Contrib.social

Weekly Meeting Minutes (10th Sep. 2024)

Open on Drupal.org →
Created on 17 September 2024, 3 months ago
  • Scoping Guidelines
    • More Input needed outside of EU?
      We agreed 2 things: let’s go for GDPR as it is currently the strongest legislation and will most likely cover all requirements globally. And therefore, the team believes that we don’t need more information at this point. We may learn extra bits and pieces as we go, but we can always incorporate them later.
    • Surveys?
      • Richard: should be target audience
        we lose time and skip that
      • Jürgen: Feedback from other countries would be good. I’ve asked Lenny and Pam if they can help us to identify some Drupal agencies outside Europe that we could take for short interviews to get at least some “outside” perspective.
    • Competitive Analysis
      • Joomla: capability API
      • We already have an issue ( https://www.drupal.org/project/drupal_cms/issues/3467980 ) with great input about 2 competitors (WP and Joomla). Let’s add to that issue as we go, and also compare our feature list permanently with that too.
      • Eventually, we need to come up with some documentation for Drupal CMS marketing to explain how we compare to the competition and where and how we’re beating them.
    • Feature List
      • There is another issue ( https://www.drupal.org/project/drupal_cms/issues/3467855 ) with all the features we came up so far. This list should be maintained over time and new stuff added there.
      • This list needs to be structured and prioritized, see action items below.
      • When it comes to default content (=part of the feature list), we won’t be able to deliver complete and ready-to-use components. Instead, we need to provide a todo list to help the site owner to see what they need and where they can get it from. This could come from modules, default content blocks, external (and probably paid) services, etc.
      • Also, as privacy and compliance is not just a “feature” but a process, an ongoing audit is required on each Drupal site. Therefore, we want to start a new module “Compliance Audit” which implements plugins to review and fix compliance status and issues. The features/recipes delivered above as well as the content todo list can become part of the compliance dashboard. The site owner should learn to review that compliance dashboard on a regular basis and take action where needed. Comment from Kai Gertz: “Maybe this tool could be an inspiration for automated audits: https://code.europa.eu/EDPS/website-evidence-collector
      • We also need to review other parts (tracks) of Drupal CMS to test and identify areas that don’t comply with our goals. As we may not be able to prevent all of those issues from being delivered, those topics should become part of the compliance audit and dashboard as well.
        Comment from Kai Gertz: as @tonypaulbarker has drawn attention to compliance regarding the embedding of media in https://www.drupal.org/project/drupal_cms/issues/3467856#comment-15727027 - I'd be happy to make a proposal on this as I'm currently working on this matter anyway.
    • Documentation
      • for starshot leaders
      • for end users (target audience)
  • GDPR Compliance Audit Module?
    Similar to Security Audit Module
    \= Constant possibility for Audit checks also after installation
    No education, Information!
    Laurens: Identify candidates for recipes.
  • DrupalCon
    • what can we deliver until?

Action items

  • [ ] Laurens, Jürgen: all features should be assigned to recipes
  • [ ] @Grienauer: will start a list of audit checks
  • [x]
🌱 Plan
Status

Needs review

Component

Track: Privacy

Created by

🇦🇹Austria Grienauer Vienna

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024