mihail-varbanov
commented
2 years ago University Monday 2022/04/25 / 2022-04-27
2.1 JP wants to keep the "Miscellaneous" section but rename it to "General" please
2.2 From last night 2.7.2
"description" : "Store credit card information to buy tickets for athletic events.",
change it to:
"description" : "May store credit card information to buy tickets for athletic events.",
University Monday 2022/04/25 / 2022-04-26
2 Misho, Privacy for UIUC 3.3 and above
2.1 Attached privacy from Joe. He apologizes if he broke it etc and says we shouldn't just merge it as he may have mistaken what something means.
privacy.json.zip
2.2 Also, he follows with:
"Can we talk about possible changes to the "features2" section at the end of the json file?
I'm inserting comments below. But I'm not sure what the implications of my proposed changes are.
^^^Could this line say "Stop sharing your data with others." or "Not share your data with others."? Same reason as above - "don't" sounds like command form.
I removed "other users" because I think we also include sharing data with data processing systems, such as Converge used to do, or such as when we pass the UIN to the building access system. Would you call them a "user"?
However, if all we are talking about is sharing messages to other users (via Groups and Polls), then I would suggest:
"Stop sharing your messages and information with other users." (The word "data" has connotations of PII, location tracking, etc.)"
2.3 And there is more:
"Another question please.
Synopsis: Can we change "health information" to "use Building access/Illini ID"?
In the Level 4 header description, it says:
{"level":4, "key": "privacy.category.description.4", "text": "Let the app work for you. \nYou can access your i-card, save credit cards to make future purchases easier, access health information, and get notifications based on your specific interests."},
What are we referring to as "health information"? Is it just the Wellness section? Or are we referring to Building Access status? Or to the external link to MyMcKinley?
We need to avoid the suggestion that the app has medical functions or accesses medical records. And we have had cyber security claim recently that the app receives medical records, though I don't know where they are getting that (incorrect) idea.
I am not aware of any "health information" that you can get as a result of setting privacy level to 4. Wellness information is already available at level 1. MyMcKinley link is already available at level 1.
One new capability that the user can get at level 4 is the ability to display Illini ID/building access status. If that's what you are thinking of here, I would replace "access health information" with "use Building access/Illini ID". The data transmitted for Building Access is (1) encrypted UIN sent off the phone in a query, (2) Building Access Status (Granted/Not Granted) received from the system. That is not really saying anything about the user's health, just their compliance with campus rules for being vaccinated or getting regular tests."
2.4 More (see image privacy_level_change_warning.png):
"The text at the top of this screen - could it say "This change requires us to make the following changes ^where applicable^:"
That would allow this modal to make sense when people have already logged off, etc."
2.5 And (see miscelleneous.png):
"SYNOPSIS: ALL of the Miscellaneous section of Privacy Settings is confusing. It seems like it hasn't really been thought out. I personally recommend that you remove it.
DISCUSSION: And if a user looks here to understand how to show their Building Access status (which still a significant usability issue - we get about 5 problem reports a day on this feature), they will get misleading information. At Level 1 they will be told that Building Access is available with privacy level 1. But the Illini ID/Building Access screen, which is what people want, requires a NetID sign-in and Privacy Level 4 or 5.
At Level 2 users would read that Building Access uses Location Sharing. It does not. To suggest that it does invites a major public relations problem. A large number of our users resent that they are even required to use Illinois App to get into buildings. Now you are adding the FALSE idea that their Location is being tracked when they comply with this dictate. That will just add fuel to the flames of some people's paranoia.
This section represents Building Access as a Personalization. It is not, and neither are any of the other features you list under Personalization.
If you are calling the external link to the Boarding Pass website "Building Access", you are using the wrong name for it. The link to Boarding pass is an external web site. When a user logs in there, no data is collected by the Illinois app. So it would be misleading to label access to Boarding Pass as a form of Illinois app data usage.
And,
It is also misleading to label signing in to "Due Date Catalog" as "Data Usage". That is also not data usage of the Illinois app. Due Date Catalog is an external website, that we merely link to. Illinois app does not collect any user data, or store it, or send it anywhere.
My personal opinion is that we should remove the Miscellaneous section until it is more sensible. It doesn't provide useful or accurate information, and a lot of it may lead to misunderstandings that we hope to avoid.
I have annotated a screenshot with my comments."
2.6 Misho, can you do a Diff on the Privacy.json attached to what we currently have please. There are items that I am not sure we should change for now and I need to talk to JP about the Miscellaneous section.
Misho, you are the clever one, my friend. Merge it, Fix it, come back to me, etc. But we need to wrap this up in a day or two, so we need your recommendations.
University Monday 2022/04/25 / 2022-04-26
A) Would you please revisit issue #1508 if you have your privacy settings decided for Quick Polls and other things? I left a comment with an update wrt 3.3.6.
B) Would you please ask Misho to look at this section of privacy.json? I wonder if it's really supposed to be set to 5, not 4. And, no biggie, but the icon name could be respelled as "identity-blue.png" (not identiy) (