[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-community
Subject:    Re: Help with KDE PIM and Google Privacy Policies needed
From:       Riccardo Iaconelli <riccardo () kde ! org>
Date:       2020-03-25 11:32:21
Message-ID: 4955574.qQDfrjigNE () knuth
[Download RAW message or body]

On venerdì 6 marzo 2020 07:40:49 CET Martin Flöser wrote:
> And reading the screenshot I think that's the problem. We state in our 
> privacy policy about 3rd party plugins and Akonadi. Especially Akonadi 
> is a "transfer of data to others" and that allows all applications to 
> access the data. If KWin accesses the data it would be in violation of 
> the additional requirements of the requested scope.

I'd take it one step further: What we call third party (a non KDE app) is not what \
lawyers would call third party (which is a legal third party, i.e. not the user). \
KWin is not a third party, as it's controlled entirely by the user and runs on \
his/her computer. Even if it would access the data, it would merely be a different \
tool that the user can install/use to manipulate her own data.

In other words, I'd simply get rid of the following paragraph. It's an implementation \
detail (i.e. an internal name of a component/project) that has no place in a privacy \
policy and doesn't change the fact that we don't do anything with the user data:

- Some user's personal information and data obtained from third party services are \
cached locally by a background service called Akonadi, which is part of Kontact. It \
is possible for any locally running software to interact with Akonadi and thus \
access, modify or delete any data stored there. The data are factically stored in a \
local database controlled by Akonadi. They may also be indexed for full-text search \
by Akonadi Indexing Agent.

If we really wanted to, we could explicitly include some reference to the indexing \
that we do, but with clear indications that all of the indexing happens locally and \
that data never leaves the user machine. I am convinced that this too is an \
implementation detail and has no implication whatsoever on privacy.

Maybe I'd add a sentence clarifying that all of the data stays on the user machine \
and only there, and that we have no access whatsoever to it. It's unfortunately not \
always obvious to everyone nowadays.

Riccardo
-- 
Pace Peace Paix Paz Frieden Pax Pokój Friður Fred Béke 和平
Hasiti Lapé Hetep Malu Mир Wolakota Santiphap Irini Peoch שלום
Shanti Vrede Baris Rój Mír Taika Rongo Sulh Mir Py'guapy 평화


[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic