ClimMob should comply to the regulations on data privacy (EU and SSA Countries). For this we should make sure that sensitive information (farmer name, telephone, precise GPS coordinates, etc) are not shared or distributed by ClimMob.
Omit precise location of GPS coordinates:
ClimMobTools has a function called rmGeoIdentity() which can be used to remove the precise location of coordinates by picking a random point around a buffer area of the original point https://agrdatasci.github.io/ClimMobTools/reference/rmGeoIdentity.html
This function could be applied internally to all GPS coordinates and then the random points will be used in the report, API calls and ordinary downloads.
Omit names and other ids:
Names, telephone, etc, should not be displayed in the API calls. We could add a variable when creating a question in the Library. Sensitive question (Y/N), explain what is a sensitive question and why it is important that the user indicates when a question is sensitive or not. Then all the sensitive questions are omitted in the API calls and can be only accessed via an authentication process.
Sensitive information is never published on Dataverse or BrAPI
If the user wants the original data:
In that case this data could be made available by an authentication process (password + SMS or e-mail? or maybe link to Google Authenticator API https://www.rfc-editor.org/rfc/rfc6238?). Then the data (or link to download the data) could be sent to the email (like GBIF?), with a message saying that the user is receiving a link to access the original data and that now they are responsible to comply with the privacy regulations (check whether handing over the liability is doable)
ClimMob should comply to the regulations on data privacy (EU and SSA Countries). For this we should make sure that sensitive information (farmer name, telephone, precise GPS coordinates, etc) are not shared or distributed by ClimMob.
Omit precise location of GPS coordinates: ClimMobTools has a function called rmGeoIdentity() which can be used to remove the precise location of coordinates by picking a random point around a buffer area of the original point https://agrdatasci.github.io/ClimMobTools/reference/rmGeoIdentity.html This function could be applied internally to all GPS coordinates and then the random points will be used in the report, API calls and ordinary downloads.
Omit names and other ids: Names, telephone, etc, should not be displayed in the API calls. We could add a variable when creating a question in the Library. Sensitive question (Y/N), explain what is a sensitive question and why it is important that the user indicates when a question is sensitive or not. Then all the sensitive questions are omitted in the API calls and can be only accessed via an authentication process.
Sensitive information is never published on Dataverse or BrAPI
If the user wants the original data: In that case this data could be made available by an authentication process (password + SMS or e-mail? or maybe link to Google Authenticator API https://www.rfc-editor.org/rfc/rfc6238?). Then the data (or link to download the data) could be sent to the email (like GBIF?), with a message saying that the user is receiving a link to access the original data and that now they are responsible to comply with the privacy regulations (check whether handing over the liability is doable)
Make/ensure ClimMob complies with GDPR
Related issues of BioversityCostaRica repository:
https://github.com/BioversityCostaRica/py3ClimMob/issues/124 https://github.com/BioversityCostaRica/py3ClimMob/issues/241 https://github.com/BioversityCostaRica/py3ClimMob/issues/251
MrBot have work on this: https://docs.google.com/document/d/1e8Lrl9BbdAqIcI--RhXRWDcU7nyV9baQ/view