I see your concerns, and indeed I didn’t consider it in detail. During my user research, I was greeted with a (surprisingly) high amount of trust.
So far, my idea was
- Select a project and topic (e.g. “Forgejo” and “Interacting with the settings”)
- Agree to an initial disclaimer (“Your data (shared screen and microphone) will be recorded on our systems. You will be able to cancel and delete the recording at any time. Until you submit, it is only accessible to admins of the instance (Codeberg in this case).”)
- You start the actual recording, and finish it eventually
- You have another dialog to submit the actual recording, with some options
- immediately delete the recording
- submit the recording for review to the maintainers (e.g. “Forgejo maintainers”, can be different from only the administration of the service)
- set a custom deletion timer (one week maximum, but allows for a shorter period; more time is more convenient for volunteers to review)
- optionally submit an email address to receive the notes before they are published
- After submission, you get a token to immediately delete the video later (if provided, the email address should also work)
- if requested, it is possible to review the notes before they are published (I’m not sure if this is common practice in other projects, but we do this for Forgejo here)
What do you think? I would expect to get an informed consent for this procedure, but maybe I’m missing something important?