| ▲ | Zero-build privacy policies with Astro(openpolicy.sh) |
| 10 points by jamie_davenport 4 hours ago | 10 comments |
| |
|
| ▲ | ximm an hour ago | parent | next [-] |
| I am still confused what exactly this tool is doing. I clicked on "examples" in the hope of finding an example of a generated policy. But it only gives examples of the configuration, not the output. |
| |
| ▲ | jamie_davenport an hour ago | parent [-] | | While OP can generate MD, HTML and PDFs we've since moved away from that as the default to an approach in favour of just rendering the outputs as HTML/JSX. You're 100% right we should make it easy for anyone just checking out the project to see the generated results without running the examples. I will add a CLI example and commit the generated policies to the repo. Thanks for pointing this out and sorry our docs aren't up to the standard they need to be. |
|
|
| ▲ | NylonMeltdown 2 hours ago | parent | prev | next [-] |
| "Zero-build privacy policies": "Everything runs at build time", what? |
| |
| ▲ | jamie_davenport 2 hours ago | parent [-] | | Fair point. "No extra build step privacy policies with Astro" just didn't have the same ring to it. This was just a small quality of life improvement for the Astro users so it's a huge surprise to see how many reads it's getting. Hopefully we get the same response next week when we launch 2 very exciting features. |
|
|
| ▲ | Rygian 4 hours ago | parent | prev [-] |
| I wonder how often do privacy policies change, for the average site, to merit investing in a dedicated library that renders them dynamically. Assuming that the default solution is a static page. |
| |
| ▲ | 9dev 2 hours ago | parent | next [-] | | My problem is mostly that I lack the legal expertise to be able to a) write up a coherent policy with full coverage, and b) follow up on changing legislation, of which there has been quite a lot in recent years (at least in Europe). The best option until now have been generators found online, which mostly seem to have pivoted to lead generators or demos for paid products now. Considering that in Germany, for example, any website affiliated with a company or pursuing any economic purpose is required to have both a proper imprint and privacy policy, this is something you have to care about. There are even lawyers writing specialised crawlers to find websites with linked Google Fonts but no privacy policy notice, and send automated litigation to the owners. This only became possible after a court decided (as shortsighted as stupidly) loading fonts from Google's servers constituted a privacy violation, given that visitors had no way to consent. Following these changes and reacting in a timely way is a continuous effort, and a framework to automate this is very welcome IMHO. | |
| ▲ | jamie_davenport 4 hours ago | parent | prev [-] | | I think most apps don't update often enough. We've seen products with privacy/cookie policies that are 5+ years old and totally out of sync with the product itself. We're building OpenPolicy not necessarily to reduce the risk companies have of litigation, but instead to be more transparent with users and to build trust. In the next version we'll be releasing auto-instrumentation that tracks data/third parties to always keep things in sync. | | |
| ▲ | rafram 4 hours ago | parent [-] | | > We're building OpenPolicy not necessarily to reduce the risk companies have of litigation Privacy policy is one thing, but that’s what terms of service are for! | | |
| ▲ | weird-eye-issue 3 hours ago | parent [-] | | Terms of service don't override laws so only a fool thinks that they have any effect on litigation. | | |
| ▲ | rafram 23 minutes ago | parent [-] | | If a set of terms not overriding the law makes it useless, what do you think contracts are for? |
|
|
|
|
