Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign upPrivacy option: Disable storage of IP addresses #6474
Comments
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Openmedianetwork
Feb 15, 2018
nice to have an option to keep it for a set time as well as not save it at all.
Openmedianetwork
commented
Feb 15, 2018
|
nice to have an option to keep it for a set time as well as not save it at all. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
bortzmeyer
Feb 16, 2018
A case of the police asking data from a Mastodon instance is http://www.laquadrature.net/en/node/10335 (in french only)
bortzmeyer
commented
Feb 16, 2018
|
A case of the police asking data from a Mastodon instance is http://www.laquadrature.net/en/node/10335 (in french only) |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
bortzmeyer
Feb 16, 2018
Another possibility would be to retain only a prefix (of configurable length) of the IP address. Many programs allow to do so, such as the Web cache Squid.
bortzmeyer
commented
Feb 16, 2018
|
Another possibility would be to retain only a prefix (of configurable length) of the IP address. Many programs allow to do so, such as the Web cache Squid. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Technowix
Feb 16, 2018
Contributor
Keeping a prefix would be a cool compromise :o
It's useful if we want to quickly check for people making multiple accounts in order to harass
|
Keeping a prefix would be a cool compromise :o |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
hellekin
commented
Feb 16, 2018
|
People who want to harass on the Web know how to use VPNs or botnets. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Technowix
Feb 16, 2018
Contributor
So let go those who aren't?
IP prefix isn't legally able to inculpate someone of something, it just help modération :/
|
So let go those who aren't? |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
hellekin
commented
Feb 16, 2018
|
Well, theoretically... |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
mastuser
Feb 16, 2018
If you choose to implement anonymization by truncation of IP addresses, please note that for effective anonymization, German DPAs require
- truncation of the last 2 Byte of IPv4 addresses
- truncation of the last 12 Byte of IPv6 addresses
mastuser
commented
Feb 16, 2018
|
If you choose to implement anonymization by truncation of IP addresses, please note that for effective anonymization, German DPAs require
|
wxcafe
added
enhancement
requires in depth
legal
priority - medium
labels
Mar 2, 2018
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
bortzmeyer
May 2, 2018
Also, it is not just a matter of law (and the label "legal" is misleading). Above all, it is a political issue: do we want to protect the privacy of the users?
bortzmeyer
commented
May 2, 2018
|
Also, it is not just a matter of law (and the label "legal" is misleading). Above all, it is a political issue: do we want to protect the privacy of the users? |
mastuser commentedFeb 14, 2018
Mastodon appears to log the full user IP addresses (last address in use).
In order to comply with German privacy law and to allow for anonymous use by activists, could you please create an option to disable the storage of IP addresses (possibly making it default)?
Privacy is why many people decide to use Mastodon over Twitter. We wouldn't want a case like this.
master(If you're a user, don't worry about this).