www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ted Dunning <ted.dunn...@gmail.com>
Subject Re: legal opinion on collecting usage statistics
Date Wed, 12 Jul 2017 21:39:15 GMT
On Wed, Jul 12, 2017 at 1:01 PM, Paul Libbrecht <paul@hoplahup.net> wrote:

> The problem with your argument is that it applies to any slightly
> personnal data and not at all to analytics data.

Unless analytics data includes that personal data, of course.

> It includes the log of any service (including http, https, and ssh) and,
> of course, the user-info of all our registered users. Cookies as well.

Yes. It can include that information.

But note that storing the host information from machines where software is
installed is fundamentally different from just a log entry from an
intentional visit to our web site. The internal host information can be
significantly more sensitive.

> We have not really cared for having a universal answer to that… I think it
> has been so, that the consideration of the server-locations-jurisdictions
> have been enough thus far.

Actually, we have had an answer. And that is that the infra group deals
with that information.

Furthermore, they go to great lengths to avoid storing clear-text for any
sensitive personal information unless the user themselves has posted that
information in public.

> However, it is not a reason to say that the solution we have applied thus
> far is not admissible for this somewhat new type of data, I believe

I really don't see any particular connection. The question is whether we
should be allowing a project to collect potentially sensitive personal
information. That question should be answered on the merits and the answer
should stand scrutiny in isolation.

> So, extending your argument, one would say that no login (e.g. Jira's)
> should be made with passwords stored at Apache servers but with an external
> identity provider. Is that really what you are aiming at?

Are you sure that isn't already happening?

What do you think happens when people interact with Apache code using
github?  What about when github becomes the canonical repository?

> On 11 Jul 2017, at 23:13, Ted Dunning <ted.dunning@gmail.com> wrote:
> On Tue, Jul 11, 2017 at 11:40 AM, Paul Libbrecht <paul@hoplahup.net>
> wrote:
>> Erm…
>> Storing at the ASF is preferable since it is not being a party linked to
>> all sorts of business issues that relate to the everyday life of many
>> people on this earth: We would not be sharing this information, or a digest
>> of it, with others. Google is.
>> While I rather trust Google’s security level, I do not believe that our
>> normal data protection method is weaker!
> What *is* the standard Apache policy on this and how does it relate, for
> example, to the recent German changes to GDPR? What about with respect to
> data sovereignty requirements in Thailand and Vietnam? How will Brexit
> change this?
> These questions cannot be answered because there is no such Apache policy
> and nobody at Apache is even thinking about these requirements (with
> respect to Apache's needs).
> I can guarantee that Google *is* thinking about exactly these issues and
> they have a solid answer to all of these questions and all of the similar
> questions that need to be answered.
> In general, Apache's normal data protection method doesn't exist. Apache's
> answer to all of this has normally been that everything is open (if at all
> possible) and thus data protection is a contradiction in terms. That works
> for software and mailing lists and completely fails for personally
> identifiable data. Apache doesn't even know at the foundation level what
> personally identifiable is, much less how to protect it. At the project
> level, the situation is generally even worse.

View raw message