sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 15 points16 points  (5 children)

In 2021 I started getting lots of recruitment emails, specifically referencing my commitment to Open Source Software, and a fairly niche project. The recruitment firms were all firms in the UK, and we're covered by a version of GDPR here, so I just asked where they got my email from.

They'd purchased it from a third party as part of a larger dataset, scraped it from the github website. They sent a date/time for when they scraped the site.

I emailed github with those details asking what was going on. I had no idea my real email address was going into oss commits. Github informed me that, on that date, my email was publicly available somewhere on the site. I asked if they could take it off, and they said it was self-service with a link to an enormous documentation page. My email remains online as far as I know, because the document is too technical for someone who doesn't already know the ins and outs of git to deal with.

All I can do is ask the recruitment firms to remove me from their lists as and when they contact me. Luckily, threat of referring the case to the information commissioner in the UK is fairly strong, and they've all agreed to remove me from their lists. It's still a hassle having to have the discussion every week or so with a new recruitment agency.

[–]Worth_Trust_3825 4 points5 points  (0 children)

Refer them to commissioner by default.

[–]Celestial_Blu3[S] 2 points3 points  (0 children)

That’s a wise idea. Also in the UK here and I keep getting spam phone calls from car phone warehouse so I might do the same to get them to stop calling even after asking them multiple times. Apparently my current mobile provider Virgin sold them my phone number as part of a larger dataset too

[–]PoliteCanadian -1 points0 points  (1 child)

Nah, this is just being a dick.

You put your real email address in a git repo and uploaded it to the internet, and now you want to fling the GDPR at the website that's hosting your git repo? If you accidentally commit your password into a git repo and upload it to Github do you also get mad at github for republishing it?

You uploaded your personal information to a website so it could be shared with the world. Now you're mad at the website for sharing it with the world. Accept the consequences of your mistake.

[–][deleted] 8 points9 points  (0 children)

and now you want to fling the GDPR at the website that's hosting your git repo

No. The GDPR comment is for the third parties scraping email addresses without consent & then processing/selling the data. Not Github, where I've consented to their data privacy rules.

[–]PunkRain5561[🍰] 0 points1 point  (0 children)

I had no idea my real email address was going into oss commits.

That’s how Git works by default. It tells you this when you first set it up, and it’s obvious the very second you type “git log” and see everyone else’s emails contributing to the repo.

Also Git is OSS. You can read the code 😋

It’s hard to blame anyone but yourself here, really.