Bug#726998: [debian-policy] debian-policy for privacy breach

To: submit@bugs.debian.org
Subject: Bug#726998: [debian-policy] debian-policy for privacy breach
From: Bastien ROUCARIÈS <bastien.roucaries@u-cergy.fr>
Date: Mon, 21 Oct 2013 13:27:17 +0200 (CEST)
Message-id: <[🔎] 6931173.8qaN469DWa@no56>
Reply-to: Bastien ROUCARIÈS <bastien.roucaries@u-cergy.fr>, 726998@bugs.debian.org

Package: debian-policy
Version: 3.9.4.0
Severity: important

Hi,

I will be important to havbe a policy aboyut locally installed web page 
fetching network ressource. This could lead to privacy breach+

For instance a like button fetch facebook and some local documentation fetch  
ads sense script*.

However they exist some grey area that need more thinking. Donation button 
with paypal for instance. It is unethical to remove donation offer from 
upstream documentation BUT:
- we could not locally copy the paypal logo (violation of copyright).
- we could not allow fetching paypal logo (fail dissident test).

I plan to physically talk about this at debian paris miniconf 2014.

Bastien

+ I am coding a lintian check for this.
* This is a violation of term of service moreover.

Reply to:

Prev by Date: Bug#706778: debian-policy: Please explicitly forbid "-" at the start of Deb822 field names
Next by Date: Bug#727610: debian-policy: clearer discussion of why build-indep implies building the whole package
Previous by thread: Bug#706778: debian-policy: Please explicitly forbid "-" at the start of Deb822 field names
Next by thread: Bug#727610: debian-policy: clearer discussion of why build-indep implies building the whole package
Index(es):
- Date
- Thread