On Fri, 2008-10-17 at 17:32 -0500, Arthur Pemberton wrote:
Here's the big story. Fedora Project has a privacy policy that says
someone can have their personal data removed at request.[1] All other
content is covered by the contributor license agreement (CLA), so is
open content and not under the privacy policy.
The question then is, whose responsibility is it to ...
* Take a personal data removal request;
* Confirm it is legitimate;
* Perform or authorize the removal
Based on the fact that I had to involve Fedora Infrastructure last time,
and they are the ones in the best position to verify ownership and
remove private data, I'm proposing that:
1. The responsibility is Fedora Infrastructure's;
2. For every apparent or real request we get to remove private data, we
direct the requester to fill out a ticket at
http://fedorahosted.org/infrastructure, using the FAS account they want
removed.
If there any questions, problems, etc. from there, Infra is in the best
position to resolve.
Seem like a sane idea?
[1]
https://fedoraproject.org/wiki/Legal/PrivacyPolicy#How_to_Access.2C_Modif...
--
Karsten Wade, Community Gardener
Dev Fu :
http://developer.redhatmagazine.com
Fedora :
http://quaid.fedorapeople.org
gpg key : AD0E0C41