[Osmf-talk] GDPR and Overpass API
Roland Olbricht
roland.olbricht at gmx.de
Wed Oct 3 14:22:34 UTC 2018
Hello,
in the ongoing effort to offer more privacy, there are still points
under consideration.
One is to make sure that Overpass API conveys the associated changeset
to an object (username, user id, changeset id) only to people that have
signed up to OSM. This has implications on authentication mechanisms in
the OSM ecosystem:
https://dev.overpass-api.de/misc/authentication.pdf
The other is the still somewhat open question whether disseminating
timestamps on objects is an issue:
https://dev.overpass-api.de/misc/timestamps.pdf
Feel free to disseminate these reports further. I do not claim any
copyright on them, and I do not see any other legal obstacles.
This is to keep everyone informed and not expected to have any immediate
implications. If you are seriously and deeply interested, then the LWG
is always grateful for a helpful hand. To avoid confusion: I am not a
member of the LWG, but the LWG has reached out to help all services in
the OSM ecosystem to get reasonable GDPR compliant. They have also asked
for input to make decisions as informed as possible.
Best regards,
Roland
More information about the osmf-talk
mailing list