pidgin plugins for corporate compliance

Roy Rim roy.develpidgin at xemaps.com
Thu Jun 7 11:03:45 EDT 2007


Luke,

I have thought about the "distasteful" aspect of enforcing log
reporting before sending this email as I would imagine most people
like myself find anything "big brother"-like highly suspicious.
However in the case of brokers/traders within financial institutions
its either IM with logging or no IM at all.  Also its not the company
enforcing these policies but the regulators.  The people involved are
well aware of the compliance rules or should be (as they are
constantly reminded of whats allowed and whats not allowed).

I also wouldn't want to "hide" the plugin.  In fact making it plainly
obvious that conversations will be recorded and reviewed is good for
both the employee and the employer and anyone they communicate with.
The user's disclaimer should say this to any buddy they are chatting
with (another requirement for most companies).

Anyway I will look into attempting some of the options mentioned.
BTW, is it possible to do the suggestions with a Perl plugin?  I have
almost no experience compiling large projects in C and make but I'm
willing to give it a go :)

Regards,
Roy

On 6/7/07, Luke Schierer <lschiere at pidgin.im> wrote:
> On Thu, Jun 07, 2007 at 09:59:10AM -0400, Roy Rim wrote:
> > Hi guys,
> >
> > I deal with companies that have to follow regulations from the SEC and
> > NASD.  Two plugins I have been working on for pidgin is a simple
> > Disclaimer plugin (which works fine) and a "Send Logs" plugin for
> > emailing the IM logs to a reporting email address.  For certain
> > companies these are regulations that must be followed or they could be
> > fined.  The pidgin team has done a great job with the look and feel of
> > pidgin and I would like to push my clients to it.
> >
> > I was wondering if there was a way to enforce a plugin to be enabled?
> > I realize that this kind of goes against the definition of a "plugin"
> > but it seems the simplest way to enable this option without me mucking
> > about in the nuts and bolts of Pidgin.  Perhaps in the future there
> > might be a way to include corporate policies via a protected shared
> > preferences file?  This way an administrator could set certain
> > preferences that override users preferences?
> >
> > Other than that do you have any suggestions that I can kind of hack
> > the plugin to always be enabled?
> >
> > Regards,
> > Roy
>
> I have seen requests like this several times.  They are inherently
> distasteful, because I tend to think that such a company should only be
> hiring users it can trust to follow policies, such as not unloading a
> plugin.
>
> That being said, I'd probably look at making it a logging plugin (adding
> an option to the log format drop down), and making it auto load the way
> the ssl plugins do.
>
> That would still leave an element of choice though, because the user
> could change the logging preference.  You could muck things up in your
> plugin to detect a prefs change and change it back, but that would be
> hugely evil, both from a code standpoint, and from an open source, trust
> the users standpoint.
>
> luke
>
> _______________________________________________
> Devel mailing list
> Devel at pidgin.im
> http://pidgin.im/cgi-bin/mailman/listinfo/devel
>




More information about the Devel mailing list