Assess GDPR compliance for storing emails as part of incident reporting and OONI Run

ooni / explorer

OONI Explorer: uncover evidence of internet censorship worldwide

https://explorer.ooni.org

BSD 3-Clause "New" or "Revised" License

64 stars 37 forks source link

Assess GDPR compliance for storing emails as part of incident reporting and OONI Run #869

Open hellais opened 10 months ago

hellais commented 10 months ago

Since we would like to know who created an incident for making it easier to verify and asses if it should be published or not (and not have random people from the internet create and publish them), we will store the email privately as part of the incident reporting platform.

We should have some lawyer give us feedback on what we should do in order to be compliant with GDPR.

jbonisteel commented 8 months ago

I have reached out to the Cyberlaw clinic at Harvard to see if they could help with this.

jbonisteel commented 7 months ago

Not a blocker for CIRP, but could be for OONI Run V2 - (mid-2024 timeline)

hellais commented 4 months ago

We have hired a lawyer for this