www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ted Dunning <ted.dunn...@gmail.com>
Subject Re: legal opinion on collecting usage statistics
Date Wed, 12 Jul 2017 21:39:15 GMT
On Wed, Jul 12, 2017 at 1:01 PM, Paul Libbrecht <paul@hoplahup.net> wrote:

>
> The problem with your argument is that it applies to any slightly
> personnal data and not at all to analytics data.
>

Unless analytics data includes that personal data, of course.


> It includes the log of any service (including http, https, and ssh) and,
> of course, the user-info of all our registered users. Cookies as well.
>

Yes. It can include that information.

But note that storing the host information from machines where software is
installed is fundamentally different from just a log entry from an
intentional visit to our web site. The internal host information can be
significantly more sensitive.


> We have not really cared for having a universal answer to that… I think it
> has been so, that the consideration of the server-locations-jurisdictions
> have been enough thus far.
>

Actually, we have had an answer. And that is that the infra group deals
with that information.

Furthermore, they go to great lengths to avoid storing clear-text for any
sensitive personal information unless the user themselves has posted that
information in public.


> However, it is not a reason to say that the solution we have applied thus
> far is not admissible for this somewhat new type of data, I believe
>

I really don't see any particular connection. The question is whether we
should be allowing a project to collect potentially sensitive personal
information. That question should be answered on the merits and the answer
should stand scrutiny in isolation.


> So, extending your argument, one would say that no login (e.g. Jira's)
> should be made with passwords stored at Apache servers but with an external
> identity provider. Is that really what you are aiming at?
>

Are you sure that isn't already happening?

What do you think happens when people interact with Apache code using
github?  What about when github becomes the canonical repository?


>
> On 11 Jul 2017, at 23:13, Ted Dunning <ted.dunning@gmail.com> wrote:
>
>
>
> On Tue, Jul 11, 2017 at 11:40 AM, Paul Libbrecht <paul@hoplahup.net>
> wrote:
>
>> Erm…
>> Storing at the ASF is preferable since it is not being a party linked to
>> all sorts of business issues that relate to the everyday life of many
>> people on this earth: We would not be sharing this information, or a digest
>> of it, with others. Google is.
>>
>> While I rather trust Google’s security level, I do not believe that our
>> normal data protection method is weaker!
>>
>
>
> What *is* the standard Apache policy on this and how does it relate, for
> example, to the recent German changes to GDPR? What about with respect to
> data sovereignty requirements in Thailand and Vietnam? How will Brexit
> change this?
>
> These questions cannot be answered because there is no such Apache policy
> and nobody at Apache is even thinking about these requirements (with
> respect to Apache's needs).
>
> I can guarantee that Google *is* thinking about exactly these issues and
> they have a solid answer to all of these questions and all of the similar
> questions that need to be answered.
>
> In general, Apache's normal data protection method doesn't exist. Apache's
> answer to all of this has normally been that everything is open (if at all
> possible) and thus data protection is a contradiction in terms. That works
> for software and mailing lists and completely fails for personally
> identifiable data. Apache doesn't even know at the foundation level what
> personally identifiable is, much less how to protect it. At the project
> level, the situation is generally even worse.
>
>
>
>

Mime
View raw message