Hi there, I am following up on [https://www.youtube.com/watch?v=b6KEoNVKFxM Will's great talk during DjangoConEU 2018]. If you haven't watched the talk or don't know what GDRP is, I'd highly recommend watching it before you continue reading. The following message will be a collection of the things that have been discussed during the conferences regarding GDRP.
Purpose of this post: *Discuss best ways Django as a community can do to support it's developers to deal with GDRP and build software that is GDPR compliant by design.* We had plenty of discussion afterwards here is the current common sense: GDPR is a shift is a shift in software design and architecture. It introduces a concept of data ownership on users bases in contrast to the previous single owner (webmaster). It is within the responsibility of a web framework now to not only provide built in security but also privacy. Furthermore Django does provide built in ways to store (process) private data, namely - first name - last name - email - username all of which can be used to identify an individual. That being said Django does currently not supply any easy way to ensure GDPR compliance for this data. After a lot of discussion it does not seem feasible to just go ahead and implement something in Django just now. Therefore I we should create a Django privacy workgroup. The primary focus of this workgroup would be to support the Django community. I would suggest to do this though a DEP (Django Enhancement Proposal) as well as a public tutorial. The tutorial should point out best practices on how to deal with personal or sensitive personal data. How to provide interfaces to ensure portability, the right to be forgotten or processed. Best -Joe -- Johannes Hoppe www.johanneshoppe.com Want to chat? Let's get a coffee! https://calendly.com/codingjoe/coffee Lennéstr. 19 14469 Potsdam USt-IdNr.: DE284754038 -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/CAPcC2o%3DanXMqz%3DaqKSjsgN6PsxGuND8atgevp6Ti_gjqYW9B2w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
