| 2009-11-23 17:37:08 |
Chad Miller |
bug |
|
|
added bug |
| 2009-11-23 17:38:13 |
Chad Miller |
description |
I mean this to be a parent bug to several individual bugs that
http://www.eff.org/wp/osp
Summary of Recommendations
1. Develop procedures for dealing with legal information requests and providing notice to users.
2. Work with both attorneys and engineers to develop a privacy policy that fits your OSP’s practices.
3. Collect the minimum amount of information necessary to provide OSP services.
4. Store information for the minimum time necessary for operations.
5. Effectively obfuscate, aggregate and delete unneeded user information.
6. Maintain written policies addressing data collection and retention.
7. Enable SSL as much as possible throughout your site to secure users’ information and communications.
8. Understand threats to the security of sensitive information and communications on your systems, and mitigate them appropriately.
9. Follow best-practice principles for the use of cookies on your site.
10. Insist that the OSPs and other service providers you work with observe these best practices, too. |
I mean this to be a parent bug to several individual bugs.
http://www.eff.org/wp/osp
Summary of Recommendations
1. Develop procedures for dealing with legal information requests and providing notice to users.
2. Work with both attorneys and engineers to develop a privacy policy that fits your OSP’s practices.
3. Collect the minimum amount of information necessary to provide OSP services.
4. Store information for the minimum time necessary for operations.
5. Effectively obfuscate, aggregate and delete unneeded user information.
6. Maintain written policies addressing data collection and retention.
7. Enable SSL as much as possible throughout your site to secure users’ information and communications.
8. Understand threats to the security of sensitive information and communications on your systems, and mitigate them appropriately.
9. Follow best-practice principles for the use of cookies on your site.
10. Insist that the OSPs and other service providers you work with observe these best practices, too.
|
|
| 2009-11-23 17:39:00 |
Chad Miller |
tags |
legal privacy |
eff-guidelines legal privacy |
|
| 2010-05-27 13:45:33 |
Joshua Hoover |
ubuntuone-servers: status |
New |
Confirmed |
|
| 2010-05-27 13:45:44 |
Joshua Hoover |
ubuntuone-servers: assignee |
|
Ubuntu One Ops+ team (ubuntuone-ops+) |
|
| 2010-05-27 13:45:56 |
Joshua Hoover |
tags |
eff-guidelines legal privacy |
eff-guidelines legal ops+ privacy |
|
| 2011-06-21 13:55:19 |
Chad Miller |
bug |
|
|
added subscriber Elliot Murphy |
| 2012-09-20 19:51:35 |
Curtis Hovey |
removed subscriber Elliot Murphy |
|
|
|
| 2013-11-19 15:37:38 |
Chad Miller |
information type |
Private |
Public |
|
| 2013-11-19 15:51:44 |
Chad Miller |
bug task added |
|
unity-lens-shopping |
|
| 2013-11-19 15:59:23 |
Chad Miller |
description |
I mean this to be a parent bug to several individual bugs.
http://www.eff.org/wp/osp
Summary of Recommendations
1. Develop procedures for dealing with legal information requests and providing notice to users.
2. Work with both attorneys and engineers to develop a privacy policy that fits your OSP’s practices.
3. Collect the minimum amount of information necessary to provide OSP services.
4. Store information for the minimum time necessary for operations.
5. Effectively obfuscate, aggregate and delete unneeded user information.
6. Maintain written policies addressing data collection and retention.
7. Enable SSL as much as possible throughout your site to secure users’ information and communications.
8. Understand threats to the security of sensitive information and communications on your systems, and mitigate them appropriately.
9. Follow best-practice principles for the use of cookies on your site.
10. Insist that the OSPs and other service providers you work with observe these best practices, too.
|
Ubuntu should be obvious choice for people who don't trust MSFT and APPL on privacy and security grounds. We should minimize leakage of data into our hosted environments, and make sure our online services are not the weakest point.
Let's follow EFF's service guidelines.
http://www.eff.org/wp/osp
Summary of Recommendations
1. Develop procedures for dealing with legal information requests and providing notice to users.
2. Work with both attorneys and engineers to develop a privacy policy that fits your OSP’s practices.
3. Collect the minimum amount of information necessary to provide OSP services.
4. Store information for the minimum time necessary for operations.
5. Effectively obfuscate, aggregate and delete unneeded user information.
6. Maintain written policies addressing data collection and retention.
7. Enable SSL as much as possible throughout your site to secure users’ information and communications.
8. Understand threats to the security of sensitive information and communications on your systems, and mitigate them appropriately.
9. Follow best-practice principles for the use of cookies on your site.
10. Insist that the OSPs and other service providers you work with observe these best practices, too. |
|
| 2014-01-21 15:21:37 |
Curtis Hovey |
ubuntuone-servers: assignee |
Registry Administrators (registry) |
|
|
