- Issue created by @jurgenhaas
- πΊπΈUnited States hestenet Portland, OR πΊπΈ
jurgenhaas β credited hestenet β .
For Drupal CMS 1.0 we're providing first class consent management. It's working great and people love it.
What's missing, though, is legal content. The "Privacy Policy" node is delivered as an empty node, and documentation makes it clear that this node should be filled with content by the site owner before going live.
However, we know that's challenging. And there are even more legal content requirements that go beyond the privacy policy: term & conditions, imprint, service descriptions to allow for informed decisions before giving consent, and many more.
This gets even more complex, as Drupal CMS - and Drupal in general - needs to provide a solution globally. That covers and large number of different legislations, many languages are involved, and not to forget, every Drupal site is unique, i.e. the legal content needs to cover the specifics of a Drupal site, not any Drupal site.
The Drupal community cannot and should not try and solve this themselves by trying to find ways on how to provide legal content.
Leaving the problem to site owners is an option, but leaves them alone. Their options are to either hire their own legal advisors to create and then regularly update their legal content, or they could sign up for paid services from providers that have automated that process. The latter is certainly beneficial, but it requires some technical integration to make it work.
This is where this "Legal Content API" comes in: instead of leaving it to individual services providers to integrate their service into Drupal, we should provide a generic API that such legal content providers could hook into to make their services work with Drupal.
Potentially, this approach could even be taken to a broader level: we've discussed this with Tim Lehnen and Jitka Pilar from the DA, whether the Open Web Alliance with members like Wordpress, Typo3, Joomla, and others, could be interested in collaboration across CMSes to provide an API that serves the idea of the Open Web beyond just Drupal.
We've also spoken to potential legal content providers, namely Legalweb and Termageddon. There is strong buy-in from top management there, that they would support the idea, and we can get active developer support to design the API, and they confirmed strong interest in implementing that API support into their products.
Having said that, those discussions uncovered some concerns that need to be addressed: if the Drupal implementation provides a list of potential service providers from which the Drupal site owners can choose, they want to be sure that there are some criteria in place that excludes services providers with deceptive business practices. While this is totally understandable, it's a slippery slope for us too. But we can certainly work out something that's appropriate for all parties.
Active
Track: Privacy
jurgenhaas β credited hestenet β .
