Create a privacy policy for drupal.org

If someone can provide the technical details, I can spend the time doing a write up.

i think we ought to mention that we *might* store their ip address. i think it's really the only solution to this issue: http://drupal.org/node/168009

The privacy policy for g.d.o should also include http://mollom.com/web-service-privacy-policy

We also now have a pretty regular process that removes (emails and IPs?) from the database backups and then share the data (at least for drupal.org) with other parties.

Changed the component to reflect the new component categorization. See http://drupal.org/node/301443
-nielsbom

Anyone want to work on this? Should we kick it to the Legal Eagles in the Association?

I think, Dries should be the one leading this, as we shouldn't take this lightly.

Maybe the lawyers from OSL can help with this?

BIG EDIT:
Misread thread...still, this is a year old, and a privacy policy should be well into place by now if you're going to offer a service to ping the servers with update info sending user info.

Something for the lawyers pronto I believe.

@george2 - my comment in #5 was strictly about situations where the database is being used by someone doing work on the infrastructure (at the time, it was performance tuning and doing performance tuning is something where you want the real data in the real nodes of the site not something _like_ the data). That doesn't happen often and when it does it is scrubbed of all private data prior to being shared.

I believe all of the pingback data from the Update module is already anonymized using a hash of site specific variables rather than those variables themselves.

Also, the IP address where the requests comes from is always stored in Apache logs...but not necessarily in the DB.

thanks for the reply greggles.

I believe all of the pingback data from the Update module is already anonymized using a hash of site specific variables rather than those variables themselves.

a definite answer needs to be determined, and relayed back to the end users in this crazy world of datalogging. :I

George2 - it would be nice if you did some investigation work yourself instead of making demands on others.

In update module there are these lines:

  $site_key = md5($base_url . drupal_get_private_key());
  $projects = update_get_projects();

  foreach ($projects as $key => $project) {
    $url = _update_build_fetch_url($project, $site_key);
    $xml = drupal_http_request($url);

So, the only information sent back are the IP of the incoming request (no way to get around that) and an md5 hash of the base_url concatenated with the site's private key (a random key generated when the site is first installed/used).

bekasu has written up a general privacy policy, spurred by the docs team preparing to do a fair amount of surveying. I'm attaching it here for folks to review and revise, but obviously this needs the legal team to really have at.

This reads as if it had been ripped somewhere... Could we actually use it?

this feels like 10 bazillion words, when just a few hundred will do? it's very verbose. just my 2c

special considerations for Google Adsense or other third parties?

Is the AUP really necessary in this document?

~silverwing

I have to disagree with #14. This current document has very loose wording and even after going through the first couple of paragraphs it's noticable that the content isn't very accurate. Some examples:

"We ask you when we need personally identifiable information. Usually, this information is needed when you register, enter a contest, subscribe to e-mail newsletters, or complete an online survey." This isn't entirely true. You need to register to enter a contest or to subscribe to e-mail newsletters, and your information is required to register.

"You will have to provide your User ID and Password". Actually you need to enter your username and password.

"The use of this cookie allows you to visit other password-restricted portions of Drupal’s Web site — for which you have security access". What does "security access" mean in this context?

Our personal information is needed "[t]o help you quickly find information on Drupal software and contributed modules." How is our personal information required for this information? The documentation pages are available for everyone, as are the module project pages and the search-function. The forum is available for everyone. You do need to register to post comments although I do not consider this as a part of "quickly finding information".

Also since this is a privacy document I'm expecting information about the option to disable/delete my own account, or even just my own comments/posts.

All in all the document in its current state feels amateurish and vague, quite the opposite from what you'd expect from a privacy policy.

Also, do we really need to write Drupal.org and www.Drupal.org? Why capitalize the first letter when even the <title> on drupal.org writes it in all lowercase.

@wmostrey: Exactly these non-fitting phrases make be think that this has been copied from elsewhere and we might have legal problems when using it.

The legalese is considered boilerplate.

I got it from my brother, a contract attorney in Texas.

Since we weren't paying for services, he provided a generic version with simple wording and said 'you will need to change this to fit your specific site'.

He also said 'I assume your opensource group has legal counsel of some sort. That counsel will want to change it and make it their own.'

I went through it and tried to remove some of the heavy handedness on my own. I left in paragraphs that didn't seem relevant to me (e.g., contests), since I have so little history with Drupal. I don't know what you folks have done in the past, nor what you want to try in the future.

There seemed to be some confusion as to who should be authoring a privacy page.. Drupal or Drupal Association.

From my perspective, I just wanted something to cover our butts BEFORE we start actively, routinely surveying the community. There had been requests for this, but no action. So I took initiative to try to get something for folks to critique.

Unless there are any other concerns, I'd like to formally hand this over to 'the legal contact' along with these comments in this dicussion.

why can't the lawyers at da sort this out? a copy/paste template with names changed just isn't professional, and could escalate a ton of problems later on down the road.

At this point I think it's up to the Association and/or its legal counsel to sort out prior to publication; I'm pretty sure this has been brought to their attention.

Then I'll volunteer to bring it to the attention of the Larry Garfield, the legal affairs director at Drupal Assocation.

Anybody have any problem with having them feed the privacy policy monkey?

bekasu

I'm absolutely for getting the legal affairs department of the Drupal Association on this subject, yes.

I've contacted Larry (Crell), but no response yet. I'll wait a few days and check with him next week.

As soon as we've made contact, I'll report back so we can change the status of this issue.

Could it be that you uploaded the wrong version? This document is about Drupal documentation, not about the privacy policy.

Let me try that again.
Here is the .doc version

I'm removing the above comment with the wrong file.

tagging.

Holy undead issue... just googled and found this as I noticed the update http://drupal.org/handbook/modules/update handbook page tells you to go see the privacy policy but isn't linked cause there is none! If/when this gets completed just a reminder to go add this back in (I'm removing it for now, since there's no reference - it was being referred to in the bit about the module sending anon info to d.o and said "Please see the drupal.org privacy policy for more information.").

The policy is complete and can be found here: http://www.drupal.com/trademark

wmostry - privacy policy not equal trademark policy

Is there any way for someone with no legal expertise to move this forward short of joining up with these guys? http://drupal.org/profile/interest/stalking%20crell

Here is a privacy policy from Lexpublic.ca which is a site that has boilerplate privacy policies, under creative commons licenses, and *is built with Drupal.* Clearly with those bona fides it must be good ;)

http://lexpubli.ca/contracts/privacy

The URL you give clearly states that the policy available there is not made for sites like d.o since d.o offers accounts to users.

http://lexpubli.ca/contracts/privacy/legal-terms

Right at the top you need to fill in who runs the website... I wonder who or which entity we'd pu in there...

Also, the thing is too long .

How about:

"Use at your own risk. There be dragons."

Here's a completely new draft, adapted from Ubuntu's. Removed a section on ssl login because i haven't noticed that Drupal uses this.

Privacy policy

We value your privacy and will take all reasonable steps to protect your personal information. We will not distribute your personal information (including email address) to any third party.

All information that you disclose in your public profile, in forum posts, comments, issue queues, or other public portions of the drupal.org sites becomes public information. Please exercise caution when deciding to disclose any personal information in those areas.

I like the brevity.

This:

We will not distribute your personal information (including email address) to any third party.

is not really true afaik depending on how you define third party. We used to send database backups to a third party backup service and may still do so. At a minimum this data is accessible in bulk by OSUOSL and ~40 individuals from third parties (e.g. me). It's also accessible to all users with administer users on d.o which is probably at least a hundred.

How about:

We will not distribute your personal information (including email address) to any party other than those who may need it in their activities to administer the site or infrastructure.

In terms of email address distribution, many people don't know that if they use the contact form to submit requests for the webmaster team, their email address will show up in public archives. Not sure how that information intersects with the Privacy policy...

Gábor: You mean http://drupal.org/node/add/project-issue/webmasters have e-mail addresses included in the Webmasters mailman archive? The link from the mailing list page seems broken - http://lists.drupal.org/private/webmasters/ - and it's not entirely public. I for one don't have access - it's true that some number of admins on drupal.org also have access to people's e-mail addresses; can we have webmasters as well as admins be bound by the privacy policy?

We need to look at who does have access to information as part of forming the privacy policy. Drupal.org for the purpose of this privacy policy is the volunteers who run it– and a hundred users with administer users, if that's the case, would have to see and agree to abide by the privacy policy for it to have meaning. (Disclosure: i do not have administer users, nodes, or any other privilege on Drupal.org except the documentation format.)

I'll come back with another crack at this (informed by good old guide suggested at our host), but i'd appreciate if someone got to incorporating webchick's requirements in the original post and Greg's suggestions first.

OK, wow, bad me for not getting in here earlier.

This subject has come up again in the context of DrupalCon (DrupalCon websites collect more information than d.o does), so I have opened a conversation with our attorney about this subject and directed him to this thread as well.

@crell - when this does get sorted, please ping me (i'll try and keep an eye on the issue tho) so i can reinstate the link in the module update page http://drupal.org/handbook/modules/update (see comment #29 for more details)

See also #932358: Add profile fields on d.o for DrupalCons which includes some examples of data we optionally collect.

@greggles @Crell Can this move forward now that #932358: Add profile fields on d.o for DrupalCons has been completed?

hey - any progress on this? seems pretty important... maybe we ought to bump it up to critical? should i ping kieran about it or something?

Yeah, this should be critical, especially since DrupalCon sites are taking credit cards. Some payment processors require that you have a detailed privacy policy in place before they will agree to process payments.

Also, my vote is on this one: http://www.itworld.com/print/129778

This is Larry Garfield's responsibility.

shouldnt the privacy policy be split up in different parts?

* about logged in users ( we collect IP addresses, useragenets, Operating system, cookies, source IP address, referring site and have a google analytics on our site plus all the data you enter in your profile including email addresses that are partly publicly shared ). why we do this and how you can delete your account (nid 8 :-)

* about ananomous users (we collect IP addresses, useragenets, Operating system, cookies, source IP address, referring site and have a google analytics on our site)

* about updates your webserver request (I don not know what we collect but I presume the standard webserver stats are logged)

-maybe additional services that we use on drupalcon websites, g.d.o, mailing lists etc?

Related to this, it would be nice to provide selected exports of data that's public (could be crawled via anonymous http) rather than encouraging/requiring people to actually crawl the whole site repeatedly.

Example data sets (maybe produced weekly):

All projects in a given category (modules, themes, profiles)
Public info from user profiles (from drupal.org)
All groups, or groups per category (e.g. all regional groups from groups.d.o)

This data is essentially already available to people on the infra team and volunteers via scrubbed DB dumps #636340: Provide generally available, regular exports of already public data from the drupal.org database

I've opened an issue for actually making the exports, but sounds from IRC discussion like having a published privacy policy is appropriate before we do that.
#1068432: Provide regular exports of public data

Building on suggestions above, how about something like:

We value your privacy and will take all reasonable steps to protect your personal information. We do not share, or distribute your personal information (including email address), but it may be accessible to those volunteers and staff who administer the site and infrastructure.

All information that you disclose in your public profile, in forum posts, comments, issue queues, or other public portions of the drupal.org sites becomes public information and can be used in accordance with the Creative Commons License, Attribution-ShareAlike 2.0. Please exercise caution when deciding to disclose any personal information in those areas.

IP addresses, URLs visited, and related information is recorded for all site visitors for the purpose of site traffic analytics and captured as part of normal operation in our server logs.

note http://drupal.org/licensing/faq#q5 which is not really linked as well as it should be. Perhaps we can add that to the footer links?

I like the friendly, community-voiced tone of #49 by @pwolanin.

We probably want to note something about Bakery-enabled sites, and that once you log in you're theoretically logged in anywhere in the *.d.o and *.drupalcon.org webisphere, and that cookies will follow you from one to the next, and all these sites will be interconnected, with connections visible, or at least findable, by the public. (Use case: Someone registers for an event under his own name, but that's connected to his pseudonymous account on drupal.org, and the pseudonym is now tied to a real name.)

I am not comfortable with stating such a license wrt profiles.

I am also not sure, if we should make pages like the personal tracker pages unavailable to anon users. And maybe even stop displaying usernames to anon users. The importance of privacy is underestimated.

@Gerhard - how would you treat user profiles? I think it is reasonable for anyone in the community to be able to re-use that data to make a heatmap of users per country, or a tag cloud of languages, or look for correlations between some attribute and whether they went to Drupalcon CPH.

however, I certainly think it's fine to not provide any tracker pages for anonymous users - for performance if no other reason.

Firsst, I'm +1 to the proposal in #49. We should probably let this simmer for 3 weeks until Larry can get to it post Drupalcon.

Regarding #51, let's say we hide usernames (but show some other unique identifier) and hide tracker pages. What happens?

Someone would
1) Build a crawler that crawls content pages and parses them to find usernames so they can get the same data in tracker pages.
2) Use that crawler in a logged-in mode to create a map between usernames and whatever public unique identifier we do use.

This just creates more load for the server, not less and has no impact on privacy.

I think we should not use this exercise as a reason to start hiding information that is currently available. The web is moving to be more open with data, it would be unfortunate/weird if instead our community went the other way.

side note: http://drupal.org/user/1/track is available to anonymous while http://drupal.org/tracker/1 is not - weird, I know

On #49:

First paragraph, not just "volunteers and staff who administer the site and infrastructure," we have http://drupal.org/node/1006562 for development. The DB is sanitized to remove what is not publicly visible, so it might be okay.

For the last paragraph, we do use Google Analytics and should link to http://www.google.com/intl/en/analytics/privacyoverview.html. Otherwise, it is (I think standard) Apache/Varnish log files (aggregated by AWStats).

I hate to do it, but in reality, things change, we need to allow for it.

... and we use DFP on pages like http://drupal.org/hosting. Their policies are, https://www.google.com/intl/en_US/dfp/info/sb/policies.html#utm_source=d....

+1 for #49.

Here is a new draft for review:

We value your privacy and will take all reasonable steps to protect your personal information. We do not share, or distribute your personal information (including email address), but it may be accessible to those volunteers and staff who administer the site and infrastructure.

All information that you disclose in your public profile, in forum posts, comments, issue queues, or other public portions of the Drupal.org sites becomes public information and can be used in accordance with the Creative Commons License, Attribution-ShareAlike 2.0. Please exercise caution when deciding to disclose any personal information in those areas.

IP addresses, URLs visited, and related information is recorded for all site visitors for the purpose of site traffic analytics and captured as part of normal operation in our server logs. Cookies are used to track logins, sessions, and collect anonymous traffic data.

We use 3rd-party services like Google Analytics, DoubleClick for Publishers, and RegOnline, who provide their privacy policies and cookie opt-out.

This policy may change, the most current version is available at http://drupal.org/privacy.

If you have any questions or feel we are violating this policy, please file an issue in webmasters [and/or contact Drupal Association?].

#57 looks perfect to me.

1. we might want to add that we do not share private information that we store (not third parties like analytics) to anyone else unless we need to do so by law (never happend but might happen)
2. I do not see why the DA has to be involved in the privacy policy of d.o? last sentence might be deleted.

Ya, the DA does not control the policies afaik, so just refer to the webmasters.

Still not sure about the licensing part.

In the context of this being personal information: Does it make sense to allow modification of the content?

This would mean I could put up falsified personal information of d.o contributors.

- I deferred the licensing to http://drupal.org/licensing/faq which looks organized & accurate. Changing that document is a separate issue.
- I removed the note about RegOnline. DrupalCons will use many more services and data and should handle their own privacy.
- I removed contacting the DA.
- Added "We may be required to share personal information by law." to the first paragraph.

We value your privacy and will take all reasonable steps to protect your personal information. We do not share, or distribute your personal information (including email address), but it may be accessible to those volunteers and staff who administer the site and infrastructure. We may be required to share stored personal information by law.

All information that you disclose in your public profile, in forum posts, comments, issue queues, or other public portions of the Drupal.org sites becomes public information see Licensing FAQ for information on legal uses of Drupal.org content.

IP addresses, URLs visited, and related information is recorded for all site visitors for the purpose of site traffic analytics and captured as part of normal operation in our server logs. Cookies are used to track logins, sessions, and collect anonymous traffic data.

We use 3rd-party services like Google Analytics and DoubleClick for Publishers, who provide their privacy policies and cookie opt-out.

This policy may change, the most current version is available at http://drupal.org/privacy.

If you have any questions or feel we are violating this policy, please file an issue in webmasters.

minor nits:

information see Licensing FAQ -> information. See the Licensing FAQ

who provide their privacy policies -> who provide their own privacy policies

I like the iterations.

One thought: This should indicate what sites this covers. Logging in on Drupal.org and suddenly being logged in everywhere else certainly entails potential privacy issues. Simply clarifying what sites are covered by this policy should mostly cover this. (And I think wildcards would be fine, though that may be a legalese matter.)

Changed according to the last 2 comments.

This policy covers Drupal.org sites, including subdomains of Drupal.org, like groups.drupal.org and api.drupal.org. Individual sites, like conference sites, may have additional policies.

We value your privacy and will take all reasonable steps to protect your personal information. We do not share, or distribute your personal information (including email address), but it may be accessible to those volunteers and staff who administer the site and infrastructure. We may be required to share stored personal information by law.

All information that you disclose in your public profile, in forum posts, comments, issue queues, or other public portions of the Drupal.org sites becomes public information. See the Licensing FAQ for information on legal uses of Drupal.org content.

IP addresses, URLs visited, and related information is recorded for all site visitors for the purpose of site traffic analytics and captured as part of normal operation in our server logs. Cookies are used to track logins, sessions, and collect anonymous traffic data.

We use 3rd-party services like Google Analytics and DoubleClick for Publishers, who provide their own privacy policies and cookie opt-out.

This policy may change, the most current version is available at http://drupal.org/privacy.

If you have any questions or feel we are violating this policy, please file an issue in webmasters.

+1 Approved! (if it's edited again, i prefer "such as" over "like" ;-) )

+1 #64.

Do we need a legal sign-off or just go with webmaster +1s? I think this looks good but ianal.

I will ask Larry to take a look at this, but expect he is really busy this week.

I'm pretty sure that Larry has never been admitted to a bar, nor does he have any formal legal education (watching reruns of Matlock and Law and Order don't count), thus it would be laughably foolish to have him "sign off" on this. Let's have an actual lawyer chime in, at the very least it would probably be good to know that this policy doesn't violate any US or Belgian laws (as well as any US states that the DA operates within). Given that the DA (and the board in particular) have a fiduciary responsibility to ensure that laws are complied with on D.O. (could someone sue "The Community"?), the DA should have their lawyer look at, and approve, this before it is posted as "official policy". Of course, INAL, but I do pay them to keep me (& my business) from opening up unnecessary liabilities, and so should you.

@Alex UA - Larry is the Drupal Association's Legal Affairs director, and so the one who talks to the lawyer that the DA contracts with on matters like this, so we are all in agreement on the plan here :-)

You are very right, Alex, I am not an attorney nor do I claim to be one. However, I am the legal watchdog for the Association and in that capacity can and do offer advice on matters such as these. That advice is, in most cases, based on direct conversations I have with the Drupal Associations attorney with whom I have regular correspondence. I have already spoken to him about this subject previously and intend to do so again, and any privacy policy will not be "signed off" on by me unless it has first been signed off on by our attorney.

Nor, I should note, has anyone suggested otherwise. Given that I have been the legal liaison for the Association for the past three years that I have been on the Board of Directors, I am surprised that you would assume that either I or the Association would be so cavalier as to not partake of legal advice where appropriate. I will presume, however, that your comments are purely benign and intended in the most helpful way possible, and not as an accusation of irresponsibility on the part of myself, the Association, or anyone in this thread.

Thank you for the reminder of our fiduciary responsibilities, but you can rest assured that we are already quite well aware of them.

I have been watching this thread and will be speaking to our attorney about it once DrupalCon is over.

@mlncn- interesting theory regarding what Larry does wrt lawyers (suffice it to say I have serious doubts). Either way, I'll reiterate: we should have an actual lawyer chime in here. This is not just about community consensus: there are actual laws that need to be considered, and an actual lawyer would be a better source for legal advice, rather than a MS in CS with a fancy title.

I am the legal watchdog for the Association and in that capacity can and do offer advice on matters such as these

Boy do I have some stuff to talk to you about!

Sorry, I won't rest assured by anything that you say in regards to the law, but let's not get this off topic. I'll just note that you think you've met your responsibilities and leave it at that. My assumptions about your lack of seriousness wrt following actual laws are based on facts, which shall not be discussed here- we can discuss in person, if you like, next week.

Alex, if you have specific allegations of legal misconduct to level against me, please do so directly. My contact form is wide open. Otherwise, vague and unsubstantiated charges like you are making are at minimum an unwarranted character attack and at maximum libel. I would kindly request that you not use Drupal.org to make off-topic character attacks lest you actually cross into libel territory.

Larry-

"Libel"? Is that your professional legal opinion? I've sent you some additional laws and legal terms to research, I'll be curious to read your response.

I have less than no power on the Drupal Association Board, but (back to the point) I think it would be wise to get an actual lawyer to look at this before it is posted as "official" policy. It would be foolish to open additional liabilities against the DA Board for want of a lawyer's opinion.

Let's get the DA discussion out of the way, it doesnt do justice to the work that is being done there and irrelevant in this issue.

Back to the point, having a lawyer look at this is not the way to go IMHO. First the text is written in a non legal way. If a lawyer will look at this it will be complete different, more enterprise and less community. While this sounds okay, it will open more holes then the current one closes. Second, a lawyer from what country? The audience and the community is global. Sure, it is hosted in the USA but lets not make that law the global law fro the Drupal community.

I am fine with #64 though it "only" addresses the use of d.o as a visiter and not the webservices we provide with drush and the pinghome feature. Both should be addresses as well in a seperate statement or the text should be more generic.

I know that from time to time we give an abstract of data towards people who use it for academic research and for example as neil published himself on http://association.drupal.org/node/784 we might want to make explicit that agregated non personal information van be given towards non commercial entities.

This is very simple. The D.A. is responsible for maintaining drupal.org and the drupal.org infrastructure. Larry is the D.A. board member who's responsible for working with the D.A.'s attorney. That attorney will review the privacy policy. The D.A.'s attorney will not "chime in" in the issue queue, that's not what we pay him good money to do. If the attorney has feedback, Larry will communicate it as appropriate, and we'll take it from there.

Bert, the D.A.'s attorney does understand the importance of privacy notices being published in plain language, and I doubt he'll try to re-write it in "legalese". He is a U.S. attorney, but he is familiar with how things work in other jurisdictions, including the EU.

The DA is facilitating the operations of the drupal.org infrastructure. I would strongly disagree that the DA has anything todo with the /content/ on the site, the metadata of the usage and hence with the privacy policy on the site. And claiming the area will make the DA responsible where it is best for the DA not to be so. Know what a trojan horse you might end up riding :-)

Regarding international law, IANAL but it is not about /knowing/ the different laws in every country in the world, it is about the /incompatibility/ between different laws. See The Data Protection Directive 95/46/EC (EU) vs PIPEDA (Canada) vs Data Protection Act 1998 (UK) vs OPPA (California) to name a few. However, if you go that way, only one law will be met, the law in the state / country the "main" (not the potential CDN's) servers are located.

If the DA claims ownership of the metadata / usage of the site and hence the privacy policy, EU law might be relevant as well. My advice to the DA, stay away from it :-)

The DA is responsible for providing conditions & resources that allow the Drupal project to grow.

The growth makes it apparently desirable or neccessary to have a privacy policy. To create one, we need assistence of a lawyer. The DA pays that lawyer and Crell will lead the communication with the lawyer.

I don't think there's a problem here.

No problem if the DA wants to pay for a lawyer, as long as they don't claim the ownership of the privacy policy, the metadata or anything else related to the content of d.o

So back to the issue at hand. When legal is done, should we make a policy as well about update module and drush?

I just had a chat with @drumm, and this was definitely not the venue to log this type of complaint. I apologized to Neil in person for derailing this thread, but figured I'd give my mea culpa here as well. Sorry for the noise, yall.

So, we still don't have a Privacy policy. Can we add the version from #64? It got a couple of +1's before derailing.

This policy covers Drupal.org sites, including subdomains of Drupal.org, like groups.drupal.org and api.drupal.org. Individual sites, like conference sites, may have additional policies.

We value your privacy and will take all reasonable steps to protect your personal information. We do not share, or distribute your personal information (including email address), but it may be accessible to those volunteers and staff who administer the site and infrastructure. We may be required to share stored personal information by law.

All information that you disclose in your public profile, in forum posts, comments, issue queues, or other public portions of the Drupal.org sites becomes public information. See the Licensing FAQ for information on legal uses of Drupal.org content.

IP addresses, URLs visited, and related information is recorded for all site visitors for the purpose of site traffic analytics and captured as part of normal operation in our server logs. Cookies are used to track logins, sessions, and collect anonymous traffic data.

We use 3rd-party services like Google Analytics and DoubleClick for Publishers, who provide their own privacy policies and cookie opt-out.

This policy may change, the most current version is available at http://drupal.org/privacy.

If you have any questions or feel we are violating this policy, please file an issue in webmasters.

+1 on #64 (again).

Giving this a bump. It's time this got some action on the Privacy Policy, yes? *.d.o needs this now more than ever.

Unassigning Crell as he is no longer the legal rep of the DA board. Does the DA need to get involved here? I will raise this with Jacob.

And just for fun, the EU has a privacy directive that has some interesting implications for the UK and beyond. Specifically around cookies and how they must be opt-in.

http://www.cookielaw.org/faq.aspx
http://www.ico.gov.uk/~/media/documents/library/Privacy_and_electronic/P...

From the first link: "The law states that users must be able to give 'informed consent' for the use of cookies. The 'informed' part means that websites need to tell people what cookies they use, and what their purpose is."

This would include the has_js and Google Analytics cookes that are set by drupal.org for anonymous visitors. Perhaps we need a modal box with a photo of Dries - "Would you like a has_js cookie today?" Only partially kidding unfortunately.

in case #957320: Enable the support for user profile pictures turns out pro gravatar, it will need to be added to the privacy statement.

And yes, the proposal in #81 looks pretty sane. I think we should start using it. So unless I hear major objections, I'll add it in a week.

81/64 looks great to me, though I think it's probably a good idea for the Association to sign off on it before it goes live.

There was plenty of time for the DA to say something about this issue, I've put in #64 as discussed. Addtional editing can happen later. I've also removed all comments from the privacy page as they referred to it being empty.

Should we consider linking to this from the footer somewhere? That's pretty standard on other websites, and I didn't see any way to get to the privacy policy page other than by directly navigating to it with the URL.

Wow, awesome to see this completed!

So re: Comment #29 I can't even find the revision that had the privacy policy link in the Update Manager docs page. But does anyone here thing that it needs to be linked to from there? Is there a good reason to include it? Thx.

edit: posted a followup
#2306695: Add some links to drupal.org/privacy in footer, and elsewhere

@cweagans suggested we should add a link to the footer in #89

I just asked google if we had any links to this... and it would seem not. I'm gunna open a new issue so we can get that done.