[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: smolt privacy policy



On 2/20/07, Mike McGrath <mmcgrath redhat com> wrote:
Luis Villa wrote:
> On 2/19/07, Rahul Sundaram <sundaram fedoraproject org> wrote:
>> Mike McGrath wrote:
>> > I've created a first draft of the smolt Privacy Policy.  Please
>> note: It
>> > is not a legal document, it's the Infrastructures policy of how
>> we'll be
>> > protecting the information.
>>
>> Instead of having privacy policies per program, it would probably be
>> better to vet the project wide policy drafted at
>> http://fedoraproject.org/wiki/Legal/PrivacyPolicy through the legal
>> team. It has been sitting there for a while now.
>
> I get the sense that you're talking about a privacy policy, Rahul, and
> maybe Mike is talking more about a privacy architecture or privacy
> strategy? Just from reading the two documents, it seems they have some
> overlapping text and goals but are mostly operating at two different
> levels.
>
> Mike, would it make sense to retitle your doc as a privacy strategy or
> privacy implementation doc, whose goal is to explain how smolt will
> implement the project privacy policy Rahul pointed at?
I think that policy was something that was created and never finished.
I'm not even sure what context to apply to it.

I had assumed that (like most privacy policies) the context is 'we're
trying to explain what goals we're trying to meet with your data'. But
I'm not sure of the historical/project context around it. The wiki
history suggests it was written basically completely with one person,
so maybe it doesn't have the buy-in I assumed it did.

Who maintains it?

Wiki says Patrick Barnes; I'm still relatively-speaking the newbie
around here and have no idea who that is :)

> Calling it a
> privacy policy seems a little confusing, esp. if there is already a
> project privacy policy. Making this distinction might also (1) reduce
> the need for lawyers, who can hopefully focus on validating the
> requirements in the policy doc, rather than validating the
> implementation details in smolt (2) help provide a practical test for
> the overall privacy policy- if there are goals you're setting in the
> smolt doc, or questions the smolt doc raises, which aren't in the
> overall policy, this might be a good way to shake those out and get
> them into the bigger/broader doc.
>
What if I "mv PrivacyPolicy YourPrivacy" ?

Dunno. Who is 'you'? End users? Implementers? Someone in between?
Understanding who that you is might help you clean up/clarify the doc.

Luis (who is potentially way overthinking this :)


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]