Andreas Tille, a Debian Project Leader, recently sent an unexpected message to the Debian mailing lists, announcing that the project is urgently seeking new volunteers to rebuild its Data Protection Team after all current members stepped down, leaving the project without a dedicated group to handle privacy and data protection matters.
The Data Protection Team was established in 2018 in response to new European data protection legislation. Its role has been to act as a point of contact for external inquiries about what personal data the project holds and to advise Debian contributors on data protection obligations.
Additionally, the team was also responsible for drafting Debian’s public privacy policy and coordinating responses to data access and privacy-related requests.
Coincidence or not, all three team members have now resigned simultaneously. So, Tille formally revoked their delegation and thanked them for their work over the past years. With their departure, the team currently has no active members.
“The fact that all team members have stepped back at the same time should
make it clear that we urgently need new volunteers to fulfil this role.”
According to the message, despite a constructive discussion on the topic during the most recent DebConf, no new volunteers came forward. As a result, the Debian Project Leader is temporarily handling all data protection inquiries, adding to an already heavy workload.
So, Debian is now calling on contributors with an interest in privacy and data protection to step in. Potential volunteers would be expected to help maintain and improve the existing privacy policy and to work with Debian teams that process personal data, improving workflows for handling data protection requests.
The project has stressed that restoring a functioning Data Protection Team is urgent, both to meet legal obligations and to ensure that privacy-related inquiries are handled in a timely and sustainable manner.
For more information, see Tille’s message on Debian’s mailing list.
Spend 6 months to train up a few AI agents to do the same job the three guys did. You cant spin up a human in seconds but an AI can spin up in seconds, clone the AI, back it up, shout at it, reboot it, rebuild it, upgrade it etc.
STOP YOUR NONSENSE
This is an important issue for a major open source project like Debian. Losing the entire Data Protection Team at once shows how challenging and demanding privacy related work can be especially when handled by volunteers. It is good to see the project leader stepping in temporarily but this clearly is not a long term solution. Data protection is more critical than ever and Debian needs dedicated contributors to manage policies and user requests properly. Hopefully privacy focused community members will come forward to support this role. Debian has always valued transparency and responsibility so rebuilding this team should be a priority for the projects future and user trust.
BUT, all three resign at once? There’s a story to be told there.
Maybe it has something to do with Debian Foundation being stationed in the US, which the country is allowing their dictator to steam roll over rights and invading other sovereign nations. Debian should transfer operation over to Europe instead.
Sir this is a linux blog not a political one.
Further, Europe is currently being taken over by 3rd worlders, not the best place for a company either.
JamesW does not understand this group of contributors what they seek is for GDPR.
So it is obvious it should be European.
3rd worlders? You need to swich Fox based channels into another.
Jog on, you racist clown.
lol, good one
For instance, they have to collect some data according to each country’s law, even if they do not have any usage themselves.
Like phone operator they have a time frame and specific rules forcing them to collect and store some data.
what data? I have no idea what data they would even collect? I do not know of any laws that require debian to collect ip address or any other data on people and a lot of linux users only use linux to not share data.
See my responde to Phill for an example of collected data.
what data is debian even collecting that would require a team of volunteers to comply with laws? They should vow to collect no data on any users and there would not be much required of them. I would never provide debian or any other distro any of my personal info.
There’s voluntary data that users can opt to send, like the popularity contest for instance.
You have to install and enable the popcon package though, so it’s very opt-in.
This is simply an obligation in response to laws, collecting data or not, everyone needs them. There is no need to make a mountain out of a molehill.
Laws are laws, to expect Debian to break the law is not realistic.