Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
As a user who backs certain open source projects, I want to be able to donate to a project without it being mentioned on my profile or on the project's profile. It's nobody's business who I donate to and how much I donate to them and it should be a choice of the individual user whether they want that information is made public or not.
N.B.: Correct me if I'm wrong, but displaying this information publicly without my explicit permission violates the EU GDPR laws.
For that matter: it should also be a choice of the user whether they want to allow public access to their profile or not.
Best solution for this problem
An option in the advanced settings to turn "show projects you back" on or off. With the default setting being OFF.
When this setting is set to
Additionally, an option should be added to in the advanced settings to give users a choice who can see their profile:
Note: This would not be an issue if people could donate without creating an account, but as that's been made compulsory, due care should be given to privacy (which currently is not the case).
It doesn't violate GDPR laws. It's like github showing your contributions across all the public repositories on your profile page, or Twitter showing all your conversations to different people on your profile, etc. It's all public information and your profile page just pulls that information together in one place.
We do offer users the ability to donate anonymously. It's a bit cumbersome as the user basically needs to use another email (or add a + in it if using a gmail address), and not provide identifiable information in their name and avatar. It would be great to make it easier to stay logged in and selectively make a donation anonymously. I like the idea of allowing users to show or hide the list of projects they are backing. No reason for us not to give users that option.
Thank you for the suggestion. I hope that someone can make a contribution to offer this feature.
@xdamman I vehemently don't agree. How I spend my time is a completely different matter privacy-wise than how I spend my money (and how much of it). That's like saying it would be OK for banks to openly publish the transaction details of everyone holding an account there. There's a reason why that is not allowed.
There is a big difference. Those bank transactions are private. So of course no one can aggregate them and display them publicly. But in an open collective, all transactions are public by design. People want to know who is financing this or that collective. Is it mostly financed by people or by companies? Which ones? Etc.
Therefore anyone could scrape our website and display all the transactions clustered in different ways (e.g. all transactions made by the same account). So we may as well allow them to click on a profile to see all their transactions (and discover other collectives to support in the process).
We also publish all transactions as open data on our public drive: https://drive.opencollective.com
I'll create an issue to at least document this better in the flow of making a donation. That's something that we should be able to do quickly.
I'll create a second issue to get to a better solution which is to allow you to create different profiles and decide what identity you want to use (anonymous/pseudonymous) when making a donation.
Thank you for taking the time to share this important concern.