You are very confrontational. I tried to set a soft tone between the two of you
You are right, there is no law that says you must encrypt data with personal information.
You are wrong when you claim that Nabu Case, selling a service that means handling what is known up front to be personal data, is not responsible according to the GDPR rules. I work with this professionally. All it takes is names and addresses and trivial data about a person and it is in GDPR scope. And we are talking about passwords, IP addresses, full login credencials to who knows what. It does not matter if you do not care. GDPR is GDPR. Read up on it.
See you in a couple of weeks when you have read it all and understood it. This is not computer science, or feelings, or politics. This is law
I appreciate all the work done by the devs, and also by you in terms of communications. I just want to point out one thing.
This, and other comments asking us to be patient, and that the fix will take time, just point to the fact that developing this âfeatureâ must have taken quite some dev time. Yet there was no community discussion. You canât expect non programmers to follow every git commit and conclude what is coming.
Coupled with the statement that beta is not the place where new features are redesigned or overhauled means that the was no community engagement.
I hope youâre feeling better. Sorry you had to face this as you recuperate. Another element to this shit storm may have been addressed by your employer saying âthe new feature will create a shit storm, but our community manager is ill, letâs put it off until she is better.â A good employer would have done that.
Iâm not aware that I mentioned nabucasa in my reasoning. I was commenting on the âneed for encryptionâ, we mutually agreed at the end.
Nabucasa starts to be responsible for data in terms of GDPR once the data are stored and processed by them (ie data backup in their cloud). Until then they are not operator of those personal data.
This is me who is the operator. I process my own data. Not NabuCasa. Thus GDPR doesnât apply.
BTW they might be considered to be the operator in terms of providing communication proxy. But in this case, I gave no consent to store and process data that are transferred by their service. So the only thing they have to guarantee is, that they donât store, process, and share these data. It makes no need to force encrypted backup because of that.
TLDR Itâs the responsibility of the service provider to comply with GDPR, itâs not the case of the author of the software. Specifically, itâs the responsibility of the service provider to choose software adequate to requirements settled by regulations.
I cannot see the direct responsibility of NC. Though, I understand that they want to make their project usable in environments where GDPR and other regulations apply.
I appreciate your empathy. I donât think any of us really expected this kind of reaction to this feature, so I do not take it personally when things release like this - just part of being a CM. The worst event that has actually happened to me was when I worked on the Edge team and the Bing team launched Buy Now, Pay Later while I was on vacation in Hawaii and fully unplugged.
When yâall say shitstorms, thatâs what my brain goes back to.
And I hear you on the lack of discussion prior to releasing things. Itâs a pain point Iâve been sure to call out - and let me be clear in saying that I know this was not the first instance where the community has expressed this. I would very much hope that yâall will take now, for this particular instance, as the path for that community engagement on the new feature. Yes, this can be done better. Yes, I will work to make it better.
Unfortunately, like a record, I have to say - that takes time.
Iâm not wanting to drag this out, and Iâm not going to repeat what has been said.
But can I just ask, given that you are all listening, and given the feedback that was recieved.
Why was 2025.1.1 released? Specifically with the discontent with removing the backup on update, why was that commit not reverted?
I appreciate all everyone does, but it doesnât âfeelâ like anyone is listening, because the changes are still being pushed through even after the feedback.
Legitimately I cannot tell you about the update button because I donât know yet. Which is part of âweâll have more laterâ for yâall. But we do incremental updates weekly, regardless.
cogneato did a good job of explaining the button situation in the thread, way better than I could. I had no idea it wasnât a full back up, nor did I care about that button because I YOLO the hell out of my instance, toggle it off, and update. Itâs part of that whole communication for this was not great.
I stated that things were still being worked on while others are at the event - this means that whatever work people were doing before the feedback came in was still in process. This does not mean that feedback was ignored or dismissed, it simply means that the person doing their job was doing their job.
I can explain why, itâs simply timing. PR was mentioned around 3PM EST (15:00), the build was complete and pushed out at 3AM (03:00). It was definitely not meant to be âsalt in the woundâ, even though it appears that way.
EDIT: I might have the timing a bit wrong here, thereâs so many things to look up. Regardless, the main point is, I very sure it wasnât on purpose.
I think that no matter if they listen or not, a .1 release is not the right place for a reversal, that would be impossible to do that this fast with the needed quality control.
I would hope there were more thought behind it, and more diligence.
I have been worried about the way users feedback is used for years now, some nabu casa people are truly âsquare headsâ, both in the good and the bad sense.
But it is really a problem when you look in this thread that two moderators, who are a bit more on the inside track, also differs in what was said, planned, and promised.
It is open source, with what that entails, but I do wish that they would use their users more.
That being said, I canât be bothered with if it is encrypted or not, I just want to make sure that it works when I need it. I work in a hosting company, and the mantra is, and must be, if you have not tested your backup, you donât have a backup.
Doing the first bit of testing with just extracting files would be nice, otherwise I have to do a restore to a new VM just to make sure that it actually contains something, and I donât like that. Fortunately I have a backup from proxmox that I trust, so having the internal HA is great, but not life threatening.
And yes. Nabu Casa and the HA project has no GDPR relevance when it comes to HA the software.
Nabu Casa before the backup service only had a plain costumer database to handle and that is trivial. But as a provider of storage space, it makes a difference if they handle data known to be personal sensitive data that they in have access to, or they handle encrypted blobs.
I say this not to discuss GDPR as principle. I say it to set expectations that we should not expect Nabu Casa to allow unencrypted data to be uploaded to their servers.
I see no reason why they would enforce same if people upload backups to Google. Google is an org that sell storage space on which people store emails, and lots of personal data. And they have the legal and administrative process to handle that.
From a technical implemention point of view in HA
I would suggest that the current implementation is enhanced so that.
The setup of automatic backup is enhanced so you can setup more than one schedule.
On each you can different destinations and multiple destinations like today
If Nabu Casa cloud is not included in a given schedule you have the option to unselect encryption. Otherwise it is enforced
Then I can setup a weekly Nabu Casa backup which is encrypted for pure disaster recovery. And a daily local backup to local and my NAS unencrypted just like I have today. That would be elegant.
You could also make it create two backups. One encrypted for NC and one clear for local. But my guess is that it would take much longer, put more wear on the drive on SD cards. I think it would be better to have each schedule either encrypted or not.
And last, I would like to be able to replace the autogeneted key with one I choose so I can memorize it. That makes me less scared of losing it.
One interesting twist on this is the location of backupdata. I donât see anywhere that we can force the data to be stored in EU for EU-users.
If you look at GDPR for the backup solution, itâs a big step up offering on-their-site backup.
You are right that itâs not the authors responsibility according to GDPR, but in NIS-2 the provider is required to get proper certifications from the author of the software, and they need to get certifications from their supplyer etc. Itâs a goddam rabbithole. Does it apply to open source, not determined, it does apply to the supply chain.
Thank you! Sorry to hear youâve been under the weather. Talk about bad timing!
Itâs great to hear that the issues raised here are being heard, and action is planned. That, by itself, would probably have avoided the need for half of these almost 800 posts, had it been said earlier.
But what I still havenât heard is that there are no plans to force local encryption going forward. Itâs been suggested that this is a false assumption, and there never were any such plans. If thatâs true, just say so. Or maybe there were plans to move down that path, and now theyâre being re-evaluated. Great. Again, just say so. The only other alternative is that these plans exist, and there is no intention of changing them. That would explain the lack of clarity. Please tell me thatâs a totally wrong interpretation. I think a lot of us just need to hear that, and we can do as you say and remain patient.
Again, donât disagree that things could have been avoided had a lot of this been communicated differently.
Weâll get to answering everything everyone is still confused about. It wonât be today. If I had the answers today, I would have shared them already. I promise, I will make sure itâs covered.
Yes, exactly, I was hoping that was what I wrote, as soon as they become a backup destination, and actually the only one off site, thatâs a problem in GDPR, especially when you cannot force the backup to be held in EU.
I know they want to add value to the subscription, and I think itâs a truly positive thought, itâs just rather complicated with the EU regulations.
Yup, GDPR, NIS-2 and ISO 27002, geeez, it is just a LOT of work. Fortunately a lot of the checks are the same, so with the right tools you can fullfill a lot of the certifications
I donât think any of us really expected this kind of reaction to this feature, so I do not take it personally when things release like this - just part of being a CM. The worst event that has actually happened to me was when I worked on the Edge team and the Bing team launched Buy Now, Pay Later while I was on vacation in Hawaii and fully unplugged.
