision to change it is made. Thomas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
