[GNC-dev] GDPR and gnucash as a project

Wm wm_o_o_o at yahoo.co.uk
Wed May 23 17:51:16 EDT 2018

On 22/05/2018 18:14, Geert Janssens wrote:
> Op dinsdag 22 mei 2018 16:36:47 CEST schreef David T.:
>> Geert,
>> I am not fluent with the issues of the GDPR, but I have had a lifetime of
>> considering intellectual property issues (as a librarian). Personal
>> contributions of ideas, thoughts, or intellectual content are IMHO NOT
>> personal data, even when signed by an individual’s name*.
>> Those would fall
>> under intellectual property/copyright rules rather than personal data.
>> It is my understanding also that use of GPL addresses the question of IP
>> rights in code and documentation; if a user contributes to the GC project
>> in these areas, they do so with this release understood.
> I had given this some more thought as well. And I agree that our code and
> documentation licenses handle this.
> Because of these licenses I see a code/documentation contribution as happening
> under a contract. So the GDPR doesn't apply there as far as I'm concerned.
> Or put differently in my own simplified words: our code is regulated by
> copyright law. In order to be able to assert copyright (even in copyleft form)
> the author of the protected work must be known. So if someone contributes a
> patch that person must be identified together with the patch or copyright
> can't work. So "the right to be forgotten" doesn't apply due to the legal
> framework in which the personal data (user's name/email) is used.

that is how most of our software works, a person gives it freely

we have had a number of people offer paid contributions but so far as I 
remember we have always refused them

>> It is also my
>> understanding that unless someone explicitly states otherwise, their
>> posting of information in a public place (such as a website, wiki, mailing
>> list, etc.) would constitute permission to release that information
>> generally.
> Sounds reasonable to me. Though we may be required to mention this more
> explicitly in various places.

Yes, we might need to tighten up the guidelines but we are a tiny 
project compared to wikipedia, let's see what they do first.

>> * - I would be extremely surprised to find that a user’s name, in and of
>> itself, would constitute protected personal information.
> That does sound reasonable to me as well.

A name is not protected.


More information about the gnucash-devel mailing list