Possible reveal of personal data with a call to check-email

Moin Community,

one of our users discovered that with a call from
https://indico.domain/event/EVENT_NUMBER/registrations/REGISTRATION_NUMBER/check-email?email=xyz%40mail.domain you can find out the name MAX MUSTERMANN to the e-mail address xyz@mail.domain, which is of course a small gain of knowledge for an e-mail address like max.mustermann@mail.domain, but for a case like the mentioned in his eyes means a violation of the EU-GDPR, do you have an opinion on this?

Thanks and best,

Well whether this is legitimate within GDPR or not is not something we can comment on. I can just explain you the purpose of this endpoint:

While usually people register just themselves in an event, there are also cases where people register on behalf of others (e.g. secretary for their boss). The registration form shows “registration will be linked to account of person x” or “registration will be linked to your account” or “registration will not be linked to an account” based on the email address to make it clearer what happens wrt linking of the registration and an indico account.

This goes in a similar direction as the ability to search the Indico user database when adding speakers to an event.

FWIW, there’s this draft PR (would need some updating) which adds a setting that allows the indico admin to lock down user search and also this particular registration form feature down further for people who are not event organizers.

Moin ThiefMaster,

thanks for the explanation and the link to the draft.

Best regards,

Hi Marcus. I’ve come across some similar cases on this for a use case we are exploring. If you are interested in joining forces to work on a few PRs to lock things down I’d enjoy the support. Let me know if you have time to contribute or want to talk about goals and use cases.

1 Like