Principles Ethics Data Protection
Ethical design and responsible data use are non-negotiable requirements for all projects.
The tables in the database are created with the minimum data needed for the workflow of the application. The only mandatory personally identifiable information collected is the email. The app does not force to provide other optional information. However, optionally, users can give more information in the biography in their profile.
Users can choose any name for themselves, so it is their decision whether to use anonymous names or their real names. The app provides basic features to unregistered users, such as scrolling through the feed, looking at challenges, so anonymity is provided in this regard. Moreover, users' activities are not logged or shared to third parties, therefore they remain anonymous.
Users can delete the data they give at any time they desire. Currently users cannot delete their entire accounts, however we will also implement this so that all of their data will be removed from the database. Moreover, users' data are not given to third parties or used for marketing, therefore there is no part of the app where we can ask for consent other than posts, profiles, and goals, which the users engage with willingly.
The system's decisions on the logic of the app are only important for the creation of the challenges and goals. Progress toward goals is updated through triggers, ensuring traceable and consistent updates in real-time. There might be a shift in the logic of the challenge part. It was created to limit the usage of plastics, metal, etc, but it could be for the recycling of these materials.
The automated processes are done with triggers at the database. In order to trace these processes, we have added a "created_at" column to most of the tables which is the best practice to trace the data change. Moreover, we will also add an "updated_at" column for most of the tables as well.
The waste types are pre-determined, so there is an assumption for the types of products to be recycled; however, there might be other options that the users could desire to see. Therefore, a feedback section could be added to the application to see users' demands. In addition, the relevant concepts for the searching posts at feed are fetched from WikiData, therefore the quality/availability of semantic search is limited to WikiData.
The database only contains the information for tracking the waste production and recycling, so there is no information kept which could cause biases to occur. Moreover, the app doesn't engage with user based on any field which can result in biases.
The language of the application is English. The language limitation might restrict the application from being popular in countries where English isn't widely spoken. Translation support might be added to the application. However, the application may be more popular among people with higher socioeconomic status since they would be more inclined to reduce waste and to recycle.
The feedback section could be added to the application in this regard. There might be some problems which the developers were not aware of, and it can be beneficial to see these problems from the feedback and modify the features if needed.
At the storage level, sensitive values like the password_hash are already protected via hashing. For the transits, currently users connect to the server with HTTP which is not secure, we may change it to HTTPS so the data will be encrypted. Moreover, the data transfer between the backend and database does not use SSL, if someone can gain privileged access to the host, they may be able to sniff the transferred data.
The authentication is done with only the password. There are 3 types of access controls on the app which are admin, moderator and user. In the current version of the app, there are no functionality differences between these roles, so they are not completely implemented. Once they are implemented, we will implement strong access control to stop unauthorized accesses.
For most of the tables, deletes cascade in order to ensure user data is removed across related tables for that user. There is no archive currently in the application; waste logs could be archived and may be reverted up until a certain time has passed. Explicit user permission may be asked to ensure safe deletion.
