[Governance] Slack and Privacy

Jim Manico jim.manico at owasp.org
Mon Jul 27 21:17:30 UTC 2015


Slack (in my mind) is like our listservice. Posts are intended to be 
public and part of a public archive.

However, the issues you pointed out are important. I'll bring this up 
with staff and our IT director and have them get back to you and the 
community over this.

Aloha,
Jim



On 7/27/15 11:12 AM, Ann Racuya-Robbins wrote:
> Thanks Jim. I am hoping others will weigh in on this as well. What do 
> you mean by "a service of this nature"? At the least I agree that we 
> should include some guidance about its use. I would be happy to work 
> on that.
>
> In general it is the behavioral analysis and "social networking" 
> relationship information that concerns me here. I don't think it is a 
> best practice to allow third parties to collect, use and retain this 
> kind of OWASP membership information. Do you? How might we find a tool 
> that will serve us better in this regard. I am happy to help.
>
> Regards,
>
> Ann Racuya-Robbins
>
>
>
>
> I think there is a need for something like this
>
> On Mon, Jul 27, 2015 at 4:01 PM, Jim Manico <jim.manico at owasp.org 
> <mailto:jim.manico at owasp.org>> wrote:
>
>     Ann,
>
>     Slack is an optional communication platform for the OWASP
>     community. I read the Slack policy and for a service of this
>     nature the policy looks very honest and transparent. I do not
>     think using slack for private communications is appropriate, I
>     think we should think of it more as a list service or other public
>     posting service.
>
>     So after a first read of their policy, I like the detail, honestly
>     and tradeoffs they are making.
>
>     Perhaps OWASP should publish a little guide explaining that uses
>     for Slack are most appropriate?
>
>     Aloha,
>     Jim
>
>
>     On 7/27/15 9:55 AM, Ann Racuya-Robbins wrote:
>>     Thank you Fabio for the invitation to SLACK. It looks like this
>>     could be very useful. I have attached the SLACK Privacy Policy
>>     where I have highlighted a number of concerns. Is OWASP not able
>>     to find a product with better Privacy protections?
>>
>>     Regards,
>>
>>     Ann Racuya-Robbins
>>
>>
>>     _______________________________________________
>>     Governance mailing list
>>     Governance at lists.owasp.org <mailto:Governance at lists.owasp.org>
>>     https://lists.owasp.org/mailman/listinfo/governance
>
>     -- 
>     Jim Manico
>     Global Board Member
>     OWASP Foundation
>     https://www.owasp.org
>     Join me at AppSecUSA 2015!
>
>

-- 
Jim Manico
Global Board Member
OWASP Foundation
https://www.owasp.org
Join me at AppSecUSA 2015!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20150727/730faefc/attachment.html>


More information about the Governance mailing list