canmove, Confirmed users
1,537
edits
Privacy/Reviews/PhonebookAPI: Difference between revisions
→Alignment with Privacy Operating Principles
| Line 158: | Line 158: | ||
====Principle: Transparency / No Surprises==== | ====Principle: Transparency / No Surprises==== | ||
Contributors give explicit consent by opting-in for profile sharing when they register for the service. They need to be able to see how the data is being used. | |||
''Recommendations'': It would also be helpful to show the user how their data is being shared/used via the api -- perhaps by sending them a message when a new site access the API (including a list of sites accessing their data through the api). | |||
{{ResolutionBox|{{new|Provide way for users to see which sites are accessing their data through the api and perhaps also what is being accessed}}}} | |||
====Principle: Real Choice==== | ====Principle: Real Choice==== | ||
Users have an opportunity to opt-in at registration, but should have control if they change their minds later. | |||
''Recommendations'': | ''Recommendations'': Expose an option in the user's "edit profile" screen to allow them control over whether their data is exposed via the API. | ||
{{ResolutionBox|{{new|Expose setting/checkbox to enable/disable sharing via this api}}}} | |||
====Principle: Sensible Defaults==== | ====Principle: Sensible Defaults==== | ||
| Line 183: | Line 182: | ||
====Principle: Limited Data==== | ====Principle: Limited Data==== | ||
* As all users | * As all users must be logged in and vouched by other Mozillians to view profile data that is more than beyond name. This limits web/data scrapers from collecting these profiles. | ||
''Recommendations'': | ''Recommendations'': | ||