-
-
Notifications
You must be signed in to change notification settings - Fork 2.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Apply grammar fixes from code review
Co-authored-by: Jeroen Beckers <[email protected]>
- Loading branch information
1 parent
3f500f2
commit 1761e35
Showing
5 changed files
with
7 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -19,7 +19,7 @@ Sensitive data might be used for secondary purposes or beyond the initial scope | |
This risk can be introduced in various scenarios, including: | ||
|
||
- Use of user data collected for secondary purpose without user consent or control. | ||
- Continuous access to user data without user controls. | ||
- Continuous access to user data without user control. | ||
|
||
|
||
Check failure on line 24 in weaknesses/MASVS-PRIVACY/MASWE-0109.md GitHub Actions / markdown-lint-checkMultiple consecutive blank lines
|
||
## Impact | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -22,7 +22,7 @@ Technical barriers need to be established when utilizing complex ‘finger-print | |
This risk can be introduced in various scenarios, including: | ||
|
||
- Unnecessary collection of identifiers like device IDs, IP addresses, behavioral patterns that can lead to user identification and tracking. | ||
- No anonymization and Pseudonymisation measures to strip data of any direct identifiers such as user ID or name before server side collection. | ||
- No anonymization and pseudonymisation measures to strip data of any direct identifiers such as user ID or name before server side collection. | ||
- Reusing signals collected for a specific purpose for other features (e.g fingerprinting for fraud detection). | ||
|
||
|
||
Check failure on line 28 in weaknesses/MASVS-PRIVACY/MASWE-0110.md GitHub Actions / markdown-lint-checkMultiple consecutive blank lines
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -23,7 +23,7 @@ The risk here is data being collected and shared without user awareness (therefo | |
This risk can be introduced in various scenarios, including: | ||
|
||
- Sensor data or local data is collected without explicit user consent. | ||
- Though consent is present the user is not adequately informed about how the data is used or shared (like between apps and 3rd party SDKs). | ||
- Though consent is present the user is not adequately informed about how the data is used or shared (e.g. between the app and third-party SDKs). | ||
- Discrepancy between store declarations, privacy policy and actual behavior. | ||
|
||
|
||
Check failure on line 29 in weaknesses/MASVS-PRIVACY/MASWE-0111.md GitHub Actions / markdown-lint-checkMultiple consecutive blank lines
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -13,9 +13,9 @@ status: new | |
|
||
## Overview | ||
|
||
Offer users control over their data refers to giving the user the option of managing, deleting, modifying and revoking consent to their data. Including re prompting for consent when requesting more data than initially specified. | ||
Offering users control over their data refers to giving the user the option of managing, deleting, modifying and revoking access to their data. Including obtaining additional consent when requesting more data than initially specified. | ||
|
||
The risk here is the user not having control of their data once collected. To mitigate this risk, users should be provided the option to request deletion of collected data, revoke consent and allow users to modify privacy settings with granularity. | ||
The risk here is the user not having control of their data once collected. To mitigate this risk, users should have the option to request deletion of collected data and revoke consent. Additionally, users should be able to modify their privacy settings with granularity. | ||
|
||
|
||
Check failure on line 20 in weaknesses/MASVS-PRIVACY/MASWE-0112.md GitHub Actions / markdown-lint-checkMultiple consecutive blank lines
|
||
## Modes of Introduction | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters