With the ubiquitous use of composite proxy scenarios, users are confronted with click-through screens and check boxes to accept ever more terms and conditions, acceptable use polixies, and privacy notices, since many parties in the chain from user-to-data, and user-to-service, aim to ensure compliance and record acceptance or consent. This leads to a sub-optimal user exprience, and an increased burdon on the proxies and services to collect, storage, and review this information.
By aligning the presentation of AUP acceptance, and data protection privacy notices (for personal data collected as a result of the user accessing the infrastructure, i.e. access data), this guideline aims to reduce the number of clicks and interstitial screens, and facilitate non-interactive workflows. Harmonising the model can also make it easier for the user to understand why another screen is presented, and what it entails.
Since different research infrastructures deal with data of varying sensitivity levels, the model shall allow for a scalable level of control and verifiability.
- Development area and background: https://drive.google.com/drive/folders/1ieu_URA_tx2lKCfipqynf69EbSpiqxbT
- Current draft of G083 (commentable): https://docs.google.com/document/d/1-HroTtLWBGgpckyJ04npDJhaIUhKf9HS7ZqqU_2x7RY
Development timeline:
- weekly document development calls: Friday at 09.30 (TZ Europe/Amsterdam) for 30min
- submission to AEGIS: mid-December 2024 (AARC TREE project month 10)