Some rough concepts that need to become policy:=
Yes we can keep info but we need to inform the recipents of computers when we collect the information why and what we will use it for. Then we can *not* use it for some *good* idea ( other purpose) later that they did not agree to when we originally collect the info.
Why must we track *who* in specific terms? Can we not generalise who gets computers rather than risk the dangers of having personal info. Will our records really suffer if we anonymize this info?
Anyone we collect data on, also has a legal right to see the data we have on them and correct it. This is not so bad as we are smart with files so we should be able to comply with this *right to correct*.
Again we can not share personal info widely, as a caution so the fewer volunteers ie. So fewer Drivers who deliver the computers, who see it the better.
Also name address phone number are not considered private info in some senses but see my next sentence for this particular group.
That said in volunteering with women who have been abused and I recommend you think of their cases as this: “there is some criminal out that that we can stop from contacting them who means them violent harm. Keep this as a litmus test for caution.
And with any low income people is not our right to identify them as *poor* because someone like a landlord or insurance company will then use this info to deny them services. It won’t be legal for a landlord or insurance company to do this but they do it. Persons can ID themselves this way but we can not point this out about them. So we careful with publicity stunts and photo ops. These are far from not problematic.
Basically everyone has a right to control the publication of information about themselves. This principle comes from 100 year old law developed when photojournalism was invented.
There are different rules for public figures.
Any questions? I can answer them tonight if you send any.
Types of information collected:
Limits on Information types collected.
Other than possible use in fund raising and only for fund raising, no personal financial information, credit card or bank account numbers will be collected by Computers for Communities. This limitation is done to protect your privacy.
No birthdates will directly be collected or recorded by Computers for Communities. Computers for Communities events and locations are generally considered all ages events and locations and no age tests will need birthdates. This limitation is done to protect your privacy. It may be nessasary to provide birthdates to third parties such as law enforcement for background checks or partner organizations. This information will not be shared back to Computers For Communities and this information will be protected by the gathering third party and their privacy polices and privacy laws.
In the event of a breach of privacy.
In the event of a breach of privacy the Privacy Officer for Computer for Communities will follow the guidelines of the Office of the Privacy Commissionairre of Canada as outlined in the web document <> (cited January 5th, 2010) Computers for Communities' Privacy Officer will when responding to a breach or suspected breach assess in quick steps or simultaneously the first of these three steps and then develop a plan for the fourth step after the Privacy Officer is able to fully assess and fully investigate the breach. (1) breach containment and preliminary assessment; (2) evaluation of the risks associated with the breach;(3) notification; and (4) prevention. These are outlined in the cited web page.