Hi Samuel, On Tue, 2008-09-16 at 09:11 +0200, Samuel Murray (Groenkloof) wrote: > G'day everyone > > > At the moment, new users are not told how their details will be used and > > how much of it will be made public. This is actually kinda crucial. > > Users are not told, for example, that their e-mail addresses will be > > visible to the public, to anyone who downloads the PO file, or to anyone > > who encounters the PO file at any stage. It is important that they be > > told of this. > > All of this can be written in a privacy policy page that is linked to > from every page on Pootle (at the bottom somewhere). > > The problem is that different Pootle servers have different policies, so > I think one should write a policy that is half explanatory so that it > can apply to all servers. A better (but more complicated) solution may > be that the privacy policy page is generated automatically from options > selected in the pootle.prefs file. But let's keep it simple for now. > > So here's my attempt: > > == > > GENERIC PRIVACY POLICY OF POOTLE SERVERS > > The way a Pootle server deals with privacy, depends on the licence of > the translated files and the specific policies of the computer on which > the Pootle server is hosted. > > Pootle was originally designed not for private participation but with > public collaboration in mind, and the way it deals with a user's > information, reflects that. > > Typically, a user's name and e-mail address is automatically added to > his translation. The owner of this Pootle server has no control over > the way the translations (and therefore also the user's name and e-mail > address) will eventually be made public. > > Various pieces of information about a user can be accessed by the > public, by other users, by users with administrative privileges, by > users of the server with read access rights, and by users of the server > with root privileges. Some information that cannot be accessed > directly, can be deduced from other information. The only information > about a user that is truly private, is his password. All other > information submitted by the user, including record of his activities, > may be available to a number of people, including members of the public. > > A user's activities are written to a log that typically cannot be > accessed via the web interface and only be accessed by users of the > server with read access rights. Whether users of the server may make > such logs public depends on the policies of the server itself. > > For privacy purposes, therefore, users should assume that everything on > their profile pages (except the password) can eventually be viewed by > any member of the public, and that a log of all of their activities on > Pootle can either be viewed or deduced by any member of the public. > > == > > So, what do you think?
Looks OK, although a bit scary. I prefer legalise that says the same but makes it sound wonderful ;) I'm less concerned about the content then about how we display this. I think we have a generic mechanism for example to display error messages. A simple HTML snippet that can be embedded into that error message would do the trick. Anyone interested in taking a look at this? If not I'll probably give it a go. -- Dwayne Bailey Associate +27 12 460 1095 (w) Translate.org.za +27 83 443 7114 (c) Recent blog posts: * The birth of the GNU generation http://www.translate.org.za/blogs/dwayne/en/content/birth-gnu-generation * Firefox users experience discrimination * RPM packages for py lib 0.9.2 ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Translate-pootle mailing list Translate-pootle@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/translate-pootle
