[wp-meta] [Making WordPress.org] #3244: Data Protection and Bank Detail issues

Making WordPress.org noreply at wordpress.org
Wed Nov 8 13:04:57 UTC 2017 

#3244: Data Protection and Bank Detail issues
----------------------------------------------------+------------------
 Reporter:  Hugo Finley                             |       Owner:
     Type:  defect                                  |      Status:  new
 Priority:  high                                    |   Milestone:
Component:  WordCamp Site & Plugins                 |  Resolution:
 Keywords:  needs-patch good-first-bug 2nd-opinion  |
----------------------------------------------------+------------------
Changes (by danieltj):

 * keywords:  needs-patch good-first-bug => needs-patch good-first-bug 2nd-
     opinion


Comment:

 Replying to [comment:16 iandunn]:
 > Replying to [comment:11 idea15]:
 > > It doesn't solve the problem of anyone who submits a reimbursement not
 being informed who will have access to their data, how long it will be
 retained for reimbursement and auditing purposes, and when it will be
 deleted.
 >
 > That's a good point to bring up. To address that, we could add some text
 to the metabox that says something like, "Your financial data will be
 retained until 14 days after the payment has cleared. During that time, it
 will be displayed to you and a handful of trusted financial and technical
 administrators."

 I'd argue that seven days is more than enough time. Additionally, having
 text that states only trusted people can see it, are these people vetted
 and a closed team of people etc? I'm just cautious about who can access it
 and why. In an ideal world, once the payment information is used for it's
 sole purpose, it should be gone for good and never retrievable by anyone,
 ever.

 I also think that bank account details, whether they're on cheques or not,
 are very sensitive and is an easy way for someone to build up a profile
 for potential fraud. Any personal data needs to be stored once for it's
 intended use and then after that it needs to be permanently deleted for
 good. On top of all of this, we need people with the time to make these
 code changes and it does need to happen sooner rather than later otherwise
 it'll be forgotten about.

--
Ticket URL: <https://meta.trac.wordpress.org/ticket/3244#comment:20>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org

More information about the wp-meta mailing list