Froide for MyData

pdehaye · November 10, 2016, 10:30pm

Hi
I would be interested to repurpose Froide for doing so called Subject Access Requests. This is part of the MyData idea, and enables individuals to easily get access to their personal data from private companies. So instead of the classical use of Froide, we have authorities ----> private companies, documents of interest to general public —> personal data.
Obviously this would require some work on Froide, but really not that much. I would like to have a conversation about this in the next OKLabs meeting, and in particular how to setup different repositories to facilitate work down the road. Flagging @apoikola, @danfowler, @loleg and Stefan W on Twitter.

jaakkokorhonen · November 11, 2016, 3:19pm

Sure. There are quite some security issues that would need to be addressed. Moreover, some kind of format for My Data repository would need to be defined.

rufuspollock · November 13, 2016, 7:01pm

I’m a big +1 on this idea

pdehaye · November 15, 2016, 4:03pm

Issues that could be addressed:

which are the big players in using Froide?
is the current location of the repository optimal? of the default theming?
how can we facilitate reuse of the code by others, in particular for MyData stuff?
what are the security issues?
what does Jaakko mean by “some kind of format for MyData repository”?
how can we finance work on Froide/MyData efficiently?

danfowler · November 15, 2016, 4:52pm

Great @pdehaye it’s on the agenda!

jaakkokorhonen · November 27, 2016, 12:02pm

The person data needs to be in a protected space. Either in a protected network or in a encrypted container.

We have had a couple of sessions drafting this and @hylje has done a quite a fair bit of Froide-related development. GitHub - okffi/tietopyynto: Freedom Of Information Portal GitHub - okffi/decisions: openahjo decisions commenting

It might even make sense to be able to protect the FOI documents received by Froide, that still need to be retracted.

pdehaye · November 27, 2016, 1:00pm

It might even make sense to be able to protect the FOI documents received by Froide, that still need to be retracted.

Right, this already feels like a bug on the Froide side, for FOI requests. It’ actually not hard to guess the name of a file as stored in an S3 container (and presumably easier elsewhere), and there is no access control on it.

danfowler · November 29, 2016, 3:02pm

Just a reminder: the Labs Hangout to discuss this is happening in an hour:

Topic		Replies	Views
Tool for collaborating on small open data - looking for feedback Open Knowledge Labs open-data	20	2174	March 25, 2017
Need Information regarding Public Bodies Project Open Knowledge Labs	6	1223	March 14, 2016
Introducing datactivi.st Open Knowledge Labs open-data	3	846	November 29, 2016
Working with community data on GitHub: New Project DataTig Open Knowledge Labs	13	1790	May 4, 2022
Winter maintenance of OKFN projects Open Knowledge Labs	8	1036	April 22, 2021

Froide for MyData

Related Topics