DataSafety

Safety of operation and respect for our users are central to much of what we do at Mozilla, but there are many people who spend all their time working on the safety of our stuff. The problem is that sometimes it is difficult to know which teams or which people to involve during your project. This Data Safety project aims to improve this by providing a central place to involve the various groups that may be valuable to your project, and track progress of what's needed to safely ship stuff.

Why this Data Safety Coordination thing?

If you're working on a project and there might be potential safety implications (such as security or privacy considerations), you should fill out the Data Safety Coordination form to involve the right people! It only takes a short time to answer a few questions about your project, and once you provide that information the various teams can get involved where they'll be helpful.

Who is involved in Data Safety Coordination?

First and foremost: you. You're project lead or champion for some new product, feature or initiative. There's no reason you need to also be an expert in safety as that can be a full time job in itself. So fill out the Data Safety Coordination form and get the right people involved.

Once you've filled out the form, bugs will be filed and the appropriate teams will follow up with your project team as necessary:

• Infrastructure Security - they ensure secure operation of webapps and related infrastructure.
• Client Security - they ensure secure operation of software on users' machines.
• Privacy Engineering - they advance users' ability to control the flow of their information throughout the web.
• Policy and Legal - they ensure our legal compliance, contracts, and honest disclosure of our policies to users.
• User Data Committee - they ensure we make the right decisions about collecting and using peoples' data.

Most likely you won't have to spend time with many of these teams; not all projects span the spectrum of possible data safety implications so you'll probably only hear from a few teams and only about issues relevant to your project.

Launch Data Safety Coordination

Doing a project? Want security/privacy/UDC input?

Form Done. Now what?

Once you've filled out the form, you'll be cc'ed on a data safety bug that serves as a tracking bug for all the safety groups' tasks. When all the needed safety work is done, all of the dependencies on your safety bug will be marked resolved, and the tracking bug itself will get resolved FIXED.

Moar Info!

• See DataSafety:CoordinationForm_Details to learn more about how the form is constructed and what tasks it automatically creates (and why).
• See DataSafety:Effort to learn more about who and why we're doing this.