Conduct RRA for PiPhone

[hannahkane]

We're exploring PiPhone as a possible tool for supporting "call your MEP" campaigns in Europe.

Can we conduct a risk assessment to see if this is a viable option?

[cadecairos]

I have serious doubts that we should use this software, based on a couple immediate observations:

1. The site has an expired SSL certificate
2. The program is written in PHP and hasn't been updated in at least 2 years (4 years for some files)

Is there a reason we wouldn't use Twillio? We've used it for call congress stuff in the past.

[hannahkane]

We're looking for a tool that will support European campaigns. My understanding is that Twillio doesn't do that (?) We can look at other options, though.

[ScottDowne]

Pretty sure Twilio can call worldwide. I think the limitations on our old app is just to figure out how make it call EU. It's a layer on top of Twilio, and it's that layer, not Twilio, likely making the assumption that we're only calling congress.

I think during our investigations, we should into how hard it would be to get it working in EU. Might be easier than we think.

@cadecairos Also I think given how long it's been since we've used the old tool, should we consider running it through a separate RRA at some point before we use it?

[hannahkane]

cc @mmmavis for background ^

[hannahkane]

We can close this. We'll find another tool, given the early flags.