Depending on how it's technically implemented, would a "I agree to ... and confirm I own the submitted data" or similar legal disclaimer work before uploading?
On Wed, Oct 10, 2012 at 5:48 PM, Bertrand Delacretaz <[email protected] > wrote: > Hi, > > On Wed, Oct 10, 2012 at 5:20 PM, Naghibi, Reza <[email protected]> > wrote: > > ...The only concern I have is that some of the information requested > will have privacy impact. Is it possible to > > draft some sort of confidentiality agreement between the sharing > parties, this project, and Apache to make > > sure this information is kept private and only used for the project?... > > What we can do is a privacy statement on the DeviceMap website, that > explains how the data is handled and who has access to it. > > The latter depends on the technical solution - the simplest is to > upload the data to a location that's only readable by DeviceMap PPMC > members (and to whoever's root on ASF servers of course) - would that > be acceptable to people who are thinking of submitting logs? > > > > > Also, would it make sense to remove the last 8 or 16 bits from the IP > address? I think it would also be a good > > idea to round the timestamp to the nearest day.... > > I agree that those are good ideas, and that shouldn't diminish the > value of the data for DeviceMap. > > We might also accept logs without IP address and/or without timestamp, > to make it possible for more people to contribute, if they have issues > with giving us that data. > > -Bertrand >
