Aquest lloc web fa servir cookies pròpies i de tercers per millorar l’experiència de navegació, i oferir continguts i serveis d’interès. En continuar la navegació entenem que acceptes la nostra política de cookies. Per a més informació consulta aquí.
Vés al contingut principal
Logo oficial de Metadecidim
  • Català Triar la llengua Elegir el idioma Choose language
    • Castellano
    • English
Registra't Entra
  • Inici
  • Processos
  • Assemblees
  • Iniciatives
  • Consultes
  • Jornades
  • Ajuda

Proposa noves funcionalitats

#DecidimRoadmap Dissenyant el Decidim entre totes

Fase 1 de 1
Obert 01-01-2019 - 31-12-2030
Veure les fases Envia una proposta
  • El procés
  • Debats
  • Proposa noves funcionalitats
  • Novetats
chevron-left Torna al llistat

GDPR / Data portability - User authorizations metadata

Avatar: Antti Hukkanen Antti Hukkanen
24/08/2019 09:42  

Currently it seems it seems the "My data" export does not contain the user's authorizations metadata.

It would be important to include these as well because most of the times they store user's personal information.

  • Resultats al filtrar per la categoria: Perfil de participant i configuració personal Perfil de participant i configuració personal

Llistat d'adhesions

Avatar: Ivan Vergés Ivan Vergés verified-badge
Número d'adhesions1
GDPR / Data portability - User authorizations metadata Comentaris 7

Referència: MDC-PROP-2019-08-14756
Versió 1 (de 1) veure altres versions
Verifica l'empremta digital

Empremta digital

El text següent és una representació abreviada i hashejada d'aquest contingut. És útil per garantir que el contingut no hagi estat alterat, ja que una única modificació provocaria un valor totalment diferent.

Valor: 041957873721c2330d26d200d4f91950a47a4f3c5dedf92ded12ca7af016b4cd

Origen: {"body":{"en":"Currently it seems it seems the \"My data\" export does not contain the user's authorizations metadata.\r\n\r\nIt would be important to include these as well because most of the times they store user's personal information."},"title":{"en":"GDPR / Data portability - User authorizations metadata"}}

Aquesta empremta digital es calcula mitjançant un algoritme de hash SHA256. Per reproduir-lo tu mateix, pots utilitzar una Calculadora MD5 en línia i copiar-hi les dades d'origen.

Compartir:

link-intact Compartir l'enllaç

Compartir l'enllaç:

Si us plau, enganxa aquest codi a la teva pàgina:

<script src="https://meta.decidim.org/processes/roadmap/f/122/proposals/14756/embed.js?locale=ca"></script>
<noscript><iframe src="https://meta.decidim.org/processes/roadmap/f/122/proposals/14756/embed.html?locale=ca" frameborder="0" scrolling="vertical"></iframe></noscript>

Reportar contingut inapropiat

Aquest contingut no és apropiat?

Motiu

7 comentaris

Ordenar per:
  • Més antic
    • Més ben valorats
    • Recent
    • Més antic
    • Més discutit
Conversa amb Antti Hukkanen
Avatar: Antti Hukkanen Antti Hukkanen
10/10/2019 11:54
  • Obtenir enllaç Obtenir enllaç

Another problem with this is that the authorization metadata can be sensitive in nature. If this data is delivered through an email (as it is now), it can make the delivered data vulnerable for information leaks as email is not a secure data transfer method as itself.

Avatar: Ivan Vergés Ivan Vergés verified-badge
11/10/2019 10:55
  • Obtenir enllaç Obtenir enllaç

Do you have any proposal of how to do that and deal with multi-server installations?
There's a first proposal of serving encrypted zips here
https://github.com/decidim/decidim/pull/5342
However it stills suffers the wickness of sending the password via email

Avatar: Antti Hukkanen Antti Hukkanen
11/10/2019 11:13
  • Obtenir enllaç Obtenir enllaç

Yeah, there is not much sense to encrypt the data in case the encryption key is in the same message as the encrypted data. This is comparable to delivering the data without any encryption.

The encryption key could be shown e.g. under the user's personal data page where they could get it. Although it's much more complicated for the user (especially as they need a special software to open the file), so I would expect this to generate additional support requests.

In my opinion, the personal data should not be sent over email at all. The export should become available for a period of time under the "My data" section and the email should just state that the data can be now downloaded from that page. Before that, it should instruct the user to wait for the export to complete.

Avatar: Ivan Vergés Ivan Vergés verified-badge
11/10/2019 11:24
  • Obtenir enllaç Obtenir enllaç

Probably the best idea, but dealing with multi-server instances we cannot rely on the server filesystem to store the data. It should have to be stored in a S3-storage like system. Then we should provision security either encrypting that file and decrypting it when downloading or other methods available in the file-storage provider. I think that's the main technical challenge to overcome to do that.

Avatar: Antti Hukkanen Antti Hukkanen
18/10/2019 09:22
  • Obtenir enllaç Obtenir enllaç

I think the multi-server instances should not be any different of single server instances. We are already storing data that needs to persist over the multiple servers, such as proposal attachments, participatory space images, organization images, etc.

This can be already handled through Carrierwave or Active Storage.

However, I would think that it would be beneficial to define few different storage locations for the data:
- One for the public data that is stored right now
- One for the private data that should not be available through any public URLs (the files themselves, they would always have to be served through a Rails route to check the user has rights to download the files)

The private data location could be also used for other more sensitive files, such as the authorization attachment uploads (e.g. copy of passport).

Avatar: Ivan Vergés Ivan Vergés verified-badge
18/10/2019 10:45
  • Obtenir enllaç Obtenir enllaç

+1

Avatar: Antti Hukkanen Antti Hukkanen
10/10/2019 11:54
  • Obtenir enllaç Obtenir enllaç

This is also somewhat related to:
GDPR / Right to be forgotten - User authorizations metadata

Deixa el teu comentari

Inicia la sessió amb el teu compte o registra't per afegir el teu comentari.

Carregant els comentaris ...

  • Termes i condicions d'ús
  • Sobre la comunitat
  • Descarrega els fitxers de dades obertes
  • Metadecidim a Twitter Twitter
  • Metadecidim a Instagram Instagram
  • Metadecidim a YouTube YouTube
  • Metadecidim a GitHub GitHub
Amb llicència Creative Commons Web creada amb programari lliure.
Logo Decidim

Confirmar

D'acord Cancel·lar

Si us plau, inicia sessió

decidim Inicia sessió amb Decidim
O

Registra't

Has oblidat la teva contrasenya?