Closed Bug 741810 Opened 11 years ago Closed 6 years ago

[Privacy Review][Action Item] Logging Policy


( :: Security Assurance, task)

Not set


(Not tracked)



(Reporter: curtisk, Assigned: mcoates)




(Keywords: privacy-review-needed)

A formal, published log retention policy is needed for public review on what we do with logged data.
This is blocking the following privacy reviews
Summary: [Privacy Review][Action Item]Thunderbird Account Prov & → [Privacy Review][Action Item] Logging Policy
Curtis, don't know if this what you are looking for:

Thought I'd bring it to your attention.
Yeah, we have seen that, what privacy wants is a public policy anyone can access.
I recommend finishing the logging policy first, and then extracting any of our security specific info that is not appropriate for public consumption.

The logging policy is a Q2 goal for OpSec. I don't think it would be very difficult to produce a public version as well.
Setting privacy-review-needed as this doesn't seem to have gone anywhere...
Joe, what is the status of the policy you mention in comment 5?
Flags: needinfo?(jstevensen)
The policy at

looks complete now.

I don't see anything in it that needs to be *private*.
Flags: needinfo?(jstevensen)
Can we move this to the wiki or make it so it is visible publicly?
Flags: needinfo?(jstevensen)
Check with mcoates.
Flags: needinfo?(jstevensen)
Where is our proposed location for public policies? Organization is key here.
(In reply to Michael Coates [:mcoates] from comment #11)
> Where is our proposed location for public policies? Organization is key here.

That is an obvious discussion as of now I don't think we have any policies like this in public view do we?
Closed: 6 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.