Simon Poole <si...@poole.ch> writes: > I've produced an updated version of the OSM privacy policy: > http://wiki.openstreetmap.org/wiki/Updated_Privacy_Policy (the original > resides here: http://wiki.openstreetmap.org/wiki/Privacy_Policy).
I have a few big-picture comments so I'm sending them to talk@.
With respect to data obtained from the site, I think that's nominatim
queries and also the particular areas that are looked at, posssibly
associated with IP address, and associated with a user if logged in.
The policy doesn't address if logs are kept by IP address or by
username, and for how long. At first glance, I would be in favor of
limiting log lifetime to 30 days or so, and not backing them up.
I would for example find a (beyond-admins) heatmap of which locations
were loaded to be overly invasive if it were more granular than 1km or
so.
in support of the operation of the services from a technical,
security and planning point of view.
That's fine in theory, but the question is to whom are they
accessible/disclosed, and under what terms. It's pretty clear you mean
by a small subset people working within OSM who agree not to disclose
anything beyond counts/trends. That's fine, but it's not what the text
says - as long as there is a nexus to support of operations, any
disclosure is within policy.
as anonymised, summarised data for research and other
purposes. Such data may be offered publicly via
http://planet.openstreetmap.org or other channels and used by 3rd
parties.
Anonymized and summarized are different and it is very tricky to prevent
"reidentification" of anonymized data. So summarized, where the
individual items no longer appear (queries/month, etc.), I have no issue
with. If individual addresses appear, then there's no summarization,
and the geo nature of things means that there can be a single address in
a region, even if there are 10K in the dataset. What that means, I
don't know, but it doesn't seem good to publish the list of addresses
that people looked up.
to improve the OpenStreetMap dataset. For example by analysing
nominatim queries for missing addresses and postcodes and providing
such data to the OSM community.
It may be reasonable to have on the nomination failure page a "add this
query to a public list of queries without an answer". That will both
avoid people's queries getting published when they didn't want them to,
and also filter out some typos. Sort of like a map note by address we
can't geocode, rather than by coordinates.
With real routing, addresses that are frequent from values are likely
those of OSM users; publishing that seems uncool.
No personal information or information that could be linked to an
individual will be released to third parties, except as required by law.
That's pretty strong, given reidentifciation concerns. So perhaps
that's "other than as specififed above".
Third party services providing content linked to via or third party
JavaScript files utilised by OSMF provided sites are not covered by this
policy and you will need to refer to the respective service providers
for more information. Examples of such services and content are the HOT
and CycleMap map layers on openstreetmap.org and the JavaSctipt
frameworks used by help.openstreetmap.org.
This is an interesting question. It would be reasonable for OSMF to
require that other entities whose content is integrated into
openstreetmap.org have privacy policies that are consistent with OSMF's
privacy policy. Arguably this should be the case, as it requires some
sophistication to know what's separate.
The javascript frameworks are an interesting question, and I don't know
if the question is about if the hosting provider of the js files keeps
logs, or if the js does bad things. I see the js code as logically part
of the site and just happened to be on a CDN to save bandwidth. But
again from the user viewpoint this is part of the site.
Greg
pgpoqTWd35o2y.pgp
Description: PGP signature
_______________________________________________ talk mailing list talk@openstreetmap.org https://lists.openstreetmap.org/listinfo/talk
