Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How do we secure personal data going forward? #568

Open
asbjornst opened this issue Sep 11, 2019 · 3 comments
Open

How do we secure personal data going forward? #568

asbjornst opened this issue Sep 11, 2019 · 3 comments
Milestone

Comments

@asbjornst
Copy link

@asbjornst asbjornst commented Sep 11, 2019

Starting a new issue, as this is not about fixing #566, but how to avoid the next one.

Background: feature #451 inadvertently enabled the privacy leak in #566?

To quote @arnoldnipper from the support ticket 2019UA8KJ leading up to #566:

Revealing deletedrecords only has been introduced with the last role out. And I guess no one has thought about any GDPR issues associated with this. Are there any? The answer is not that simple but definitely needs discussion.

Just like all RFC's have a "Security Considerations" section, and newer ones have a "Privacy Considerations" subsection (RFC6973), unless it's blatantly obvious not needed (like the whole document is focused on privacy).

If someone have to consider the implications, and in most cases just write "There are none".
The PC could then question it, if they disagree or have concerns with the assertion.

Do we believe that #566 would have been caught if someone would have had to write a statement about the privacy implications of #451? Or do we believe that distant memories of #566 is enough to avoid the next one?

@job

This comment has been minimized.

Copy link
Contributor

@job job commented Sep 11, 2019

@asbjornst

This comment has been minimized.

Copy link
Author

@asbjornst asbjornst commented Sep 11, 2019

@job, it's fine if the submitter is presenting a solution. In case that the submitter doesn't have enough knowledge about PeeringDB, to evaluate it and writes "I don't know", then it still helps by raising a red flag, that needs to be figured out in the comments.

If the submitter is presenting a problem, with an open solution, it might not work as well. Unless the solution is presented in a new issue.

It might also be useful to use a label to mark issues with unresolved privacy/GDPR questions.

@job

This comment has been minimized.

Copy link
Contributor

@job job commented Sep 11, 2019

@arnoldnipper arnoldnipper added this to the Decide milestone Nov 24, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.