Follow EFF's service guidelines, and advertise that we do
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Ubuntu One Servers |
Confirmed
|
Wishlist
|
Unassigned | ||
| unity-lens-shopping |
New
|
Undecided
|
Unassigned | ||
Bug Description
Ubuntu should be obvious choice for people who don't trust MSFT and APPL on privacy and security grounds. We should minimize leakage of data into our hosted environments, and make sure our online services are not the weakest point.
Let's follow EFF's service guidelines.
Summary of Recommendations
1. Develop procedures for dealing with legal information requests and providing notice to users.
2. Work with both attorneys and engineers to develop a privacy policy that fits your OSP’s practices.
3. Collect the minimum amount of information necessary to provide OSP services.
4. Store information for the minimum time necessary for operations.
5. Effectively obfuscate, aggregate and delete unneeded user information.
6. Maintain written policies addressing data collection and retention.
7. Enable SSL as much as possible throughout your site to secure users’ information and communications.
8. Understand threats to the security of sensitive information and communications on your systems, and mitigate them appropriately.
9. Follow best-practice principles for the use of cookies on your site.
10. Insist that the OSPs and other service providers you work with observe these best practices, too.
| description: | updated |
| tags: | added: eff-guidelines |
| Changed in ubuntuone-servers: | |
| status: | New → Confirmed |
| assignee: | nobody → Ubuntu One Ops+ team (ubuntuone-ops+) |
| tags: | added: ops+ |
| information type: | Private → Public |
| Chad Miller (cmiller) wrote | #1 |
| Changed in ubuntuone-servers: | |
| assignee: | Registry Administrators (registry) → nobody |
unity-shopping-lens is not tagged for its source code, but to track its anonymization service to more upstreams.