You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As a contributor to the repository
I do not want my identity to be disclosed to third parties
So that I can remain in control of my personal information
Description
Especially in BigPicture this is important where EFPIA companies want to be able to contribute data anonymously. But this is also a hygenic feature in most of the overall system. It is only when communicating with Central EGA during the submission process that the identity of the submitter is important. Once this process is done all communication should go via the registered data controller.
Sometimes the sda-download service communicates the lifescience-id of the submitter. The sda-download service should not have access to this information. There might be other places where this can be removed.
During discussions about this it has been suggested to not store this information in the database, what would the implications of this be? For example, would it still be possible to use the admin api to get a list of current submitters?
viklund
changed the title
The identity of the uploader should not leak from the system
The identity of the uploader should not leek from the system
Dec 4, 2024
As a contributor to the repository
I do not want my identity to be disclosed to third parties
So that I can remain in control of my personal information
Description
Especially in BigPicture this is important where EFPIA companies want to be able to contribute data anonymously. But this is also a hygenic feature in most of the overall system. It is only when communicating with Central EGA during the submission process that the identity of the submitter is important. Once this process is done all communication should go via the registered data controller.
Sometimes the sda-download service communicates the lifescience-id of the submitter. The sda-download service should not have access to this information. There might be other places where this can be removed.
During discussions about this it has been suggested to not store this information in the database, what would the implications of this be? For example, would it still be possible to use the admin api to get a list of current submitters?
See Also
#378 support for multiple s3 buckets
The text was updated successfully, but these errors were encountered: