Launchpad needs a privacy policy

It is also common for a privacy policy to explain the use of cookies by the web site and other information that are collected and for what purpose.

Basic plan of attack on this one is to review that material that we've already accomplished in the act of signing the EU Data Protection Act, review standard privacy policy templates such as can be found at the BBB, and also to ensure we implement this both as a regular html page but also as P3P XML (preferably in APPEL). Need to investigate if the compact P3P is worth doing vs full. P3P would be simple apache header response change on our servers which would push out an extra line of metadata and the compact version would be a potentially simple change to add an html metadata string on each served page.

I suggest that before you put effort into producing a P3P policy, you investigate whether anyone would actually use it. P3P is not supported in Firefox (it was implemented for Mozilla, then removed), nor in Konqueror, Opera, Epiphany, or Safari, and it has only very limited support in Internet Explorer. It tends to be useless for Web users both because it is very complex and because it is reliant on the honesty of Web developers. I think just a human-readable policy would be fine.

I've received some material about the EU Data Protection Act including what Canonical has registered. There are some missing pieces that I think Steve A can fill me in on. I'm trying to find time on our calendars to chat about this.

Due to workload Steve had asked that I push this out a few weeks until we have more time to go through the EU DPA laws.

I have yet to work with Steve but used a privacy policy text generator to create a Safe Harbour compliant initial draft. This draft will need to be edited and then, when done, I'd like to convert it to P3P and enable Launchpad to be P3P compliant.

https://launchpad.canonical.com/JoeyStanford/privacy

Had a chat with Steve today. He made the call that we should not do P3P at this time.

Good progress. Under review.

Reviewed by Steve with hefty changes. This now lives at https://launchpad.canonical.com/JoeyStanford/privacyanddataretention

I've received a highly edited draft back from legal along with a general statement and have posted those to the wiki page we are using to build this document.

Also see https://bugs.launchpad.net/launchpad/+bug/124221

Final draft under review

approved by kiko for release

This has been deployed to https://help.launchpad.net/Legal

FYI, I've moved the WIP page to

https://launchpad.canonical.com/privacyanddataretention

in order to keep the relevant history.