futurecoder icon indicating copy to clipboard operation
futurecoder copied to clipboard

Published 20 hours ago verified publisher icon alexmojaki

Storing code entries

Open alexmojaki opened this issue 4 years ago • 0 comments

When users submit code to run, I want to store an entry/log of that submission, including:

  • The code
  • The user
  • The output
  • The result, i.e. did they pass the step
  • Which step they were on

This has many uses, including:

  • Analysing patterns in submissions, particularly common mistakes that should be addressed by a special message step
  • Showing users their past submissions, e.g. as in #91

The first question is: who has access to this data? What I really want is to make it easily publicly available for anyone to look at, whether it's contributors trying to improve futurecoder or people doing their own research on learning programming with no interest in futurecoder itself. I suspect that will be a problem.

I don't think there's anything wrong with storing and exposing this data. It's not personal data - email addresses won't be exposed, just some user identifier to group submissions together. But I might be missing a reason why it's wrong (or even illegal) which someone will angrily point out, or people may just feel it's wrong even if they can't properly justify it. So people need to be told that this is happening and probably be given a way to opt out.

Questions:

  1. What is legal? Is GDPR relevant here? Does data need to be deleted after a certain window, e.g. 30 days? If so, making it public is not an option.
  2. Who has access? The public? Just me? GitHub collaborators?
  3. How do we tell users? Is it just buried in some sort of privacy policy or terms and conditions that they accept on signup?
  4. Do we give users a way to opt out of making their submissions public?
  5. How do they opt out? With a checkbox upon signup? A toggle in the settings in the main app (alongside 'developer mode')?
  6. What's the default? Do they have to take explicit action to opt in, or to opt out?
  7. If data is always kept private at first, what happens to existing user data if later I add the option for it to be public? Does it just remain private? Do I email users "hey your data is going to become public unless you click a button within 30 days"?

alexmojaki avatar Feb 10 '21 10:02 alexmojaki