Time  Nick        Message
06:41 reiveune    hello
06:47 alex_a      bonjour
07:21 fridolin    hi there
07:27 gaetan_B    hello
08:09 ashimema    mornin'
08:10 calire      hi #koha
08:45 cait        anyone ever seen patron creator templates that won't save?
08:45 cait        and show a wrong list of printer profiles?
08:57 cait        we figured out one of the printer profiles was borked... but not sure how it happened or wha
09:42 fridolin    72 ;)
09:42 ashimema    ?
10:45 jenkins     Project Koha_17.11_D8 build #67: FAILURE in 7 min 21 sec: https://jenkins.koha-community.org/job/Koha_17.11_D8/67/
10:45 jenkins     * gonzalez: Bug 20700: MARC21 add/update leader/007/008 codes (17.11.x version)
10:45 jenkins     * Tomás Cohen Arazi: Bug 20745: koha-zebra doesn't return the correct error codes
10:45 huginn      Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20700 trivial, P5 - low, ---, bgkriegel, Pushed to Stable , Update MARC21 leader/007/008 codes
10:45 huginn      Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20745 major, P1 - high, ---, tomascohen, RESOLVED FIXED, indexing/searching not active at end of installation
10:46 jenkins     Project Koha_17.11_D8 build #68: STILL FAILING in 1 min 1 sec: https://jenkins.koha-community.org/job/Koha_17.11_D8/68/
10:54 marcelr     hi #koha
11:09 * kidclamp  waves
11:09 marcelr     hi kidclamp
11:42 cait        GDPR meeting in 20 minutes!
11:47 marcelr     hi cait
11:48 cait        hi marcelr
11:48 marcelr     can attend 30 mins
11:49 cait        we#ll try to make it quick
11:49 cait        trying to get things sorted right now
11:49 marcelr     bug 20819
11:49 huginn      Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20819 enhancement, P5 - low, ---, m.de.rooy, Needs Signoff , GDPR: Add a consent field for processing personal data in account menu and self-registration
11:49 marcelr     feedback welcome
11:49 cait        i was going to mention it
11:49 cait        can you put alink on agenda?
11:49 marcelr     ok
11:54 m23         hello to all GDPR fans :-)
11:54 cait        marcelr: fixed the link
11:54 cait        marcelr: there is a nice trick {{BZ|bugnumber}} - will automatically make it right
11:56 marcelr     great; visit wiki not oftem enough
11:56 marcelr     m n
11:59 cait        get ready... starting the meeting :)
12:00 cait        #startmeeting GDPR IRC meeting 9 July 2018
12:00 huginn      Meeting started Mon Jul  9 12:00:03 2018 UTC.  The chair is cait. Information about MeetBot at http://wiki.debian.org/MeetBot.
12:00 huginn      Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
12:00 huginn      The meeting name has been set to 'gdpr_irc_meeting_9_july_2018'
12:00 cait        #topic Introductions
12:00 cait        #info Katrin Fischer, BSZ, Germany
12:00 marcelr     #info Marcel de Rooy, Rijksmuseum
12:00 cait        please introduce yourself using #info!
12:00 talljoy     #info Joy Nelson ByWater Solutions
12:00 greenjimll  #info Jon Knight, Loughborough University
12:00 cait        #link https://wiki.koha-community.org/wiki/GDPR_IRC_meeting_9_July_2018#Agenda Today's agenda
12:00 m23         #info  Michal Denár, KohaCZ
12:00 cc_         #info Colin Campbell, PTFS-Europe
12:01 cait        giving it another minute or so
12:01 anne-claire #info Anne-Claire Bernaudin, librarian, University Rennes 1, France
12:01 cait        #topic Status update on planned developments and road map
12:02 cait        #link https://wiki.koha-community.org/wiki/Improve_data_protection_and_patron_privacy Road map
12:02 cait        maybe first some updates then move to the questions?
12:02 marcelr     bug 20819 is in needs signoff
12:03 huginn      Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20819 enhancement, P5 - low, ---, m.de.rooy, Needs Signoff , GDPR: Add a consent field for processing personal data in account menu and self-registration
12:03 cait        #info 12 - documentation about cookies used in Koha is done
12:03 cait        #info there is also a cookie coding guidelines now, that says that developers have to update the documentation
12:03 cait        i will update the table later
12:03 cait        marcelr: do you have the number this is referring to?
12:04 marcelr     i wrote it at the end of the table
12:04 cait        i think it might fit with 13
12:04 marcelr     but it touches a few points
12:04 ashimema    #info Martin Renvoize - PTFS Europe
12:05 cait        i can move it into the table later if you agree
12:05 marcelr     yeah fine
12:05 marcelr     it combines consent and account deletion request
12:05 cait        ok, any other updates on the work underway?
12:05 cait        oh that's interesting
12:05 cait        because that was on my list
12:05 m23         What about add some new guidelines about private data into development gudelines?
12:06 cait        m23 I think that would make a good next topic
12:06 m23         cait ok
12:06 cait        #info bug 20819 deleing with patron self registration (consent) and patron deletion is ready for sign off
12:07 marcelr     note that adding a deletion request and processing it are two things
12:07 marcelr     this is the first part
12:07 cait        but you can request one?
12:07 marcelr     yeah
12:07 cait        that's a good first step
12:07 marcelr     you either give a consent or ask to delete your acoount
12:08 marcelr     you cannot work without answering
12:08 cait        any more updates to the table?
12:08 anne-claire In the table in the wiki page, I don't see anything about old_issues and statistics tables. They need to be anonmyized too, as old_reserves.
12:08 cait        anne-claire: there are some entries
12:08 anne-claire Missed it, sorry
12:09 cait        number 3
12:09 marcelr     is anonimizing the borrower not enough?
12:09 cait        and 7 i think
12:09 cait        marcelr: at the moment we are not doing that
12:09 cait        but it depends on how long you want to store data
12:09 cait        there is actually no need to store issues data as logn as the patron exist
12:10 marcelr     maybe statistical purposes
12:10 cait        yeah, but then you can work with anonymized data too
12:10 cait        the idea was to move patron category and age to the statistics table
12:10 cait        to remove the need for the link with the patron
12:10 anne-claire For statistics, pseudnomymization would be a need
12:10 anne-claire To identify a single user
12:10 cait        and borrowernumber could be removed after some time frame
12:10 cait        ok, i will add a new topic then for coding guidelines?
12:11 greenjimll  We'd need to be able to tie an old-issue down to the department that the user who made it was in for example, as part of our purchasing system.
12:11 cait        where do you store department?
12:11 greenjimll  In the attributes for the borrower.
12:11 cait        hm
12:11 talljoy     ack
12:11 cait        maybe we'd need a way to map some data to statistics by configuration
12:12 cait        let the library decide what we copy from the patron record
12:12 anne-claire cait: yes
12:12 talljoy     have a 'free' field in statistics like sort1, sort2 ?
12:12 cait        something like that
12:12 cait        what do you think
12:12 cait        ?
12:12 talljoy     it allows for flexibility for sure
12:13 cait        i can add the idea to 7 latr
12:13 drojf       #info Mirko Tietgen, late
12:13 cait        #topic Coding Guidelines for privacy
12:14 cait        m23?
12:15 m23         We mabe should inspire by https://github.com/joomla-projects/privacy-framework
12:15 cait        #link https://github.com/joomla-projects/privacy-framework
12:16 m23         Its integrated into core of Joomla, every new plugin, feature or code must corresponded into privacy framework.
12:16 cait        #idea (from earlier) Add some columns to statistics that can be mapped to patron data by the library
12:16 m23         If some law change it can be easier to implement it into system
12:17 greenjimll  I like the privacy of the Joomla version history: https://docs.joomla.org/Joomla_3.9_version_history
12:17 cait        can you give an example?
12:17 cait        hm empty for me?
12:17 talljoy     me too
12:17 greenjimll  Exactly.
12:17 greenjimll  :-)
12:17 marcelr     private :)
12:18 cait        I think i don't understand
12:18 m23         if privacy data are in log, tables developrs know it and know how hadle this data
12:18 m23         all provate data are mapped
12:19 m23         its clear?
12:19 cait        sorry, not yet
12:19 cait        just hiding the information seems a bit like  Security by obscurity to me
12:20 talljoy     yes
12:20 cait        security through obscurity (had to look it up)
12:20 talljoy     i like that phrase cait!
12:20 greenjimll  Not terribly obscure if its documented though.
12:20 cait        but what exactly are we not seeing?
12:20 drojf       nor secure
12:20 m23         we cant just hide private data, its agianst rules of GDPR
12:21 m23         we must be able to remove or anonymise them
12:21 marcelr     m23: do you have specific suggestions for new coding guidelines ?
12:22 m23         marcelr Im not sure .... how specify it
12:22 cait        hm maybe something like: don't add more data without a deletion/anonymization stretegy?
12:22 cait        like if we added a message_queue again, we'd immediately also provide a script to delete the date/clean up
12:23 cait        or... deal with what happens when the patron is deleted
12:23 cait        we don't always do that cleanly in the codebase
12:23 marcelr     cascaded deletes clean up a lot ..
12:23 cait        for example the messages to patrons (the notes) are never cleaned, they remain linked to deletedborrowers
12:23 cait        yep, but they are holes currently
12:23 marcelr     ok
12:23 m23         every new functionality, plugin thaht hande privacy data must do it clear
12:23 cait        so it might be worth giving it some thought implementing new features
12:24 greenjimll  And should the method for making patron data anonymous be implemented in the Koha core modules, so that new additions can make use of these rather than reinventing the wheel?
12:24 m23         so first step is mapping privacy date in system/databese
12:24 cait        #idea provide a way to clean up/anonymize data at the time of adding new features as well
12:25 m23         private data can be at easy identify tables, but hiden at logs, messages, etc.
12:25 cait        #idea clean up/anonymize data when patron is deleted for new features/tables
12:25 cait        we have a list of tables that have links to patron data
12:26 cait        not sure if that would be helpful?
12:26 m23         cait, yes, it can help
12:26 cait        there are also several cronjobs that can create logs containing patron information
12:26 cait        maintaining the list is a bit... hard
12:26 m23         exactly
12:26 cait        but i can try to put it on my to do list
12:26 cait        an automatic way of documenting this might be nicer
12:26 m23         some kidn "privacy framework" can help in future
12:27 cait        we have https://schema.koha-community.org for example
12:27 cait        m23 i think it#s not clear from the page you linked how that works
12:27 cait        the readme below is only about Joomla in general
12:27 clrh        #info CLaire Hernandez, BibLibre  (bad connection)
12:28 m23         Im not able now to find better info, I'll try
12:28 cait        welcome clrh
12:28 drojf       m23: do you work with joomla? could you give some more info on how the framework works? as cait said, the repository has no information about it
12:28 drojf       in the readme at least
12:29 cait        maybe we can discuss next time with some more info on the agenda?
12:29 cait        i'd like to move on to the general discussion
12:29 greenjimll  This may be more useful for Joomla GDPR support: https://data2.eu/en/gdpr-tips/146-joomla-gdpr-compliance
12:29 cait        #link  https://data2.eu/en/gdpr-tips/146-joomla-gdpr-compliance
12:29 m23         cait, OK, if I add some new better info about Joomla or similar solution, I'add link into wiki
12:30 cait        thx m23
12:30 drojf       link in german about joomla https://www.joomla.de/news/joomla/496-joomla-3-9-und-joomla-3-10-dsgvo
12:30 cait        m23++
12:30 cait        #link https://www.joomla.de/news/joomla/496-joomla-3-9-und-joomla-3-10-dsgvo (German)
12:30 cait        moving on
12:30 cait        #topic General discussion
12:31 greenjimll  Should I carry on waiting for REST APIs for bug 20028, or put some place holder code in to extract and generate some JSON data directly?
12:31 huginn      Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20028 enhancement, P5 - low, ---, koha-bugs, NEW , Export all patron related personal data in one package
12:31 cait        i think waiting for all rest apis needed might take too long
12:31 cait        having something a little earlier might be good
12:31 greenjimll  OK
12:31 cait        what do others think?
12:32 m23         This feature in API can be very useful if library use for exaplet VuFind
12:32 greenjimll  I can always do a first cut without the REST APIs and replace it with them when they arrive.
12:33 m23         Solution to provide personal data to download via user accout is very nice to users
12:33 cait        i'd use rest api wherever possible
12:33 talljoy     What data are you extracting?
12:33 cait        but i think having it complete for what we need will take more than this year
12:34 cait        talljoy: the rule is everything we store about a patron
12:34 talljoy     demographic, fines, circ, old circ, reserves, etc...
12:34 cait        has to be provided ina machine readable format
12:34 talljoy     the whole kit and kaboodle eh.
12:34 cait        for download
12:34 greenjimll  It will have to (eventually) extract all information related to the borrower that we hold.
12:34 cait        everything
12:34 cait        reviews, tags, ...
12:34 m23         especially, issue history, reservation history, payments history ...
12:34 cait        star ratings
12:34 talljoy     that would be a messy csv, or multiple csvs yes?
12:34 cait        we were thinking messy json
12:34 greenjimll  I was thinking more JSON than CSV to be honest.
12:34 talljoy     :D
12:35 ashimema    Can one not already do that using reports
12:35 drojf       star ratings …
12:35 greenjimll  Should we change it from CSV to JSON in the wiki?
12:35 talljoy     a better messy in json.  agreed
12:35 m23         "in one package" can thing more packaes but from one point
12:36 cait        i think coudl also be a zip file?
12:36 drojf       a zip with a lot of files is a package
12:36 drojf       heh
12:36 talljoy     :D
12:36 cait        i think reports would be hard because lots of unions
12:36 cait        not easy to provide a big one
12:36 m23         zip are best for bigger files
12:36 talljoy     would be an unwiedly report.
12:36 cait        ashimema: do you have something developed maybe?
12:37 cait        i think maybe we hsould not overthink it
12:37 cait        but try to get something in place so we comply
12:37 cait        and then refine
12:37 greenjimll  OK, I'll make a start on extracting some data so there's something to test and build upon.
12:38 cait        greenjimll++
12:38 cait        I think marcelr's development might be dealing with my 'request account deletion'
12:38 cait        can you confirm marcel?
12:38 cait        #info see bug 20819 for requesting account deletion
12:38 huginn      Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20819 enhancement, P5 - low, ---, m.de.rooy, Needs Signoff , GDPR: Add a consent field for processing personal data in account menu and self-registration
12:39 cait        i think he said he only had half an hour
12:39 cait        the other thing came up here in discussion about anonymizing automatically using the cronjobs
12:39 m23         What about some extension of current anonymisation tool? Like list of anonymised patrons, because some library must be able to finf paper contract to remove them after anonymise "digital" data in Koha.
12:39 cait        a new patron registerts at the library, they fill out a form and sign it, it's stored, the patron expires, the automatic deletion happens after x months... the paper remains
12:40 cait        m23: using the tool that works, but what about using the cronjob?
12:40 m23         Tool os betetr for this scenary insn!t it?
12:41 cait        not sure, i think it's easy to forget
12:41 cait        every manual process is
12:41 m23         Cronjob is good, but how list names that was/waill be anonymised?
12:41 cait        #info What happens to registration forms when a patron is deleted automatically (expired since...)
12:42 cait        yeah exactly
12:42 cait        i was hoping someone could provide a good idea :)
12:43 talljoy     sounds like the cron would need to have a 'report' option that could be emailed once it runs and anonymizes patrons
12:43 talljoy     report containing the list of names so the library could remove paper contract?
12:43 m23         automatic way willl be better ... maybe Koha can send list by mailer, what do You think?
12:43 cait        talljoy: emailing is not quite what we want... (privacy) but maybe a file that can be accessed
12:44 m23         yeah
12:44 talljoy     again back to manual.
12:44 cait        because you'd email patron names and cardnumbers i think... as a minnum
12:44 talljoy     someone has to go get the file
12:44 greenjimll  The UK ICO says that you need to keep consent forms: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/consent/
12:44 talljoy     or automate another process to grab the file and move it somewhere else
12:44 cait        yep - just email is not encrypted usually or signed
12:44 cait        or at least that's harder to do
12:44 cait        getting a file from the server might be easier in a safe way
12:45 cait        hm something to think about :)
12:45 cait        someone got something else?
12:45 m23         so tool can be other solutio :-)
12:46 m23         wit caledar reminder :-)
12:46 cait        #idea add a tool to remind of tasks regularly (like anonymizing data)
12:46 m23         cait great!
12:47 anne-claire great idea, a reminder !
12:47 talljoy     that's what google calendar is for.
12:47 cait        talljoy: you are killing our fun :)
12:47 talljoy     heh
12:47 cait        maybe repariing the scheduler could already hlep
12:47 m23         and extend anon toll with list of patrons to view/download
12:47 talljoy     NOW there is a good idead Cait!
12:47 cait        #info idea repair the scheduler!
12:47 talljoy     m23 yes!
12:48 cait        hm i am getting confused with infos and ideas
12:48 cait        maybe time to end the meeting?
12:48 m23         :-)
12:48 cait        we'll have a poll about the next data again i think if noone is opposed?
12:48 talljoy     add m23 idea about the tool providing a preview
12:48 cait        oh yes
12:49 cait        #idea Provide a review of patrons to delete or a list of patrons deleted when running the patron deletion/anonymizing tool
12:49 cait        hope that made sense
12:49 cait        hm review preview...
12:49 cait        gah.
12:49 cait        #idea review = preview
12:50 cait        ending in a minute or so if nothing else comes up
12:50 m23         thanks for debate :-)
12:50 cait        thx all for attending!
12:50 greenjimll  In bug 20819 do we store the consent form they consented to?
12:50 huginn      Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20819 enhancement, P5 - low, ---, m.de.rooy, Needs Signoff , GDPR: Add a consent field for processing personal data in account menu and self-registration
12:51 cait        i think marcelr is no longer around
12:51 cait        maybe leave him a later?
12:51 greenjimll  OK
12:51 cait        or comment on the bug
12:51 cait        might be more efficient
12:51 talljoy     thanks cait!  good meeting.  til next time.
12:51 cait        #endmeeting
12:51 huginn      Meeting ended Mon Jul  9 12:51:23 2018 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)
12:51 huginn      Minutes:        http://meetings.koha-community.org/2018/gdpr_irc_meeting_9_july_2018.2018-07-09-12.00.html
12:51 huginn      Minutes (text): http://meetings.koha-community.org/2018/gdpr_irc_meeting_9_july_2018.2018-07-09-12.00.txt
12:51 huginn      Log:            http://meetings.koha-community.org/2018/gdpr_irc_meeting_9_july_2018.2018-07-09-12.00.log.html
12:51 drojf       cait++
12:51 m23         bye
12:53 * LeeJ      waves
12:53 LeeJ        hi #koha
12:53 talljoy     hi leej
12:54 LeeJ        hi talljoy!
12:56 clrh        thnals cait and sorry, train is not a good way to follow the meeting, I will re-read everythnging soon
12:56 greenjimll  Thanks cait!
14:58 epinky      I'm having trouble enable ldap authentication in Koha 18.05, I don't see any errors in /var/log/koha/library/opac-error.log I have followed this tuto https://bywatersolutions.com/2012/07/09/koha-ldap/  can anyone help?
15:04 cait        yay - elasticsearch bugs pqa :D
15:04 cait        epinky: sorry, not experienced with ldap
15:04 cait        maybe try the mailing list if you don't catch an expert here
15:04 reiveune    bye
15:04 cait        it's end of work day in europe, maybe tomorrow or later tonight would be better
15:05 epinky      cait: will wait , I really need this
15:10 cait        did you have it working in annother version of koha?
15:12 epinky      cait: nope
15:14 cait        this might be helpful, it#s newer
15:14 cait        https://koha-community.org/manual/18.05/en/html/apis_protocols.html#ldap
15:15 epinky      cait: thank you, have followed it, however no log about login attempts is written
15:16 epinky      cait: do you know how to troubleshoot if no logs appear?
15:21 cait        there is a section about touble shooting
15:21 cait        apart from that i don't know
15:21 cait        maybe th wiki? has some mor info
15:21 cait        wiki?
15:21 cait        hm, bot is not here
15:21 cait        https://wiki.koha-community.org/wiki/Main_Page
17:57 * cait      sighs finding more emails in the 'almost spam' directory
17:58 * LeeJ      can relate to cait
17:59 cait        got confused on the mailing list... just ignore me
19:21 LeeJ        @later tell khall no dice on the restart :(
19:21 huginn      LeeJ: The operation succeeded.
20:26 epinky      anyone can help me with ldap
20:26 epinky      ?
20:27 epinky      I cnanot make it work with koha