oliverbarnes
commented
3 years ago yeah, I think the user id (within decidim), to be exchanged for the email on the controller, before submitting the delegation?
Closed davefrey closed 3 years ago
oliverbarnes
commented
3 years ago yeah, I think the user id (within decidim), to be exchanged for the email on the controller, before submitting the delegation?
davefrey
commented
3 years ago Agreed. I think GDPR considers database keys to warrant some privacy consideration but it really doesn't feel relevant here.
oliverbarnes
commented
3 years ago Good point, we had some previous discussion on this on the api repo, with some references about how GDPR views uuids:
https://github.com/liquidvotingio/api/issues/218#issuecomment-802808680
I just searched again, and am getting hits saying if the id is next to another piece of personal data, so that the id can be used later to identify a person, is a GPDR violation.
I think this is work looking into, actually, to figure out a clear strategy on our end. In our case, if the decidim instance is integrating with our hosted API, we're also a third-party, which compounds to the problem.
Maybe the ids can be encrypted? This quick search didn't give me any clear strategies. We should look at how Decidim handles ids, and look into whether Rails addresses this in any way.
Currently our dropdown of delegates presents delegate names, with a value of their email -- which is a privacy issue:
Instead we should use a different value (the user id? or a disposable id?) and translate that into the email for the LV api call.