Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The identity of the uploader should not leak from the system #1013

Open
viklund opened this issue Aug 27, 2024 · 0 comments
Open

The identity of the uploader should not leak from the system #1013

viklund opened this issue Aug 27, 2024 · 0 comments
Labels
Epic

Comments

@viklund
Copy link
Member

viklund commented Aug 27, 2024

As a contributor to the repository
I do not want my identity to be disclosed to third parties
So that I can remain in control of my personal information

Description

Especially in BigPicture this is important where EFPIA companies want to be able to contribute data anonymously. But this is also a hygenic feature in most of the overall system. It is only when communicating with Central EGA during the submission process that the identity of the submitter is important. Once this process is done all communication should go via the registered data controller.

Sometimes the sda-download service communicates the lifescience-id of the submitter. The sda-download service should not have access to this information. There might be other places where this can be removed.

During discussions about this it has been suggested to not store this information in the database, what would the implications of this be? For example, would it still be possible to use the admin api to get a list of current submitters?

See Also

#378 support for multiple s3 buckets
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Epic
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@viklund @kostas-kou