Is a login required for retrieving open data in the portal? about conp-portal HOT 25 CLOSED

I'd say search would be done on the metadata, and those should not require login. We can try to push back on the steering committee but there were fairly strong opinions - the possible advantage is that we may get a bit more adoption on the push side with people happier to make data available in that context.
Question: should we push back ?

from conp-portal.

I prefer 2: 2.a largely outweighs 2.b imo.

from conp-portal.

My initial vision was to be fully open (no password... i.e. Option 2), but PreventAd insisted on this, even for their open data. I think people are still getting used to the idea of truly open data. Here's one point... we can always eliminate the need for user tracking, by getting rid of the password later, but it's much harder to bring it back. Higher powers will want to weigh in on this. Let's discuss this point at our next authentication meeting.

from conp-portal.

Then their data is registered access and it's still fine. Fully open doesn't prevent us from tracking download numbers, even unique downloads by IP address. It would be funny to have to login to access datasets that are otherwise public, and found for instance on openneuro without the need to login.

from conp-portal.

Yes, I am not trying to get into an argument about what it means to be open. It is basically to settle the argument of whether being able to track downloads to people trumped the need to provide the data without login. I am agnostic, but want a definitive answer from the TSC. It is very much just an implementation detail.

from conp-portal.

Definitely 2. It's better to have data downloaded without tracking then left unused/un-found by researchers.

from conp-portal.

3 votes for 2. (I assume @samirdas was a solid maybe on 2 :))

from conp-portal.

I think that would be fine wrt to the preventAD consent given the lastest information I have - but remember that the issue was that in the PrenvenAD consent form we had some language about the dataset being used by the "researchers" or research community IIRC. This was the reason why we were forced -talking to Adrian- to have a orcid login - as orcid can be reasonably argued to be proxy to that community. Also, we should validate with the steering committee.

from conp-portal.

sure but option 2 doesn't prevent datasets that require a login to have one. It just allows datasets that don't require a login to not have to use one.

from conp-portal.

If you would like to debate how PreventAD requires consent, please open an issue on a different github repo, this is only meant to discuss whether to require a login for all use cases or not.

from conp-portal.

The question was whether, without an orcid login, we would have to move that dataset to a "registred" - and this may not be only for PreventAD: I can think of quite a few people would may be happy to push their dataset on conp open if there is an orcid login, but may be not otherwise, so it is really about the general policy, sorry if that was unclear.

from conp-portal.

The last part is certainly relevant, I just didn't want to make this about PreventAD consent.

from conp-portal.

yes, preventAD is only one example (although a big one :)

from conp-portal.

I still don't see why this is an issue for PreventAD. If PreventAD requires a login, it will still be possible. It's just that datasets that don't require a login won't have to have one.

from conp-portal.

I agree, there may be also people that would be reticent to provide the dataset as open, and feel like we are tracking folks by requiring a login. So I am inclined to go 2 because it just is more options. Again, technically all easy, just need for a definitive direction to be made, right now, 2 seems to be the winning option.

from conp-portal.

I'd go with (2) as well, but I will note that tracking by IP is definitely a very coarse measure. In many (most?) institutions, the source IP will simply be the firewall/proxy of the entire research institute.

from conp-portal.

@glatard : it not specifically an issue, you are right. Maybe the solution is to implement this additional layer:

• layer 0: no login required, all metadata and some datasets
• layer 1: orcid individual
• layer 2: registred access: orcid institutional + white listed
• layer 3: white listed

That sounds a lot though. Also, just to let you know, from a thread of the steering committee some are strongly pushing for a login even with open data, mostly for traceability as far as I understand (havent read fully the thread). My suggestion is that we come up with a proposal and let the SC decide.

from conp-portal.

Ok, do you want to bring it to them or shall I? This needs to be resolved quickly. Otherwise, I suggest we proceed with two and turn on all datasets as registered with ORCID if we have to shift.

Thanks all for the great discussion.

from conp-portal.

@jbpoline do you have a response to my previous question?

from conp-portal.

Hi all, in discussions with members of the overall Steering Committee, they are indicating that there is a desire to have it be a requirement to sign up for an account to access the data through the portal. This is easy and personally, I don't think it is a big requirement. So I think we should do this, they seem to think it is very important for funding going forward.

Now, if we make the data available through other means (i.e. they could theoretically just download it from datalad directly), I am not sure at all how we would track such usage, in fact, I am not sure we can at all.

Any thoughts on this from the team?

from conp-portal.

As for counting downloads, the hosting platforms should track them. The central portal could only count those downloads initiated from the central portal.

I still think it's a mistake to have to request that users register to download public data. For derived data for instance, it will make CONP far less attractive than Zenodo or Figshare. And there's already a lot of different usage stats that can be provided without login: total downloads, downloads by IP, etc.

Also, does it mean that even search will have to be behind a login wall?

from conp-portal.

Let's not push back and focus on doing it. Removing auth would be easy anyway and as @shots47s says it has to be implemented anyway.

from conp-portal.

I agree, lets freeze this and have it as the POR for the beta, we can always remove it.

from conp-portal.

from conp-portal.

Final decision is to require a login to download any datasets, and we will advocate later to remove this if it still desired.

from conp-portal.