Bug #49824 no privacy policy
Submitted: 19 Dec 2009 13:00 Modified: 3 May 2012 22:58
Reporter: Peter Laursen (Basic Quality Contributor) Email Updates:
Status: Not a Bug Impact on me:
Category:MySQL Websites: bugs.mysql.com Severity:S2 (Serious)
Version:not relevant OS:Any
Assigned to: Vlad Safronov CPU Architecture:Any
Tags: qc

[19 Dec 2009 13:00] Peter Laursen
I ahve been looking for a privacy policy statement on bugs.mysql.com. The reason is that I several times have been mailed from MySQL people about bug reports I have posted. When I post in *PUBLIC* I do not want *PRIVATE* communication returned. They should not have mailed, me but replied in the report instead. But not a big deal of course.

However a bigger deal seems to be that hundreds of people in MySQL/Sun organization seem to have access to see may email address. It should only be a few administrator persons in my opinion. I am 'old fashioned' as regards protection of my privacy - what includes my email address(es).

I have no problems accepting that bug reports become the property of MYSQL/Sun, but my email address should not.  

Also I do not believe that my email can be properly protected if shared with hundreds of people.  

How to repeat:
See above.  

But additionally you can reply to the question: 
How many people in MySQL/Sun organisation are currently able to see my email address in readable format? 100? 200? 500? more?

Suggested fix:
Make reporter's email address available only for a few people who really need it for administrative purposes.

(and it could apply to complete mysql.com domain and not only bugs.mysql.com)
[19 Dec 2009 13:16] Valeriy Kravchuk
I consider "Limit access to my email address only to those few administrators who really need it" a valid feature request. 

For now all people (inlcuding me, if you care) with "Developer" level of permissions in bugs db can see you email address. We are speaking about 250 or so people in the entire MySQL/Sun.
[28 Apr 2012 9:15] Vlad Safronov

I have just googled "Peter Laursen mailto:"; and the very first results page gives your email. And there is *no* mysql.com domain among the sites disclosing it. 

Only "Developer" level of permissions gives access to your email address. Given the above I'm not sure if we shall introduce extra "emails keeper" privilege granted to only a few mortals. Developer's privilege to see your email complies Oracle policy. 

if you have further questions related to the policy (http://www.oracle.com/us/legal/privacy/privacy-policy-078584.html#personal), please contact the Chief Privacy Officer by email at privacy_ww@oracle.com.
[28 Apr 2012 12:16] Peter Laursen
When I google "Peter Laursen mailto:"; I find only other Peter Laursen's than me!

"Only "Developer" level of permissions gives access to your email address."  This is also too much.  It should only be Sysadmin's of this system. There is no need that developers and supporters should know my email. They should NEVER contact me on my email anyway.  They should reply in the topics I have created here.

When Valeriy told me than more than 100 people were able to read my email I was really astonished.
[28 Apr 2012 13:08] Vlad Safronov
Links 4,5,6 (launchpad.net and mail-archive.com, shall I post exact URLs here?) pretty disclose your email.

I am only trying to say:
1. bugs.mysql.com complies Oracle privacy policy.
2. feel free to contact Chief Privacy Officer by email at mailto:privacy_ww@oracle.com so one can check your worries and policy compliance.
[3 May 2012 22:58] Vlad Safronov
Closed with "Not a Bug" as long as bugs.mysql.com internals comply Oracle privacy policy.