Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: suggest "privacy" commands #610

Merged
merged 1 commit into from
Jul 3, 2024
Merged

feat: suggest "privacy" commands #610

merged 1 commit into from
Jul 3, 2024

Conversation

KnorpelSenf
Copy link
Member

In response to https://t.me/BotNews/96, the right thing to do is to suggest developers to add a section about privacy.

@HeeroML
Copy link
Member

HeeroML commented Jul 3, 2024

I actually disagree to this. But it's not a big change. In the docs is the right place for it. I get where you come from with this pr, but we actually don't know enough to make it such a recommendation, not every country is required to have such a policy in place or they have different regulations.

@roziscoding
Copy link
Contributor

I actually disagree to this. But it's not a big change. In the docs is the right place for it. I get where you come from with this pr, but we actually don't know enough to make it such a recommendation, not every country is required to have such a policy in place or they have different regulations.

Tha announcement says every bot should respond to the command. It is a "standardized" command as much as /help or /start IMO

@KnorpelSenf
Copy link
Member Author

KnorpelSenf commented Jul 3, 2024

I actually disagree to this. But it's not a big change. In the docs is the right place for it. I get where you come from with this pr, but we actually don't know enough to make it such a recommendation, not every country is required to have such a policy in place or they have different regulations.

That is incorrect. According to the GDPR, every service that is accessible by citizens of an EU country must comply with it. Every bot is available in the EU, which means that every bot must comply.

Legally, there are only two types of bots: those with a privacy notice and those who break (at least) EU law. In practice, this means that nearly every new bot will implement a privacy notice.

Whether or not we should add an auto-complete suggestion for this is a different question, but my main motivation for adding this command is actually not a legal one—it is that BotNews encourages every bot developer to implement /privacy. Similarly, native apps have special handling for /start, /help, and /settings in their UI. Those commands all are a convention defined by Telegram, and grammY should always stay close to how bots are meant to be written.

@HeeroML
Copy link
Member

HeeroML commented Jul 3, 2024

Tha announcement says every bot should respond to the command. It is a "standardized" command as much as /help or /start IMO

Your right, i read it multiple times and misread the "must make it"

@KnorpelSenf
Copy link
Member Author

Thanks for being thorough! I appreciate it :)

@KnorpelSenf KnorpelSenf merged commit 4e25b8a into main Jul 3, 2024
6 checks passed
@KnorpelSenf KnorpelSenf deleted the suggest-privacy branch July 3, 2024 19:58
@HeeroML
Copy link
Member

HeeroML commented Jul 3, 2024

That is incorrect. According to the GDPR, every service that is accessible by citizens of an EU country must comply with it.

This is actually incorrect too. It needs to target EU Users. Chinese Websites, speaking chinese and so on but not being blocked in EU, don't need to comply. Or i got something wrong with GDPR. It's mainly the intent to process EU-Data.

@KnorpelSenf
Copy link
Member Author

https://gdpr.eu/companies-outside-of-europe/ seems to explain it fairly well.

You might be referring to targeting EU consumers, and I agree that this part does not apply. However, there is a second part: monitoring. If your bot is recording data about EU citizens (storing any kind of data in your database about them) then GDPR applies.

There seems to be an exception, though. If your bot is neither professional nor commercial, then this could be an exception. At this point I'm not entirely sure anymore.

Adding a short privacy note is trivial, though, so it's probably best to just do it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants