Re: Privacy Policy
- From: Brian Cameron <brian cameron oracle com>
- To: Paul Cutler <pcutler gnome org>
- Cc: legal-list gnome org, GNOME Foundation Board <board-list gnome org>
- Subject: Re: Privacy Policy
- Date: Mon, 13 Sep 2010 02:00:36 -0500
Paul:
I'd think a privacy statement by the GNOME Foundation should make some
mention, or encorporate some of the ideas from the Franklin Street
Statement. However, it doesn't seem to go there at all.
http://autonomo.us/2008/07/franklin-street-statement/
The privacy policy does not seem to discuss how personal information
is treated when the user wishes to share it with others. For example,
if we were to provide a web service where users could connect with
friends and share personal information with them, how would it be
managed?
For example, would users always be in control of how their personal
information is handled when the user wishes to make it less private?
Are default settings always at the most private, or should users
expect to need to review and change default settings to ensure they
are comfortable with them?
Also Germán highlights that services like git, bugzilla and our
mail services. We should be clear that when users subscribe to
such services that some information is disclosed as needed for the
service to operate. It might be good to provide some examples of
things we know about, just to be clear.
Also, the document says this:
> If you are a registered user of a GNOME website and have supplied
> your email address, GNOME may occasionally send you an email to tell
> you about new features, solicit your feedback, or just keep you up to
> date with what’s going on with GNOME and our products. We primarily
> use our various product blogs to communicate this type of
> information, so we expect to keep this type of email to a minimum. If
> you send us a request (for example via a support email or via one of
> our feedback mechanisms), we reserve the right to publish it in order
> to help us clarify or respond to your request or to help us support
> other users. GNOME takes all measures reasonably necessary to protect
> against the unauthorized access, use, alteration or destruction of
> potentially personally-identifying and personally-identifying
> information.
If we will send emails, shouldn't we discuss what opt-in and opt-out
mechanisms are used for users to control what sorts of emails are
sent to them?
Also, it seems a bit odd to jump from discussing email to how
"requests" are handled. Since requests may not be in email form,
it confused me on first reading since I at first assumed that you
were talking about email requests. It might be good to break this
into two sections and make it a bit more clear that "requests" is
something different than email.
Brian
Working on Snowy / Tomboy Online, Sandy filed Bug 613890 for Tomboy
Online to create a privacy policy for its users. Searching Bugzilla,
Bug 601843 was filed last year noting that GNOME itself doesn't have a
formal privacy policy.
Asking on identi.ca, Greg Grossmeier pointed out that both Automattic,
Inc. (home of Wordpress.com) and StatusNet both offer their privacy
policies under a CC license [1],[2].
Using those as a basis, especially Automattic's privacy policy, I've
written a first draft for review. I'm hoping if it's done right, we can
have one GNOME privacy policy that also includes GNOME's web services.
The file is attached and also attached to Bug 613890.
[
Date Prev][Date Next] [
Thread Prev][Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
