[Governance] Slack and Privacy

Jim Manico jim.manico at owasp.org
Mon Jul 27 21:22:10 UTC 2015


Ann,

I submitted this query via the OWASP ticketing system so it's not lost 
track of. Case 00006723

I'll let you know when I get feedback from this.

Thanks kindly,
Jim

On 7/27/15 11:12 AM, Ann Racuya-Robbins wrote:
> Thanks Jim. I am hoping others will weigh in on this as well. What do 
> you mean by "a service of this nature"? At the least I agree that we 
> should include some guidance about its use. I would be happy to work 
> on that.
>
> In general it is the behavioral analysis and "social networking" 
> relationship information that concerns me here. I don't think it is a 
> best practice to allow third parties to collect, use and retain this 
> kind of OWASP membership information. Do you? How might we find a tool 
> that will serve us better in this regard. I am happy to help.
>
> Regards,
>
> Ann Racuya-Robbins
>
>
>
>
> I think there is a need for something like this
>
> On Mon, Jul 27, 2015 at 4:01 PM, Jim Manico <jim.manico at owasp.org 
> <mailto:jim.manico at owasp.org>> wrote:
>
>     Ann,
>
>     Slack is an optional communication platform for the OWASP
>     community. I read the Slack policy and for a service of this
>     nature the policy looks very honest and transparent. I do not
>     think using slack for private communications is appropriate, I
>     think we should think of it more as a list service or other public
>     posting service.
>
>     So after a first read of their policy, I like the detail, honestly
>     and tradeoffs they are making.
>
>     Perhaps OWASP should publish a little guide explaining that uses
>     for Slack are most appropriate?
>
>     Aloha,
>     Jim
>
>
>     On 7/27/15 9:55 AM, Ann Racuya-Robbins wrote:
>>     Thank you Fabio for the invitation to SLACK. It looks like this
>>     could be very useful. I have attached the SLACK Privacy Policy
>>     where I have highlighted a number of concerns. Is OWASP not able
>>     to find a product with better Privacy protections?
>>
>>     Regards,
>>
>>     Ann Racuya-Robbins
>>
>>
>>     _______________________________________________
>>     Governance mailing list
>>     Governance at lists.owasp.org <mailto:Governance at lists.owasp.org>
>>     https://lists.owasp.org/mailman/listinfo/governance
>
>     -- 
>     Jim Manico
>     Global Board Member
>     OWASP Foundation
>     https://www.owasp.org
>     Join me at AppSecUSA 2015!
>
>

-- 
Jim Manico
Global Board Member
OWASP Foundation
https://www.owasp.org
Join me at AppSecUSA 2015!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20150727/c6bb55f7/attachment-0001.html>


More information about the Governance mailing list