While we wait, it might be worth looking at some open tasks and seeing if you can begin to make contributions to the git repositories in the form of pull requests? Might make an approval process easier if recent work is demonstrated that can be approved and merged in

In T10568#219220, @Dmehus wrote:

I would probably suggest keeping this separate from the actual TSportal. That being said, I think the TSportal codebase could be forked to provide a separate OSrequests portal.

I'd advice against continuing the debate here - this is wholly unprofessional.

In T10527#217207, @BrandonWM wrote:

The subjects of investigations are aware they are involved in an investigation

Yes, but as far as I am aware, the rest of the Miraheze community isn't. Per a recent discussion, it cannot be confirmed/denied if someone is the subject of an investigation.

current status quo by Trust and Safety is to not reveal subjects of investigations until after the investigations have been concluded.

In T10551#212505, @BrandonWM wrote:

@Owen To clarify, you mean add “DPA” as an option under the Reports tab? DPA stands for Data Protection, which is already an option on the main bar at TSPortal, though for categorization, not creating a report.

Or do you mean adding it as an option under the “+” button to create a new report, alongside Data Protection and Report?

Or both? (also if that was confusing, apologies, happy to clarify if necessary)

In T10167#209881, @OrangeStar wrote:

@Owen What elements from the DPA do you want to be able to copy via left-click?

This should be implemented via a Hook not via IRC scanning as private wikis aren't on IRC.

This has now been completed - POST requests can be sent to /api/report and /api/dpa to generate these requests.

The server works if you don't do a reset (which we should avoid doing anyway unless the server is totally unresponsive).

This can be started once the appeals process is reviewed at the Board meeting tomorrow.

Approved from my perspective.

In T9252#187988, @Dmehus wrote:

The concern I have with this website is we've had a number of Terms of Use-related issues, both pre-Trust and Safety and since then, with wikis posting unauthorized personally identifying information, usually involving the BiliBili website in some way. Given the length of time such information was allowed to remain on the BiliBili platform, I'm not terribly confident in the responsiveness of the BiliBili's Data Protection Officer together with BiliBili's legal jurisdiction in which they operate.

Source code

Routed via Cloudflare and GitHub, this is fine.

This can be approved.

This can be approved.

Approved.

In T8008#175437, @Reception123 wrote:

In T8008#175385, @Dmehus wrote:

@Reception123 For this one, what subdomain is proposed to be being re-added? If it's `*.facebook.com`, I think that would be an over-reach, given the number of ad trackers Facebook uses. I think we would probably re-add the subdomain for linking to user-hosted Facebook images, given that Facebook has European subsidiaries and thus forced to comply with the GDPR.

Yes the images link only would be fine.

All cables have been swapped now - 7 are on site in use (1 for the switch, 3x2 for servers + redundant power). I have 3 in my possession still which I am storing until we require them.

PSU was reseated and now appears to the iLO. Plugging in a power cable also produces power to the server.

I have planned to go Friday late afternoon to complete the work for this task.

I have planned to go Friday late afternoon to complete the work for this task.

Cables ordered.

All racked, not all fully configured as expected. Liaising with @John shortly on all the specific details so it can be handed over to SRE.

This is scheduled for today and will proceed as planned. I have all the networking information from John that is necessary as well as his best advice for how things should physically look. I will be liaising with him through out the day as well as updating this task.

It may be worth reporting.

Privacy concerns have been addressed over the years, particularly with more strict legislation limiting what information can be used for - this occurred 6 years ago. For the security side, resolution and investigation seems quick and thorough, no concerns were raised over the matter.

No concerns regarding the lack of mentioning GDPR in the PP, information is only retained for 7 days before being deleted and such collected information relies on consent as the mechanism, not a legitimate interest.

The assessment seems thorough and accruate.

A brief review of the relevant Japanese legislation suggests it is similar in terms of principal rights as GDPR, therefore this can be approved.

IP addresses can't be linked in a way to create an individual user profile, email address would be out of scope of Miraheze's purview. Therefore, this can be approved.

I agree with the assessment above.

-> SRE based on the above.

I agree with the assessment above.

I agree with the assessment above.

I agree with the assessment above. Specifically around GDPR, as long as the pillars of it are possible (the 7 rights in one form or another) it meets the requirements for UK DPA.

I agree with the assessment above.

Assessment looks good.

Assessment looks good.

Assessment looks good.

Assessment looks good.