Data Safety: Difference between revisions

Jump to navigation Jump to search

Data Safety (view source)

Revision as of 00:20, 17 February 2012

1,484 bytes added ,  17 February 2012
→‎Criteria
No edit summary
Line 71: Line 71:
==  Criteria  ==
==  Criteria  ==


To ensure appropriate oversight and governance of how Mozilla collects, uses and/or retains user data in the product development lifecycle and product functionality, three key conditions apply:
To ensure appropriate oversight and governance over how Mozilla collects, uses and/or retains user data in the product development lifecycle and product functionality, three key conditions apply:


No Data Safety Review is needed if your product / project has an architecture employing user-controlled key encryption without Mozilla access or where data stored on the user’s client or device is under the user’s control. If you need / want to use hosted data that can be accessed by Mozilla staff, contributors or developers, then a Data Safety review is required.
<table style="border-color: #000000; border-width: 1px; border-style: solid; width: 80%;" border="1" cellspacing="0" cellpadding="0" align="left">
<tr>
<td>&nbsp;</td>
<td style="text-align: center;" colspan="3"><strong>Data Architectures</strong></td>
</tr>
<tr>
<td style="width: 20%">&nbsp;</td>
<td style="text-align: center; width: 20%">Client Side</td>
<td style="text-align: center; width: 20%">End-to-End Encryption</td>
<td style="text-align: center; width: 20%">Hosted/Cloud</td>
</tr>
<tr>
<td><strong>Required Actions</strong></td>
<td>No data stored by Mozilla; User controlled</td>
<td>Data stored by Mozilla; Not readable; User controlled</td>
<td>Data stored by Mozilla and/or in cloud environment; Under Mozilla's control</td>
</tr>
<tr>
<td>
<p>Data Safety Approval</p>
</td>
<td style="text-align: center;">
<p>N</p>
</td>
<td style="text-align: center;">N</td>
<td style="text-align: center;">Y</td>
</tr>
<tr>
<td>
<p>Security Review</p>
</td>
<td style="text-align: center;">Y</td>
<td style="text-align: center;">Y</td>
<td style="text-align: center;">Y</td>
</tr>
<tr>
<td>
<p>Privacy Review</p>
</td>
<td style="text-align: center;">Y</td>
<td style="text-align: center;">Y</td>
<td style="text-align: center;">Y</td>
</tr>
<tr>
<td>
<p>Legal Review</p>
</td>
<td style="text-align: center;">Y</td>
<td style="text-align: center;">Y</td>
<td style="text-align: center;">Y</td>
</tr>
</table>
<BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR>


Anything we do with user data will require Security, Privacy and Legal reviews at a minimum, just as it does today. You can find more information about these reviews here:
No Data Safety Review is needed if your proposed product and/or project has an architecture employing user-controlled key encryption without Mozilla access or where data stored on the user’s client or device is under the user’s control. If you need / want to use hosted data that can be accessed by Mozilla staff, contributors or developers, then a Data Safety review is required.
 
Everything Mozilla does with personal data requires Security and Privacy reviews, just as it does today. You can find more information about these reviews here:


* Privacy Reviews
* Privacy Reviews
Afowler
Confirmed users
152

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/398642"

Navigation menu