Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Prompt to accept identity server policies before inviting them to a room #10093

Open
lampholder opened this issue Jun 18, 2019 · 10 comments

Comments

Projects
None yet
5 participants
@lampholder
Copy link
Member

commented Jun 18, 2019

Prompt for accepting IS terms before inviting a user by email address (if you haven't already agreed to that IS's policies)

There's another beat on which we need to capture accepting the IS's policies - before associating a new email address with your account _and choosing to publish that association on the IS - but that's tracked in #10159 (comment)

@lampholder

This comment has been minimized.

Copy link
Member Author

commented Jun 18, 2019

This will require a change to sydent and presumably the spec to expose policy documents

@turt2live

This comment has been minimized.

Copy link
Member

commented Jun 18, 2019

we should try and reuse matrix-org/matrix-doc#1692 if possible

@lampholder

This comment has been minimized.

Copy link
Member Author

commented Jun 19, 2019

Talking this through with Dave yesterday, we identified that it might not be desirable or appropriate for the IS to track users' acceptance of policy terms itself, since it would then need to support Open ID.

It might be preferable for the IS to mandate that calls to its APIs are provided with a 'policy-accepted' header representing the URI(s) of the latest policy documents the user has indicated their acceptance of - if this doesn't match the latest docs the IS has published, it can respond with an error (and the URI(s) of the new docs).

This approach could work for the IM, too.

This approach allows us to state with confidence that either the user accepted the terms, or (worst case scenario) the client they were using made a false attestation on the user's behalf.

@lampholder

This comment has been minimized.

Copy link
Member Author

commented Jun 25, 2019

Basically this looks something like this (if the user hasn't yet agreed to the active is'es t's and c's:

image

@lampholder lampholder changed the title Prompt to accept identity server policies before use Prompt to accept identity server policies before inviting them to a room Jun 25, 2019

@ara4n

This comment has been minimized.

Copy link
Member

commented Jun 30, 2019

Is there a reason to do this here rather than at registration or when changing IS? I'm worried that we may have other places where we need to talk to ISes (e.g. for displaying bound 3PIDs in settings), and having each UI control prompt for GDPR flows will be cumbersome versus doing them up front.

@ara4n

This comment has been minimized.

Copy link
Member

commented Jun 30, 2019

also, if we did it at registration via #10167, hasn't the user already agreed?

@hammerandtongs

This comment has been minimized.

Copy link

commented Jul 1, 2019

Whats the flow if the user hasn't agreed to #10167 (because they dont find the 3PID useful and so opt out)?

They don't expect to suddenly have agreed to a TOS they disagreed with merely because they send an invite.

@nadonomy

This comment has been minimized.

Copy link
Contributor

commented Jul 5, 2019

After validating today, latest comps are in Zeplin: https://zpl.io/brMdWo3

In instances like this, we shouldn't add cognitive load to any existing UI (like #10093 (comment)) but instead display T&C's modally, with the option to either continue or go back.

@nadonomy nadonomy removed the needs-design label Jul 5, 2019

@hammerandtongs

This comment has been minimized.

Copy link

commented Jul 5, 2019

If someone has disagreed with the TOS originally, you now want to spam them with the TOS?

Instead you could add some programmatic way of sharing a registration link that would direct the invitee into a room once registered?

Or simply stating in human terms some simple steps to take out of band to invite them to a room?

This looks like dark pattern territory as it is.

"Take the terms or nothing"

This is EXACTLY where cognitive load should be added so that you don't submarine people into taking a TOS they disagreed with already.

@nadonomy

This comment has been minimized.

Copy link
Contributor

commented Jul 5, 2019

If someone has disagreed with the TOS originally, you now want to spam them with the TOS?

A lot of users will have agreed to the ToS as per #10167, for those who haven't, this lets them review and optionally agree ToS when they need to.

There is absolutely no 'spam' as you put it— users are presented with ToS contextually in order to achieve an action they've initiated, and can review and optionally agree if they like.

Instead you could add some programmatic way of sharing a registration link that would direct the invitee into a room once registered?

Riot URL's can already be shared (e.g. https://riot.im/#/room/#example-room:matrix.org) and https://matrix.to exists also, exposed via 'Share room' UX in the client.

Or simply stating in human terms some simple steps to take out of band to invite them to a room?
This looks like dark pattern territory as it is.
"Take the terms or nothing"

This is polishing the UX for users that have clicked on [Invite to this room] in the member list. We do have plans to improve, polish and then prioritise link based invites in future in the UX, but until then this issue pertains more to iterating on existing features, not greenfield development.

No dark patterns here, just improving existing features before developing or polishing future ones.

This is EXACTLY where cognitive load should be added so that you don't submarine people into taking a TOS they disagreed with already.

Without being able to review the design comps these quips are entirely baseless. Feedback is more productive, and well appreciated, when responding to the full picture, so please wait on that before piling on with unfounded comments.

The privacy work is complex, spanning everything from UX to technical architecture and we're working hard at it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.