smolt privacy policy
Luis Villa
luis at tieguy.org
Wed Feb 21 03:53:06 UTC 2007
On 2/20/07, Mike McGrath <mmcgrath at redhat.com> wrote:
> Luis Villa wrote:
> > On 2/19/07, Rahul Sundaram <sundaram at fedoraproject.org> wrote:
> >> Mike McGrath wrote:
> >> > I've created a first draft of the smolt Privacy Policy. Please
> >> note: It
> >> > is not a legal document, it's the Infrastructures policy of how
> >> we'll be
> >> > protecting the information.
> >>
> >> Instead of having privacy policies per program, it would probably be
> >> better to vet the project wide policy drafted at
> >> http://fedoraproject.org/wiki/Legal/PrivacyPolicy through the legal
> >> team. It has been sitting there for a while now.
> >
> > I get the sense that you're talking about a privacy policy, Rahul, and
> > maybe Mike is talking more about a privacy architecture or privacy
> > strategy? Just from reading the two documents, it seems they have some
> > overlapping text and goals but are mostly operating at two different
> > levels.
> >
> > Mike, would it make sense to retitle your doc as a privacy strategy or
> > privacy implementation doc, whose goal is to explain how smolt will
> > implement the project privacy policy Rahul pointed at?
> I think that policy was something that was created and never finished.
> I'm not even sure what context to apply to it.
I had assumed that (like most privacy policies) the context is 'we're
trying to explain what goals we're trying to meet with your data'. But
I'm not sure of the historical/project context around it. The wiki
history suggests it was written basically completely with one person,
so maybe it doesn't have the buy-in I assumed it did.
> Who maintains it?
Wiki says Patrick Barnes; I'm still relatively-speaking the newbie
around here and have no idea who that is :)
> > Calling it a
> > privacy policy seems a little confusing, esp. if there is already a
> > project privacy policy. Making this distinction might also (1) reduce
> > the need for lawyers, who can hopefully focus on validating the
> > requirements in the policy doc, rather than validating the
> > implementation details in smolt (2) help provide a practical test for
> > the overall privacy policy- if there are goals you're setting in the
> > smolt doc, or questions the smolt doc raises, which aren't in the
> > overall policy, this might be a good way to shake those out and get
> > them into the bigger/broader doc.
> >
> What if I "mv PrivacyPolicy YourPrivacy" ?
Dunno. Who is 'you'? End users? Implementers? Someone in between?
Understanding who that you is might help you clean up/clarify the doc.
Luis (who is potentially way overthinking this :)
More information about the fedora-advisory-board
mailing list