Page MenuHomePhabricator
Create Task
Maniphest T258412

Create an allow-list of countries in which push notifications should be used
Closed, ResolvedPublic
Actions

Description

As an outcome of the privacy review for push notifications, it was recommended that we limit the usage of the feature to relatively "safe" countries. "Safe" here means the following:

  1. The apps have a user base above a reasonable minimum threshold in size, making it unlikely that a user could be singled out simply by virtue of being an app user;
  2. The country does not have a record of or reputation for aggressive government surveillance of journalists, political dissidents, etc.

This task is for the apps PMs to create the list of countries in which push notifications should be allowed.

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Add list of countries to exclude from push notificationsmediawiki/extensions/MobileAppmaster+38 -1
Customize query in gerrit

Related Objects

Event Timeline

Mholloway created this task.Jul 20 2020, 3:37 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 20 2020, 3:37 PM
Mholloway triaged this task as Medium priority.Jul 20 2020, 3:37 PM
Mholloway moved this task from Needs triage to Tracking on the Product-Infrastructure-Team-Backlog-Deprecated board.
Mholloway claimed this task.EditedJul 21 2020, 2:52 PM
Mholloway edited projects, added Product-Infrastructure-Team-Backlog-Deprecated (Kanban); removed Product-Infrastructure-Team-Backlog-Deprecated.
Mholloway added a subscriber: JMinor.

Discussed in the biweekly push notifications sync yesterday and we agreed that for starters we'd use the list already being used in the iOS app to limit user history event logging because of similar concerns. Thanks @JMinor for the suggestion.

The task with the earlier discussion is T192819, and the list consists of the top 50 countries on this spreadsheet; it's currently hard-coded in the iOS app's UserHistoryFunnel class. The list represents specifically the top 50 countries by number of unique iOS app users in the first three months of 2018. (The query was run on a derived table created by Tilman in turn using a query over mobile_apps_uniques documented at T180651#3833399.)

I'll run a couple of quick QC queries and then, barring any glaring issues, add the list to the remote app configuration files provided by MediaWiki-extensions-MobileApp.

Mholloway moved this task from To Do to Doing on the Product-Infrastructure-Team-Backlog-Deprecated (Kanban) board.Jul 21 2020, 2:53 PM
MSantos subscribed.Jul 21 2020, 3:46 PM
Mholloway moved this task from Tracking to Backlog on the Push-Notification-Service board.Jul 22 2020, 12:47 AM
dcipoletti subscribed.Jul 29 2020, 12:06 PM

Besides leveraging this whitelist of countries, I vaguely remember us talking about a list of countries that we for sure will not implement this functionality in. Although a whitelist is seen as something that implicitly defines the converse, does such a list of suggested countries of exclusion exist as well?

Mholloway added a comment.Jul 29 2020, 1:06 PM

@dcipoletti Yes, we have such a list from Privacy Engineering.

Mholloway moved this task from Doing to Blocked on the Product-Infrastructure-Team-Backlog-Deprecated (Kanban) board.Jul 31 2020, 1:59 PM

Blocked for now on the apps PMs generating a final list from the uniques data and list of disallowed countries.

LGoto reassigned this task from Mholloway to JMinor.Aug 11 2020, 3:41 PM
LGoto subscribed.

Hi @JMinor can you add the final list?

Mholloway added a comment.Aug 11 2020, 3:55 PM

Just to clarify, I think the next step on this one was for @JMinor to confer with Privacy Eng about the necessity of a minimum user cutoff.

JMinor added a comment.Aug 12 2020, 6:36 PM

Please see my recent email and the final proposed list from product here:
https://docs.google.com/spreadsheets/d/1oJJjqyCI-Ty9HTKaLxWE2rMBmdCRIMbq6pHGB2B7Ph8/edit#gid=0

To clarify a couple things:

  • We're doing a block list, not a white list. If the user is not requesting from a blocked locale they should get push notifications.
  • The small user base threshold excludes a lot of perfectly safe but small or emerging communities. Rather than adopt the cutoff wholesale, countries that fell below the cutoff were subject to additional scrutiny.
gerritbot added a comment.Aug 20 2020, 3:40 PM

Change 621543 had a related patch set uploaded (by Mholloway; owner: Michael Holloway):
[mediawiki/extensions/MobileApp@master] Add list of countries to exclude from push notifications

https://gerrit.wikimedia.org/r/621543

gerritbot added a project: Patch-For-Review.Aug 20 2020, 3:40 PM
Mholloway moved this task from Blocked to Code Review on the Product-Infrastructure-Team-Backlog-Deprecated (Kanban) board.Aug 20 2020, 3:45 PM
gerritbot added a comment.Aug 20 2020, 5:38 PM

Change 621543 merged by jenkins-bot:
[mediawiki/extensions/MobileApp@master] Add list of countries to exclude from push notifications

https://gerrit.wikimedia.org/r/621543

ReleaseTaggerBot added a project: MW-1.36-notes (1.36.0-wmf.6; 2020-08-25).Aug 20 2020, 6:00 PM
Mholloway closed this task as Resolved.Aug 26 2020, 8:59 PM
Mholloway moved this task from Code Review to Sign off on the Product-Infrastructure-Team-Backlog-Deprecated (Kanban) board.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits