Feature Wiki

Information about planned and released features

Tabs

Ask for user consent before data is transferred to remote ECS platform

Page Overview

1 Initial Problem
2 Conceptual Summary
3 User Interface Modifications
- 3.1 List of Affected Views
- 3.2 User Interface Details
- 3.3 New User Interface Concepts
4 Technical Information
5 Privacy Information
6 Security Implications
7 Contact
8 Funding
9 Discussion
10 Implementation

1 Initial Problem

When users click on an ECS link, user data (account, surname, firstname) is transferred to the remote ECS connected platform (another ILIAS, a moodle, ...) without giving the user a chance to intervene an abort this process. The remote platform, is setup to do so, may ask the user to accept the "Terms of Usage", but the ECS user account has already been created at that point.

This behaviour is not transparent for the users and does not comply with European data sovereignty and privacy regulations.

2 Conceptual Summary

Users should receive more transparency over which data is transferred to remote platforms connected via ECS, should be warned before data is tranferred and should get the chance of aborting the process.

In order to achieve this, an additional step should be added to the ECS process, which is called once per user and ECS link

When a user clicks on an ECS link, a modal should be shown that warns the user that their user data is gong to be transferred to a remote platform.
The modal lists the Name und URL of the remote platform and lists which data items will be transferred
Checkbox that registers the user's agreement to the data transfer
The modal offers the user two buttons "Submit data and Proceed to remote Platform" and "Cancel"

This ILIAS saved this agreement to the database, along with the time / date, ECS-object's object_id, user_id.

3 User Interface Modifications

3.1 List of Affected Views

{Please list all views (screens) of ILIAS that should be modified, newly introduced or removed.}

3.2 User Interface Details

Modal triggered by click and ECS link in ListGUI / tile, that asks for user consent (including checkbox for agreement) and shows an overview of metadata and to be transferred user data.

Draft of Modal

Notification about Transfer of User Data via ECS

You have clicked on the link to a ressource on a remote platform.

Title: ###Title of the ECS Ressource###
Target Platform: ###Participant Name###
Provider: ###Provider Name###

[ ] I agree, that yy proceeding, the following items of my user data will be tranferred and stored an the above stated platform:

[login] / [external_account]
[name]
[given_name]
[email]
....

[ Agree and Proceed ] [ Cancel ]

3.3 New User Interface Concepts

{If the proposal introduces any completely new user interface elements, you might consult UI Kitchen Sink in order to find the necessary information to propose new UI-Concepts. Note that any maintainer might gladly assist you with this.}

4 Technical Information

{The maintainer has to provide necessary technical information, e.g. dependencies on other ILIAS components, necessary modifications in general services/architecture, potential security or performance issues.}

5 Privacy Information

{ Please list all personal data that will need to be stored or processed to implement this feature. For each date give a short explanation why it is necessary to use that date. }

6 Security Implications

{ Does the feature include any special security relevant changes, e.g. the introducion of new endpoints or other new possible attack vectors. If yes, please explain these implications and include a commitment to deliver a written security concept as part of the feature development. This concept will need an additional approvement by the JourFixe. }

7 Contact

Author of the Request: Glaubitz, Marko [mglaubitz]
Maintainer: Meyer, Stefan [smeyer]
Implementation of the feature is done by: Meyer, Stefan [smeyer]

8 Funding

If you are interest in funding this feature, please add your name and institution to this list.

9 Discussion

Kunkel, Matthias [mkunkel], 15 APR 2021: Thanks for pushing the development of ECS. Just come comments:

I assume that the UI element used for the modal is an Interruptive modal, right?
In this feature request there are two versions of the label text for the "Submit" button. In chap. 2 it's written "Submit data and Proceed to remote Platform" while the modal in chap 3 says "Agree and Proceed". I guess the second label is sufficient.
To prevent reports on language issues (that will be assigned to me) you could do me a favour and check the English texts before implementing this feature, e.g. "resource".
And will ILIAS always presents me the modal when I click on the ECS link in my home installation to get access to the ECS course or item? Or does it store my confirmation per item so that I only have to agree again when I use another ECS link to a remote object I never have visited before?

JourFixe, ILIAS [jourfixe], 19 APR 2021: We highly appreciate this suggestion and schedule the feature for ILIAS 8. The confirmation for the transfer of user data should be made once per participant. Please complete the chapters for security and privacy with the related information.

10 Implementation

The consent modal is trigerred in three different contexts:

Standard-RepositoryListGUI after clicking the title of an ECS remote object
Repository Tile View after clicking a tile image
Toolbar button instance on the info screen

The global ECS participant settings screen offers the possibility to reset all user consents for one specific participant:

Test Cases

Test cases completed at {date} by {user}

{Test case number linked to Testrail} : {test case title}

Approval

Approved at 2022-04-26 by Glaubitz, Marko [mglaubitz].

Last edited: 26. Apr 2022, 16:30, Glaubitz, Marko [mglaubitz]