/privacy-security

Privacy & Security Principles, Documents and Testing

MIT LicenseMIT

privacy-security

We believe that transparency in our software is an important part of ensuring security and privacy. This repository is meant to provide a public place for open source software developers, interested security and privacy experts to go to understand Path Check's:

  • Principles relating to security and privacy. A list of concrete, technical, verifiable privacy principles and tests that developers should build into Safe Paths and Safe Places, and testers should verify.
  • Test reports relating to Security and Privacy.
  • External test reports related to our adherence to security and privacy (i.e. static code analysis).
  • Issues relating to deviations from our Principles referenced above and known external standards.
  • Related documents, such as Data Privacy Impact Assessments

This document should be considered the guiding requirements that Path Check Inc expects to implement, and will verify against. It does not currently consider self-reporting of symptoms, or the implementation of a Bluetooth based proximity system.

How to contribute

Proposing changes to the principles

  • Submit a pull request
  • Request reviews on the #fn_privacy channel (message Adam Leon Smith if you need to be added to this channel)

Testing the principles

  • Read the principles and pick a privacy or security principle you can test
  • If it relates to an OWASP verification, the test methodology is documented in the OWASP github for web testing or mobile testing
  • Create a markdown (or any other) document describing your test method and results in github
  • Create a pull request to merge this in to the master branch
  • Request reviews on the #fn_privacy channel (message Adam Leon Smith if you need to be added to this channel)

Other sources of Information