From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 65632138334 for ; Tue, 2 Jul 2019 11:58:13 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 51E71E0863; Tue, 2 Jul 2019 11:58:12 +0000 (UTC) Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 25412E0843 for ; Tue, 2 Jul 2019 11:58:12 +0000 (UTC) Received: by mail-pf1-f178.google.com with SMTP id y15so8153869pfn.5 for ; Tue, 02 Jul 2019 04:58:12 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=ieB7NV5rdfX1oxo3TDjSaURaUXetz9+kOssukk4hpi8=; b=EIuM23buHcM6PHJsKYz0N4BxQu6xrFvL4luQEs17JPJqWGrrlqnTqy0DONqrvmEVIN KiWlZYq4PXYmM2wuwgQJXqjv+LiZNS5mJThIFHJuAiwU6mBafqLgTjC0z/ROLoC2CcG6 pIpfLstZYl+MLNvk4EyTvXyJqjl5Y7hd00udTGMsnZGpTb3toEYlirf+xk0GNt1TiYc2 D2b7KC9gGA0UaBF8mueEliwmTMgZfqT+cc0jiuHB6nDhvMFYCUXO5G/yZ9B3NOb+AO9o H6+/porUWYZ6GE187Q7Rq50Lpb2PW8FzMKnXV7hwCvIgomYAWdlfVtrJf51gGOH+avnp 9hlw== X-Gm-Message-State: APjAAAX4nJeodpMoBZnslWv0QXf8MywXA7PgS4EyKxMFVPnoAOtMfyf8 cCl0QaqO9zyeBM4+T5zWvPmB5WNlrLjwyuUJejUAwQ== X-Google-Smtp-Source: APXvYqzp1kXGyLwxqgPLr+i8Ft222peutbi2IExiBELld5EO+gvBsJg5HOoisLMTLBKoLVanUQ9Z/73cjqdgNG3XsDg= X-Received: by 2002:a17:90a:9903:: with SMTP id b3mr5184508pjp.80.1562068690725; Tue, 02 Jul 2019 04:58:10 -0700 (PDT) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Project discussion list X-BeenThere: gentoo-project@lists.gentoo.org Reply-To: gentoo-project@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 References: <20190615124220.fcf0c08b22481d5bc6c2dbe0@gentoo.org> <20190615124933.b2f20fde0b47509e6b54f989@gentoo.org> <20190625011818.73fb7c1948a0a3d124a0d9db@gentoo.org> <20190628144924.334336020d7a31deed0b6749@gentoo.org> <8e865f8b-5f6c-e555-ed53-7186898df6f5@gentoo.org> In-Reply-To: From: Rich Freeman Date: Tue, 2 Jul 2019 07:57:59 -0400 Message-ID: Subject: Re: [gentoo-project] Questions for Gentoo Council nominees: GLEP 76 To: gentoo-project Content-Type: text/plain; charset="UTF-8" X-Archives-Salt: 4b78731b-1cf5-4c43-b104-df09a3425de6 X-Archives-Hash: 8f1b7d25ba57972c9ebbb10ab03d66df On Tue, Jul 2, 2019 at 12:24 AM desultory wrote: > > On 07/01/19 07:59, Rich Freeman wrote: > > On Mon, Jul 1, 2019 at 1:02 AM desultory wrote: > >> > >> publishing PII purely on the basis of disciplinary > >> considerations could be quite reasonably considered to be an outrageous > >> overreach. There are reasons that "doxing" is generally considered to be > >> rather reprehensible. > > > > It obviously is reprehensible. However, nobody is suggesting > > publishing PII for any reason, and I have no idea where this idea even > > came from. > > > How, exactly, is a requirement to provide and publish "legal name as a > natural person, i.e., the name that would appear in a government issued > document" [GLEP76] not a requirement to publish persona data [PII]? It isn't an issue if the person involved publishes itself and Gentoo is merely the medium, IMO. > > Furthermore, I do not think that Gentoo should be collecting PII under > > conditions of confidentiality for any reason in the first place. Nor > > should we be doing any activities that require us to do so, such as > > accepting money from people, or paying people. IMO we do not have the > > demonstrated ability to do this in a safe and compliant manner, and we > > have a history of not performing legally-required activities in a > > compliant manner. > > > Too late, Gentoo has multiple services which collect some form of PII > (e.g. the EU considers an IP address to be, at least potentially, PII), > and retain at least some of that data without publishing it. I said that I don't think that it should be. I never claimed that it wasn't. > > For this reason, I think it would be a big mistake to allow people to > > contribute under pseudonyms under the condition that they reveal their > > real identities to some Gentoo body that would retain this information > > in confidentiality. That would expose Gentoo to a rather large number > > of privacy laws in a large number of places, for IMO little gain. > > > So, under the mistaken premise that Gentoo does not collect or retain > any form of PII you believe that Gentoo should not collect or retain any > PII, correct? I never said that Gentoo doesn't collect PII. I said it shouldn't. And it shouldn't. > Knowing that Gentoo does indeed collect and retain some PII, does your > opinion change? No. Obviously whatever PII we do collect needs to be properly protected, just as we ought to be filing taxes and doing various other things that we have trouble doing. In both cases the problem can simply be avoided by structuring ourselves in a manner that doesn't introduce the burden of compliance. > LDAP, though most of that data is now published in some form it is still > by and large a collection of PII. We should not collect non-public PII in LDAP. There is no harm in allowing individuals to freely list their names/locations/etc if they wish, but we shouldn't have anything in the database, other than passwords or similar credentials, which isn't just published on the website. Hence there should be nothing to steal (well, other than passwords, and those are useless after they are changed). As I understand it we've already been pushing to eliminate much of the PII from LDAP as it is - I'm curious as to what still remains that would be of concern. In particular I believe the birthdate field was dropped some time ago. Much of the rest gets published in the directory/etc and so it isn't anything that isn't open to see. > > None of this is intended as some kind of attack on Trustees/Infra/etc. > > They're volunteers doing the best they can do without pay, and > > generally trying to clean up after a long period of neglect. It is > > simply a fact that if you have nothing to steal, then it is impossible > > to steal it, and no effort is required to protect it. > > Believing that you have nothing worth stealing is no defense against > those who believe that you do and intend to take it. I never claimed that we should shield ourselves with "belief." I said we shouldn't have anything to steal in the first place. Sure, that won't stop people from trying. It will definitely stop them from succeeding. -- Rich