diff --git a/README.md b/README.md index 7a666f4..f1e5515 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ This standard establishes a baseline of quality that must be met in order to ear ## ✅ Application of the Standard -We encourage creators, maintainers, funders, implementers and consumers to use this standard to recognize, assess and support digital public goods. We maintain a list of vetted digital public goods that meet the standards described above on [our platform](https://digitalpublicgoods.net/platform). +We encourage creators, maintainers, funders, implementers and consumers to use this standard to recognize, assess and support digital public goods. The standard is operationalized through a [questionary](standard-questions.md) that is required as part of the assessment process. We maintain a list of vetted digital public goods that meet the standard described above on [our platform](https://digitalpublicgoods.net/platform). ![Vetting Process](docs/process.svg) diff --git a/standard-questions.md b/standard-questions.md new file mode 100644 index 0000000..8561027 --- /dev/null +++ b/standard-questions.md @@ -0,0 +1,207 @@ +# DPG Standard Questionary + +This document contains the set of questions that are being asked to assess each of the indicators set forth in the [standard](standard.md). + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Indicator: DescriptionProject Requirements - Question Format
1. Is it relevant to one of the Sustainable Development Goals?Can it demonstrate relevance to an SDG? +
    +
  • Please identify which of the Sustainable Development Goals this project is relevant to:
    • +
  • Please supply any relevant links or information to support this relevance.
    • +
+
2. Does it use an appropriate open license? +
    +
  • Does it use an open license from the OSI list for software?
    • +
  • Does it use a CC license for content (non derivative)?
    • +
  • Does it use an Open Data license from the Open Data Commons list?
    • +
+ 		+ +
3. Is ownership clearly definedIs the copyright and trademark ownership of everything that the project produces clearly defined and documented? +
    +
  • Is the ownership of the project and everything that the project produces clearly defined and documented i.e. This can be through copyright, trademark, or other publicly available information.
    • +
  • If yes - please link to the relevant copyright, trademarks, or ownership documentation for the project.
    • +
+
4. Does the license of libraries/dependencies undermind the openess of the project? i.e. This can be through copyright, trademark, or other publicly available information. +
    +
  • Does this open project have mandatory dependencies (i.e. hardware) that create more restrictions than the original license?
    • +
  • If yes - are the open source components able to demonstrate independence from the closed component and/or are there functional, open alternatives?
    • +
  • If yes - please describe:
    • +
+
5. Is there documentation?Does some documentation exist of the source code, use cases, and functional requirements. +
    +
  • Does some documentation exist of the source code, use cases, and/or functional requirements.
    For software projects, this should be present as technical documentation that would allow a technical person unfamiliar with the project to launch and run the software. For data projects, this should be present as documentation that describes all the fields in the set, and provides context on how the data was collected and how it should be interpreted.For content, this should indicate any relevant compatible apps, software, hardware required to access the content and any instructions about how to use it.
    • +
  • If yes - please link to the documentation.
    • +
+
6. Is non PII data accessible?Is there a mechanism for extracting or importing non PII data from the system in a non-proprietary format? +
    +
  • Does this project have non-PII data?
    • +
  • Is there a mechanism for extracting or importing non PII data from the system in a non-proprietary format?
    • +
  • If yes - please describe the mechanism for extracting or importing data
    • +
+
+ Note that requirements related to indicators 7-9 can only be answered by someone authorized to speak on behalf of the project. +
7. Does the project adhere to privacy and other applicable international and domestic laws?Does this project adhere to relevant privacy laws? +
    +
  • Does this project comply with all relevant privacy laws?
    • +
+
List the key privacy laws that you're following +
    +
  • Please list all the relevant privacy laws that the project complies with?
    • +
+
To the best of your knowledge does this project comply with all applicable international and domestic laws? +
    +
  • To the best of your knowledge does this project comply with all applicable international and domestic laws?
    • +
  • Please list the applicable internation and domestic laws that the project complies with.
    • +
+
8. Does the project adhere to standards and best practices?Does this project support standards? +
    +
  • Does this project support standards i.e. w3c?
    • +
  • Which standards does this project support (please list)
    • +
  • Can you point to evidence of your support? (i.e. please link to your validator, open test suite, etc.)
    • +
+
Does this project adhere to best practices? +
    +
  • Was this project build and developed according to industry best practices and principles i.e. the principles for digital development?
    • +
  • Which principles and best practices does this project support (please list)
    • +
+
9. Does the project do no harm? Has this project taken steps to anticipate, prevent and do no harm? +
    +
  • On the whole, does this project take steps to ensure that it anticipates, prevents and does no harm?
    • +
  • Please describe any additional risks and mitigation steps that this project uses to prevent harm.
    • +
+
Privacy and freedom +
    +
  • Does this project have strategies in place to anticipate, respond to and minimize adverse impacts on privacy and freedom of expression where governments or bad actors are believed to be using this projects’s products or services for illegitimate or political purposes
    • +
  • Please describe
    • +
+
Data Privacy & Security +
    +
  • Does this project collect or store personally identifiable data?
    • +
  • If yes - Please list the types of data collected and/or stored by the project
    • +
  • If yes - Does this project share this data with third parties?
    • +
  • Please describe the circumstances with which this project shares data with third parties. Please add links as relevant
    • +
  • If yes - Does the project ensure the privacy and security of this data and has it taken steps to prevent adverse impacts resulting from it's collection, storage and distribution
    • +
  • Please describe
    • +
+
Inappropriate/Illegal Content +
    +
  • Does this project collect, store or distribute content?
    • +
  • If yes - please describe the nature of the content (i.e. childrens books)
    • +
  • If yes - does this project have policies that describes what is considered innappropriate content i.e. child sexual abuse materials?
    • +
  • If yes - does this project have mechanisms for detecting and moderating innappropriate/illegal content?
    • +
  • Please describe the mechanism for detecting and reporting innapropriate/illegal content?
    • +
  • What is the response time?
    • +
+
Protection from Harassement +
    +
  • Does this project facilitate interactions with or between users or contributors?
    • +
  • Does the project help users and contributors protect themselves against grief, abuse, and harassment.
    • +
  • Please describe
    • +
+
Transparency +
    +
  • Does this project have a clearly discoverable privacy policy and/or terms of service?
    • +
  • Please provide a link
    • +
+
Child Online Safety +
    +
  • Does the project address the safety and security of underage users?
    • +
  • Please describe
    • +
+