4. November 2021
Today we released version 1.0 of our public demonstrator GitHub Privacy. The browser extension enables a more privacy-friendly display of timestamps on GitHub’s web interface. The extension also allows volunteers to contribute statistics about their timestamp needs for a study.
Accurate to the second vs. data minimisation
Timestamps are mostly found on GitHub where they further describe the time of a user action, e.g. the time of a commit or the assignment of an issue. Since they thereby make the temporal behaviour of users traceable and in part publicly documented, timestamps represent a privacy risk. Their collection must be necessary and comply with the principles of data minimisation.
Earlier case studies in the project already pointed out, that applications collect an unnecessarily large number of timestamps and with unnecessarily high precision. Even on GitHub, timestamps are recorded to the second, although they are usually only displayed to the minute at most.
How much accuracy is needed?
In order to give developers and also users a point of reference in the future, what is a reasonable accuracy for informative timestamps in applications like GitHub, we have developed the Git Privacy demonstrator. On the one hand, it already allows users to experience and test the effect of reducing the timestamp accuracy on GitHub. On the other hand, the demonstrator provides statistical data about the preferred accuracies with the consent of the users, to get an indication of actual needs. More details about the study on timestamp needs are described here.
Installation
Together with the project partner vogella, the University of Hamburg has implemented the demonstrator as an add-on for the browser. The extension is available for installation in the add-on stores of the following browsers:
The source code is available on GitHub.
Add-on and study are in no relation to GitHub, Inc.
For questions about the study or the add-on please contact christian.burkert@uni-hamburg.de.