Services and requests triggered by IPFire (gdpr compliance?)

Hello,

when visiting websites, I actually appreciate that the data protection regulations require a precise list of the involved data provider (collecting) services to be available.

Now, when configuring IPFire for my home through its configuration webpage, I came across and wondered about the DNS setting “safe browsing”. Only with the help of the wiki I found it seems to be a filtering function for family browsing, but on the configuraton page I couldn’t find out how this works, nor what external data requests and processing it involves.

Wouldn’t it make sense to mention and list such information on the IPFires configuration webpages?
It would sure be of help for selecting the IPFire configuration at home. Even if it may not be a requirement to provide this information in this case, as it may be for non-private settings.

Kind regards, and a good new year to all!

If you add such extended information to the IPFire GUI, the GUI is uselessly bloated and the wiki and all the information elsewhere is unnecessary. This makes no sense to me to do it this way.

I was thinking something like a separate “External Services” page in the GUI, that features a paragraph for every (configurable) service, could nicely fulfill the information requirements and provide an overview of the active services.
The individual configuration pages would just need to mention the involved service and link to that page.

Again! Knowledge is already in the wiki and elsewhere. GUI is to configure IPFire, not to gain knowledge. It plays no matter where in the GUI you bloat.

If you want see such a link on every GUI site to the wiki feel free and send your patch

I don’t agree. Those requesting this kind of legally required information may not be dummies.

I’m not sure, which service(s) does the “safe browsing” option query?

If you are now still complaining about the “missing” info in the GUI or is it now you cant find the information? If the ladder, then you should start naming it what you exactly search. Is it safe search?

Hi @anon33261557,

Thanks.

I have put a link to that blog article into the Safe search section in the Wiki.

Ah, thanks @anon33261557 sorry, my mistake, the correct term was “safe search” not “safe browsing”. Even with this, in the wiki I only found something along the lines of a “it filters searches” explanation, though.

The blog article is much much better. I appreciate it, and it does solve my current configuration question at hand.

It seems, though, I just can’t come to agree with your assessments that you post here. Personally, I could see it as tolerable to deal with too many friendly questions on the forum. It may still be wise to distribute known information requirements with the GUI and link to them where it belongs (on the decision forms), to have it in place before any real complaint might come from some non-private party’s law firm.

Thanks @bonnietwin, a very good to have the link there.

On my particular configuration question at hand about “safe search” it could actually be that an IP based redirecting to another server of the same queried search engine would not fall under the information requirements, but I am not sure (and no lawyer). And there may still be other services (or redirections).

Not a patch, but at least a constructive, from my side, idea for one particular configuration option explanation:

[ ] “Safe Search” (Redirect some well known search data collectors to their filtered user input interface.)

Hi @df-h,

The GDPR relates to the security of personal user information that is stored by a firm. IPFire does not store any user information so does not fall under the GDPR.

Firewalls come up in searches on the GDPR because they are one way that a company can help to secure the personal data that they store.

As far as I understand, it’s also about data tracks that are obtained by third parties. For example, if some blog or website involves a third party that acquires data, for example using “captcha”, “spam detection”, or a CDN, a “compromised (https) delivery network” scheme?

Browser software, may check URLs for “dangerous” sites by querying some “security” service scheme. Firewall software, may also do things like checking certificates at some third party.

I’m not 100% sure about this, but I wouldn’t be surprised that if running a blog requires to inform about all third party requests made by the software, it would also apply to running a firewall somewhere in between.

Actually, if all the services that can be enabled on IPFire really don’t do any external queries, that could even be the best data protection statement to make…

I think there may be logs, doesn’t a corresponding statement then usually have to mention its details and how long they are retained?

Yes there are logs but there is no personal information in the logs. There is no name, address, birthday, weight, etc
If having a log was sufficient to require an individual to ensure GDPR compliance then everyone with a computer or a mobile phone would need to ensure GDPR compliance which they don’t.

Yeah, as a single individual information requirements probably not apply.

Nevertheless, if I have been informed correctly by the provider, already letting someone use your phone requires the owner to inform if the called number is logged at the provider (and to what extent).

And logged IP numbers are also personal information. It may not be that an important requirement for family use at home or self-hosting only a personal web-site. But still, of interest.

So I see that the extent of logging is part of every privacy statement on websites, regardless if the logging is done by their web-server or firewall.

If you do not want to be identified, just do not communicate. Thus no IPFire or similiar appliance is necessary.

SCNR.

@bbitsch And in what regard do you see your comment be relevant here?

It isn’t really relevant ( thus the SCNR ), but your arguments head more or less in direction “I do not want to show, where the communication initiates”.
IPFire does not log personal information, if the admin doesn’t configure this.
IP addresses are necessary for communication in the internet, as your postal address is needed to receive letters or parcels.

Concerning your statement about information about Safe Search, I think the wiki link to the blog article is sufficient. You can’t get all informations just by clicking a button in a web page. Information retrieval demands qualified searching. If you are interested in the exact implementation, just look at the source in Git ( we are a open source project and therefore transparent ).

Concerning GPDR I want to ask what is really new in Germany, where we have the BDSG for years.

There is an untested part of GDPR here.

IP Addresses can be personally identifying information if they are associated with other information (people’s identities). Web and firewall logs are are record of (some) internet activities and these activities can be deemed sensitive under GDPR.

In IPFire’s case, the combination of DHCP records and the proxy logs allows internet browsing to be associated with an identified computer, which may or may not be a single individual’s computer. More information (from another database / source) is needed to make this personally identifying.

If that “other information” is held within the same company / organisation, then there is the potential for the company / organisation to associate the internet activity with the individual and so the logs then contain potentially sensitive personal information (e.g. porn site browsing).

If the other information is held elsewhere, then you’re into a GDPR grey area. There have been no test cases about whether combining databases from inside a company / organisation and outside it to identify individuals’ activities makes that personally sensitive information.

If there is no database within the company / organisation which associates the computer with a person, then the trail runs cold there and it’s not personally identifying. This is unlikely within most organisations as they have, for instance, authentication systems which identify individuals and their computer or IP Address.

The masquerading firewall (IPFire) assists in protecting such sensitive information from outside parties by combining all the internet activity of all the individuals into one IP Address externally, so reducing the likelihood that any request or pattern of internet activity can be associated with an individual.

So, in summary, the firewall logs could be construed as personally identifying and the internet browsing activity could be sensitive so they’re best protected as if they were. But as this is a firewall, you’d hope the device is well protected against access and so the logs are secure. That should be enough, unless you’re extracting the logs and storing them elsewhere. In that case, you need to do whatever you need to do to protect that database.

Yours
David