Per a discussion on Governance, I'd like a moz-hosted facility for archiving relevant IRC channels, so that we can have permanent static links to IRC discussions from other fora. Nice-to-haves include breaking things up by time period (Daily? Weekly? A month seems like too much...) and being able to link to specific lines of a conversation.
Assignee: server-ops-webops → infra
Component: WebOps: IT-Managed Tools → Infrastructure: IRC
QA Contact: nmaul → dparsons
Please note that the discussion on governance is still going; implementing this before the dust settles there would be premature.
Per the issues I raised on the governance thread, I have needinfo'd Marshall wrt to privacy and data security to determine if there are any issues on this.
I agree that this seems premature in light of the ongoing conversation in the governance threat. One thing to consider...this would appropriately be described as user data as we have chosen to use the term, so IT's data practices would apply. That means that, at a minimum, Sean Rich should weigh in to ensure that these comport with IT's data practices and that the logging is appropriately scoped.
To be clear, I'm not asking that all channels be logged and archived by default, only that an opt-in-per-channel facility exist. For what it's worth, I'm confident that private logs exist of close to 100% of Mozilla's IRC traffic.
> For what it's worth, I'm confident that private logs exist of close to 100% of Mozilla's IRC traffic. :mhoye, can you clarify? I built the network and am not aware of any logging facility, private or otherwise. Any logging that happens is done by users on their own clients. Unless you know something I don't?
That's what I meant by private logs, yes - individual users turning on logging. "How do I turn on logging" is the first question in most IRC client's FAQs, and I expect that many, and possibly most, longtime users have flipped that switch. I didn't mean to imply that Mozilla was secretly doing this logging, only that those logs are quite likely to already exist somewhere.
this looks like a duplicate of bug 1072949, or vice versa. fwiw i've maintained public logging of selected irc channels on http://logs.glob.uno/ for more than 10 years.
Hi, Glob! Two questions, and one comment. First, I (and I guess lots of people?) can't see bug 1072949, so if there are any differences between the two, can you summarize them here? Second, if we decide to do this how do you feel about repatriating those logs to a Mozilla server, for history's sake? Finally: I had no idea there's an .uno TLD. How cool is that?
For the last several years at least we have been advertising that we don't store logs of our users on IRC. If we change the policy going forward, and publish that change that is an entirely different story than suddenly publishing a set of 3rd party logs as a 'loophole'. I just don't think that is a good idea. I will also reiterate that there is a difference between Mozilla publishing the logs for a service it controls, and a community member (staff or otherwise), logging public conversations and publishing them on their own. I will leave it to the policy folks like Marshall to determine if this is a policy issue though.
"For the last several years at least we have been advertising that we don't store logs of our users on IRC." That's not really what the disclaimer says. Since at least 2008, https://wiki.mozilla.org/IRC#Privacy_Information has said: "Our servers do not keep records of any of your conversations, but anyone in the channels you are in might do so and publish those conversation logs (and some channels are actively logged by users on those channels). [...] In general, you should assume that anything you say on IRC that is not in a private message will be recorded and possibly published somewhere, and even then you are depending on your trust that the person you are sending the message to will not to share it." To my reading, this is not a policy change. We're lending formal support and discoverability to something that's been going on without complaint for a long time.
I understand that there is no technical blocker to a 3rd party logging public activity. I also get that there is a desire to be more radically open, and for the most part I agree with it. While I personally find the idea of logging all irc communications distasteful, and low value, that is not the main reason I have a concern here. The challenge is that while Mozilla is an open source community, but stepping beyond Mozilla ideals for a moment, Mozilla is a legal entity, and has a set of legal obligations to fulfill as prescribed by the laws and regulations that we are required to adhere to. My concern is that by enabling logging that could capture PII or by publishing logs collected (even 3rd party logs) from a time during which we asserted publicly that we aren't logging we could expose Mozilla to liability. At this point we are debating something that is really a legal/policy matter. There isn't much point in continuing the discussion until it gets unstuck on that front.
(In reply to Mike Hoye [:mhoye] from comment #8) > First, I (and I guess lots of people?) can't see bug 1072949, so if there > are any differences between the two, can you summarize them here? summary is "IRC public log service", created 2014-09-25 one comment, from me, offering my assistance. no other activity aside from kanban related changes. > Second, if we decide to do this how do you feel about repatriating those > logs to a Mozilla server, for history's sake? zero problems with that; they are already public after all. > Finally: I had no idea there's an .uno TLD. How cool is that? http://www.name.com/new-gtld which, amusingly enough, includes .cool. (In reply to Yvan Boily [:ygjb][:yvan] from comment #9) > I will also reiterate that there is a difference between Mozilla publishing > the logs for a service it controls, and a community member (staff or > otherwise), logging public conversations and publishing them on their own. fwiw my policy is to require approval from a channel op before logging/publishing.
I have initiated a request for privacy and legal review of the proposal.
Depends on: 1127420
You need to log in before you can comment on or make changes to this bug.