tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

data-review.rst (2194B)

      1 Data Review
      2 -----------
      3 
      4 **Everything that lands in mozilla-central that adds or expands data
      5 collection must go through the data review process.**
      6 
      7 The data review process is in place to ensure we follow Firefox's
      8 :doc:`standards for data collection <data-collection>`.
      9 
     10 This will require assessing the sensitivity of the data that is being
     11 collected, and going through the `sensitive data collection
     12 process <https://wiki.mozilla.org/Data_Collection#Step_3:_Sensitive_Data_Collection_Review_Process>`__
     13 if necessary. All data collection is subject to our `overall data
     14 collection policy <https://wiki.mozilla.org/Data_Collection>`__.
     15 
     16 Documentation for the data collection request process and the
     17 expectations we have for people following it `lives on the
     18 wiki <https://wiki.mozilla.org/Data_Collection#Requesting_Data_Collection>`__.
     19 This document describes the technical implementation in Phabricator
     20 using tags.
     21 
     22 1. Any change that touches metrics will be automatically flagged with a
     23   ``needs-data-classification`` tag by Phabricator, using `this herald
     24   rule <https://phabricator.services.mozilla.com/H436>`__. If a change
     25   adds/updates data collection in a way that doesn’t automatically
     26   trigger this rule, this tag should be added manually (and if
     27   appropriate, please file a bug to update the herald rule so it
     28   happens automatically next time).
     29 
     30 2. After assessing data sensitivity, the tag can be replaced with either
     31   ``data-classification-low`` or ``data-classification-high`` depending
     32   on that sensitivity.
     33 
     34 3. Adding ``data-classification-high`` will auto-add the ``#data-stewards``
     35   reviewer group as a blocking reviewer for the change and initiate the
     36   `sensitive data review process <https://wiki.mozilla.org/Data_Collection#Step_3:_Sensitive_Data_Collection_Review_Process>`__.
     37 
     38 4. For patches making mechanical changes that happen to trigger the
     39   herald rule linked above, but that do not actually add or update any
     40   data collection, the ``data-classification-unnecessary`` tag can be used.
     41 
     42 Patches with the ``needs-data-classification`` tag will not be landable in
     43 Lando. The process linked above must be followed in order to land the
     44 change.