[chandler-users] Discouraging privacy policy

Heikki Toivonen heikki at osafoundation.org
Sat Aug 9 10:49:52 PDT 2008

genelkullanim wrote:
> For example check out  Privacy policy summary, item 14
> "We can still hang on to your info if we change names or business
> structures."

I remember discussing this when the policy was drafted, and my
suggestion was to add wording to the effect that in case there are
changes in ownership or some such, OSAF would email subscribers of the
service and let them opt out of the transfer. Would that make it ok for
you? Grand Central did that when they were bought by Google, although I
can't remember if it was stated in GC's policy.

Regardless of what the policy says, I trust the *people* who currently
run the service to do the right thing. There are of course no guarantees
about the people who may run the service in the future.

Like bak wrote, if you want to be really, really sure none of your data
ever gets into anyone else's hands, you can run your own server.

Or you can use service that encrypts everything on the server, so that
it does not matter who has the data. Mozilla's Weave is one such service
(but Chandler would probably need an extension to work with it), but
encryption adds a price to how the data can be handled.

The most secure way is to have everything in big equal sized lumps, but
that means a lot of additional network traffic which slows things down.
A less secure version would be for example to use the Chandler Hub for
storing data, but writing an extension for the desktop client and
Firefox/Lightning so that they would encrypt all data fields except for
date and time information. That way you would still get the benefit of
Chandler/Cosmo putting things in the right places, but all details about
the items would be hidden. It would still be something of a performance
hit, and would effectively prevent the server from storing deltas
between changes (changing one bit of cleartext tends to cause big
changes in encrypted text). Of course quite a bit of information can be
gleaned from the date/time information so this isn't an option if you
are really concerned about your information. And of course with
encryption there is always the risk of you losing your key/password and
thus all your data. Encryption makes sharing information also quite a
bit more difficult.

  Heikki Toivonen - http://heikkitoivonen.net

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.osafoundation.org/pipermail/chandler-users/attachments/20080809/bc683554/signature.pgp

More information about the chandler-users mailing list