| 1 |
On 06/20/2018 12:52 PM, Rich Freeman wrote: |
| 2 |
> On Wed, Jun 20, 2018 at 4:32 AM Michał Górny <mgorny@g.o> wrote: |
| 3 |
>> |
| 4 |
>> Please tell me, how many times did we have to disambiguate two |
| 5 |
>> developers using the same name? Even if we ever have to do that, do you |
| 6 |
>> really think we'd use one's birthday all over the place? |
| 7 |
> |
| 8 |
> Even if we've had two people from the same location with the same |
| 9 |
> name, WHY would we ever have to use their date of birth to identify |
| 10 |
> them? We already have their nicks which is what we use internally, |
| 11 |
> and those are always unique. |
| 12 |
|
| 13 |
One morbid example would be someone getting a stone in the back of their |
| 14 |
head, at which point the nick will likely not help much... But the |
| 15 |
underlying need is likely to arise more due to other circumstances for |
| 16 |
needing to contact, say a retired dev needs to provide evidence in a |
| 17 |
copyright case and we need to track them down to get said statement. |
| 18 |
|
| 19 |
> |
| 20 |
> And if we DID have to identify a specific individual legally, then why |
| 21 |
> aren't we collecting government ID numbers, which actually do the job |
| 22 |
> a LOT better than DOB? |
| 23 |
|
| 24 |
Storing those would require much higher security than a simple DOB |
| 25 |
|
| 26 |
> |
| 27 |
> As far as I'm aware, under most privacy laws and policies I've seen, |
| 28 |
> name+DOB is just as sensitive as a government ID number. If |
| 29 |
> collecting the latter makes you recoil in horror, then you should be |
| 30 |
> just as concerned about DOB collection. |
| 31 |
|
| 32 |
I'm not, but views of truestees might differ on that; we have reasons to |
| 33 |
collect it, it is part of recruiting process known to developer, so the |
| 34 |
legal matter wouldn't be on the collecting part but the storage part, |
| 35 |
and here they differ quite a lot in practice (although it shouldn't as |
| 36 |
even SSN is just a Primary Key in theory). |
| 37 |
|
| 38 |
|
| 39 |
> Just ask put on the dev application a certification that they are |
| 40 |
> legally allowed to sign agreements. That depends on more than just |
| 41 |
> age anyway. |
| 42 |
|
| 43 |
The latter is an interesting point. |
| 44 |
|
| 45 |
> |
| 46 |
> Could somebody lie? Sure, just as they can lie today about their DOB. |
| 47 |
|
| 48 |
I'm not too concerned about misrepresentation, there are other ways to |
| 49 |
pursue that, but at least there is an element of CYA. |
| 50 |
|
| 51 |
> |
| 52 |
> This is just reasonable care. I don't think there is any expectation |
| 53 |
> by anybody that we have a higher level of certainty that our |
| 54 |
> developers are able to sign things (DCOs or otherwise - which are also |
| 55 |
> just reasonable care, unless we intend to start doing in-depth reviews |
| 56 |
> of every commit). |
| 57 |
> |
| 58 |
> If we did need a higher level of certainty, then just asking for DOB |
| 59 |
> won't cut it. We'd need to verify IDs, take at least some level of |
| 60 |
> care that they aren't mentally incapacitated, and know the local age |
| 61 |
> of being able to sign such agreements. |
| 62 |
|
| 63 |
Indeed |
| 64 |
|
| 65 |
> |
| 66 |
> I think we need to take a step back and consider the threat model |
| 67 |
> here. What is the threat we need to protect against? Is collecting |
| 68 |
> DOB an effective but least-intrusive way of mitigating that threat? |
| 69 |
> |
| 70 |
|
| 71 |
This is always a good question, discussions are always helpful to |
| 72 |
determine that. |
| 73 |
|
| 74 |
-- |
| 75 |
Kristian Fiskerstrand |
| 76 |
OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net |
| 77 |
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 |
Archives