Upgrade StoragePrivate/Public Collections and Server Code (or server hosting outside US)
Both of these features have been requested before, quite frequently in fact, and I would like to request them again.
I love Zotero, and I would love to contribute to ongoing development. The problem I have with large-scale adoption in my organization is the US Patriot Act. No matter how good your non-disclosure agreement is, the contents of your servers are still subject to the US Patriot Act, which means we can't put any sensitive data on them. I know it makes no difference for organizations located inside the US, but my organization is not.
I've got no problem sharing libraries with references that are in the public domain and I think the community as a whole would certainly benefit from this. I can't do this either because I can't easily separate some records as private and some records as public.
Here's what I'm asking for:
1) In the client, allow sync settings to be changed at the Collection Level, and let users specify a different server for metadata. This change will allow users to keep a private collection and a public collection. This could be implemented in other ways as well, perhaps with a record-level setting, but control at the Collection level seems to make the most sense.
2) Release the server code and/or run a server that is certified to be outside US jurisdiction for organizations that are not located in the US. If there is a server in Canada, for example, it becomes less important for us to run our own server. Another possibility could be strong encryption on the client-side. You'd have to sort out how to sync encrypted data (I'm not even sure whether this would be possible), but if the server never has the keys, this could be enough to address the security problem. We could even collaborate on the public server, by controlling key distribution ourselves.
Does anyone else have any better, more practical ideas, for addressing the US Patriot Act problem faced by organizations located outside the US?
I love Zotero, and I would love to contribute to ongoing development. The problem I have with large-scale adoption in my organization is the US Patriot Act. No matter how good your non-disclosure agreement is, the contents of your servers are still subject to the US Patriot Act, which means we can't put any sensitive data on them. I know it makes no difference for organizations located inside the US, but my organization is not.
I've got no problem sharing libraries with references that are in the public domain and I think the community as a whole would certainly benefit from this. I can't do this either because I can't easily separate some records as private and some records as public.
Here's what I'm asking for:
1) In the client, allow sync settings to be changed at the Collection Level, and let users specify a different server for metadata. This change will allow users to keep a private collection and a public collection. This could be implemented in other ways as well, perhaps with a record-level setting, but control at the Collection level seems to make the most sense.
2) Release the server code and/or run a server that is certified to be outside US jurisdiction for organizations that are not located in the US. If there is a server in Canada, for example, it becomes less important for us to run our own server. Another possibility could be strong encryption on the client-side. You'd have to sort out how to sync encrypted data (I'm not even sure whether this would be possible), but if the server never has the keys, this could be enough to address the security problem. We could even collaborate on the public server, by controlling key distribution ourselves.
Does anyone else have any better, more practical ideas, for addressing the US Patriot Act problem faced by organizations located outside the US?
My need for this comes from a division in my personal and professional libraries. I'd like to share some collections with colleagues and keep others to myself which only contain texts for personal enjoyment. I'm sure a lot of folks feel the same way. I'm ignorant of the code required for such a project, but I do hope the development team strongly considers prioritizing this one.
Anyways, many thanks for a great program!
Walker
releasing the server code is going to happen sooner than more customization in sharing, but devs have confirmed both features are planned.
There are no reliable ETAs and there aren't going to be, either, so for the time being you'll just have to wait.
Version 2.0 also introduces a library view of the synced library and the option of accessing the attachments synced to the own webserver.
Note though that bibliographic metadata is still synced to zotero.org, so take this into account when deciding whether my program might help you solve your PATRIOT act related concerns.