GDPR Compliance / Analytics / AtoM

[EdderShredder]

Hello.

We host our AtoM server with funding from a local authority.

GDPR compliance date is coming soon and we were wondering if anyone had anything to share with us regarding the implementation of a 

form on the AtoM site that will ask for permission to collect analytical data or other data if applicable.

For us to continue receiving funding we have to present analytical data along with our archives progression.

So removing the analytic code is a last resort.

I know this post is very late.

We have been looking for solutions and thought we would ask here.

[Dan Gillean]

Hi Ed, 

We don't usually include new features in minor releases, but given the implementation deadlines for GDPR, we are currently working on a simple new feature that we'll include in the upcoming 2.4.1 release to help users with GDPR compliance. See: 

• https://projects.artefactual.com/issues/12180
  

Essentially, this will be a 2-part feature. When users first visit your AtoM site, they will be shown a simple banner notification informing them that cookies are used on the site to improve the user experience. There will also be a link in the notification to a new default static page in AtoM with more details on privacy policy measures. Users will need to click an "Agree" button to clear the banner. 

Both the banner notification, and of course the static page, will be configurable by an administrator - so if you are also using some form of analytics tracking, you can supplement the default information we provide as needed. 

From the ticket: 

Goal

For compliance with European laws about data collection, including the General Data Protection Regulation (GDPR) we should notify public users how AtoM uses cookies and why, and what what user data is collected (e.g. IP address) and why.

Requirement 1 - Public cookie/privacy policy notification

1. Show a notification to all users when they first visit an AtoM website explaining that AtoM uses cookies
   
2. The notification must include a link to the "privacy-policy" static page (see below) See https://www.europeana.eu/portal/en for an example of a cookie notification banner
   
3. Include an "OK" or "Accept" button on the banner (I prefer this to the "X" on Europeana as it's more explicit about granting consent) to accept the policy and close the notification for the rest of the user's session (use cookie to track acceptance)
   
4. Add administrator setting to toggle cookie notification on (default) or off.
   
5. Add administrator setting to change the cookie notification text (allow creating hyperlinks).

Requirement 2 - Add default privacy-policy static page and content

1. Add data fixture and migration script to add a "Privacy Policy" static page to AtoM with default content, the page should explain why we use cookies and what data is collected by AtoM and why. Again https://www.europeana.eu/portal/en/rights/privacy.html is an example privacy policy we can imitate.
   
2. The above cookie notification will link to this privacy-policy page by default
   

I hope that this will meet your needs! 

We're still not sure of an exact release date for 2.4.1 but in discussing this with some lawyers, there is a certain understanding that it may take some sites a bit to get up to speed, so I don't personally imagine that if you don't have this feature live on your site by May 25th, there will be immediate consequences (NOTE this is not legal advice however, just our understanding of what a big change this will be and how many sites and users it will affect - we recommend compliance as soon as possible!). However, to help make this available as soon as possible, we're trying to fast track the work on this feature ticket, and it will likely be the last thing we add to the 2.4.1 release before we begin internal testing and release packaging. 

If you need this work as soon as possible, keep an eye on the ticket linked above. It will be in the stable/2.4.x code branch as soon as the ticket flips from "New" to "Q/A Review," and when it flips to "Verified" this means that I've completed internal testing and the feature is complete. Even if a release tarball has not been added to our website, you can always follow Option 2 in our installation instructions (install from our GitHub code repository) to immediately install from our stable/2.4.x branch, where all the 2.4.1 bug fixes and enhancements are being added. Because this is a stable branch and not a development branch, we are being careful to test everything before we add it - so while we'll still do a thorough round of regression testing before making a downloadable tarball available, it should be pretty safe to install from our code repository in a production environment right away. Once the release is finalized, you can simply do a git pull --rebase against the branch to pull in any final changes. However, because a new default static page will require a database migration, I don't recommend doing the initial installation from our code repository until you see ticket #12180 flipped to Verified. 

Regards, 

Dan Gillean, MAS, MLIS
AtoM Program Manager
Artefactual Systems, Inc.
604-527-2056

@accesstomemory

--
You received this message because you are subscribed to the Google Groups "AtoM Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ica-atom-users+unsubscribe@googlegroups.com.
To post to this group, send email to ica-atom-users@googlegroups.com.
Visit this group at https://groups.google.com/group/ica-atom-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/ica-atom-users/c8032477-5ad5-48c2-aadb-3f366e6ec9fa%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[EdderShredder]

Thank you very much Dan.

I will keep an eye on the ticket.

This is great news for us.

The work you have been doing is amazing.

[Vicky Phillips]

Hi Dan,
As we have a bilingual AtoM site I just wanted to check that this will be present in whichever language users decide to choose and that the text is easily translated within AtoM or Transifex?
Thanks,
Vicky

[Dan Gillean]

Hi Vicky, 

Great question!

I've just checked in with our developer who is finalizing this feature. He tells me that the strings were already set to be pushed to transifex, but he didn't have the code in place to allow the user-added text of the notification banner to be translated in the interface by flipping the culture and entering edit mode. He's now working on an update, so it should be present when we test the feature and include it in the upcoming 2.4.1 release. Thanks for the timely reminder! 

RE: Transifex, it might not be available until the 2.5 release for translation - but you will be able to add local translations of the default text, as well as modify the defaults in all cultures as needed. 

Cheers, 

Dan Gillean, MAS, MLIS
AtoM Program Manager
Artefactual Systems, Inc.
604-527-2056

@accesstomemory

--

You received this message because you are subscribed to the Google Groups "AtoM Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ica-atom-users+unsubscribe@googlegroups.com.
To post to this group, send email to ica-atom-users@googlegroups.com.
Visit this group at https://groups.google.com/group/ica-atom-users.

To view this discussion on the web visit https://groups.google.com/d/msgid/ica-atom-users/e8cb9aa5-7d06-454c-9b23-653a452723a7%40googlegroups.com.

[Vicky Phillips]

Thanks Dan for checking. One other question I have is does AtoM store information on who has accepted the cookie?
Thanks,
Vicky

[Dan Gillean]

Hi Vicky,

Unfortunately it does not - that would require further development if you want that data stored in AtoM's database and made usable by administrators in some way. Note however that the Ngnix web server may have a general log of IP addresses to which it has served pages, and if you are using Google Analytics with AtoM then additional information on public users may be logged. We have covered these cases in the default example Privacy policy static page we are including with the banner in 2.5. As with all static pages, this is merely suggested default content, and it will be editable by authenticated users with sufficient permissions. The banner message can be customized via the user interface as well.

If you did want to develop some way to log acceptance in AtoM's database,  this might also add further GDPR compliance requirements, as I understand it. Since such functionality would require actual database storage of information in AtoM for it to be usable, then your cookie policy is no longer just storing basic user login details in a temporary session-based way, but rather it introduces data collection in a more permanent way. Many users may not realize this when clicking accept on the cookie notification banner, which could further complicate things.

What information would you want to store about these public users?

Cheers,

Dan Gillean, MAS, MLIS
AtoM Program Manager
Artefactual Systems, Inc.
604-527-2056

@accesstomemory

--

You received this message because you are subscribed to the Google Groups "AtoM Users" group.

To unsubscribe from this group and stop receiving emails from it, send an email to ica-atom-user...@googlegroups.com.
To post to this group, send email to ica-ato...@googlegroups.com.

Visit this group at https://groups.google.com/group/ica-atom-users.

To view this discussion on the web visit https://groups.google.com/d/msgid/ica-atom-users/6b78e469-6062-464d-879a-979c452db9cb%40googlegroups.com.

[Vicky Phillips]

Hi Dan,
Having spoken with our IT Department we're happy to continue using what we have in place at the moment to carry out this work rather than change to use what is packaged with AtoM.
Thanks for your help.
Vicky

[bloguso...@gmail.com]

Good afternoon,

a little more than a year after some discussion occured on the forum, regarding GDPR. Today, some more concerns are arising!

We are currently testing AtoM here at Université libre de Bruxelles (Belgium), and we are thinking about encoding some data related to our Researchers... but we suspect we, for instance, won't be allowed to make the birth and death dates of a Resaercher publicly available, nor some biographical data, etc.

Is there a way in AtoM, to decide which fields, from the autthority records, will be available to anonymous users and to prevent some others to be available?

My excuses if I missed an existing functionality...

Thanks a lot

Best regards

Cécile Gass, from ULB

To unsubscribe from this group and stop receiving emails from it, send an email to ica-ato...@googlegroups.com.
To post to this group, send email to ica-ato...@googlegroups.com.

[Dan Gillean]

Hi Cécile, 

Unfortunately, at this time there's no built-in way to limit access to some authority record fields. In fact, we don't currently have a publication status (e.g. ability to set some authority records to Draft, so they are hidden from the public) for authorities either - something I hope very much we could add in the future. 

For archival descriptions we do have the Visible elements module, which can be used to selectively hide some fields from public users - see: 

• https://www.accesstomemory.org/docs/latest/user-manual/administer/visible-elements/  
  

However, this module too could use some enhancements. Currently, only the Physical storage data is also removed from CSV and XML exports and generated finding aids when hidden via Visible elements (and exports and finding aids are set to generate as public users). It would be great to be able to do further development so that any field hidden in Visible elements is also automatically removed from exports and finding aids. 

As you may know, AtoM's development is driven by community support, either in the form of feature sponsorship or community code contributions. You can read more about the history of the project, and how we maintain and develop AtoM here: 

• https://wiki.accesstomemory.org/Development/Philosophy  
  

If your institution has access to developers, we have a number of development resources on our wiki to help you get started, and some recommendations when submitting major pull requests back to the public project. If, on the other hand, your institution might be interested in sponsoring development to add support for Visible elements and/or a publication status for authority records, feel free to contact me off-list, and Artefactual can prepare some estimates for you. Some possible development tasks might include: 

• Adding a publication status for authority records
• Adding authority record fields to the Visible elements module
• Enhancing the Visible elements module to also remove hidden fields from exports and finding aid generation

In the meantime: it wouldn't give you control over specific fields, but one thing you can consider for having more control over the visibility of other entities for public users would be to set up a separate read-only public site, with a replication script managing updates between your staff edit site and the public one. We offer this by default to our Premium+ hosting clients, and we have a bit more information on the setup and its advantages on our website, here: 

• https://www.artefactual.com/scaling-up-with-premium-hosting/  

Essentially, it's a public-facing read-only site and a secure internal read/write site for staff, with a replication script used to periodically copy the database, digital objects, and search index from the R/W site to the public one. This allows for not only greater security (since your internal site can sit behind a firewall, etc), but aggressive caching on the public site to help improve performance. Additionally, because you control the replication script, you can essentially choose when you push updates to the public site - meaning you can work on authority records internally, and they won't become publicly discoverable until you choose to run the replication script. 

We've made the replication script that we use as part of this service publicly available for all to use, in our Artefactual Labs GitHub repository: 

• https://github.com/artefactual-labs/atom-replication

As I said, it's not exactly per-field visibility control (which would require development), but it might inspire some possible workarounds. 

Regards, 

Dan Gillean, MAS, MLIS
AtoM Program Manager
Artefactual Systems, Inc.
604-527-2056

@accesstomemory

To unsubscribe from this group and stop receiving emails from it, send an email to ica-atom-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ica-atom-users/7269a833-b91d-4fee-a70d-7eef03f3000e%40googlegroups.com.