Received: (at 43796) by debbugs.gnu.org; 5 Oct 2020 12:26:53 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon Oct 05 08:26:53 2020 Received: from localhost ([127.0.0.1]:48217 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1kPPZs-0000Hx-JZ for submit <at> debbugs.gnu.org; Mon, 05 Oct 2020 08:26:52 -0400 Received: from mail1.fsfe.org ([217.69.89.151]:40854) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <SRS0=/B1v=DM=posteo.net=jlicht@HIDDEN>) id 1kPOBI-0004Lq-4V for 43796 <at> debbugs.gnu.org; Mon, 05 Oct 2020 06:57:25 -0400 From: Jelle Licht <jlicht@HIDDEN> To: "pelzflorian (Florian Pelz)" <pelzflorian@HIDDEN>, 43796 <at> debbugs.gnu.org Subject: Re: bug#43796: Privacy policy In-Reply-To: <20201004153419.kyacfjdwmok6yybg@HIDDEN> References: <20201004153419.kyacfjdwmok6yybg@HIDDEN> Date: Mon, 05 Oct 2020 12:57:20 +0200 Message-ID: <868scl3ppr.fsf@HIDDEN> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -4.8 (----) X-Debbugs-Envelope-To: 43796 X-Mailman-Approved-At: Mon, 05 Oct 2020 08:26:48 -0400 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -5.8 (-----) Hello, "pelzflorian (Florian Pelz)" <pelzflorian@HIDDEN> writes: > IANAL but I think Guix needs a privacy policy for both its website and > the Guix software in general. Thanks for looking into this. IANAL but I do not think it makes sense to have such a privacy policy at this moment in time. I'd rather have a person with legal expertise look at this situation and do the following: 1. Notice that we do need such a policy 2. Draft (or at least proof read) this policy. The reason for this is two-fold: I think there are enough 'legal' texts on the Internet of questionable enforcability/applicability, and doing things this way creates a cargo-cult mentality. Compare to the questionable habit of unconditionally adding the "The content of this email is confidential ..."-esque spam outgoing email (even if that mail is addressed to a public mailing list). If others disagree in principle or in practice with me on this, that is fine too of course :-) - Jelle
bug-guix@HIDDEN
:bug#43796
; Package guix
.
Full text available.Received: (at 43796) by debbugs.gnu.org; 5 Oct 2020 11:14:35 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon Oct 05 07:14:35 2020 Received: from localhost ([127.0.0.1]:48114 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1kPORv-0004oa-8K for submit <at> debbugs.gnu.org; Mon, 05 Oct 2020 07:14:35 -0400 Received: from lepiller.eu ([89.234.186.109]:53342) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <julien@HIDDEN>) id 1kPORs-0004oO-VO for 43796 <at> debbugs.gnu.org; Mon, 05 Oct 2020 07:14:34 -0400 Received: from lepiller.eu (localhost [127.0.0.1]) by lepiller.eu (OpenSMTPD) with ESMTP id 8b27f6dc; Mon, 5 Oct 2020 11:14:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=lepiller.eu; h=date :in-reply-to:references:mime-version:content-type :content-transfer-encoding:subject:to:cc:from:message-id; s= dkim; bh=mJ40Zo1nUgCtkCWVTWAYMkWigB1p2AlxURQjf5y4IHs=; b=k/vLdlF FebowWSdZtUNvsuF4lJfMku2iAeBT7DTD9JGr3y9Wvkmc6BjSyONgJ7iHIvMUGUJ TLvd6502wOc421lwyWsP4qb3Lg96H0DCLoGcD4FA1/yQfhhq7xTlbSxwycsm154j A3XOCh2XBnXGBoHpFViwR2JesIoRiCBB921tyBDY8tkQHUjjzt5bXyeJ9VnEbZEg ZTBQkBEuL783XMqV7LW16edPMtQR4UgHN42d5RssqvKYEuNWZykPLyvlZlsYWOF1 3SwzxP55BQFP3Ihrexb2wrw7w1oeWrbhQuXffrMUUeGi7Qr9YbK7c63E0RTGzZ4A hAMWmzTCrBIqxig== Received: by lepiller.eu (OpenSMTPD) with ESMTPSA id 905b3db7 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Mon, 5 Oct 2020 11:14:29 +0000 (UTC) Date: Mon, 05 Oct 2020 07:14:21 -0400 User-Agent: K-9 Mail for Android In-Reply-To: <20201005095432.la7qsn3vilmu4a57@HIDDEN> References: <20201004153419.kyacfjdwmok6yybg@HIDDEN> <90C37536-BB8F-47D4-ABD8-BA8493E9485E@HIDDEN> <20201005095432.la7qsn3vilmu4a57@HIDDEN> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----FTQJZXVEW91QIV50E0QUG8O5PLQ8ZQ" Content-Transfer-Encoding: 7bit Subject: Re: bug#43796: Privacy policy To: "pelzflorian (Florian Pelz)" <pelzflorian@HIDDEN> From: Julien Lepiller <julien@HIDDEN> Message-ID: <A1A0F4BE-12DF-4A6C-B5BF-4BC8AF104DC3@HIDDEN> X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 43796 Cc: 43796 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) ------FTQJZXVEW91QIV50E0QUG8O5PLQ8ZQ Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable I'm pretty sure we log the date anl time along with IP and requested page= =2E Le 5 octobre 2020 05:54:32 GMT-04:00, "pelzflorian (Florian Pelz)" <pelzfl= orian@pelzflorian=2Ede> a =C3=A9crit : >On Sun, Oct 04, 2020 at 11:56:04AM -0400, Julien Lepiller wrote: >> The GDPR is not the only legislation that applies to us=2E For >> services hosted in France for instance, there is a legal obligation >> to keep logs for at least one year (not sure exactly who that >> applies to)=2E There could be something similar in Germany where >> berlin is located=2E > >A quick web search does not reveal any such obligation in Germany=2E >I also know people who don=E2=80=99t log=2E But again, IANAL=2E > >The Debian Privacy Policy says they store web logs for 15 days=2E >But iplocation=2Enet tells me their server is hosted in the Netherlands= =2E > >If the Guix admins do not intend to use such data to =E2=80=9Crespond to >excess usage or security attacks=E2=80=9D on the website, logging should = be >disabled and I will remove that wording from the proposed patch=2E > >> I think some of the wording is vague=2E Does "can be used to identify" >> mean we will use the IP to identify the person (is it the reason we >> process this data?) Or is it something that we could technically do, >> but refuse to do? > >I changed it to > >During your use of Guix=E2=80=99 software in its default configuration, >your IP address will be revealed to the network services you use=2E >From an IP address it may be possible to identify who uses the >service and from which internet connection=2E These services include > >Attached is the complete patch with this single change=2E > >Are there other things which are badly worded? > >Regards, >Florian ------FTQJZXVEW91QIV50E0QUG8O5PLQ8ZQ Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><head></head><body>I'm pretty sure we log the date anl time along wit= h IP and requested page=2E<br><br><div class=3D"gmail_quote">Le 5 octobre 2= 020 05:54:32 GMT-04:00, "pelzflorian (Florian Pelz)" <pelzflorian@pelzfl= orian=2Ede> a =C3=A9crit :<blockquote class=3D"gmail_quote" style=3D"mar= gin: 0pt 0pt 0pt 0=2E8ex; border-left: 1px solid rgb(204, 204, 204); paddin= g-left: 1ex;"> <pre class=3D"k9mail">On Sun, Oct 04, 2020 at 11:56:04AM -0400, Julien Lep= iller wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin: 0pt 0pt = 1ex 0=2E8ex; border-left: 1px solid #729fcf; padding-left: 1ex;">The GDPR i= s not the only legislation that applies to us=2E For<br>services hosted in = France for instance, there is a legal obligation<br>to keep logs for at lea= st one year (not sure exactly who that<br>applies to)=2E There could be som= ething similar in Germany where<br>berlin is located=2E<br></blockquote><br= >A quick web search does not reveal any such obligation in Germany=2E<br>I = also know people who don=E2=80=99t log=2E But again, IANAL=2E<br><br>The D= ebian Privacy Policy says they store web logs for 15 days=2E<br>But iplocat= ion=2Enet tells me their server is hosted in the Netherlands=2E<br><br>If t= he Guix admins do not intend to use such data to =E2=80=9Crespond to<br>exc= ess usage or security attacks=E2=80=9D on the website, logging should be<br= >disabled and I will remove that wording from the proposed patch=2E<br><br>= <blockquote class=3D"gmail_quote" style=3D"margin: 0pt 0pt 1ex 0=2E8ex; bor= der-left: 1px solid #729fcf; padding-left: 1ex;">I think some of the wordin= g is vague=2E Does "can be used to identify"<br>mean we will use the IP to = identify the person (is it the reason we<br>process this data?) Or is it so= mething that we could technically do,<br>but refuse to do?<br></blockquote>= <br>I changed it to<br><br>During your use of Guix=E2=80=99 software in its= default configuration,<br>your IP address will be revealed to the network = services you use=2E<br>From an IP address it may be possible to identify wh= o uses the<br>service and from which internet connection=2E These services= include<br><br>Attached is the complete patch with this single change=2E<b= r><br>Are there other things which are badly worded?<br><br>Regards,<br>Flo= rian<br></pre></blockquote></div></body></html> ------FTQJZXVEW91QIV50E0QUG8O5PLQ8ZQ--
bug-guix@HIDDEN
:bug#43796
; Package guix
.
Full text available.Received: (at 43796) by debbugs.gnu.org; 5 Oct 2020 09:54:45 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon Oct 05 05:54:45 2020 Received: from localhost ([127.0.0.1]:47964 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1kPNCf-0002h0-5B for submit <at> debbugs.gnu.org; Mon, 05 Oct 2020 05:54:45 -0400 Received: from pelzflorian.de ([5.45.111.108]:51604 helo=mail.pelzflorian.de) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <pelzflorian@HIDDEN>) id 1kPNCc-0002gq-MF for 43796 <at> debbugs.gnu.org; Mon, 05 Oct 2020 05:54:44 -0400 Received: from pelzflorian.localdomain (unknown [5.45.111.108]) by mail.pelzflorian.de (Postfix) with ESMTPSA id 06F3E36057E; Mon, 5 Oct 2020 11:54:40 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=pelzflorian.de; s=mail; t=1601891681; bh=536j+I0vINzmeODaYoTWXtmHTtblVBPS83Ag5Z/3b90=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=RiUktwOUt94lTBwOqfTapQ5APdyjivzzR03ynryt1P13INnlUmVRK+4NnAblhCsfM P4ic47A1UNOUb9OoAlCSkBe+oLRk38k4nGZkdXnZP3T2T0hIIYMPkvjBGfnGz6zfHF Wy8qIdnyghcV889blEFVzmWsrhBb4sT7khgRaocs= Date: Mon, 5 Oct 2020 11:54:32 +0200 From: "pelzflorian (Florian Pelz)" <pelzflorian@HIDDEN> To: Julien Lepiller <julien@HIDDEN> Subject: Re: bug#43796: Privacy policy Message-ID: <20201005095432.la7qsn3vilmu4a57@HIDDEN> References: <20201004153419.kyacfjdwmok6yybg@HIDDEN> <90C37536-BB8F-47D4-ABD8-BA8493E9485E@HIDDEN> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="ylpmi5skpalo54iz" Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <90C37536-BB8F-47D4-ABD8-BA8493E9485E@HIDDEN> X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 43796 Cc: 43796 <at> debbugs.gnu.org, bug-guix@HIDDEN X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) --ylpmi5skpalo54iz Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit On Sun, Oct 04, 2020 at 11:56:04AM -0400, Julien Lepiller wrote: > The GDPR is not the only legislation that applies to us. For > services hosted in France for instance, there is a legal obligation > to keep logs for at least one year (not sure exactly who that > applies to). There could be something similar in Germany where > berlin is located. A quick web search does not reveal any such obligation in Germany. I also know people who don’t log. But again, IANAL. The Debian Privacy Policy says they store web logs for 15 days. But iplocation.net tells me their server is hosted in the Netherlands. If the Guix admins do not intend to use such data to “respond to excess usage or security attacks” on the website, logging should be disabled and I will remove that wording from the proposed patch. > I think some of the wording is vague. Does "can be used to identify" > mean we will use the IP to identify the person (is it the reason we > process this data?) Or is it something that we could technically do, > but refuse to do? I changed it to During your use of Guix’ software in its default configuration, your IP address will be revealed to the network services you use. From an IP address it may be possible to identify who uses the service and from which internet connection. These services include Attached is the complete patch with this single change. Are there other things which are badly worded? Regards, Florian --ylpmi5skpalo54iz Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename="0001-website-Add-privacy-policy.patch" Content-Transfer-Encoding: 8bit From 7f5354304697cf175dee3a76397d0f4ecff902cf Mon Sep 17 00:00:00 2001 From: Florian Pelz <pelzflorian@HIDDEN> Date: Mon, 5 Oct 2020 11:08:34 +0200 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Subject: [PATCH] website: Add privacy policy. * website/apps/base/templates/privacy.scm: New file with web page on privacy. * website/apps/base/templates/components.scm (navbar): Add it. * website/po/POTFILES: Add it. * website/apps/base/builder.scm (privacy-builder): New procedure. (builder): Add it. --- website/apps/base/builder.scm | 23 +++++ website/apps/base/templates/components.scm | 18 +++- website/apps/base/templates/privacy.scm | 115 +++++++++++++++++++++ website/po/POTFILES | 1 + 4 files changed, 156 insertions(+), 1 deletion(-) create mode 100644 website/apps/base/templates/privacy.scm diff --git a/website/apps/base/builder.scm b/website/apps/base/builder.scm index 4882dc5..2acf4dc 100644 --- a/website/apps/base/builder.scm +++ b/website/apps/base/builder.scm @@ -1,6 +1,22 @@ ;;; GNU Guix web site +;;; Copyright © 2020 Florian Pelz <pelzflorian@HIDDEN> ;;; Initially written by sirgazil who waives all ;;; copyright interest on this file. +;;; +;;; This file is part of the GNU Guix web site. +;;; +;;; The GNU Guix web site is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU Affero General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; The GNU Guix web site is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU Affero General Public License for more details. +;;; +;;; You should have received a copy of the GNU Affero General Public License +;;; along with the GNU Guix web site. If not, see <http://www.gnu.org/licenses/>. (define-module (apps base builder) #:use-module (apps base data) @@ -13,6 +29,7 @@ #:use-module (apps base templates help) #:use-module (apps base templates home) #:use-module (apps base templates menu) + #:use-module (apps base templates privacy) #:use-module (apps base templates security) #:use-module (apps base types) #:use-module (apps blog utils) @@ -54,6 +71,7 @@ (contact-builder) (irc-builder) (contribute-builder) + (privacy-builder) (security-builder) (graphics-builder)))) @@ -115,6 +133,11 @@ (make-page "menu/index.html" (menu-t) sxml->html)) +(define (privacy-builder) + "Return a Haunt page representing the Privacy page of the website." + (make-page "privacy/index.html" (privacy-t) sxml->html)) + + (define (security-builder) "Return a Haunt page representing the Security page of the website." (make-page "security/index.html" (security-t) sxml->html)) diff --git a/website/apps/base/templates/components.scm b/website/apps/base/templates/components.scm index 44d410e..1bf11e9 100644 --- a/website/apps/base/templates/components.scm +++ b/website/apps/base/templates/components.scm @@ -1,7 +1,22 @@ ;;; GNU Guix web site -;;; Copyright © 2019 Florian Pelz <pelzflorian@HIDDEN> +;;; Copyright © 2019, 2020 Florian Pelz <pelzflorian@HIDDEN> ;;; Initially written by sirgazil who waives all ;;; copyright interest on this file. +;;; +;;; This file is part of the GNU Guix web site. +;;; +;;; The GNU Guix web site is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU Affero General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; The GNU Guix web site is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU Affero General Public License for more details. +;;; +;;; You should have received a copy of the GNU Affero General Public License +;;; along with the GNU Guix web site. If not, see <http://www.gnu.org/licenses/>. ;;; This module defines HTML parts like header, breadcrumbs, footer, ;;; buttons, etc., which are used website-wide. @@ -425,6 +440,7 @@ manual. (C_ "website menu" (menu-item #:label "Contact" #:active-item active-item #:url (guix-url "contact/"))) (C_ "website menu" (menu-item #:label "Contribute" #:active-item active-item #:url (guix-url "contribute/"))) (C_ "website menu" (menu-item #:label "Security" #:active-item active-item #:url (guix-url "security/"))) + (C_ "website menu" (menu-item #:label "Privacy" #:active-item active-item #:url (guix-url "privacy/"))) (C_ "website menu" (menu-item #:label "Graphics" #:active-item active-item #:url (guix-url "graphics/"))))) ,(horizontal-skip) ;; Languages dropdown. diff --git a/website/apps/base/templates/privacy.scm b/website/apps/base/templates/privacy.scm new file mode 100644 index 0000000..bea6552 --- /dev/null +++ b/website/apps/base/templates/privacy.scm @@ -0,0 +1,115 @@ +;;; GNU Guix web site +;;; Copyright © 2020 Florian Pelz <pelzflorian@HIDDEN> +;;; +;;; This file is part of the GNU Guix web site. +;;; +;;; The GNU Guix web site is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU Affero General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; The GNU Guix web site is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU Affero General Public License for more details. +;;; +;;; You should have received a copy of the GNU Affero General Public License +;;; along with the GNU Guix web site. If not, see <http://www.gnu.org/licenses/>. + +(define-module (apps base templates privacy) + #:use-module (apps base templates components) + #:use-module (apps base templates theme) + #:use-module (apps base types) + #:use-module (apps base utils) + #:use-module (apps i18n) + #:export (privacy-t)) + +(define (privacy-t) + "Return the Privacy page in SHTML." + (theme + #:title (C_ "webpage title" '("Privacy")) + #:description + (G_ "Information on how your personal data is processed while using +GNU Guix’ services.") + #:keywords + (string-split ;TRANSLATORS: |-separated list of webpage keywords + (G_ "GNU|Linux|Unix|Free software|Libre software|Operating \ +system|GNU Hurd|GNU Guix package manager|Privacy|Data Protection") #\|) + #:active-menu-item (C_ "website menu" "About") + #:css (list + (guix-url "static/base/css/page.css")) + #:crumbs (list (crumb (C_ "website menu" "Privacy") "./")) + #:content + `(main + (section + (@ (class "page centered-block limit-width")) + ,(G_ `(h2 "How we use your personal information")) + ,(G_ + `(p + "Guix is made by people and organizations without a commercial + interest in your personal information. Nonetheless, some + services for Guix necessarily process your data to provide the + functionality you requested. We keep this to a minimum.")) + + ,(C_ "privacy policy section" `(h3 "Guix and Guix System")) + ,(G_ + `(p + "During your use of Guix’ software in its default configuration, + your IP address will be revealed to the network services you use. + From an IP address it may be possible to identify who uses the + service and from which internet connection. These services include " + ,(G_ (manual-href "substitute servers" + (G_ "en") + (G_ "Substitutes.html"))) + " hosted by " + ,(G_ `(a (@ (href ,(guix-url "donate/"))) "our donors")) + " for the Guix project but also " + ,(G_ (manual-href "third-party services" + (G_ "en") + (G_ "Networking-Services.html"))) + " such as network, DNS and Network Time Protocol service providers. + This is necessary to provide you with a usable and secure system + environment. It shall be assumed that these services log your use + of their service along with your IP address to make it easier to + guard against malicious use. The " + ,(G_ `(a (@ (href ,(guix-url "manual/"))) "manual")) + " describes how to change the configuration of Guix to disable such + services or how to send data over the network via an HTTP(S) proxy, + Tor or other means that maybe expose less of your personal data.")) + ,(G_ + `(p + "When you tell Guix to install software for you, Guix will attempt + to download said software from the respective upstream provider and + various download mirrors, revealing your IP address. Your use of + third-party software installed via Guix is of course your + responsibility.")) + ,(C_ "privacy policy section" `(h3 "Website")) + ,(G_ + `(p + "When you access Guix’ website, your request will be logged along + with your IP address and the requested URL. This enables the + admins to more easily respond to excess usage or security attacks.")) + ,(G_ + `(p + "For proper presentation, Guix loads videos and scripts from " + ,(G_ `(a (@ (href "https://audio-video.gnu.org/")) + "audio-video.gnu.org")) " and " + ,(G_ `(a (@ (href "https://kiwiirc.com/")) + "kiwiirc.com")) + ". Please see their websites for explanations how they use your + data. The website also contains hyperlinks to third-party sites. + When you follow them, it is likely that your web browser is + configured to report the Guix website URL you were previously + visiting to the third-party site in a " + ,(G_ `(a (@ (href "https://en.wikipedia.org/wiki/HTTP_referer")) + "Referer header")) + ".")) + ,(C_ "privacy policy section" + `(h3 "Mailing lists, IRC and other means of communication")) + ,(G_ + `(p + "You can " + ,(G_ `(a (@ (href ,(guix-url "contact/"))) + "contact the Guix community")) + " via various third-party means. Their respective privacy policy + applies.")))))) diff --git a/website/po/POTFILES b/website/po/POTFILES index 6f9f349..a97c6e5 100644 --- a/website/po/POTFILES +++ b/website/po/POTFILES @@ -13,6 +13,7 @@ apps/base/templates/donate.scm apps/base/templates/graphics.scm apps/base/templates/irc.scm apps/base/templates/menu.scm +apps/base/templates/privacy.scm apps/base/templates/security.scm apps/blog/templates/components.scm apps/blog/templates/feed.scm -- 2.28.0 --ylpmi5skpalo54iz--
bug-guix@HIDDEN
:bug#43796
; Package guix
.
Full text available.Received: (at submit) by debbugs.gnu.org; 5 Oct 2020 09:54:52 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon Oct 05 05:54:52 2020 Received: from localhost ([127.0.0.1]:47967 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1kPNCh-0002hF-RE for submit <at> debbugs.gnu.org; Mon, 05 Oct 2020 05:54:52 -0400 Received: from lists.gnu.org ([209.51.188.17]:55708) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <pelzflorian@HIDDEN>) id 1kPNCg-0002h8-RB for submit <at> debbugs.gnu.org; Mon, 05 Oct 2020 05:54:47 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:56990) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <pelzflorian@HIDDEN>) id 1kPNCg-0005Ei-IV for bug-guix@HIDDEN; Mon, 05 Oct 2020 05:54:46 -0400 Received: from pelzflorian.de ([5.45.111.108]:56910 helo=mail.pelzflorian.de) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <pelzflorian@HIDDEN>) id 1kPNCd-0002mp-CB for bug-guix@HIDDEN; Mon, 05 Oct 2020 05:54:46 -0400 Received: from pelzflorian.localdomain (unknown [5.45.111.108]) by mail.pelzflorian.de (Postfix) with ESMTPSA id 06F3E36057E; Mon, 5 Oct 2020 11:54:40 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=pelzflorian.de; s=mail; t=1601891681; bh=536j+I0vINzmeODaYoTWXtmHTtblVBPS83Ag5Z/3b90=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=RiUktwOUt94lTBwOqfTapQ5APdyjivzzR03ynryt1P13INnlUmVRK+4NnAblhCsfM P4ic47A1UNOUb9OoAlCSkBe+oLRk38k4nGZkdXnZP3T2T0hIIYMPkvjBGfnGz6zfHF Wy8qIdnyghcV889blEFVzmWsrhBb4sT7khgRaocs= Date: Mon, 5 Oct 2020 11:54:32 +0200 From: "pelzflorian (Florian Pelz)" <pelzflorian@HIDDEN> To: Julien Lepiller <julien@HIDDEN> Subject: Re: bug#43796: Privacy policy Message-ID: <20201005095432.la7qsn3vilmu4a57@HIDDEN> References: <20201004153419.kyacfjdwmok6yybg@HIDDEN> <90C37536-BB8F-47D4-ABD8-BA8493E9485E@HIDDEN> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="ylpmi5skpalo54iz" Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <90C37536-BB8F-47D4-ABD8-BA8493E9485E@HIDDEN> Received-SPF: pass client-ip=5.45.111.108; envelope-from=pelzflorian@HIDDEN; helo=mail.pelzflorian.de X-detected-operating-system: by eggs.gnu.org: First seen = 2020/10/05 05:54:41 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.4 (-) X-Debbugs-Envelope-To: submit Cc: 43796 <at> debbugs.gnu.org, bug-guix@HIDDEN X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -0.1 (/) --ylpmi5skpalo54iz Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit On Sun, Oct 04, 2020 at 11:56:04AM -0400, Julien Lepiller wrote: > The GDPR is not the only legislation that applies to us. For > services hosted in France for instance, there is a legal obligation > to keep logs for at least one year (not sure exactly who that > applies to). There could be something similar in Germany where > berlin is located. A quick web search does not reveal any such obligation in Germany. I also know people who don’t log. But again, IANAL. The Debian Privacy Policy says they store web logs for 15 days. But iplocation.net tells me their server is hosted in the Netherlands. If the Guix admins do not intend to use such data to “respond to excess usage or security attacks” on the website, logging should be disabled and I will remove that wording from the proposed patch. > I think some of the wording is vague. Does "can be used to identify" > mean we will use the IP to identify the person (is it the reason we > process this data?) Or is it something that we could technically do, > but refuse to do? I changed it to During your use of Guix’ software in its default configuration, your IP address will be revealed to the network services you use. From an IP address it may be possible to identify who uses the service and from which internet connection. These services include Attached is the complete patch with this single change. Are there other things which are badly worded? Regards, Florian --ylpmi5skpalo54iz Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename="0001-website-Add-privacy-policy.patch" Content-Transfer-Encoding: 8bit From 7f5354304697cf175dee3a76397d0f4ecff902cf Mon Sep 17 00:00:00 2001 From: Florian Pelz <pelzflorian@HIDDEN> Date: Mon, 5 Oct 2020 11:08:34 +0200 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Subject: [PATCH] website: Add privacy policy. * website/apps/base/templates/privacy.scm: New file with web page on privacy. * website/apps/base/templates/components.scm (navbar): Add it. * website/po/POTFILES: Add it. * website/apps/base/builder.scm (privacy-builder): New procedure. (builder): Add it. --- website/apps/base/builder.scm | 23 +++++ website/apps/base/templates/components.scm | 18 +++- website/apps/base/templates/privacy.scm | 115 +++++++++++++++++++++ website/po/POTFILES | 1 + 4 files changed, 156 insertions(+), 1 deletion(-) create mode 100644 website/apps/base/templates/privacy.scm diff --git a/website/apps/base/builder.scm b/website/apps/base/builder.scm index 4882dc5..2acf4dc 100644 --- a/website/apps/base/builder.scm +++ b/website/apps/base/builder.scm @@ -1,6 +1,22 @@ ;;; GNU Guix web site +;;; Copyright © 2020 Florian Pelz <pelzflorian@HIDDEN> ;;; Initially written by sirgazil who waives all ;;; copyright interest on this file. +;;; +;;; This file is part of the GNU Guix web site. +;;; +;;; The GNU Guix web site is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU Affero General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; The GNU Guix web site is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU Affero General Public License for more details. +;;; +;;; You should have received a copy of the GNU Affero General Public License +;;; along with the GNU Guix web site. If not, see <http://www.gnu.org/licenses/>. (define-module (apps base builder) #:use-module (apps base data) @@ -13,6 +29,7 @@ #:use-module (apps base templates help) #:use-module (apps base templates home) #:use-module (apps base templates menu) + #:use-module (apps base templates privacy) #:use-module (apps base templates security) #:use-module (apps base types) #:use-module (apps blog utils) @@ -54,6 +71,7 @@ (contact-builder) (irc-builder) (contribute-builder) + (privacy-builder) (security-builder) (graphics-builder)))) @@ -115,6 +133,11 @@ (make-page "menu/index.html" (menu-t) sxml->html)) +(define (privacy-builder) + "Return a Haunt page representing the Privacy page of the website." + (make-page "privacy/index.html" (privacy-t) sxml->html)) + + (define (security-builder) "Return a Haunt page representing the Security page of the website." (make-page "security/index.html" (security-t) sxml->html)) diff --git a/website/apps/base/templates/components.scm b/website/apps/base/templates/components.scm index 44d410e..1bf11e9 100644 --- a/website/apps/base/templates/components.scm +++ b/website/apps/base/templates/components.scm @@ -1,7 +1,22 @@ ;;; GNU Guix web site -;;; Copyright © 2019 Florian Pelz <pelzflorian@HIDDEN> +;;; Copyright © 2019, 2020 Florian Pelz <pelzflorian@HIDDEN> ;;; Initially written by sirgazil who waives all ;;; copyright interest on this file. +;;; +;;; This file is part of the GNU Guix web site. +;;; +;;; The GNU Guix web site is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU Affero General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; The GNU Guix web site is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU Affero General Public License for more details. +;;; +;;; You should have received a copy of the GNU Affero General Public License +;;; along with the GNU Guix web site. If not, see <http://www.gnu.org/licenses/>. ;;; This module defines HTML parts like header, breadcrumbs, footer, ;;; buttons, etc., which are used website-wide. @@ -425,6 +440,7 @@ manual. (C_ "website menu" (menu-item #:label "Contact" #:active-item active-item #:url (guix-url "contact/"))) (C_ "website menu" (menu-item #:label "Contribute" #:active-item active-item #:url (guix-url "contribute/"))) (C_ "website menu" (menu-item #:label "Security" #:active-item active-item #:url (guix-url "security/"))) + (C_ "website menu" (menu-item #:label "Privacy" #:active-item active-item #:url (guix-url "privacy/"))) (C_ "website menu" (menu-item #:label "Graphics" #:active-item active-item #:url (guix-url "graphics/"))))) ,(horizontal-skip) ;; Languages dropdown. diff --git a/website/apps/base/templates/privacy.scm b/website/apps/base/templates/privacy.scm new file mode 100644 index 0000000..bea6552 --- /dev/null +++ b/website/apps/base/templates/privacy.scm @@ -0,0 +1,115 @@ +;;; GNU Guix web site +;;; Copyright © 2020 Florian Pelz <pelzflorian@HIDDEN> +;;; +;;; This file is part of the GNU Guix web site. +;;; +;;; The GNU Guix web site is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU Affero General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; The GNU Guix web site is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU Affero General Public License for more details. +;;; +;;; You should have received a copy of the GNU Affero General Public License +;;; along with the GNU Guix web site. If not, see <http://www.gnu.org/licenses/>. + +(define-module (apps base templates privacy) + #:use-module (apps base templates components) + #:use-module (apps base templates theme) + #:use-module (apps base types) + #:use-module (apps base utils) + #:use-module (apps i18n) + #:export (privacy-t)) + +(define (privacy-t) + "Return the Privacy page in SHTML." + (theme + #:title (C_ "webpage title" '("Privacy")) + #:description + (G_ "Information on how your personal data is processed while using +GNU Guix’ services.") + #:keywords + (string-split ;TRANSLATORS: |-separated list of webpage keywords + (G_ "GNU|Linux|Unix|Free software|Libre software|Operating \ +system|GNU Hurd|GNU Guix package manager|Privacy|Data Protection") #\|) + #:active-menu-item (C_ "website menu" "About") + #:css (list + (guix-url "static/base/css/page.css")) + #:crumbs (list (crumb (C_ "website menu" "Privacy") "./")) + #:content + `(main + (section + (@ (class "page centered-block limit-width")) + ,(G_ `(h2 "How we use your personal information")) + ,(G_ + `(p + "Guix is made by people and organizations without a commercial + interest in your personal information. Nonetheless, some + services for Guix necessarily process your data to provide the + functionality you requested. We keep this to a minimum.")) + + ,(C_ "privacy policy section" `(h3 "Guix and Guix System")) + ,(G_ + `(p + "During your use of Guix’ software in its default configuration, + your IP address will be revealed to the network services you use. + From an IP address it may be possible to identify who uses the + service and from which internet connection. These services include " + ,(G_ (manual-href "substitute servers" + (G_ "en") + (G_ "Substitutes.html"))) + " hosted by " + ,(G_ `(a (@ (href ,(guix-url "donate/"))) "our donors")) + " for the Guix project but also " + ,(G_ (manual-href "third-party services" + (G_ "en") + (G_ "Networking-Services.html"))) + " such as network, DNS and Network Time Protocol service providers. + This is necessary to provide you with a usable and secure system + environment. It shall be assumed that these services log your use + of their service along with your IP address to make it easier to + guard against malicious use. The " + ,(G_ `(a (@ (href ,(guix-url "manual/"))) "manual")) + " describes how to change the configuration of Guix to disable such + services or how to send data over the network via an HTTP(S) proxy, + Tor or other means that maybe expose less of your personal data.")) + ,(G_ + `(p + "When you tell Guix to install software for you, Guix will attempt + to download said software from the respective upstream provider and + various download mirrors, revealing your IP address. Your use of + third-party software installed via Guix is of course your + responsibility.")) + ,(C_ "privacy policy section" `(h3 "Website")) + ,(G_ + `(p + "When you access Guix’ website, your request will be logged along + with your IP address and the requested URL. This enables the + admins to more easily respond to excess usage or security attacks.")) + ,(G_ + `(p + "For proper presentation, Guix loads videos and scripts from " + ,(G_ `(a (@ (href "https://audio-video.gnu.org/")) + "audio-video.gnu.org")) " and " + ,(G_ `(a (@ (href "https://kiwiirc.com/")) + "kiwiirc.com")) + ". Please see their websites for explanations how they use your + data. The website also contains hyperlinks to third-party sites. + When you follow them, it is likely that your web browser is + configured to report the Guix website URL you were previously + visiting to the third-party site in a " + ,(G_ `(a (@ (href "https://en.wikipedia.org/wiki/HTTP_referer")) + "Referer header")) + ".")) + ,(C_ "privacy policy section" + `(h3 "Mailing lists, IRC and other means of communication")) + ,(G_ + `(p + "You can " + ,(G_ `(a (@ (href ,(guix-url "contact/"))) + "contact the Guix community")) + " via various third-party means. Their respective privacy policy + applies.")))))) diff --git a/website/po/POTFILES b/website/po/POTFILES index 6f9f349..a97c6e5 100644 --- a/website/po/POTFILES +++ b/website/po/POTFILES @@ -13,6 +13,7 @@ apps/base/templates/donate.scm apps/base/templates/graphics.scm apps/base/templates/irc.scm apps/base/templates/menu.scm +apps/base/templates/privacy.scm apps/base/templates/security.scm apps/blog/templates/components.scm apps/blog/templates/feed.scm -- 2.28.0 --ylpmi5skpalo54iz--
bug-guix@HIDDEN
:bug#43796
; Package guix
.
Full text available.Received: (at 43796) by debbugs.gnu.org; 5 Oct 2020 07:09:34 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon Oct 05 03:09:34 2020 Received: from localhost ([127.0.0.1]:47612 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1kPKco-0006l6-05 for submit <at> debbugs.gnu.org; Mon, 05 Oct 2020 03:09:34 -0400 Received: from mout-p-201.mailbox.org ([80.241.56.171]:44336) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <tomasortin@HIDDEN>) id 1kPKcl-0006ka-Av for 43796 <at> debbugs.gnu.org; Mon, 05 Oct 2020 03:09:32 -0400 Received: from smtp2.mailbox.org (smtp2.mailbox.org [IPv6:2001:67c:2050:105:465:1:2:0]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-201.mailbox.org (Postfix) with ESMTPS id 4C4WtX50PBzQlDC for <43796 <at> debbugs.gnu.org>; Mon, 5 Oct 2020 09:09:24 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mailbox.org; h= content-transfer-encoding:content-language:content-type :content-type:mime-version:date:date:message-id:from:from :received; s=mail20150812; t=1601881761; bh=X5mUfmkt4pcE5ySP7mMS QOMpZ9ZCKkVmy7CGqRbiYbM=; b=Nu8AM1rN4PvnwfqWVqnR7hWjE1g2dS+7zpEn 7PZz41pk0sC7KVfOxqxsyfW4DpUL6H8whYLlmbPnnSGXttxWCRgdRwNb4K3oDHJa BvF4UpZWaK/4qRlc8Nn02DTbaO03wZZrVehwAkSQ2UbgIhhhH/msw4gOuxL9P3El +WMxRQ+rXEI8+9lLDlAYJ4ssj5XlY3XC3HgpJ9IP/xSc5PrgzTxCXXDYP28WHACb 7jyayZ3vn5px8jFmBrQYWfv0ct99+LmAVA/NMALXmmcgTPlO7NeXZVYrWvVS+oMl fvyE6BjjZ+OHcPjQj2vCGVCZR+XLaqLMovRpcLPtT/wKhPjKYw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mailbox.org; s=mail20150812; t=1601881763; h=from:from:reply-to:subject:date:date:message-id:message-id:to:to:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=X5mUfmkt4pcE5ySP7mMSQOMpZ9ZCKkVmy7CGqRbiYbM=; b=j43FOVyJoJ8sACwMSy+vQHv3uZmoqc2P9AlQ0MSziE+NBk9X0IvErodcViOoxgjn9vkEr2 gf7Qu1qTZOWrlFAGKWlvHepfNIRPqAer2YPMZCzb8PH3Ie/NSsmD6j7sWYQEzYbJQgfV1e jAyT46dFTbelNZA5NTpD059kT+BRlqR73N5LVS/jgAYRHP9etJURZ0RFpcVHJVGIvMFO2y qW4Fr1hzXraW79HnPquUXXW+PeOwMx8P8hDE2Z3LVJtrHqWMCMkk583G2nNk3hw9RCPbP7 NVsYJFAis3jgkGSZBrizf3VGAOkl8pPpPnLyMlyJ5MSwr6BGXUZGKcHmddPZzg== X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp2.mailbox.org ([80.241.60.241]) by spamfilter01.heinlein-hosting.de (spamfilter01.heinlein-hosting.de [80.241.56.115]) (amavisd-new, port 10030) with ESMTP id KSv7ILs15Xbi for <43796 <at> debbugs.gnu.org>; Mon, 5 Oct 2020 09:09:21 +0200 (CEST) To: 43796 <at> debbugs.gnu.org From: =?UTF-8?B?VG9tw6FzIE9ydMOtbiBGZXJuw6FuZGV6?= <tomasortin@HIDDEN> Message-ID: <56d1efad-6c9d-ce35-bca1-832609785cb0@HIDDEN> Date: Mon, 5 Oct 2020 09:09:20 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-MBO-SPAM-Probability: ** X-Rspamd-Score: 2.94 / 15.00 / 15.00 X-Rspamd-Queue-Id: DCDE81700 X-Rspamd-UID: b7c75a X-Spam-Score: 1.2 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: As I understand it, the Guix distribution is *not* a service but a piece of software. Neither the Guix community nor the GNU project have any responsibility over the third-party services you decide to [...] Content analysis details: (1.2 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [80.241.56.171 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [80.241.56.171 listed in wl.mailspike.net] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 RCVD_IN_MSPIKE_WL Mailspike good senders 1.8 MISSING_SUBJECT Missing Subject: header 0.2 NO_SUBJECT Extra score for no subject X-Debbugs-Envelope-To: 43796 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: 0.2 (/) As I understand it, the Guix distribution is *not* a service but a piece of software. Neither the Guix community nor the GNU project have any responsibility over the third-party services you decide to use with the Guix system, your software in your computer; it's only responsible of what concerns their services: the website and the repositories. For example, it's not that Guix shares your IP with your network provider, you share it yourself. It is indeed "your responsibility" (and your network provider's), but why would that be on the privacy policy for Guix? >During your use of Guix’ software in its default configuration, your IP address may be revealed to the network services you use. What configuration doesn't reveal your IP to the network services you use? If you use Tor, your IP will be revealed at least to the Tor access node. It's not possible to use the Internet without revealing your IP to at least one service. I understand that the point of mentioning all that is more as an advice than a policy. Wouldn't it be more useful in a section about privacy recommendations (or something similar) that in the privacy policy?
bug-guix@HIDDEN
:bug#43796
; Package guix
.
Full text available.Received: (at 43796) by debbugs.gnu.org; 4 Oct 2020 15:56:22 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun Oct 04 11:56:22 2020 Received: from localhost ([127.0.0.1]:46611 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1kP6N3-0003E3-Ti for submit <at> debbugs.gnu.org; Sun, 04 Oct 2020 11:56:22 -0400 Received: from lepiller.eu ([89.234.186.109]:53268) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <julien@HIDDEN>) id 1kP6N0-0003Dq-LG for 43796 <at> debbugs.gnu.org; Sun, 04 Oct 2020 11:56:20 -0400 Received: from lepiller.eu (localhost [127.0.0.1]) by lepiller.eu (OpenSMTPD) with ESMTP id 9fb8dda3; Sun, 4 Oct 2020 15:56:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=lepiller.eu; h=date :in-reply-to:references:mime-version:content-type :content-transfer-encoding:subject:to:from:message-id; s=dkim; bh=IvVN611zKtJ4HEtz/xYwtisdCcXswBq4YVH5ieK6KFo=; b=AOxkTe2qOxld erwQGzm6KOSUJwy0u6dqtpLUK52O9viMrbmjDoK65kFPMUJo0J+xDDkHNj2Sxle3 qV57pGwaporqag27wuCweLwjDKHXqCyoFY7SV+TMEAJWt0M+tkz6aKPGHc9bcrQl zn2HEf1AT0o23SeEHxvq6/hXpeZ9/0jXnSk0k+vjb4jG3Tji3S3TV0CJ3B9pn7FV PX65wNyDGpTGL7CjQWhmOFsH6kS3UWs8pf0JT8v9Ur9KgFN7qJbr92fIJmkX82Kl fODZqC5WWzDqUz67RRblU6kvNxkEc7SqYISSK75VeYEhT/QfN/fwvrlWolqsos10 Q9aAY09HFw== Received: by lepiller.eu (OpenSMTPD) with ESMTPSA id e2eb3d15 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Sun, 4 Oct 2020 15:56:14 +0000 (UTC) Date: Sun, 04 Oct 2020 11:56:04 -0400 User-Agent: K-9 Mail for Android In-Reply-To: <20201004153419.kyacfjdwmok6yybg@HIDDEN> References: <20201004153419.kyacfjdwmok6yybg@HIDDEN> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----313ODKVVAFIHC11CFAPKZL9TOW38IB" Content-Transfer-Encoding: 7bit Subject: Re: bug#43796: Privacy policy To: bug-guix@HIDDEN, "pelzflorian (Florian Pelz)" <pelzflorian@HIDDEN>, 43796 <at> debbugs.gnu.org From: Julien Lepiller <julien@HIDDEN> Message-ID: <90C37536-BB8F-47D4-ABD8-BA8493E9485E@HIDDEN> X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 43796 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) ------313ODKVVAFIHC11CFAPKZL9TOW38IB Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Looks nice, but: The GDPR is not the only legislation that applies to us=2E For services ho= sted in France for instance, there is a legal obligation to keep logs for a= t least one year (not sure exactly who that applies to)=2E There could be s= omething similar in Germany where berlin is located=2E I think some of the wording is vague=2E Does "can be used to identify" mea= n we will use the IP to identify the person (is it the reason we process th= is data?) Or is it something that we could technically do, but refuse to do= ? Le 4 octobre 2020 11:34:19 GMT-04:00, "pelzflorian (Florian Pelz)" <pelzfl= orian@pelzflorian=2Ede> a =C3=A9crit : >IANAL but I think Guix needs a privacy policy for both its website and >the Guix software in general=2E > >Attached is a patch for the website that also documents data use by >Guix and Guix System=2E Maybe I=E2=80=99ve overdone some parts and proba= bly >something important is missing=2E > >In particular, the GDPR requires IP addresses to be deleted from logs >after a reasonable time=2E I think but am not sure the current process >for nginx is to delete only when the log files become too big=2E A more >suitable policy must be implemented and the users must be told about >it, I think=2E See <https://gdpr-info=2Eeu/art-13-gdpr/>=2E > >In general I think it is better to have an incomplete policy than to >have none=2E > >Comments? > >Regards, >Florian ------313ODKVVAFIHC11CFAPKZL9TOW38IB Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><head></head><body>Looks nice, but:<br><br>The GDPR is not the only l= egislation that applies to us=2E For services hosted in France for instance= , there is a legal obligation to keep logs for at least one year (not sure = exactly who that applies to)=2E There could be something similar in Germany= where berlin is located=2E<br><br>I think some of the wording is vague=2E = Does "can be used to identify" mean we will use the IP to identify the pers= on (is it the reason we process this data?) Or is it something that we coul= d technically do, but refuse to do?<br><br><div class=3D"gmail_quote">Le 4 = octobre 2020 11:34:19 GMT-04:00, "pelzflorian (Florian Pelz)" <pelzflori= an@pelzflorian=2Ede> a =C3=A9crit :<blockquote class=3D"gmail_quote" sty= le=3D"margin: 0pt 0pt 0pt 0=2E8ex; border-left: 1px solid rgb(204, 204, 204= ); padding-left: 1ex;"> <pre class=3D"k9mail">IANAL but I think Guix needs a privacy policy for bo= th its website and<br>the Guix software in general=2E<br><br>Attached is a = patch for the website that also documents data use by<br>Guix and Guix Syst= em=2E Maybe I=E2=80=99ve overdone some parts and probably<br>something imp= ortant is missing=2E<br><br>In particular, the GDPR requires IP addresses t= o be deleted from logs<br>after a reasonable time=2E I think but am not su= re the current process<br>for nginx is to delete only when the log files be= come too big=2E A more<br>suitable policy must be implemented and the user= s must be told about<br>it, I think=2E See <<a href=3D"https://gdpr-inf= o=2Eeu/art-13-gdpr/">https://gdpr-info=2Eeu/art-13-gdpr/</a>>=2E<br><br>= In general I think it is better to have an incomplete policy than to<br>hav= e none=2E<br><br>Comments?<br><br>Regards,<br>Florian<br></pre></blockquote= ></div></body></html> ------313ODKVVAFIHC11CFAPKZL9TOW38IB--
bug-guix@HIDDEN
:bug#43796
; Package guix
.
Full text available.Received: (at submit) by debbugs.gnu.org; 4 Oct 2020 15:56:29 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun Oct 04 11:56:29 2020 Received: from localhost ([127.0.0.1]:46614 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1kP6NB-0003EN-7d for submit <at> debbugs.gnu.org; Sun, 04 Oct 2020 11:56:29 -0400 Received: from lists.gnu.org ([209.51.188.17]:59638) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <julien@HIDDEN>) id 1kP6N9-0003EF-1A for submit <at> debbugs.gnu.org; Sun, 04 Oct 2020 11:56:27 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:54980) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <julien@HIDDEN>) id 1kP6N8-0006TD-OX for bug-guix@HIDDEN; Sun, 04 Oct 2020 11:56:26 -0400 Received: from lepiller.eu ([2a00:5884:8208::1]:46990) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <julien@HIDDEN>) id 1kP6N4-0000yI-P0 for bug-guix@HIDDEN; Sun, 04 Oct 2020 11:56:25 -0400 Received: from lepiller.eu (localhost [127.0.0.1]) by lepiller.eu (OpenSMTPD) with ESMTP id 9fb8dda3; Sun, 4 Oct 2020 15:56:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=lepiller.eu; h=date :in-reply-to:references:mime-version:content-type :content-transfer-encoding:subject:to:from:message-id; s=dkim; bh=IvVN611zKtJ4HEtz/xYwtisdCcXswBq4YVH5ieK6KFo=; b=AOxkTe2qOxld erwQGzm6KOSUJwy0u6dqtpLUK52O9viMrbmjDoK65kFPMUJo0J+xDDkHNj2Sxle3 qV57pGwaporqag27wuCweLwjDKHXqCyoFY7SV+TMEAJWt0M+tkz6aKPGHc9bcrQl zn2HEf1AT0o23SeEHxvq6/hXpeZ9/0jXnSk0k+vjb4jG3Tji3S3TV0CJ3B9pn7FV PX65wNyDGpTGL7CjQWhmOFsH6kS3UWs8pf0JT8v9Ur9KgFN7qJbr92fIJmkX82Kl fODZqC5WWzDqUz67RRblU6kvNxkEc7SqYISSK75VeYEhT/QfN/fwvrlWolqsos10 Q9aAY09HFw== Received: by lepiller.eu (OpenSMTPD) with ESMTPSA id e2eb3d15 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Sun, 4 Oct 2020 15:56:14 +0000 (UTC) Date: Sun, 04 Oct 2020 11:56:04 -0400 User-Agent: K-9 Mail for Android In-Reply-To: <20201004153419.kyacfjdwmok6yybg@HIDDEN> References: <20201004153419.kyacfjdwmok6yybg@HIDDEN> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----313ODKVVAFIHC11CFAPKZL9TOW38IB" Content-Transfer-Encoding: 7bit Subject: Re: bug#43796: Privacy policy To: bug-guix@HIDDEN, "pelzflorian (Florian Pelz)" <pelzflorian@HIDDEN>, 43796 <at> debbugs.gnu.org From: Julien Lepiller <julien@HIDDEN> Message-ID: <90C37536-BB8F-47D4-ABD8-BA8493E9485E@HIDDEN> Received-SPF: pass client-ip=2a00:5884:8208::1; envelope-from=julien@HIDDEN; helo=lepiller.eu X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.3 (--) ------313ODKVVAFIHC11CFAPKZL9TOW38IB Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Looks nice, but: The GDPR is not the only legislation that applies to us=2E For services ho= sted in France for instance, there is a legal obligation to keep logs for a= t least one year (not sure exactly who that applies to)=2E There could be s= omething similar in Germany where berlin is located=2E I think some of the wording is vague=2E Does "can be used to identify" mea= n we will use the IP to identify the person (is it the reason we process th= is data?) Or is it something that we could technically do, but refuse to do= ? Le 4 octobre 2020 11:34:19 GMT-04:00, "pelzflorian (Florian Pelz)" <pelzfl= orian@pelzflorian=2Ede> a =C3=A9crit : >IANAL but I think Guix needs a privacy policy for both its website and >the Guix software in general=2E > >Attached is a patch for the website that also documents data use by >Guix and Guix System=2E Maybe I=E2=80=99ve overdone some parts and proba= bly >something important is missing=2E > >In particular, the GDPR requires IP addresses to be deleted from logs >after a reasonable time=2E I think but am not sure the current process >for nginx is to delete only when the log files become too big=2E A more >suitable policy must be implemented and the users must be told about >it, I think=2E See <https://gdpr-info=2Eeu/art-13-gdpr/>=2E > >In general I think it is better to have an incomplete policy than to >have none=2E > >Comments? > >Regards, >Florian ------313ODKVVAFIHC11CFAPKZL9TOW38IB Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><head></head><body>Looks nice, but:<br><br>The GDPR is not the only l= egislation that applies to us=2E For services hosted in France for instance= , there is a legal obligation to keep logs for at least one year (not sure = exactly who that applies to)=2E There could be something similar in Germany= where berlin is located=2E<br><br>I think some of the wording is vague=2E = Does "can be used to identify" mean we will use the IP to identify the pers= on (is it the reason we process this data?) Or is it something that we coul= d technically do, but refuse to do?<br><br><div class=3D"gmail_quote">Le 4 = octobre 2020 11:34:19 GMT-04:00, "pelzflorian (Florian Pelz)" <pelzflori= an@pelzflorian=2Ede> a =C3=A9crit :<blockquote class=3D"gmail_quote" sty= le=3D"margin: 0pt 0pt 0pt 0=2E8ex; border-left: 1px solid rgb(204, 204, 204= ); padding-left: 1ex;"> <pre class=3D"k9mail">IANAL but I think Guix needs a privacy policy for bo= th its website and<br>the Guix software in general=2E<br><br>Attached is a = patch for the website that also documents data use by<br>Guix and Guix Syst= em=2E Maybe I=E2=80=99ve overdone some parts and probably<br>something imp= ortant is missing=2E<br><br>In particular, the GDPR requires IP addresses t= o be deleted from logs<br>after a reasonable time=2E I think but am not su= re the current process<br>for nginx is to delete only when the log files be= come too big=2E A more<br>suitable policy must be implemented and the user= s must be told about<br>it, I think=2E See <<a href=3D"https://gdpr-inf= o=2Eeu/art-13-gdpr/">https://gdpr-info=2Eeu/art-13-gdpr/</a>>=2E<br><br>= In general I think it is better to have an incomplete policy than to<br>hav= e none=2E<br><br>Comments?<br><br>Regards,<br>Florian<br></pre></blockquote= ></div></body></html> ------313ODKVVAFIHC11CFAPKZL9TOW38IB--
bug-guix@HIDDEN
:bug#43796
; Package guix
.
Full text available.Received: (at submit) by debbugs.gnu.org; 4 Oct 2020 15:34:45 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun Oct 04 11:34:45 2020 Received: from localhost ([127.0.0.1]:46604 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1kP625-0002gK-5V for submit <at> debbugs.gnu.org; Sun, 04 Oct 2020 11:34:45 -0400 Received: from lists.gnu.org ([209.51.188.17]:53626) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <pelzflorian@HIDDEN>) id 1kP623-0002gC-JX for submit <at> debbugs.gnu.org; Sun, 04 Oct 2020 11:34:40 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51520) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <pelzflorian@HIDDEN>) id 1kP623-0002Hd-CD for bug-guix@HIDDEN; Sun, 04 Oct 2020 11:34:39 -0400 Received: from pelzflorian.de ([5.45.111.108]:55884 helo=mail.pelzflorian.de) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <pelzflorian@HIDDEN>) id 1kP61z-0006Ss-Rp for bug-guix@HIDDEN; Sun, 04 Oct 2020 11:34:38 -0400 Received: from pelzflorian.localdomain (unknown [5.45.111.108]) by mail.pelzflorian.de (Postfix) with ESMTPSA id EAF4036057E for <bug-guix@HIDDEN>; Sun, 4 Oct 2020 17:34:31 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=pelzflorian.de; s=mail; t=1601825672; bh=/G2HYbmOf/P64hk0d9RgLc1edpZhSzdLaiU8Z9GMCTY=; h=Date:From:To:Subject; b=dhsbYspCS1EDoROKZu7NMM/QB6OIQzAB8+X8CWamuhSpwLlYVdDZRppWp4Iw8ZjxI U+5jg1x6bka13DnHJ1c7x1Lzo6/eLBy2WS8DeHEjNi3ekkGjXgMrEryxdwFZJIBNK0 8dxjW/GIuJhHJb6k6TIJCIzwrx53LTN8GmCruDEc= Date: Sun, 4 Oct 2020 17:34:19 +0200 From: "pelzflorian (Florian Pelz)" <pelzflorian@HIDDEN> To: bug-guix@HIDDEN Subject: Privacy policy Message-ID: <20201004153419.kyacfjdwmok6yybg@HIDDEN> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="w5j4vyutauxw4md5" Content-Disposition: inline Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=5.45.111.108; envelope-from=pelzflorian@HIDDEN; helo=mail.pelzflorian.de X-detected-operating-system: by eggs.gnu.org: First seen = 2020/10/04 11:34:32 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.4 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -0.1 (/) --w5j4vyutauxw4md5 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit IANAL but I think Guix needs a privacy policy for both its website and the Guix software in general. Attached is a patch for the website that also documents data use by Guix and Guix System. Maybe I’ve overdone some parts and probably something important is missing. In particular, the GDPR requires IP addresses to be deleted from logs after a reasonable time. I think but am not sure the current process for nginx is to delete only when the log files become too big. A more suitable policy must be implemented and the users must be told about it, I think. See <https://gdpr-info.eu/art-13-gdpr/>. In general I think it is better to have an incomplete policy than to have none. Comments? Regards, Florian --w5j4vyutauxw4md5 Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename="0001-website-Add-privacy-policy.patch" Content-Transfer-Encoding: 8bit From 080df2de1f1f99fce3d7dffcce57f723fd266e17 Mon Sep 17 00:00:00 2001 From: Florian Pelz <pelzflorian@HIDDEN> Date: Sun, 4 Oct 2020 17:10:13 +0200 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Subject: [PATCH] website: Add privacy policy. * website/apps/base/templates/privacy.scm: New file with web page on privacy. * website/apps/base/templates/components.scm (navbar): Add it. * website/po/POTFILES: Add it. * website/apps/base/builder.scm (privacy-builder): New procedure. (builder): Add it. --- website/apps/base/builder.scm | 23 +++++ website/apps/base/templates/components.scm | 18 +++- website/apps/base/templates/privacy.scm | 115 +++++++++++++++++++++ website/po/POTFILES | 1 + 4 files changed, 156 insertions(+), 1 deletion(-) create mode 100644 website/apps/base/templates/privacy.scm diff --git a/website/apps/base/builder.scm b/website/apps/base/builder.scm index 4882dc5..2acf4dc 100644 --- a/website/apps/base/builder.scm +++ b/website/apps/base/builder.scm @@ -1,6 +1,22 @@ ;;; GNU Guix web site +;;; Copyright © 2020 Florian Pelz <pelzflorian@HIDDEN> ;;; Initially written by sirgazil who waives all ;;; copyright interest on this file. +;;; +;;; This file is part of the GNU Guix web site. +;;; +;;; The GNU Guix web site is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU Affero General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; The GNU Guix web site is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU Affero General Public License for more details. +;;; +;;; You should have received a copy of the GNU Affero General Public License +;;; along with the GNU Guix web site. If not, see <http://www.gnu.org/licenses/>. (define-module (apps base builder) #:use-module (apps base data) @@ -13,6 +29,7 @@ #:use-module (apps base templates help) #:use-module (apps base templates home) #:use-module (apps base templates menu) + #:use-module (apps base templates privacy) #:use-module (apps base templates security) #:use-module (apps base types) #:use-module (apps blog utils) @@ -54,6 +71,7 @@ (contact-builder) (irc-builder) (contribute-builder) + (privacy-builder) (security-builder) (graphics-builder)))) @@ -115,6 +133,11 @@ (make-page "menu/index.html" (menu-t) sxml->html)) +(define (privacy-builder) + "Return a Haunt page representing the Privacy page of the website." + (make-page "privacy/index.html" (privacy-t) sxml->html)) + + (define (security-builder) "Return a Haunt page representing the Security page of the website." (make-page "security/index.html" (security-t) sxml->html)) diff --git a/website/apps/base/templates/components.scm b/website/apps/base/templates/components.scm index 44d410e..1bf11e9 100644 --- a/website/apps/base/templates/components.scm +++ b/website/apps/base/templates/components.scm @@ -1,7 +1,22 @@ ;;; GNU Guix web site -;;; Copyright © 2019 Florian Pelz <pelzflorian@HIDDEN> +;;; Copyright © 2019, 2020 Florian Pelz <pelzflorian@HIDDEN> ;;; Initially written by sirgazil who waives all ;;; copyright interest on this file. +;;; +;;; This file is part of the GNU Guix web site. +;;; +;;; The GNU Guix web site is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU Affero General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; The GNU Guix web site is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU Affero General Public License for more details. +;;; +;;; You should have received a copy of the GNU Affero General Public License +;;; along with the GNU Guix web site. If not, see <http://www.gnu.org/licenses/>. ;;; This module defines HTML parts like header, breadcrumbs, footer, ;;; buttons, etc., which are used website-wide. @@ -425,6 +440,7 @@ manual. (C_ "website menu" (menu-item #:label "Contact" #:active-item active-item #:url (guix-url "contact/"))) (C_ "website menu" (menu-item #:label "Contribute" #:active-item active-item #:url (guix-url "contribute/"))) (C_ "website menu" (menu-item #:label "Security" #:active-item active-item #:url (guix-url "security/"))) + (C_ "website menu" (menu-item #:label "Privacy" #:active-item active-item #:url (guix-url "privacy/"))) (C_ "website menu" (menu-item #:label "Graphics" #:active-item active-item #:url (guix-url "graphics/"))))) ,(horizontal-skip) ;; Languages dropdown. diff --git a/website/apps/base/templates/privacy.scm b/website/apps/base/templates/privacy.scm new file mode 100644 index 0000000..1511fe0 --- /dev/null +++ b/website/apps/base/templates/privacy.scm @@ -0,0 +1,115 @@ +;;; GNU Guix web site +;;; Copyright © 2020 Florian Pelz <pelzflorian@HIDDEN> +;;; +;;; This file is part of the GNU Guix web site. +;;; +;;; The GNU Guix web site is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU Affero General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; The GNU Guix web site is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU Affero General Public License for more details. +;;; +;;; You should have received a copy of the GNU Affero General Public License +;;; along with the GNU Guix web site. If not, see <http://www.gnu.org/licenses/>. + +(define-module (apps base templates privacy) + #:use-module (apps base templates components) + #:use-module (apps base templates theme) + #:use-module (apps base types) + #:use-module (apps base utils) + #:use-module (apps i18n) + #:export (privacy-t)) + +(define (privacy-t) + "Return the Privacy page in SHTML." + (theme + #:title (C_ "webpage title" '("Privacy")) + #:description + (G_ "Information on how your personal data is processed while using +GNU Guix’ services.") + #:keywords + (string-split ;TRANSLATORS: |-separated list of webpage keywords + (G_ "GNU|Linux|Unix|Free software|Libre software|Operating \ +system|GNU Hurd|GNU Guix package manager|Privacy|Data Protection") #\|) + #:active-menu-item (C_ "website menu" "About") + #:css (list + (guix-url "static/base/css/page.css")) + #:crumbs (list (crumb (C_ "website menu" "Privacy") "./")) + #:content + `(main + (section + (@ (class "page centered-block limit-width")) + ,(G_ `(h2 "How we use your personal information")) + ,(G_ + `(p + "Guix is made by people and organizations without a commercial + interest in your personal information. Nonetheless, some + services for Guix necessarily process your data to provide the + functionality you requested. We keep this to a minimum.")) + + ,(C_ "privacy policy section" `(h3 "Guix and Guix System")) + ,(G_ + `(p + "During your use of Guix’ software in its default configuration, + your IP address may be revealed to the network services you use. + Your IP address could be used to identify who uses the service and + from which internet connection it is used. These services include " + ,(G_ (manual-href "substitute servers" + (G_ "en") + (G_ "Substitutes.html"))) + " hosted by " + ,(G_ `(a (@ (href ,(guix-url "donate/"))) "our donors")) + " for the Guix project but also " + ,(G_ (manual-href "third-party services" + (G_ "en") + (G_ "Networking-Services.html"))) + " such as network, DNS and Network Time Protocol service providers. + This is necessary to provide you with a usable and secure system + environment. It shall be assumed that these services log your use + of their service along with your IP address to make it easier to + guard against malicious use. The " + ,(G_ `(a (@ (href ,(guix-url "manual/"))) "manual")) + " describes how to change the configuration of Guix to disable such + services or how to send data over the network via an HTTP(S) proxy, + Tor or other means that maybe expose less of your personal data.")) + ,(G_ + `(p + "When you tell Guix to install software for you, Guix will attempt + to download said software from the respective upstream provider and + various download mirrors, revealing your IP address. Your use of + third-party software installed via Guix is of course your + responsibility.")) + ,(C_ "privacy policy section" `(h3 "Website")) + ,(G_ + `(p + "When you access Guix’ website, your request will be logged along + with your IP address and the requested URL. This enables the + admins to more easily respond to excess usage or security attacks.")) + ,(G_ + `(p + "For proper presentation, Guix loads videos and scripts from " + ,(G_ `(a (@ (href "https://audio-video.gnu.org/")) + "audio-video.gnu.org")) " and " + ,(G_ `(a (@ (href "https://kiwiirc.com/")) + "kiwiirc.com")) + ". Please see their websites for explanations how they use your + data. The website also contains hyperlinks to third-party sites. + When you follow them, it is likely that your web browser is + configured to report the Guix website URL you were previously + visiting to the third-party site in a " + ,(G_ `(a (@ (href "https://en.wikipedia.org/wiki/HTTP_referer")) + "Referer header")) + ".")) + ,(C_ "privacy policy section" + `(h3 "Mailing lists, IRC and other means of communication")) + ,(G_ + `(p + "You can " + ,(G_ `(a (@ (href ,(guix-url "contact/"))) + "contact the Guix community")) + " via various third-party means. Their respective privacy policy + applies.")))))) diff --git a/website/po/POTFILES b/website/po/POTFILES index 6f9f349..a97c6e5 100644 --- a/website/po/POTFILES +++ b/website/po/POTFILES @@ -13,6 +13,7 @@ apps/base/templates/donate.scm apps/base/templates/graphics.scm apps/base/templates/irc.scm apps/base/templates/menu.scm +apps/base/templates/privacy.scm apps/base/templates/security.scm apps/blog/templates/components.scm apps/blog/templates/feed.scm -- 2.28.0 --w5j4vyutauxw4md5--
"pelzflorian (Florian Pelz)" <pelzflorian@HIDDEN>
:bug-guix@HIDDEN
.
Full text available.bug-guix@HIDDEN
:bug#43796
; Package guix
.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.