This site uses cookies. By continuing to browse the site, you agree to our use of cookies. Find out more about cookies.
Skip to main content
Metadecidim's official logo
  • English Triar la llengua Elegir el idioma Choose language
    • Català
    • Castellano
Sign Up Sign In
  • Home
  • Processes
  • Assemblies
  • Initiatives
  • Consultations
  • Conferences
  • Help

Propose new functionalities for Decidim software

#DecidimRoadmap Designing Decidim together

Phase 1 of 1
Open 2019-01-01 - 2030-12-31
Process phases Submit a proposal
  • The process
  • Debates
  • Propose new features
  • News
chevron-left Back to list

GDPR / Data portability - User authorizations metadata

Avatar: Antti Hukkanen Antti Hukkanen
24/08/2019 09:42  

Currently it seems it seems the "My data" export does not contain the user's authorizations metadata.

It would be important to include these as well because most of the times they store user's personal information.

  • Filter results for category: Participant profile and configuration Participant profile and configuration

List of Endorsements

Avatar: Ivan Vergés Ivan Vergés verified-badge
Endorsements count1
GDPR / Data portability - User authorizations metadata Comments 7

Reference: MDC-PROP-2019-08-14756
Version number 1 (of 1) see other versions
Check fingerprint

Fingerprint

The piece of text below is a shortened, hashed representation of this content. It's useful to ensure the content hasn't been tampered with, as a single modification would result in a totally different value.

Value: 041957873721c2330d26d200d4f91950a47a4f3c5dedf92ded12ca7af016b4cd

Source: {"body":{"en":"Currently it seems it seems the \"My data\" export does not contain the user's authorizations metadata.\r\n\r\nIt would be important to include these as well because most of the times they store user's personal information."},"title":{"en":"GDPR / Data portability - User authorizations metadata"}}

This fingerprint is calculated using a SHA256 hashing algorithm. In order to replicate it yourself, you can use an MD5 calculator online and copy-paste the source data.

Share:

link-intact Share link

Share link:

Please paste this code in your page:

<script src="https://meta.decidim.org/processes/roadmap/f/122/proposals/14756/embed.js"></script>
<noscript><iframe src="https://meta.decidim.org/processes/roadmap/f/122/proposals/14756/embed.html" frameborder="0" scrolling="vertical"></iframe></noscript>

Report inappropriate content

Is this content inappropriate?

Reason

7 comments

Order by:
  • Older
    • Best rated
    • Recent
    • Older
    • Most discussed
Conversation with Antti Hukkanen
Avatar: Antti Hukkanen Antti Hukkanen
10/10/2019 11:54
  • Get link Get link

Another problem with this is that the authorization metadata can be sensitive in nature. If this data is delivered through an email (as it is now), it can make the delivered data vulnerable for information leaks as email is not a secure data transfer method as itself.

Avatar: Ivan Vergés Ivan Vergés verified-badge
11/10/2019 10:55
  • Get link Get link

Do you have any proposal of how to do that and deal with multi-server installations?
There's a first proposal of serving encrypted zips here
https://github.com/decidim/decidim/pull/5342
However it stills suffers the wickness of sending the password via email

Avatar: Antti Hukkanen Antti Hukkanen
11/10/2019 11:13
  • Get link Get link

Yeah, there is not much sense to encrypt the data in case the encryption key is in the same message as the encrypted data. This is comparable to delivering the data without any encryption.

The encryption key could be shown e.g. under the user's personal data page where they could get it. Although it's much more complicated for the user (especially as they need a special software to open the file), so I would expect this to generate additional support requests.

In my opinion, the personal data should not be sent over email at all. The export should become available for a period of time under the "My data" section and the email should just state that the data can be now downloaded from that page. Before that, it should instruct the user to wait for the export to complete.

Avatar: Ivan Vergés Ivan Vergés verified-badge
11/10/2019 11:24
  • Get link Get link

Probably the best idea, but dealing with multi-server instances we cannot rely on the server filesystem to store the data. It should have to be stored in a S3-storage like system. Then we should provision security either encrypting that file and decrypting it when downloading or other methods available in the file-storage provider. I think that's the main technical challenge to overcome to do that.

Avatar: Antti Hukkanen Antti Hukkanen
18/10/2019 09:22
  • Get link Get link

I think the multi-server instances should not be any different of single server instances. We are already storing data that needs to persist over the multiple servers, such as proposal attachments, participatory space images, organization images, etc.

This can be already handled through Carrierwave or Active Storage.

However, I would think that it would be beneficial to define few different storage locations for the data:
- One for the public data that is stored right now
- One for the private data that should not be available through any public URLs (the files themselves, they would always have to be served through a Rails route to check the user has rights to download the files)

The private data location could be also used for other more sensitive files, such as the authorization attachment uploads (e.g. copy of passport).

Avatar: Ivan Vergés Ivan Vergés verified-badge
18/10/2019 10:45
  • Get link Get link

+1

Avatar: Antti Hukkanen Antti Hukkanen
10/10/2019 11:54
  • Get link Get link

This is also somewhat related to:
GDPR / Right to be forgotten - User authorizations metadata

Add your comment

Sign in with your account or sign up to add your comment.

Loading comments ...

  • Terms and conditions of use
  • About the community
  • Download Open Data files
  • Metadecidim at Twitter Twitter
  • Metadecidim at Instagram Instagram
  • Metadecidim at YouTube YouTube
  • Metadecidim at GitHub GitHub
Creative Commons License Website made with free software.
Decidim Logo

Confirm

OK Cancel

Please sign in

decidim Sign in with Decidim Barcelona
Or

Sign up

Forgot your password?