API for Directory Web App

Do you have a useful link that involves the Church and the technology discussed on this site? Post your links and resources here.
gisheri
New Member
Posts: 4
Joined: Sun Nov 14, 2021 1:43 pm

Re: API for Directory Web App

#81

Post by gisheri »

Well, thanks for the quick responses, and for the info, and the links.

The wording in the code of conduct is actually more lenient than I expected.
[you may] view, download, and print materials from this site for your own personal, noncommercial use (including such use in connection with your calling in The Church of Jesus Christ of Latter-day Saints (“Church”))
• So we can download the data? So I could distribute a locally installed program that processes the data in creative ways?
nor will you impersonate another user in order to hide your identity or to implicate another in such actions
• Impersonating is not expressly forbidden unless done for bad reasons? [/quote]
[not] use any robot, spider, or other automatic device, process, or means to access this site for any purpose, including, without limitation, for monitoring or copying any of the material on this site;
• "automatic process to access" generally means not driven by a user, which still leaves quite a bit of room for automatic processing if the access was human driven. There's no wording saying anything like "This site can only accessed by a user typing into the url of an approved browser and data processing is strictly limited to their eyeballs". Enforcing rules around processing data on the web is tricky business there are usually so many arbitrary and assumptive lines being drawn, I'm not sure exactly how this sentence should be interpreted.

I don't think that requests for approved methods of getting creative with membership data are going to go away. And i don't think they should. Can we keep this conversation open? You mentioned that the api isn't designed for developers to make applications out of, but honestly, any bit of data someone has access to gets processed and applied by the user in whatever methods they're literate with. Maybe "developers" can make user friendly applications out of them, but an EQ president might make an excel graph, a ward mission leader might put dots on a map, and deacons president might make a 3 column layout of names and addresses on a paper. Each of those is an application, and everybody is an engineer to some degree, so at some point as people get more literate with tech, you'll have to start placing arbitrary lines on how 'advanced' an application can be. We have to keep this conversation open. The church is smack dab in the middle of one of the most engineering talent dense areas in the country, and has an army of potential and eager allies wanting to help solve the tech problems we're facing. Instead of utilizing this incredible asset, we keep getting told to basically stop bothering the church with our ideas. It's a spiritual dilemma when we're feeling constant spiritual pressure to utilize our talents for the good of the church, but the church blocks us from doing that.

I'm not one to judge the processes (okay, maybe I question everything too much), if this policy comes from revelatory intervention from approved leadership I can sit with it for now, but it feels more like it's just something that just hasn't been discussed enough. If someone posting simple instructions on how to use an internal api causes a flurry of discussion, that makes me question. Is it possible to re open this discussion with the powers that be, and see if we can experiment with some kind of Oauth? Or at least an approved scraping application?
lajackson
Community Moderators
Posts: 10413
Joined: Mon Mar 17, 2008 10:27 pm
Location: US

Re: API for Directory Web App

#82

Post by lajackson »

gisheri wrote: We have to keep this conversation open.
Actually no, we do not. We can discuss these things until the cows come home, but we are not the decision makers and they do not see our discussions.

As scgallafent said, the answers to all of these questions come from the Church Data Privacy Office at dataprivacyofficer@ldschurch.org.
gisheri
New Member
Posts: 4
Joined: Sun Nov 14, 2021 1:43 pm

Re: API for Directory Web App

#83

Post by gisheri »

Oh.. well okay then. So nothing in these threads ever reaches the decision makers?
russellhltn
Community Administrator
Posts: 31524
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Re: API for Directory Web App

#84

Post by russellhltn »

I don't think the church wants to be doing this, but between privacy laws (especially Europe's General Data Protection Regulation), and the general legal environment, they don't have much choice. If they allow it, sooner or later someone will misuse it and end up costing the church a small fortune. GDPR fines and notices

Some of us remember "the good old days" when the church actually provided a "Palm Pilot" file where you could import information into the popular PDA of the day. It was trivial to import it into a spreadsheet.

As lajackson indicated, this isn't open for debate. There's no question this would help wards and members magnify their callings. That's not the issue. It's the law of the land and its ramifications. Particularly given SLC's experience of members not following rules. Given the public's interest in privacy, I don't see this changing in our lifetime or until the Second Coming - whichever comes first.

Instead, I'd suggest that you define the reports you need and use "Feedback" in LCR to make the case for them. It won't happen quickly, but it's more likely to be productive.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
gisheri
New Member
Posts: 4
Joined: Sun Nov 14, 2021 1:43 pm

Re: API for Directory Web App

#85

Post by gisheri »

Yah, I can see that. Thanks for the responses. Though, i (and many others) can make a convincing case for how opening an api would only improve privacy, but I suppose this isn't a useful platform for presenting such a case.
scgallafent
Church Employee
Church Employee
Posts: 2943
Joined: Mon Feb 09, 2009 4:55 pm
Location: Riverton, Utah

Re: API for Directory Web App

#86

Post by scgallafent »

gisheri wrote: Mon Dec 13, 2021 10:13 pm Yah, I can see that. Thanks for the responses. Though, i (and many others) can make a convincing case for how opening an api would only improve privacy, but I suppose this isn't a useful platform for presenting such a case.
This is not the platform for making that case. Although there are Church employees who frequent the forum and answer questions and there is a small official presence here, the forum is primarily user-to-user discussion.

The only option you have for presenting your case would be the Data Privacy Office. They are responsible to ensure that the Church complies with data privacy laws around the world and that personal information is handled appropriately.
User avatar
sbradshaw
Community Moderators
Posts: 5558
Joined: Mon Sep 26, 2011 9:42 pm
Location: Utah
Contact:

Re: API for Directory Web App

#87

Post by sbradshaw »

I agree that competent, motivated, and skilled volunteers could potentially do a lot of good things with membership APIs. However, the Church's position is that it's not worth the risk, and especially after looking at russellhltn's GDPR link above, I'm inclined to agree.

I don't know of any organization with 16 million+ members that provides publicly-accessible APIs to membership data – even behind a login (which would limit the results coming back to a few thousand members) – without explicit consent from the members whose data are included in the API. APIs with data about people, in any organization, are usually private, and limited to employees who have signed legally-binding agreements to obey privacy laws and follow policies to keep data safe.

Even if API access were somehow limited to ward clerks who sign legal agreements, there are about 31,000 wards or branches, run by volunteers, with few training qualifications required, no security vetting process, and a line of accountability through similar volunteers (ward and stake leaders) who may not think to contact the Data Privacy Office if an issue is discovered. Chances are high that something could go wrong, either by accident or by malicious actors.
gisheri wrote: Mon Dec 13, 2021 9:36 pm Oh.. well okay then. So nothing in these threads ever reaches the decision makers?
Sometimes developers or QA engineers visit the forum to help provide support, but not usually in an official capacity. Those who actually make decisions about policies or product direction – product managers, general authorities, etc. – don't generally visit the site. The forum is mainly for user-to-user support and discussion. The best way to send feedback is either through the Feedback link on Church websites/apps (which goes to a support team who can reply, forward feedback, or share summarized data with the appropriate teams), or through ward and stake leaders who can pass on needs to area and general leadership.
Samuel Bradshaw • If you desire to serve God, you are called to the work.
Post Reply

Return to “Links & Resources”