Re: [Sks-devel] About deleting keys

[Johan van Selst]

Petru Ghita wrote:
> But I don't really think that such a legal action is possible and
> assuming it was possible that it would have any degree of success.
[..]
> To sum it up:
> - there is by architecture no intent on verifing nor identifying the
> information stored on the SKS network nor the author of the data.

It doesn't matter if the information is verified. Users are asked for
their name and email address, which is considered personal data
(according to EU definitions) and keyservers are processing and storing
this data. Thereby, keyserver operators are subjected to the data
protection laws. The validity of the data is not relevant, neither is
the intention of the operators (commercial or otherwise).

If national or international data protection laws give users the right
to have their personal data removed from servers, then it should be
possible for local keyserver operators to comply with that law.
Preferably without terminating their service.

The privacy and data protection regulations are not the only thing to
worry about. If people put Nazi slogans or death threats into UID
fields, or put child pornography into JPEG attachments, then there may
be other laws that can force keyserver operators to remove keys.

IMHO there is a clear demand for the option to remove certain keys -
or at least make them irretrievable locally. That some keyserver
operators are asking for the feature, should be reason enough to move on
to discussion of the technical aspects.


Regards,
Johan

pgpu9QlKWVYPr.pgp
Description: PGP signature