1
0
mirror of https://github.com/ipdb/website.git synced 2024-11-13 16:54:50 +01:00

Add privacy, move OPERATIONS.md to Foundation

This commit is contained in:
Greg McMullen 2016-04-06 05:26:17 -04:00
parent 9d67f661c1
commit 9252d466d1
2 changed files with 126 additions and 130 deletions

View File

@ -1,130 +0,0 @@
# IPDB Operation and Rules
## Definitions
- **ascribe** means ascribe GmbH, a corporation registered in Berlin, Germany.
**BigchainDB** means the [BigchainDB project](https://github.com/bigchaindb/bigchaindb) operated by ascribe.
- **Executive** means the Executive Board of the Foundation.
- **Caretakers** means the member organizations of the Foundation.
- **Caretaker Nodes** means the instance of BigchainDB operated by a Caretaker.
- **Foundation** means the IPDB Foundation e.V., registered in Berlin, Germany.
- **IPDB** means the decentralized database based on BigchainDB and operated by the Foundation and its Caretakers.
- **Keys** means a public-private key pair generated by a Caretaker and used in IPDB.
- **Transaction** means a write operation to IPDB.
- **User** means an individual using IPDB, as defined by a unique Key.
## Roadmap
### Launch Roadmap
- May 2016 - Announcements of a “public BigchainDB” at various conferences: [Re:publica](https://re-publica.de/en) (Berlin, May 2-4, 2016), [csv,conf,v2](http://csvconf.com/) (Berlin, May 3-4, 2016), [OuiShare](http://2016.ouisharefest.com/) (Paris), including the announcement of some Caretakers and a private test net.
- June 8, 2016 - Announcement of IPDB at Internet Archive event, including announcement of additional Caretakers and a public test net.
- September 2016 - Launch of public production net, along with billing system.
### Technical Roadmap
See [BigchainDB roadmap](https://github.com/bigchaindb/bigchaindb/blob/develop/ROADMAP.md).
## Structure
### Mission Statement
- The Foundations mission is:
To support an open and decentralized Internet, resist censorship, and enable new kinds of transactions between individuals by developing and operating a decentralized database that can be used by anyone in the world and is based on BigchainDB.
### Overview
- The Foundation is registered in Berlin, Germany, as an *[Eingetragemer Verein](https://en.wikipedia.org/wiki/Eingetragener_Verein)*, or e.V., a registered voluntary association.
- The Foundation is governed by its members, the Caretakers, and by its Executive.
### Articles
- [INFO ON ARTICLES, INTERACTION WITH THESE RULES - NEEDS INPUT FROM LAWYERS]
### Member Organizations: Caretakers
#### General Requirements
- A majority of Caretakers must be charitable organizations, not-for-profit organizations, or organizations with structures that are substantially the same as the ones listed above.
- To vote in favour of a new Caretaker, the existing Caretaker must have a good faith belief that the new Caretaker has a commitment to the values of an open, transparent, and decentralized Internet. This commitment should be stated in the new Caretakers mandate or mission statement, or demonstrated by the new Caretakers track record and current operations.
#### Adding Caretakers
- Caretakers can be added by a 2/3 majority vote of existing Caretakers.
- Organizations that wish to become Caretakers can:
- be nominated by an existing Caretaker or the Executive.
- apply to be considered as a Caretaker.
#### Removing Caretakers
- Caretakers can be removed by a 2/3 majority vote of existing Caretakers if the subject Caretaker has:
- Violated the Rules.
- Manipulated or attempted to manipulate voting or the BigchainDB software to accept or reject a transaction inappropriately.
- Manipulated or attempted to manipulate a past transaction.
- A Caretaker can be removed for any reason with a 3/4 vote of all Caretakers.
### Executive Directors
#### Number of Executives
- At any given time there will be no more than 5 Executives.
- The Executives will include at least one individual who is employed by ascribe and at least one individual who is not employed by or a director of any of the Caretakers.
#### Electing Executives
- Executives will be nominated and elected by the Caretakers.
## Operations
### Keys
#### Generating Keys
- Caretakers will generate Keys using [PROCESS].
#### Securing Keys
- Caretakers will provide their public key to the Foundation and will secure their private key.
- Private keys will be secured by [PROCESS]
#### Invalidating Keys
- Caretakers can vote by a 2/3 majority to invalidate Keys if:
- They have reason to believe the Key has been compromised.
- [OTHER]
### Caretaker Nodes
#### Operating a Caretaker Node
- Caretaker Nodes can be operated virtually on a cloud service provider, or in hardware.
#### Caretaker Node Security
- Caretakers must abide by the following Security requirements in the operation of their Caretaker Node:
- [DETAILS].
### Transactions
#### Transaction Processing
- New Transactions are processed in accordance with BigchainDB.
#### User Transactions
- Anyone can send a Transaction to IPDB if that Transaction is signed with their Key.
- Users get [NUMBER] free Transactions per month, and [VOLUME] transfer per month.
- Users who need more than the free service can buy addional Transactions or capacity from the Foundation or through a Transaction Agents.
#### Transaction Agents
- Users can purchase additional Transactions or capacity from Transaction Agents at a price negotiated with a Transaction Agent.
- Transaction Agents pay for Transactions and capacity at a rate set by the Foundation.
- Transaction Agents make a monthly payment to each of the Caretakers and the Foundation based on their users usage during the previous month.
- Transaction Agents compete with one another on price and services.
#### Legal Requests
- Caretakers may only comply with duly issued legal requests for information, backed with documentation such as a court order or warrant.
- If any Caretaker or the Foundation receives a request invoving its role as a Caretaker, the recipient must notify the other Caretakers and the Foundation immediately.
#### Transaction Security
- If a Caretaker repeatedly votes against the majority of Caretakers, the Caretakers Key will be automatically revoked.
- [DETAILS]
- If a Caretaker attempts to modify a past Transaction, the Caretakers status will be suspended automatically by the other Caretakers. The Caretaker can apply to be reinstated after a complete review of the incident, or 30 days, whichever is longer.
### Governance
#### Executive Meetings
- The Executive will meet at least every 90 days. Executive meetings must be conducted in person or by tele- or videoconference.
- A quorum of half the Executive members is required.
#### Votes by Executive
- Votes by the Executive must be conducted in person or by video conference.
- Votes by the Executive pass with a simple majority.
#### Votes by Caretakers
- Votes by the Caretakers must be conducted in person, by video conference, or through the IPDB voting system.
- Votes taken by Caretakers will be binding on the Executive if the vote passes with a 3/4 majority.
#### Changes to the Rules
- Changes to the Rules must be approved by a majority of the Executive and a majority of the Caretakers.

126
SERVICEPRIVACY.md Normal file
View File

@ -0,0 +1,126 @@
# IPDB Service - Privacy Policy
## Introduction
### Purpose
This Privacy Policy governs your use of the IPDB Sites and IPDB Service. The Privacy Policy describes the collection, storage, and use of personal information in your use of the IPDB Service.
### The IPDB Service is a Public Blockchain Database
The IPDB Service is a public blockchain database. This has two important privacy implications:
1) the **information recorded on it is public**, and
2) the **information recorded on it cannot be deleted**, not even by the IPDB Foundation or the Caretakers.
### Values
These values inform everything we do with personal information.
#### Privacy is a Human Right
We believe that privacy is a human right and is necessary for human flourishing.
#### Your Information is Yours
Your personal information belongs to you. We make no claim to it, except to use it as you allow us.
#### Minimize Collection
We collect and use as little information as possible while still providing the IPDB Service.
#### Minimize Retention
We only keep information for as long as is absolutely necessary for us to operate the IPDB Services or to comply with the law.
#### Clarity
We want this Privacy Policy to be easy to read and understand. If you have questions about what something means or suggestions for how to make something more clear, email us: privacy@ipdbfoundation.org.
### No Key Recovery
There is no way for us to help you recover or change your Key if you lose it. Guard it carefully!
*We cannot tell you how to keep your key safe, but *[LINK TO SUGGESTIONS FOR THIS].
### Definitions
The Privacy Policy is meant to be read together with the IPDB Service Terms, so capitalized terms mean the same as they do in the IPDB Service Terms.
### Sharing Information
Personal information will not be given to third parties except as set out below. Personal Information will never be given to advertisers.
## Using the IPDB Service
### Signing Up
You do not need to sign up to use the IPDB Service. You just need to create a Key to conduct Transactions.
### Making Transactions
Every Transaction you conduct on the IPDB Service is permanently associated with your Key on the IPDB Service.
### History of Transactions
The IPDB Service allows you to view a full history of any object on the IPDB Service and the Keys involved in any Transactions, right back to the Key that originally registered it.
This history is permanent and can never be changed or deleted, not even by the IPDB Foundation.
### Counting Transactions
The IPDB Foundation keeps track of the number of Transactions a given key is allowed to make.
### Purchasing Transactions
You may need to sign up to purchase additional Transactions if you use more than your free quota. You can purchase additional Transactions from the IPDB Foundation or from another entity that sells transactions (“Transaction Agent”).
If you purchase Transactions from another Transaction Agent, you will be subject to its privacy policy.
If you sign up to purchase Transactions from the IPDB Foundation, your purchase will be governed by the IPDB Foundation Store Privacy Policy.
## Transactions on the IPDB Service
*Note: The information in this section is a non-technical explanation of how and where information is stored in the IPDB Service. A thorough explanation of the workings of BigchainDB, the software behind the IPDB Service, is available in the [BigchainDB whitepaper](https://www.bigchaindb.com/whitepaper/)*.
### Caretaker Nodes
Each of the Caretakers in the IPDB Foundation operates a server (“Caretaker Node”) that checks each Transaction to see if it is valid. If a majority of the Caretaker Nodes agree the Transaction is valid, the Transaction is written to the IPDB Service.
There are two kinds of Caretaker Nodes:
- Hardware Nodes are operated by Caretakers in the Caretakers own facilities. Hardware Nodes are subject to this Privacy Policy.
- Cloud Nodes are operated on cloud service providers, including services from Amazon, Microsoft, and Google. Cloud Nodes are subject to the privacy policies of the companies hosting them as well as to this Privacy Policy.
### Data Storage
Caretaker Nodes also store the Transactions and all information associated with them.
The IPFS Service stores the Transactions sent by Users on at least [NUMBER] of Caretaker Nodes, for a replication factor of [X]. These Caretaker Nodes are [RANDOMLY SELECTED? HOW CHOSEN?].
Some of the Caretaker Nodes may be located outside of your jurisdiction. There are Caretaker Nodes in the United States, Canada, the United Kingdom, and Europe.
By using the IPDB Service, you consent to the IPDB Foundation and Caretakers storing the information you provide in your Transactions in places where Caretaker Nodes are located. You understand that the laws of those jurisdictions may apply to the information stored in those jursidiction.
## Searches on the IPDB Service
[INSERT - HOW WILL SEARCH WORK]
## Logging on the IPDB Service
### Purpose of Logging
We keep logs of certain uses of the IPDB Service in order to see how the IPDB Services are being used, improve the IPDB Servies, and to prevent misuse of the IPDB Services.
### Transactions
When you make a Transaction on the IPDB Service, we log:
- [LIST]
### Searches
When you make a search on the IPDB Service, we log:
### Access
When you access information on the IPDB Service, we log:
### Deleting Logs
We delelte logs after [TIME].
### Aggregate Information
We may retain, share, or release publicly aggregate, non-personal, non-identifiable information on use of the IPDB Services.
## Legal
### Governing Law
The IPDB Foundation collects, processes, and uses personal information in accordance with the German *Telemediengesetz*, (“*Telemedia Act*”) and *Bundesdatenschutzgesetz* (“*Data Protection Act*”) or with your specific and express consent.
### Changes to the Privacy Policy
The IPDB Service may change over time as we add features, so there may be changes to the Privacy Policy as well. Changes to the Privacy Policy will be made in accordance with the process for changes to the IPDB Service Terms.
### Requests for Information
#### Responding to Requests
We respond to requests for information only if supported by valid legal process,such as a warrant or court order. If we receive a request for information, we will notify the subject of the request as soon as possible, if we have the ability to do so.
#### Transparency Report
If and when we receive a governmental request for information, we will begin producing a quarterly report providing as much information as possible on the number and nature of those requests.
#### Canary
We have never received a request for information from a governmental body. If that changes, we will remove this section.
### Requests for Takedowns
The nature of the IPDB Service means it is not possible to delete content that has been uploaded to it.