GDPR

[sbalmer]

What do we have to change in Openki so it can be operated in accordance with the GDPR? It is clear we're both a "data controller" and a "data processor" offering services to EU-residents. I've had a short discussion with @lu40 and we agree that not only must we implement this anyway, it's also a good thing to have for all users.

I see a few points where we have to adapt:

1. Consent: We're not currently getting complete consent from our users
2. Deletion: Not all relevant entries have an easily accessed deletion option
3. Data access: There is no way for "data subjects" to get a machine-readable "data-package"

In detail:

We need to get consent from our users. I think for some things we're already getting consent by virtue of having well-labeled buttons. By renaming "Save" to "Publish" I assume the forms would be getting explicit consent. We don't plan on doing anything besides using the data for the purpose of the site which in my understanding is well-communicated.

On the other hand, we're using analytics to track user behaviour which is not at all obvious. We don't have consent under the GDPR for this tracking. Matomo themselves are unsure under what circumstances we'll be allowed to collect analytics data: https://matomo.org/blog/2017/09/gdpr-potential-consequences-piwik/ I'd say we can either get explicit consent or we heavily curtail or disable tracking. If it is possible to collect relevant statistics while avoiding collecting personal data, we should do that. But that probably means not having a tracking-cookie and not sending user-id. We could get permission on signup for this. Answering the questions around tracking is non-critical because we can just disable tracking at any time without affecting operations.

Since most actions can easily be reversed, deletion will be rather easy to achieve I think. I'm unsure whether we need to offer an all-in-one "nuke" button which we don't have at current. Account deletion will not delete your comments for example.

We'll need something similar to the already exisiting JSON-API so we can offer data access.

[sbalmer]

Matomo's take on the issue:

https://matomo.org/blog/2018/04/how-to-make-matomo-gdpr-compliant-in-12-steps/