FrostKiwi
commented
1 month ago @apdn7 It's been over a year. Please remove user tracking. It's literally illegal for us to deploy this.
Open FrostKiwi opened 1 year ago
FrostKiwi
commented
1 month ago @apdn7 It's been over a year. Please remove user tracking. It's literally illegal for us to deploy this.
Telemetry is fine and good, but sending user information by default to Google Analytics is a worrying feature. Telemetry should be opt-in. Please consider changing https://github.com/apdn7/AnalysisPlatform/blob/master/ap/common/trace_data_log.py to be opt-in.
This makes the service also non-GDPR compliant by default and cannot legally be deployed in Europe as is. The 'terms of service' is not a privacy policy and is thus not in compliance with GDPR.
You list in the readme here: https://github.com/apdn7/AnalysisPlatform/blob/dc4ad9062dbc237602e2ca349bd6d21f69c263f7/about/terms_of_use_en.md?plain=1#L20 that you also upload referral sources. If I deploy that service company internally, it will (indirectly and depending on the setup) leak parts of company internal URL structures and upload them to DENSO's Google Analytics account. Here is the Google Analytics tracking ID: https://github.com/apdn7/AnalysisPlatform/blob/dc4ad9062dbc237602e2ca349bd6d21f69c263f7/config.py#L59