It would be easier to defend @linuxfoundation from new criticism over one unsurprising finding, out of 12 findings, in their report on their 2024 World Open Innovation Conference session Pathways to Open Data, if it were not the 3rd thing ever posted from that report and if some of the report & other posts were not boosting corporate "AI".
But for the record #DataProtection is essential and #OpenData is a public good, they are not incompatible, but bogus privacy concerns do hinder data sharing.
The report is at https://www.linuxfoundation.org/hubfs/LF%20Research/WOIC_ChallengeSession2024_Report_032525.pdf?hsLang=en and the finding that caused consternation is "Data privacy concerns stem from compliance with regulations such as GDPR, which create
a climate of risk aversion".
The section informing that finding summarized what participants in the session said, which included concerns about GDPR use and misuse to deny requests to open up datasets.
It quoted a participant saying that "instead of using GDPR for its intended purpose, they just have made everybody scared for what it could do. The first five years, GDPR was only used to kill stuff, whereas, in fact, GDPR allows tons of stuff. There's no issue. But most people who don't know what you can do with it, they just go to this very safe side and say, you can't do anything anymore."
The report did not clarify the "they" or in general add much to what people said at the session.
The framing the report and the criticisms of the post about it are really missing is this:
Data protection in general and #GDPR in particular requires stating a reason for collecting data, and getting consent for that reason, prior to collecting it.
Done right, this prevents data from sitting around where it gets breached, from being used for unaccountable surveillance, from being sold and stored indefinitely. It does not prevent sharing data responsibly collected, esp with open uses in mind.
A space for Bonfire maintainers and contributors to communicate
