[Labs-l] [Labs-announce] [notice] DB replicas user_properties view redaction
Marc-Andre
marc at uberbox.org
Tue Nov 29 20:00:31 UTC 2016
On 2016-11-29 02:09 PM, Jonathan Morgan wrote:
> Out of curiosity (not snark), who has final say on these matters:
> Security, or Legal?
Nowadays, probably security (although I suppose Legal will always have a
final veto for - well - legal reasons). At the time, Legal was handling
it because the privacy policy is their domain, and there wasn't much of
"Security" to speak of beyond individual stakeholders.
My concern isn't that security shouldn't have the say so much as the
fact that I'm a little surprised that an informed decision from legal
ends up being reversed 180° without any apparent reference to that prior
discussion. I'm all for revisiting decisions when it makes sense to do
so; but revisiting a decision requires actually /revisiting/ the
decision - not ignoring prior context as though the current setup was
pulled out of thin air.
And - for the record - I've no fondness for making user properties
available as they were. It's not an accident that I directed the
question at Legal at the time: while there was a reasonable user request
for them, it was clear from the outset there was a privacy aspect that
needed to be addressed.
-- Coren / Marc
More information about the Labs-l
mailing list