potiuk commented on PR #2: URL: https://github.com/apache/comdev/pull/2#issuecomment-4320194185
@grobmeier — pinging you in your VP, Data Privacy capacity. There's an unresolved policy question on this PR (an MCP server that lets users query Apache mailing list archives via an LLM) where your guidance would help. The concern, raised by @sebbASF: private ASF lists may carry PII with the expectation of non-propagation; feeding their content to an LLM (especially a hosted one) plausibly violates that expectation. The proposed posture (in #3, on top of this branch): - **Block all private lists by default.** Two layers — pattern blocks for known-private list names, plus checking PonyMail's own `private: true` flag on every response so unconventionally-named private lists are also caught. - **Opt-in** via a `PONYMAIL_ALLOWED_LISTS` env var, so a contributor authorized to access (e.g.) their own project's `security@` can do so while taking responsibility for the LLM environment they use. - **Documentation** explains the hosted-vs-local LLM risk, links the ASF Mailing Lists / Privacy Policy pages, and flags this as an interim posture pending updated ASF guidance for LLM use specifically. Two questions where your read would help: 1. Is "block all private lists by default + per-list opt-in by an authorized human operator" an acceptable interim posture while ASF privacy policy for LLM use is being clarified? 2. Should certain categories of private list (e.g. `members@`, board/secretary/treasurer, `private@`) be policy-blocked even with opt-in, while operationally-private lists like `security@` could be operator's discretion? No urgency on the merge — happy to hold until you've had a chance to weigh in. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
