Closed MattGrimes closed 8 years ago
In the consent page we reference the fact that we are collecting data on "your visits to some popular websites." Legal has asked that we make that a link to a list of which pages this applies to.
That's not really what is happening here, then. The list of sites is dynamic, based on api responses from haveibeenpwned.com. We can't make a static list of these sites.
Also, can you reference the bug number? It helps a lot to tie PRs to bugs.
Correct. The list is generated dynamically. Since we can't (easily?) show the list of sites generated dynamically in an easy to consume way for the casually interested party that might be reading the consent page, the legal team asked us to just create a list of the sites and put a date that they were generated since it might have changed since then. This is a case of not wanting to give away too much about the study and biasing the results balanced against doing our due diligence in informing users about what we are collecting.
Ok, that makes sense. In that case, the date on the file should be August 23rd, since that was the last time it was updated. We should file a bug to make script that updates this information and the date, so it is easy to do in the future.
Thanks for working through this with me. I don't like merging things I don't have context for, so the back and forth really helps.
r+
Which bug is this in reference to? Also, what is this file for? As far as I can tell, it isn't used by any code, and the actual data is in
data/recomendation/localData.json
. That file is json though, so we can't have comments like this.