This was extracted (@ 2024-03-20 21:10) from a list of minutes
which have been approved by the Board.
Please Note
The Board typically approves the minutes of the previous meeting at the
beginning of every Board meeting; therefore, the list below does not
normally contain details from the minutes of the most recent Board meeting.
WARNING: these pages may omit some original contents of the minutes.
Meeting times vary, the exact schedule is available to ASF Members and Officers, search for "calendar" in the Foundation's private index page (svn:foundation/private-index.html).
The December 2023 data privacy VP report asked for a Board decision, on whether the data privacy policy for ASF websites [1] should be enforced. It looks like the Content-Security-Policy mechanism [2] can be activated for all ASF websites, to prevent modern browsers from downloading analytics code from unauthorized sources. This would effectively disable those third party services on ASF websites which are not compliant. Let's discuss whether the Board supports this, in which case the data privacy team can work with the ASF infrastructure team to implement that. [1] https://privacy.apache.org/policies/website-policy.html [2] https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP The board unanimously supports the suggested technical enforcement.