Page MenuHomeMiraheze
Create Task
Maniphest T7905

Review nicovideo.jp CSP Entry
Closed, ResolvedPublic
Actions

Description

CSP REVIEW

  • Is the site equipped with a privacy policy? Yes
  • Does the site attempt to comply with the GDPR? Can European Union inhabitants invoke their individual rights? No, however it does allow "corrections, additions or deletions" pursuant to a local Japanese Personal Information Protection Act
  • Does the site provide a list of personal data being collected by using the service? Yes, see PP
  • Is the website owner known to have a bad reputation regarding privacy? Not as far as I can tell, but there is a difficulty in establishing that as sources could be in Japanese rather than English
  • Can wikis use the external service, even if the visitor wants to deny any cookies or other form of tracking? Unclear
  • Will wikis stay usable, even if the visitor blocks the external resource by using an ad blocker? Yes
  • Is there a Data Protection Officer and/or Privacy Team that can be contacted by Miraheze? General support needs to be contacted
  • Is the site equipped with a security policy? Yes, see PP (short))
  • Does the site clarify their security measures to protect collected user data? Can the site assure measures are being taken to protect code injection into the loaded external resources? No details; just standard
  • Is the website owner known to have a bad reputation regarding information security? Not as far as I can tell, but there is a difficulty in establishing that as sources could be in Japanese rather than English
  • Is there a Chief Information Security Officer and/or Security Team that can be contacted by Miraheze? General support needs to be contacted

Event Timeline

John triaged this task as Normal priority.Aug 28 2021, 19:38
John created this task.
Herald added a subscriber: RhinosF1. · View Herald TranscriptAug 28 2021, 19:38
Reception123 updated the task description. (Show Details)Sep 6 2021, 13:54
Herald added a subscriber: Unknown Object (User). · View Herald TranscriptSep 6 2021, 13:54
Reception123 subscribed.Sep 6 2021, 13:55

This one is a bit more tricky since it's based in Japan but if T&S thinks it's enough for them to offer to do the same things as the GDPR does but pursuant to their own legislation then I'd say it would be good to approve.

Reception123 moved this task from SRE Review to T&S Review on the CSP Review board.Sep 6 2021, 13:55
Reception123 added a project: Trust & Safety.
Owen moved this task from T&S Review to EM Review on the CSP Review board.Sep 10 2021, 16:46
Owen subscribed.

A brief review of the relevant Japanese legislation suggests it is similar in terms of principal rights as GDPR, therefore this can be approved.

John closed this task as Resolved.Sep 11 2021, 10:19
John claimed this task.
John moved this task from EM Review to Completed on the CSP Review board.