https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14242
--- Comment #118 from Victor Grousset/tuxayo <vic...@tuxayo.net> --- Some findings that will be useful for QA The request to googleapis.com is done from the browser directly. IIUC the fact that it's due to Koha means that Koha (and thus the library) processes personal data by sending it to Google. Which means the library should (someplaces legally or just by best practices) inform the patrons in the list of all personal data processings. Which personal data? - IP address - user agent - Accept-Language - ISBN search Which is enough to identify someone/a device and for example know some of their reading preferences and use that in advertising. That likely means that it should be avoided unless it's absolutely necessary. One solution could be for Koha to be a proxy for the requests. Is there an example of Koha acting as a proxy to an external service? Since it's an old bug, would me creating a followup bug about proxying the query be enough? And meanwhile, should a small warning in the syspref description be added? So the library can update their documents about their personal data processing. Something like «Personal data processing: Google will receive the following data: IP address, OS name, web browser version, prefered languages, and the ISBNs of the books suggested.» A more experienced English speaker might find a better phrasing. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
