-
nicola
FYI Data Protection Commission announces conclusion of inquiry into WhatsApp https://community.nicfab.it/post/26166
-
Licaon_Kter
A $5.5mil fine is "operational costs", nothing to see, carry on. Also... 4 years later Ireland?
-
nicola
> A $5.5mil fine is "operational costs", nothing to see, carry on. Also... 4 years later Ireland? It’s a hot topic for several reasons, among them: 1. DPC Ireland and the EDPB (administrative matters but relevant); 2. The phenomenon is increasing, and several EU DPAs are issuing measures with relevant fines to big players. 3. People should consider those measures to WA & co … XMPP is better 😉
-
Peter Waher
Note: Many of the XMPP extensions have serious privacy implications as well…
-
nicola
> Note: Many of the XMPP extensions have serious privacy implications as well… I know
-
Licaon_Kter
https://upload.convorb.im/7c370453f738f2c0c995eaee643e5e0aba76aeb0/0lcxCvR9vAKAtp3fr4b4l4AJmEd0vwwl2QecUYYY/xmppsucks.jpg
-
Licaon_Kter
Peter Waher: ^^^
-
Peter Waher
An alternative reaction would be to list these extensions & privacy concerns, so we can generate tasks to fix those
-
nicola
> An alternative reaction would be to list these extensions & privacy concerns, so we can generate tasks to fix those I agree with you, and I am at your disposal
-
Licaon_Kter
Peter Waher: are these "known" by now, 24 years have passed already :)
-
Peter Waher
Example: HTTP Upload need to allow the uploader to define life cycle (how long the file should be persisted on the broker) and delete uploaded files (but only the uploader should be abllowed this).
-
MSavoritias (fae,ve)
How is that a privacy issue?
-
MattJ
Users should have control over their data
-
MattJ
As long as they can request that their provider delete the data, and the provider complies, it's not necessarily an issue
-
Peter Waher
Images may be sensitive
-
MattJ
But it would be nice to have it supported directly in the protocol
-
Peter Waher
According to the GDPR requires life cycle to be defined (i.e. lifetime) to sensitive and/or private information
-
Peter Waher
meaning, you cannot store (process) it indefinitely
-
MattJ
Which most servers already don't
-
Peter Waher
so, you need to either define a time for all content, or allow the uploader to specify the time
-
Peter Waher
for each file
-
Peter Waher
(or allow the uploader to delete the file)
-
singpolyma
Could use DELETE and Expires header on the PUT endpoint for those. If the component wanted to implement them
-
Peter Waher
yes
-
Peter Waher
but it needs to be standardized
-
singpolyma
Needs to be implemented before it can be standardized :)
-
Peter Waher
don't see why
-
singpolyma
... because standards always follow implementation? You can't specify something in abstract and then just hope an implementation appears. You need at least one, and ideally two
-
Peter Waher
it’s actually often the other way around. specification comes before implementation, at least if you want to think through things and allow different accords to come to an agreement, rather than standardize what one of the actors have already implemented✎ -
Peter Waher
I have already an implementation in our broker, but it is not my point to standardize that solution.
-
Peter Waher
it’s actually often the other way around. specification comes before implementation, at least if you want to think through things and allow different actors to come to an agreement, rather than standardize what one of the actors have already implemented ✏
-
Licaon_Kter
Double the message double the fun?