i think many people might not understand what is the real problem here with this aspect in
the general framework. I might make a brutal simplification, of course.
In any case, if you manage to make the moment when a logged-in user is connected to a
platform for the first time a secret, that basically do not have a big impact on anything
most of the people do, so I can probably tell you to go on. What would be the effect? The
info will disappear from the SUL table or something like that. Whatever.
But I guess, cynically, that a "non-solution" of "don't use the
bot" is much more fitting for the "social ecosystem" and the way it evolves
on wiki platforms. This way you did not address a higher level aspect of the issue, you
remove the global feeling of alert down a notch and you can act in any case as if you did
something in that direction. Also, it makes no solid precedent when future real privacy
problem are discussed.
That's why asking to remove the info completely, from my point of view, it's even
slightly better. At least next time we discuss privacy in other matter I have a strong
precedent case to cite. I mean... if people make a fuzz about this, I expect they really
care about other things. I could ping all the favorable to such information removal one by
one in a future RfC.
Alex
Il Venerdì 26 Gennaio 2018 3:37, John Erling Blad <jeblad(a)gmail.com> ha
scritto:
Fine! If people refuse the easy way out, then create an Rfc, and start the process to
make creation of new user accounts non-public information.
Den fre. 26. jan. 2018, 03.04 skrev Alessandro Marchetti via Wikimedia-l
<wikimedia-l(a)lists.wikimedia.org>rg>:
you are not "exposing the user unknowingly visiting the site" with the bot
itself...when you visit the site you are integrated in the SUL, it's public
information since ages. The fact that a bot takes care of it or a human being leaves a
message does not tell you a lot more. Sometimes on certain wiki welcome messages are
delivered sometimes they are not. Sometimes immediately, sometimes later. It's a very
fragmented situation so the bot tells you basically nothing per se, it simple makes some
people aware that the information of visiting a site exists and it is public.
So the question is not about the bot, the question is if when you do
thishttps://commons.wikimedia.org/w/index.php?title=Special%3ACentralAuth&a…
and you can read that it's public that for example I was attached on fawiki on 21:41,
11 April 2012, which is basically when I visited it the first time. Although not strictly,
I could have visited it and the system having problem and log me out (that also happen) so
technically this is not even true sometimes... But even if it was precise, is the public
knowledge of this information really a threat to my privacy? or it is justing many of the
things I implicitly agree when I make an account?
The "violation of privacy" of such information, it's not even comparable
with dozen of other things in your life. But seriously if THIS is a problem and had to be
"put secret" than I'd expect to be informed when a check user look at my
data. You know.... a few group of people decide when it's right or wrong to look at my
personal data and not informing me when they do it probably because they found nothing
(but they have such information in their hand now, don't they? Shouldn't I generic
user be informed about it?), that's not very nice for the privacy of anyone. So the
core point is not that I receive a message once a year that makes me aware that the SUL
information exist, but that I don't receive a lot of other messages that I should
receiving about who's looking at many others of my personal data.
Privacy is a serious matter. I expect RfC for things that have impact. Now imagine that I
go to people that are worried and tell them the nobody really cares that they are not
informed when someone look inside their provider data (because put in the end of a small
group of people is "enough") or that the disaggregated information of CU
activity is not public for the majority of platforms... but someone cares so much if they
receive a welcoming message by bot when they visit a platform for the first time. I am
quite sure that the users I know will not be impressed.
Il Venerdì 26 Gennaio 2018 0:27, John Erling Blad <jeblad(a)gmail.com> ha
scritto:
I can't see that T42006 is relevant in this case. It is about abusive use
of a bot, not about creation of the central account in itself.
The existence of a central account leads to creation of the local account.
This is probably acceptable. Then this may lead to the abusiv behavior, ie
exposing the user unknowingly visiting the site. This is probably not
intended and not acceptable.
I wonder if the solution is to filter down the new users to real
contributors, that would be pretty simple
Den tor. 25. jan. 2018, 22.55 skrev Pine W <wiki.pine(a)gmail.com>om>:
Joe,
I believe that the issue of a potential privacy violation was first raised
on this list on December 30th, and I first emailed WMF Legal about this
issue on January 1st. Keeping in mind that the issue involves potential
privacy violations, I think that it's reasonable to think that this issue
should have been reviewed within days, not weeks. I disagree with the
statement that "A subsequent review is clearly going to be a low priority
task as I am sure you can understand Pine." If anything, I think that the
situation is clear to the contrary and it should have been reviewed within
days.
For me, an RfC about this matter would be for the purposes of (1)
encouraging WMF to give more attention to this matter, (2) attempting to
establish community consensus about whether the matters being raised here
involve privacy violations, and (3) what should be done, if anything.
Personally, I think that the status quo does involve privacy violations and
that there should be changes. Whether that view is shared by others is
something that the RfC would attempt to measure.
In this circumstance I consider RfC to be similar to a ballot measure, and
I think that it's appropriate for me to say that if I think that there are
problems then I may use tools that are available to me to attempt to
address them, preferably with WMF's cooperation, but without WMF"s
cooperation if necessary and if possible.
John,
A previous discussion about the privacy issues occurred in
https://phabricator.wikimedia.org/T42006. I received a new email from WMF
Legal in which they affirmed their department's 2012 view on this matter.
The most recent email gave me the impression that they are receptive to
discussion about whether there should be changes although there may be
resource limitations. That sounds like a good starting place for a
conversation, and I think that on the community's side an RfC is the best
way to gauge the community's views. I am busy for the next few days but
I'll try to set up an RfC on Meta during the weekend.
Pine <https://meta.wikimedia.org/wiki/User:Pine>
<https://en.wikipedia.org/wiki/User:CatherineMunro/Bright_Places>
On Wed, Jan 24, 2018 at 2:29 AM, Joseph Seddon <jseddon(a)wikimedia.org>
wrote:
This conversation started in the middle of the
Christmas break following
which I suspect many staff took extended holidays, most departments are
in
the middle annual planning and this week WMF are
gathering for their
annual
all hands meetings. So lets firtst consider the
fact that senior legal
staff have a lot on their plate.
This problem has been discussed before and reviewed by legal as
acceptable.
A subsequent review is clearly going to be a low
priority task as I am
sure
you can understand Pine.
Making threats to handle ones demand and only in a manner that is
acceptable to you is hardly going to make staff receptive to expediting
your request. Lets give the good people time, afford them patience on our
behalf and let them do their jobs.
On Wed, Jan 24, 2018 at 2:04 AM, Pine W <wiki.pine(a)gmail.com> wrote:
FYI for those on WIkimedia-l who may be
interested, conversation about
this
> matter is ongoing. I am waiting a response from WMF Legal, and there
may
be
> others who have opened their own lines of inquiry.
>
> If I don't receive a reply from WMF Legal that I feel is satisfactory,
or
if I
don't receive one at all, then I plan to set up an RfC about this
matter.
Pine <https://meta.wikimedia.org/wiki/User:Pine>
<https://en.wikipedia.org/wiki/User:CatherineMunro/Bright_Places>
On Mon, Jan 1, 2018 at 2:17 PM, Vi to <vituzzu.wiki(a)gmail.com> wrote:
> I'm scared of the solutions that will "fix" this.
> I expect something as dramatically useful as the removal of "unblock
this
> > IP" button for IPs caught by autoblocks of registered users.
> >
> > Vito
> >
> > 2018-01-01 22:46 GMT+01:00 Pine W <wiki.pine(a)gmail.com>om>:
> >
> > > I have created
https://phabricator.wikimedia.org/T183876 and am
> pinging
> > > Legal to request a review of this matter.
> > >
> > > Happy new year,
> > >
> > > Pine
> > > _______________________________________________
> > > Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/
> >
wiki/Mailing_lists/Guidelines and
https://meta.wikimedia.org/
> > wiki/Wikimedia-l
> > New messages to: Wikimedia-l(a)lists.wikimedia.org
> > Unsubscribe:
https://lists.wikimedia.org/ma ilman/listinfo/wikimedia-l,
> > > <mailto:wikimedia-l-request@lists.wikimedia.org
?subject=unsubscribe>
> > >
> > _______________________________________________
> > Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/
> > wiki/Mailing_lists/Guidelines and
https://meta.wikimedia.org/
> > wiki/Wikimedia-l
> > New messages to: Wikimedia-l(a)lists.wikimedia.org
> > Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/
wiki/Mailing_lists/Guidelines and
https://meta.wikimedia.org/
wiki/Wikimedia-l
New messages to: Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>
--
Seddon
*Community and Audience Engagement Associate*
*Advancement (Fundraising), Wikimedia Foundation*
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/wik
i/Mailing_lists/Guidelines and
https://meta.wikimedia.org/wiki/Wikimedia-l
New messages to: Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and
https://meta.wikimedia.org/wiki/Wikimedia-l
New messages to: Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and
https://meta.wikimedia.org/wiki/Wikimedia-l
New messages to: Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and
https://meta.wikimedia.org/wiki/Wikimedia-l
New messages to: Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>