2021-06-15 - Privacy SIG Notes
Date
Attendees
Goals
- Restart the FOLIO Privacy SIG
Discussion items
Time | Item | Who | Notes |
---|---|---|---|
10min | Meeting startup |
Agreed to store the recordings of the SIG meetings for four weeks. The convener will be responsible for deleting them. Recordings to be open at this time; we may need to revisit this topic in the future. The legitimate interest is to allow people to catch up on the activities of the meeting. There may be an interest in saving portions of a meeting (like a presentation) for a longer period of time. Noting that our decisions about our recordings can have an impact beyond the Privacy SIG. How we are thinking about our Zoom recordings can set an example for other SIGs and how they use their meeting recordings. FOLIO might need a body/committee to handle privacy-related needs..a group that has the authority to implement decisions/needs related to privacy. | |
20min | Review of the Privacy SIG charter | all | Make edits to the Google Docs draft of the charter. |
Log file privacy | SIG should find answers to the following questions:
Information needed to put up the list of processing activities in compliance with GDPR For GDPR, we need this list of processing activities. To coordinate with the technical teams to understand what is being stored. For instance, login information in Okapi is stored by default for 10 days. In a complete install of Iris, there are 59 containers and so 59 log files. What are the defaults, how to configure it, and what is stored? Postgres can also log activities. ElasticSearch, when implemented, will also log activities. Ask the developers for the log4j configuration files. What are the defaults and what are the impacts of changes to the log file configuration? How can sites make informed decisions about the impact of these log files? Forensic logs versus statistical/analysis logs. |
Action items
- Make edits to the Google Docs draft of the Privacy SIG charter
- Peter Murray to create a draft document for asking the development teams about module log files