
I still do not see what you are after, given the various rules regarding "temporary storage" that exists. Patrik On 20 maj 2011, at 18.06, Alessandro Vesely wrote:
Jim, you've pinned the crux of the matter.
On 20/May/11 13:46, Jim Reid wrote:
So far, no DPA appears to be demanding action about this issue or even saying that more formal consent processes are needed for mailing lists. I'd be inclined to wait until WP29 comes forward with a clear problem statement and set of requirements. Doing protocol development without these foundations is unlikely to produce anything useful: ie the IETF comes up with a solution to a different problem from the one that the DPAs care about.
More likely, there will be no "IETF solution" at all, because of lack of traction. On the one hand, the IETF consider they cannot compel protocols deployment. On the other hand, WP29 assume they cannot get down to protocol level details. How can we use both hands together?
It would be nice if a DPA could come to this WG to talk about this issue. After all the WG exists to facilitate this sort of industry-government dialogue.
Honestly, I didn't know about the Article 29 Working Party until you wrote about it. I've also been told about an International Working Group on Data Protection in Telecommunications (IWGDPT). I have no idea who exactly they are, and guess I'd just catch many headaches if I try to contact them directly.
It would be nice to find law-oriented participants in this WG, who feel like liaising the dialogue.
BTW, "industry-government" is not exact if this will result in a legally endorsed IETF solution implemented with free software.