l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2002 Sep 03 07:08

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] question: privacy policy
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] question: privacy policy

on Mon, Sep 02, 2002, andy wergedal (awerg@yahoo.com) wrote:
> --- Peter Jay Salzman <p@dirac.org> wrote:
> > hola lugod,
> > 
> > someone mentioned to me that it would be good to have a "privacy
> > policy" at www.lugod.org.  stuff like "we won't sell your email
> > address to a 10^23 addresses for 5 bucks" kind of thing.
> > 
> > my initial reaction is that we don't need one; if you can't trust a
> > LUG with personal info, who can you trust?
> > 
> > but i think the issue is important and warrants a discussion if
> > someone brings it up.
> > 
> > does anyone have an opinion on this issue one way or another?

I doubt we'll find anyone here with an opinion....

> Here is my .02 
> I believe that all LUG organizations should have a privacy policy that
> prohibits the distribution of the membership information in any form. 

...including in the form of email addresses as used on mailing lists or
in archives?  LUGoD also maintains a membership page with brief bios,
active date, email address, and photograph.  Meeting photos, with and
without identification, are also frequently posted.  All of these could
be seen as disseminating personal (if not private) information.  I've
certainly met people who might object, some quite strongly, to free
dissemination of such information.

I disagree strongly with your statement, Andy.

Posit:  blanket prohibitions on distribution of membership information,
whether incidental or deliberate (e.g.:  list of members...) is neither
feasible nor desirable.

I've seen several mailing lists over the past several years in which
individuals have sought, and in some cases achieved, sometimes through
legal actions, that information pertaining to them, including email
addresses, mailing list posts, and other materials, be removed.  At
times at considerable cost/time/effort to the organization hosting
services (the Exim mailing list is one such example, though I can't
track down a reference, something similar happened on the SVLUG mailing
list).  My own policy on any such list would seek to make sure that such
claims would have to be matched against an explicit prior approval,
payment of any associated costs, and a prophylactic banning of any users
who'd been known previously to have made such requests elsewhere.

> Each member (or participant) should seek out any and all publication
> of their own views and personal information. It is the organizations
> responsibility to protect the membership privacy.

This statement makes no sense to me, and makes a dangerous statement of
responsibility.  It also omits an apostrophe.

> In other organizations the Server that contains the LUG information
> (website, membership pages, email lists and archived email) could be
> owned by a non-lug organization.  This information could be subject to
> distribution based on the co-location and/or the hosting agreement.

This is true.  Such arrangements can become dicey when the
relationship(s) change.

> It is paramount that all organizations protect their membership and
> privacy.


Public participation in public forums posits tacit approval of
dissemination of both incidental and direct information.

The organization should act in good faith, and in both its members and
its own self interest.  It shouldn't abuse its members trust, but it
shouldn't promise, or be expected to provide, privacy protections which
are beyond its ability.

My suggested framework:

   - The LUG does collect certain information incidental to operation of
     certain features, including (but not limited to) mailing lists,
     meeting announcements, minutes, schedules, and news items.  This
     information is largely limited to name, email, and photos.
     Provision of this information is voluntary, but may be necessary to
     participate in certain LUG functions.  Participation indicates
     agreement to publicly disclose such information.

   - The LUG will not traffic directly in [commercial exchange of]
     personal information:  it will not sell membership information,
     mailing list subscribers, or other information of similar nature.
     There might be an exclusion for exchange with other LUGs or
     FS-related organizations such as LI, or there might be an explicit
     statement that this won't happen either.

   - The LUG provides an opportunity for members to _voluntarially_
     disclose information on a membership roster, including name, email
     address, active date(s), URL references, and a photo.   Provision
     of this information is wholly voluntary and is given as a service
     to members who wish to utilize it.

   - The LUG is an open organization.  Unless specifically noted
     otherwise, its activities, postings, publications, and rosters are
     public knowledge.  Participation in activities implies consent to
     written or visual recording of these events.  It might be useful to
     get a disclosure for publishing identifying photographs online...or
     this might be overkill.

   - The LUG maintains public archives of its website, mailing lists,
     and other organs, generally available online.   These archives
     themselves may be duplicated or archived elsewhere by well known or
     private parties (e.g.:  Google, your friendly neighborhood hacker,
     the Wayback Machine).

   - Any request to remove information from website, archives, mailing
     lists, etc., will be treated as an extraordinary request.  It will
     be subject to an hourly charge for the work involved, at a rate of
     $XX/hr, with a minimum of XX hours billable, to recover costs and
     expense.  [For the purposes of the group, this work might be
     contracted out rather than treated as revenue directly].

IANAL (but I play one on the 'Net), TINLA.


Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
   Support the EFF, they support you:  http://www.eff.org/

Attachment: pgp00000.pgp
Description: PGP signature

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!