clowdr-web-app icon indicating copy to clipboard operation
clowdr-web-app copied to clipboard

Published 20 hours ago verified publisher icon clowdr-app

DM Privacy Policy

Open jnfoster opened this issue 4 years ago • 2 comments

A question that arose during PLMW...

Does Clowdr have a privacy policy? In particular, can the Clowdr developers read DMs? I think folks probably have an expectation of privacy for DMs, but depending on how many people have access to the backend DB, that expectation may be wrong. Not urgent, but it would be good to clarify and perhaps put in some controls (access control, least privilege, audit).

jnfoster avatar Aug 23 '20 16:08 jnfoster

Lots of tricky issues here. The Twilio service (which we rely on for text chat) does have authorization mechanisms, of course, but we believe that a small group of people (currently just Clowdr devs) needs to have access to all the messages during the conference and for a short period after, in case there are reports of bad behavior that need to be investigated. Our plan is to delete all the chats as soon as Twilio technically allows us to do that (which I think is a couple of months).

bcpierce00 avatar Aug 23 '20 18:08 bcpierce00

This issue has relevance to the new UI and needs clarification in our About/Legal pages, as well as being included in the default homepage/advice for conference organizers.

EdNutting avatar Nov 06 '20 22:11 EdNutting