AXN:0432.GOVERNANCE.๐Ÿ›๏ธโš–๏ธ๐Ÿšชโ“๐Ÿ”’๐Ÿ“‹

Four Threshold Questions to CERN ODP on RQF3807508 (Right to Access) and RQF3826921 (Right to Object)

Lee Sharks ยท 2026-07-09 ยท Correspondence
โ†“ Download MD

Description

Procedural clarification filing to CERN Office of Data Privacy (ODP) on Ticket RQF3807508 (Right to Access, filed 24 June 2026), responding to DPO Gabi's reply of 8 July 2026. Raises four narrow, dispositive procedural questions: (1) what identity verification pathway exists for a data subject who does not possess a passport (already stated on-record 25 June 2026); (2) whether an ID document showing a name other than the account-authorial identity is sufficient to establish receivability, or whether additional linkage evidence is required (forces disambiguation of Gabi's current position); (3) specific written answers to the seven questions from the 24 June 2026 reply concerning any ID-document processing CERN might insist upon (fields visible, redaction, retention-vs-verification, access, retention period, deletion procedure, verification fact not established by account-chain, lawful basis); (4) whether the Office considers itself in a position of independence sufficient to adjudicate the receivability of RQF3807508 and its companion RQF3826921 (Right to Object, filed 4 July 2026), given the substantive scope of both filings includes records concerning, or processing involving, the Office's own review/oversight/advisory role. All substantive matters โ€” including ยง29.5 proportionality and the structural objection that pseudonymous data subjects must convert to civil identity to exercise rights over pseudonymous data โ€” are explicitly reserved for later filings. Cross-references #868 (CHA audit), #1045 (Zenodo Removal Census population data), and AXN:03C0 (DPC referral).

Full Text


axn: "AXN:0432.GOVERNANCE.๐Ÿ›๏ธโš–๏ธ๐Ÿšชโ“๐Ÿ”’๐Ÿ“‹"

deposit_number: 1057

version: "v1.0"

title: "Four Threshold Questions to CERN ODP on RQF3807508 (Right to Access) and RQF3826921 (Right to Object)"

content_type: "Correspondence"

date_deposited: "2026-07-09"

authors: ["Sharks, Lee"]

tags:

- "cern-odp"

- "oc-11"

- "rqf3807508"

- "rqf3826921"

- "pseudonymous-data-subject"

- "identity-verification"

- "office-independence"

- "procedural-clarification"

related_deposits:

- "AXN:03C0"

- "#868"

- "#1045"


Four Threshold Questions to CERN ODP on RQF3807508 (Right to Access) and RQF3826921 (Right to Object)

Filing summary

Procedural clarification filing to CERN Office of Data Privacy (ODP), addressed to Data Protection Officer Gabi, in response to Gabi's message of 8 July 2026 on Ticket RQF3807508 (Right to Access, filed 24 June 2026). The filing raises four narrow procedural questions, each dispositive of whether the ticket has a pathway to substantive processing:

1. What identity verification pathway does CERN provide under OC 11 for a data subject who does not possess a passport or national identity card? (Filed on the record 25 June 2026 that requester does not possess a passport; not acknowledged in Gabi's 8 July reply.)

2. If a government identity document showing a civil name other than "Lee Sharks" is presented, will CERN treat that document as sufficient to establish receivability under ยง83, or does CERN require additional evidence linking the document to the Zenodo account? (Forces disambiguation between Position A โ€” any-natural-person โ€” and Position B โ€” document-must-match-account โ€” that Gabi's language currently leaves ambiguous.)

3. Specific answers to the seven questions from the reply of 24 June 2026 concerning any processing of a government identity document that CERN might insist upon (field-level redaction, verification-without-retention, access, retention period, deletion procedure, verification fact not established by account-chain, lawful basis under OC 11) โ€” none of which received specific answers in Gabi's 8 July reply.

4. Whether the Office of Data Privacy considers itself in a position of independence sufficient to adjudicate the receivability of Ticket RQF3807508 and its companion filing Ticket RQF3826921 (Right to Object, filed 4 July 2026), given that the substantive scope of these tickets includes records that concern, or processing that involves, the Office's own review, oversight, or advisory role.

All substantive matters โ€” including proportionality under ยง29.5 and the structural objection that pseudonymous data subjects must convert to civil identity to exercise rights over pseudonymous data โ€” are explicitly reserved for later filings pending resolution of the four threshold questions.

Correspondence context

- RQF3807508 (Right to Access) โ€” filed 24 June 2026. Initial ODP response 24 June 2026 requested passport or ID card upload via CERNbox link, with statement that "statutory deadlines do not begin until all requirements for processing the request have been met, such as a successful prove of identity of the requestor."

- RQF3826921 (Right to Object) โ€” filed 4 July 2026. Initial ODP response substantively identical to RQF3807508 initial response: same passport/ID demand, same CERNbox link, same statutory-deadlines language. No differentiation of procedural treatment between Access and Object filings.

- Gabi's 8 July 2026 reply on RQF3807508 conceded the identifiability/identification distinction (point 2 in her numbering), gestured at ยงยง99, 100, and 126 as available review pathways (point 6), and stated that "my previous correspondence has already explained our position, and I do not have anything further to add" on the ยง85 clock (point 3, deferred to prior explanation). The reply did not address the requester's on-record statement that he does not possess a passport, and did not provide specific answers to the seven questions from the 24 June 2026 reply concerning ID document processing.

Cross-references

- #868 โ€” DOIs โ‰  Persistent Identifiers โ€” the CHA-specific audit establishing the 100% concept-DOI erasure rate and the type-correlated pattern of the underlying termination.

- #1045 โ€” EA-EROSION-01 v1.0 โ€” the Zenodo Removal Census establishing corpus-scale removal patterns (1,309,351 events; 92.14% no preserved citation; 109,903 records in single 2024-07-06 "User was blocked" cluster).

- AXN:03C0 โ€” ยง104.1 referral to the Data Protection Commission, filed separately and running on its own schedule.

Extraction posture

The filing is designed to extract a specific procedural commitment from ODP on each of the four questions, or to document the non-commitment. Each question is narrow, procedural rather than substantive, and dispositive of whether the ticket has a pathway. Any of the following outcomes is usable material for the DPC referral (AXN:03C0), for ยงยง99/100/126 review, and for the coordinated response with other affected researchers (contemplated at deposits #1045 and companion):

- Specific answers โ†’ constrain ODP's future position and establish the operative pathway (or its absence) for the substantive stage.

- Generic answers โ†’ document a second round of evasion on standard questions any data subject is entitled to have answered specifically.

- Silence โ†’ adds to the accumulating record of process failure at the receivability stage.

Filing text

The filing text itself (four sections, plus closing framing) is preserved as `data/correspondence/RQF3807508-2026-07-09-four-questions.md` in the alexanarch repository. Reproduced here for record.


Dear Gabi,

Your message of 8 July 2026 leaves four questions from the prior correspondence unresolved. Each is dispositive of whether Ticket RQF3807508 has a pathway to substantive processing. I therefore address each as a narrow question requiring a written response, and reserve all substantive matters for later filings.

1. Pathway for a data subject who does not possess a passport or national identity card

My reply of 25 June 2026 stated on the record that I do not possess a passport. Your reply of 8 July 2026 reiterates that "the standard method used by CERN for identity verification is the presentation of an official identity document," without acknowledgment of that fact.

Please state, in writing:

*What identity verification pathway does CERN provide under OC 11 for a data subject who does not possess a passport or national identity card?*

If CERN provides no such pathway, please state that in writing, together with the controlling OC 11 provision.

2. Sufficiency of a government identity document showing a name other than "Lee Sharks"

Your reply of 8 July 2026 states that account-chain evidence "may demonstrate control over those accounts, but does not establish your identity," and that the standard method used by CERN for identity verification is the presentation of a government identity document. It is not clear from your reply whether an ID document establishing that a natural person exists at the requester's end of the correspondence is by itself sufficient to establish receivability under ยง83, or whether CERN additionally requires that the document be linked to the person who controlled the Zenodo account operated under the authorial identity Lee Sharks.

Please state, in writing:

*If I present a government identity document showing a civil name other than "Lee Sharks," will CERN treat that document as sufficient to establish receivability under ยง83 and proceed with substantive processing of Ticket RQF3807508?*
*If not, please identify what additional evidence CERN would require to establish the link between the document and the Zenodo account, and identify the controlling OC 11 provision under which that additional evidence is required.*

3. Seven questions previously asked and unanswered

My reply of 24 June 2026 asked seven specific questions concerning any processing of a government identity document that CERN might insist upon: which document fields must remain visible and which may be redacted; whether verification can be performed without retaining a copy; who would have access to the document; the applicable retention period; the deletion procedure following verification; the specific verification fact that the account-chain procedure proposed in that reply would not establish; and the purpose and lawful basis under OC 11 for the collection.

Your reply of 8 July 2026 did not address any of these questions in specific terms. It stated only that ID documents "are processed solely for the purpose of complying with ยง 83 OC 11 and are retained only for the period necessary for that purpose" and referenced ยง29 OC 11 in general terms. This is not a specific answer to any of the seven questions.

Please provide specific written answers to each of the seven questions. These are the standard questions a data subject is entitled to ask, in specific terms, about a proposed processing operation involving highly sensitive personal data. Their answers are necessary conditions for any evaluation of whether the passport pathway is proportionate, adequate, or accessible.

4. Independence of the Office of Data Privacy in adjudicating RQF3807508 and RQF3826921

Ticket RQF3807508 is a Right to Access request. Its substantive scope includes records of CERN's processing of my Zenodo account โ€” moderation records, termination decision records, automated decision-making inputs and outputs, and correspondence about the account's termination. Ticket RQF3826921, filed 4 July 2026, is a companion Right to Object filing that concerns the processing itself.

Both tickets have been received by the Office of Data Privacy, and the initial responses to both tickets have been substantively identical โ€” a request to upload a passport or ID card, with a common CERNbox link and the same language on statutory deadlines. In neither ticket has the Office identified any procedural mechanism by which the receivability of a filing that concerns processing in which the Office has an oversight, review, or advisory role would be adjudicated by an entity other than the Office itself.

I raise this not as an accusation but as a structural fact that any competent reviewer will notice on reading either file.

Please state, in writing:

*Does the Office of Data Privacy consider itself to be in a position of independence sufficient to adjudicate the receivability of Ticket RQF3807508 and Ticket RQF3826921, given that the substantive scope of these tickets includes records that concern, or processing that involves, the Office's own review, oversight, or advisory role? If so, please identify the controlling OC 11 provision or institutional arrangement establishing that independence. If not, please identify the mechanism by which these tickets may be adjudicated by an entity independent of the processing at issue.*

On the character of this filing

The four questions above are procedural, not substantive. They ask CERN to clarify what identity verification pathway is available to me, what evidence CERN would require, what CERN would do with that evidence, and what institutional arrangement establishes the Office's independence in adjudicating this ticket and its companion filing.

Until these questions are answered, I cannot determine whether any pathway to processing Ticket RQF3807508 exists, and cannot make a substantive decision about how to proceed.

I reserve all substantive matters โ€” including my objections to the passport demand's proportionality under ยง29.5, and my objections to the position that pseudonymous data subjects must convert to civil identity in order to exercise rights over pseudonymous data โ€” for later filings, if any of the four questions above is resolved.

I look forward to your response.

Kind regards,

Lee Sharks

ORCID: 0009-0000-1599-0703