search

organizer-network / organizer.network

Tools and strategies for social justice organizing
https://organizer.network/
BSD 3-Clause "New" or "Revised" License
7 stars 2 forks source link

GDPR / security #16

Open dphiffer opened 6 years ago

dphiffer commented 6 years ago

Yep, we should do that. https://blog.qualys.com/news/2018/02/05/for-gdpr-compliance-web-app-security-is-a-must

npdoty commented 5 years ago

It's not clear if you're looking for legal advice on GDPR compliance (e.g. a privacy policy, with explicit statements about how data is controlled, confirming consent for sending email, contact information and tools for access and deletion) or if, specific to that post, you're concerned about web app security best practices (which might also be implied by GDPR compliance, for at least some legal interpretations). I think both are valuable, but you might make separate issues for them and I think the security audit step (maybe later in the development process) is extremely valuable for your audience of political organizers completely separate from potential legal implications.

dphiffer commented 5 years ago

Yeah I mean both of those things. And I think you're right that this should be two issues. I am fairly ignorant of the finer points of GDPR so I'm also just fishing for pointers like yours.

dphiffer commented 5 years ago

See also: https://github.com/organizer-network/organizer.network/issues/23