[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Taler] UI considerations for backup & sync
|
From: |
ms |
|
Subject: |
Re: [Taler] UI considerations for backup & sync |
|
Date: |
Wed, 22 Apr 2020 17:33:37 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.6.0 |
Alright, just to clarify: I wasn't suggesting to back things up without
asking,
but just making the backup "less urgent" and only do it *if* the user
clicked
the tooltip -> read the well visible ToS -> accepted everything -> paid it.
But given those guidelines you mention, I'd say that there is little room to
discuss!
On 4/22/20 5:19 PM, Christian Grothoff wrote:
> On 4/22/20 5:14 PM, ms wrote:
>> On 4/22/20 5:09 PM, Christian Grothoff wrote:
>>> On 4/22/20 11:28 AM, ms wrote:
>>>>> The service is indeed supposed to be chosen just after the withdrawal,
>>>>> because you can only pay using Taler for it.
>>>>>
>>>>> We can't really avoid having two ToS, as the sync/backup is optional
>>>>> (but we must offer it), and clearly is independent of the exchange
>>>>> itself. What we will try (ideally with qualified lawyers) is to make
>>>>> those ToS less wordy ;-)
>>>> Yes. Then I'd suggest to offer it via some minimal tooltip, instead of a
>>>> prominent dialog.
>>>>
>>> I think legally that won't work. We need to get people to really
>>> actively 'accept' the ToS and can't just hide it in a tooltip. At least
>>> I'm pretty sure you'd never survive doing that in court -- otherwise
>>> everyone else would do it already.
>> I wasn't suggesting to "hide" the ToS, but the backup service itself.
>> Clearly, once the user wants to know more about the backup service
>> by clicking the tooltip, then we'll show its ToS in a well-readable way!
> Ah, but we shouldn't just do a backup without asking, as that's pretty
> useless: if the user doesn't store/persist/save the key, making a backup
> makes no sense. Also, there are privacy implications as we talk to a
> server, which means we leak (coarse) information to the sync server
> about when a particular user/account is online & doing something with
> Taler. That's not terrible, but any information leak needs to be
> approved IMO.
>
> OTOH, the ECB told us that we must "urge" users to make backups and
> basically inform them that it would be gross negligence on their part to
> refuse to make a backup. Otherwise _we_ would be liable for losses from
> a lack of backups.
>
> Hence, neither making a backup without consent nor silently not having a
> backup are really acceptable in this context. So we need to make the
> backup onboarding usable. I see no choice there.
>
>
>
>
signature.asc
Description: OpenPGP digital signature
- Re: [Taler] UI considerations for backup & sync, (continued)
- Re: [Taler] UI considerations for backup & sync, ms, 2020/04/21
- Re: [Taler] UI considerations for backup & sync, Christian Grothoff, 2020/04/21
- Re: [Taler] UI considerations for backup & sync, ms, 2020/04/22
- Re: [Taler] UI considerations for backup & sync, Christian Grothoff, 2020/04/22
- Re: [Taler] UI considerations for backup & sync, ms, 2020/04/22
- Re: [Taler] UI considerations for backup & sync, Christian Grothoff, 2020/04/22
- Re: [Taler] UI considerations for backup & sync,
ms <=
- Re: [Taler] UI considerations for backup & sync, Torsten Grote, 2020/04/22
- Re: [Taler] UI considerations for backup & sync, Christian Grothoff, 2020/04/22