[Operators] GDPR & XSF 14 - Minutes

Maxime Buquet pep at bouah.net
Fri May 18 12:35:34 UTC 2018

# GDPR & XSF 14

At xsf at muc.xmpp.org - 2018/05/18 11:30 UTC
Attendees: winfried, Ge0rG, jonasw, pep.

Date of Next: 2018/05/22 10:30 UTC


 1. What consequences does the GDPR has for the Jabber network?
 2. .. Jabber server operators?
 3. .. what can/should do the XSF with that?
Q2) What consequences does the GDPR has for the XSF running Jabber server?
Q3) What consequences does the GDPR has for the work processes of the XSF
itself (membership, voting, wiki etc)?

## Q1
### Q1.2


Overview of the roles and responsabilities within the context of GDPR, for
XMPP operators. Definition of data subject, data controller, data processor,
and third-party.

- Other examples of third-parties:
  * Remote Roster Management (not handled by the same operator)
  * Push services

- Warning for (android) mobile client devs:
  By using Google APIs, you have to ensure that your users agree to Google's
  Privacy Policies[0]. You need to have the user opt-in for push services if
  you want to fall under GDPR.
  Seealso comprehensive documentation by daniel[1] of data that's being passed
  to the push component, and sent to Google, in his implementation.
  iOS devs might be in a similar situation.

- How is the Tos/data protection policy template going on?

[0]: https://developers.google.com/terms/#section_7_privacy_and_copyright_protection
[1]: https://github.com/inputmice/p2

Maxime “pep” Buquet
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/operators/attachments/20180518/47227a46/attachment.sig>

More information about the Operators mailing list