Hi #fediverse ! I am seeking opinions on the terms of service for Taguette (free/open source qualitative analysis tool)
We have a hosted version of Taguette that people can use for free and I took a crack at writing TOS for that: https://gitlab.com/remram44/taguette/blob/terms-of-service/taguette/templates/tos.html
If anyone wants to give me an opinion about this, I would *very* much appreciate it -- it's my first time doing anything like this and I basically just riffed off the Open Source Institute & Glitch TOS
Good point RE: warrant -- do other research tools have this, do either of you happen to know? Would be interested in template-ish lang.
None of the materials on Taguette are publicly viewable, so not sure when/how people would make a DMCA claim in the first place -- do you think the stuff under "Content" is enough for that?
People can put IRB-exempt data in Taguette, but we do not want/recommend people to put sensitive data in there -- does that go in TOS or FAQ, in your view?
@vickysteeves @darius I would make explicit notes about what kind of data is and isn't appropriate in multiple places, including at least both the TOS/privacy-policy and FAQ. And explicitly excluding sensitive research data puts a lot less pressure on these exceptional access questions.
In general, I recommend separating privacy policies from terms of service, since Terms of Service are generally legalese that people have been actively discouraged from reading.
@vickysteeves if no user content is made public, you probably don't need the DMCA contact/info or much process there, I just raised it since you had all those disclaimers about rights to the uploaded data.
@vickysteeves I would include a point of contact and a process to follow for disclosure of security vulnerabilities. And if you're collecting/logging usage information, that would be good to disclose. I've tried to do that in plain language here (but of course this isn't a similar service): https://verse.press/site/privacy
I don't know of any good policies on online services for research data, and as a result I feel constrained from using online services for research data, which is a pity.
@npd @vickysteeves I think this is what I want people to understand. If you have sensitive data and need privacy guarantees, app.taguette.org is *not* a good place to put it. They should run it locally or on their institution's infrastructure.
I'm just a guy running this out of my personal server. I'm pretty good at it, but I'm not HIPAA compliant 😉