To fulfill the requirements of T321822, event organizers not only need a way to collect participant data on an opt-in basis, but also view the data and access it whenever they need it.
@gonyeahialam has designed a "Report" tab in the organizer view (T322751), but the engineers have indicated that this solution will be too complex to implement for a first iteration. We think an export to CSV feature might be an interim solution, but are concerned about 1) data privacy risks; 2) handling of exports before and after the 90-day aggregation/de-identification boundary (ref). Thus, there is a Legal/Privacy/Trust & Safety component AND a technical component to this investigation.
- As an event participant, I want to trust that any personal information I provide during the event registration process is safe, in accordance with https://foundation.wikimedia.org/wiki/Privacy_policy.
- As an event organizer, I want to view collected information about my event participants in a way that is clear and organized, so that I can better understand who is showing up to my events, report out demographic information to stakeholders or grant officers, be able to identify any gaps that need to be addressed, and understand how I can best serve the needs of my participants.
- Review the exporting idea with Legal, Privacy, and Trust & Safety and documented their recommendations. We will batch this question with other project-related questions we have compiled.
- If we are given the go-ahead, understand & document the technical requirements of exporting PII data and the implications for aggregating/de-identifying.