- Case Number: a20090328.1
- Status: closed
- Respondents: CAcert
- Case Manager: TBA
- former Case Manager: Alejandro Mery
- Arbitrator: TBA
- former Arbitrator: Philipp Dunkel
- Complaint: Assurer wants his account deleted
150 points assurer who has issued 315 points to 25 people wants his account deleted.
- Relief: XXX/None
- Date of arbitration: 2009-04-20
A: In the original request for deletion the Claimant explicitly agreed to arbitration.
A: An E-Mail was sent with the following content:
Dear <Anonymous>, First off, I wish to apologise for the long delay. This arbitration got lost in the shuffle. May I inquire your motivation to leave CAcert? I will attempt to make this an efficient process from now on. Kind regards, Philipp Dunkel (Arbitrator)
C: sent an E-Mail with the following points:
- Reason for leaving is the way CAcert handles Security and Disclosure
- Request for anomysation of the case-file
A: I issue the following preliminary ruling:
The claimant has a legitimate interest in his privacy and the privacy of his data. The claimant has requested that the case-file be anonymised. There is no overriding interest of the community to have direct access to this data in this case. Therefore I rule that the case-file is anonymised.
- Assurances done by the claimant
- Possible Certificates created by the claimant
- Possible signatures (et al.) made with certificates created by the claimant
Point 1 affects the assurer network. There may be future disputes in regards to these assurances. Points 2 and 3 may have caused others to rely on certificates or signatures made by these certificates that may be cause for a dispute in the future.
In order to give their due to both legitimate interests a balance has to be found. Removing the account itself does not appear practical since that would severely impede the interests of the community. However since the interest of the claimant is only in his privacy, all fields in the database that contain personal information (names, emails, date-of-birth) could be filled with an anonymised value to hide the persons identity. Since the identity of the claimant is known to the arbitrator any future arbitration could gain access to that information if requested by an arbitrator and if and only if found necessary. The claimant has done assurances and is obliged to retain the CAP forms of those assurances. However as the claimant is leaving the community, he should no longer hold these forms. These forms need to be retained somehow. So an alternative person needs to be appointed to do so. As the arbitrator already holds the personal information of the claimant, having him also retain these CAP forms may seem appropriate. In this way the anonymity of the claimant can be obtained and his privacy interests observed as no identifiable data of his is held in any automated system. At the same time the interests of the community can be maintained if the arbitrator hold that information and the CAP forms in a secure manner.
After due consideration I issue the following ruling :
- A snapshot of the account information shall be taken and printed on paper.
- All certificates of the claimant shall be revoked.
- The account of the claimant shall be anonymised by doing the following:
- Setting the date of birth to 1970-01-01
- Setting all Name fields to a20090328.1
- Removing all domains
- Removing all secondary email addresses
Setting the primary email address to firstname.lastname@example.org
- Setting all other fields containing any identifiable information to a20090328.1
- The claimant shall send all CAP forms in his possession to the arbitrator
- The arbitrator shall print this case-file to paper
- The arbitrator shall put the print-out of this case-file, the print-out of the account status as well as the CAP forms into an opaque envelope and seal that envelope.
- The arbitrator shall designate that envelope with the arbitration number and retain this envelope for 7 years, after which time it shall be destroyed.
This ruling may be used as a precedent for all similar cases where an assurer wishes to remove his account.
a20090618.3 uses this case as a precedent and gives some clarifications about data retention.
- 20090706 - Sent reminder mail to the Claimant as no CAP forms have been received yet.
- 2009-11-13 (A): sabbatical as board member
- 2010-01-31 - Wiki Errors prevented closing this case. In substance it has been closed for months