We're moving away from Google Analytics with privacy as one of the motivators. We should consider the same for recaptcha.
Proposal
I propose we try alternative strategies for preventing malicious traffic.
Some alternatives:
https://mcaptcha.org/ (what spurred this R&D issue. the tech that drives this is different than recaptcha and we should learn about how it's different and what that means to users before adopting)
research other captcha solutions
research non-captcha solutions (i.e., doesn't cloudflare do this?)
Deliverables
An Django web application with a simple form that is protected by an alternative to recaptcha. The app should be deployed to heroku so we can test on the live internet. Find some online service that tests the captcha.
Timeline
This could take a full investment day if somebody wanted to do some deeper research and try more than one solution.
Background
We're moving away from Google Analytics with privacy as one of the motivators. We should consider the same for recaptcha.
Proposal
I propose we try alternative strategies for preventing malicious traffic.
Some alternatives:
Deliverables
An Django web application with a simple form that is protected by an alternative to recaptcha. The app should be deployed to heroku so we can test on the live internet. Find some online service that tests the captcha.
Timeline
This could take a full investment day if somebody wanted to do some deeper research and try more than one solution.