[Standards] XEP-0363 (HTTP Upload): Privacy Considerations & Deletion

Philipp Hörist philipp at hoerist.com
Tue May 1 08:28:59 UTC 2018


But even that is not very useful, Laws change all the time.

At the same time you can write "Follow the local Laws"

And why would this only concern HTTPUpload, Laws also concern all kind
of data that run over the server.

Its really not the place of a standard document to remember people to
follow the law.

regards

2018-05-01 10:24 GMT+02:00 Kevin Smith <kevin.smith at isode.com>:
> On 1 May 2018, at 09:03, Evgeny Khramtsov <xramtsov at gmail.com> wrote:
>>
>> Mon, 30 Apr 2018 13:20:38 +0200
>> Jonas Wielicki <jonas at wielicki.name> wrote:
>>
>>> I agree with your stance about deletion. Which is why I made it a
>>> separate PR.
>>>
>>> What do you think about the independent extension to the text I
>>> proposed in https://github.com/xsf/xeps/pull/625 ?
>>
>> While I'm fine with having a separate extension, I'm against the PR
>> itself. I think the behaviour is up to a local policy. We shouldn't make
>> default recommendations based on some local laws (GDPR). Because if we
>> do that, we can easily add "NOT" to all "SHOULD"s, and in this case we
>> will describe the local law of Russia (where it is required to keep all
>> users data for at least 6 months). I would really advise XSF to avoid
>> making political statements. Not to mention that the text brings
>> nothing to the document and only increases its size: it doesn't
>> describe any protocol, it doesn't describe security considerations, it
>> doesn't describe UX, so what does it do? Can we replace the text with
>> "People SHOULD live in peace?" Because the meaning of the statement
>> doesn't change a lot and a reader can easily ignore it.
>
> I largely agree with Evgeny on this. I’m fine with having a single line drawing attention to potential requirements (like the "The availability of deletion might be a requirement in jurisdictions where users have a right to have their data deleted on request.” in the PR), but I don’t think this normative language is the right thing to do.
>
> /K
>
> _______________________________________________
> Standards mailing list
> Info: https://mail.jabber.org/mailman/listinfo/standards
> Unsubscribe: Standards-unsubscribe at xmpp.org
> _______________________________________________


More information about the Standards mailing list