On 14 October 2013 16:39, Tomasz W. Kozlowski <tomasz(a)twkozlowski.net>wrote;wrote: That made me smile. :) In answer to Tomasz's question: Not unless they suddenly forgot my email address, and that of every other checkuser, oversighter, or steward that I know. I was well aware of the ongoing discussion of the revised draft privacy policy, and I was aware that there was *going* to be a discussion about access to non-public information; however, I was unaware that the latter discussion had started. Risker

Keegan Peterzell wrote: Not really. The discussion on the OTRS wiki clearly states that the intention was for all OTRS volunteers to "[be] identified just like CheckUsers, Oversights, and Stewards" "in accordance with the non-public data and privacy policies." which, at that time required people to "satisfactorily identify" themselves to the Foundation (and they still do), which in effect means that they need to send a copy of their ID to the WMF. After various concerns raised by OTRS volunteers on the OTRS wiki, at least two private OTRS mailing lists, and this very list, the issue was frozen after this announcement by Philippe[1]. The posting of a public list of OTRS agents usernames was result of an entirely different discussion, which was only started in January 2013; the one I was referring to took place in February 2011 (and later on). And yes, there is currently no requirement for OTRS agents to ID themselves to the WMF, but the new draft is, at this point, planning to change this. Tomasz == References == * [1] http://lists.wikimedia.org/pipermail/foundation-l/2011-February/063776.html

Keegan Peterzell wrote: Oh yes, that's right. Thanks for the clarification, Keegan; I'm sorry about the confusion. The community side, as you call it, has received its share of comments, criticism, and suggestions from OTRS volunteers when the issue was brought to their (our) attention. There have been many voices opposing the publication or at least concerned about the possible implications of the change, just as there are some voices expressing concerns about the apparent lack of details and deeper thought behind some parts of the policy. I don't think this is something new or interesting per se; people usually tend to ask tough questions when it comes to their privacy, and I can only hope we will be able to work out the details, and that the WMF will be able to respond to people's concerns. Tomasz

This is directed at the Wikimedia legal team, whom I have cc'd: Even though the pace of contributions to the discussion page of the policy has picked up in the last couple of days, no one from the legal team has commented in about a month. I think it would help the discussion if the legal team would engage while members of the community are also engaged, so that it is truly a discussion and not people talking past each other at different moments in time. Nathan

Although I personally didn't consider identifying to be onerous, I've never thought the entire identification requirement and process were necessary, since nothing is ever done with the identification data. Can anyone think of a situation that would have been handled differently if the proposed policy had been in place at the relevant time? (I myself can think of one and only one, but am curious if there are others.) Newyorkbrad On Wed, Oct 23, 2013 at 6:45 PM, Marc A. Pelletier <marc(a)uberbox.org> wrote:

On 24 October 2013 00:07, Marc A. Pelletier <marc(a)uberbox.org> wrote: I'm thinking of a case, but I can't see how this would have dissuaded the individual in question, who was almost obsessive. - d.

Going back to the 2011 discussions on otrs lists, a flag was raised that challenged whether the WMF had sufficiently secure servers to host copies of ID documents that might be electronically submitted, including sufficient firewalling and/or airgapping, internal access controls, etc. My impression was that once that was raised as a detailed concern, the push died off rapidly, but I may be misremembering. Let me now ask - Can the WMF either publicly or privately (I live in the SF Bay Area and can come over and talk) provide enough detailed assurance as to the digital medium storage plan for these IDs? This is enough data for someone to do an identity theft with. The physical handling is relatively easy to ensure is proper (locked cabinet or the like requires a physical office intrusion). The electronic... On Wed, Oct 23, 2013 at 4:15 PM, Rschen7754 <rschen7754.wiki(a)gmail.com>wrote;wrote: -- -george william herbert george.herbert(a)gmail.com

Fluff- When crazies go crazy It will not happen without staff being fully aware, and an intruder knowing which cabinet to break into without significant effort is extremely unlikely, would require either cooperation of an insider and/or office visits while acting considerably saner (at least; if not much more than that). Even if the risk is nonzero, the risk to me that it will happen secretly (as opposed to, "X broke in but the SFPD arrested them with a handful of docs including your ID photocopies") is very low. I am much more worried about accidental unrecognized leaks of digital data. MUCH. On Wed, Oct 23, 2013 at 4:27 PM, Katherine Casey < fluffernutter.wiki(a)gmail.com&gt; wrote: > As far as " The physical handling is relatively easy to ensure is proper", > well... Considering that some of our less sane problematic users have, if > I'm remembering correctly, shown up at the WMF office itself and would have > loved to get their hands on the real-life documents of our > advanced-privilege users, I'm not all that confident that *any *storage on > the WMF premises, short of a vault, is adequate. When crazies go crazy > > -Fluff > > > On Wed, Oct 23, 2013 at 7:21 PM, George Herbert &lt;george.herbert(a)gmail.com > >wrote: > > > Going back to the 2011 discussions on otrs lists, a flag was raised that > > challenged whether the WMF had sufficiently secure servers to host copies > > of ID documents that might be electronically submitted, including > > sufficient firewalling and/or airgapping, internal access controls, etc. > > > > My impression was that once that was raised as a detailed concern, the > push > > died off rapidly, but I may be misremembering. > > > > Let me now ask - Can the WMF either publicly or privately (I live in the > SF > > Bay Area and can come over and talk) provide enough detailed assurance as > > to the digital medium storage plan for these IDs? > > > > This is enough data for someone to do an identity theft with. The > physical > > handling is relatively easy to ensure is proper (locked cabinet or the > like > > requires a physical office intrusion). The electronic... > > > > > > > > On Wed, Oct 23, 2013 at 4:15 PM, Rschen7754 &lt;rschen7754.wiki(a)gmail.com > > >wrote: > > > > > Speaking for myself, I have no problems with the overall idea, and I > > doubt > > > that a lot of the others who have signed the petition do either. > > > > > > The problem is in the details of how it is implemented, and that > > > appropriate safeguards are not written into place to protect the > privacy > > > and legal rights of those who (re)identify. I know some European users > > have > > > raised concerns about how the overall policy does not work for them > > and/or > > > would cause them to break the law. I don't believe that they should > have > > to > > > stand alone. > > > > > > Thanks, > > > > > > Rschen7754 > > > rschen7754.wiki(a)gmail.com > > > > > > > > > > > > On Oct 23, 2013, at 4:07 PM, Marc A. Pelletier &lt;marc(a)uberbox.org&gt; > wrote: > > > > > > > On 10/23/2013 07:01 PM, Newyorkbrad wrote: > > > >> (I myself can > > > >> think of one and only one, but am curious if there are others.) > > > > > > > > I can also think of exactly one off the cuff (and it is almost > > certainly > > > > the same); but I can think of a couple of scenarios where the > > dissuasive > > > > effect alone might have made a difference. > > > > > > > > But my understanding is that this is prompted by a more serious focus > > on > > > > accountability than over any particular incident. > > > > > > > > -- Marc > > > > > > > > > > > > _______________________________________________ > > > > Wikimedia-l mailing list > > > > Wikimedia-l(a)lists.wikimedia.org > > > > Unsubscribe: > https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > > > <mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe> > > > > > > _______________________________________________ > > > Wikimedia-l mailing list > > > Wikimedia-l(a)lists.wikimedia.org > > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > > > <mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe> > > > > > > > > > > > -- > > -george william herbert > > george.herbert(a)gmail.com > > _______________________________________________ > > Wikimedia-l mailing list > > Wikimedia-l(a)lists.wikimedia.org > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > > <mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe> > > > _______________________________________________ > Wikimedia-l mailing list > Wikimedia-l(a)lists.wikimedia.org > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > <mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe> > -- -george william herbert george.herbert(a)gmail.com

Hi George - I can tell you that I was in the room as this was being discussed today. I'm fairly sure that Michelle is going to be following up on this question shortly. It wasn't being ignored - we are just in that territory where lawyers like to be certain that when they answer clarifying queries like yours, they aren't accidentally muddying the waters further. More soon. pb ————————— Philippe Beaudette Director, Community Advocacy Wikimedia Foundation, Inc

As for I, I have totally given up with the idea of preservation of confidential data when the US are somehow involved (if the NSA is already involved in recording German president phone conversations or French diplomatic department communications, who are we to hope that our every steps can be private anyway ?). My trust in WMF ability to provide security to our private information also dramatically dropped with the password leak a couple of months ago. So what are the risks left ? I see mostly three main ones 1) that a digital version of my passport get in the hands of scammers. We know some of the risks associated to this, one of which being identity theft. Collection of a bunch of private data (name, email, phone number, postal address...) is one thing. Preservation of official identity paper is another. I think that's a non-acceptable risk. 2) that WMF disclose private information about us (OTRS member for example) volunteers to other volunteers, who may not even be identified in the least (as in "arbitration committee members"). Main risk associated imho would go from mild online bullying to severe irl mishandling. I have very acute memory of this sick person sending me emails threatening my life and the life of my own kids when I was Chair of WMF. I was happy he was in the USA and me in France. I was not happy he knew of my postal address. And I was scared when I met him at the WMF doors irl. Disclosing private information about us to a lawyer or a policeman is one thing. Disclosing private information about us to an "unknown" wikimedia member not bound by similar rules related to private data is unacceptable. 3) last, that WMF disclose private information about us without having the obligation to inform us it did so. The draft proposes that The Wikimedia Foundation will not share submitted materials with third parties, unless such disclosure is (A) permitted by a non-disclosure agreement approved by the Wikimedia Foundation’s legal department; (B) required by law; (C) needed to protect against immediate threat to life or limb; or (D) needed to protect the rights, property, or safety of the Wikimedia Foundation, its employees, or contractors. This is vague enough that it may happen that our private data is disclosed to about whoever (who will access our private data thanks to this "permitted by a non-disclosure agreement approved by the Wikimedia Foundation’s legal department" ???), possibly without us knowing. Consequences may be various (being citing in a legal case without even knowning; having personal information disclosed to spammers or scammers; being sued by an "unhappy customer" after we failed to fix his case on otrs etc.) A good part of benefit of this agreement would be that covered person better feel accountable. I think a fitting balance would be that WMF agree to mandatorily inform ANY covered person WHEN and to WHOM his/her information has been disclosed. Florence On 10/26/13 8:20 AM, George Herbert wrote:

On 10/26/13 4:22 PM, Marc A. Pelletier wrote: So I heard. But not the case of other arbcom. Flo

On 10/26/13 5:37 PM, Nathan wrote: At 45, I am still perhaps very innocent about my gov. But really, I do not think the French gov is recording Ms Merkel. If only because they very likely do not have the tech means to do so ;) Still, I disagree with you that the bit is extraneous. The thing is that most Europeans were really very shocked to read all that stuff about the NSA in the past few months. People are probably more sensitive about their private data than they were a couple of days ago because that was the opportunity for much talk on the general subject in the past few months (which data is recorded, by who, what for and so on). Flo

On Wed, Oct 23, 2013 at 4:24 PM, Michelle Paulson &lt;mpaulson(a)wikimedia.org&gt; wrote: Hi guys, In addition to the continuing discussion Michelle started above on whether we should check ID or not the legal team has also started responding with thoughts and some options on other suggestions and questions (such as retention time and keeping the data instead of the id). In all of these they’ve asked for thoughts if you haven’t checked the page since early/mid last week it would be great if you could check it again to weigh in. They will also be continuing to respond to unanswered questions and concerns so please don’t think your specific concern is being ignored. We have also reached out to all OTRS agents to make sure they are aware of a discussion on whether they should be included in the policy (currently only OTRS admins are). That conversation is ongoing at https://meta.wikimedia.org/wiki/Talk:Access_to_nonpublic_information_policy… and could, again, use more comments whether you’re a member of OTRS or not. James James Alexander Legal and Community Advocacy Wikimedia Foundation (415) 839-6885 x6716 @jamesofur

Marc A. Pelletier wrote: Says who? I've been trying to get a clear answer to this question for the past few days. The access to non-public info policy is the Board's creation and the Board's prerogative. Is the Board interested in updating this policy? If not, then politely: why are we having this conversation? If so, why and in what ways would the Board like to see the policy updated? MZMcBride

... Without an explanation of why this was an issue or a priority legal matter, it seems perfectly reasonable to fill in the gaps with wild fantasy and speculation. I rather like the idea that someone in the WMF legal team read something about privacy on their top of the range internet tablet, while drinking freshly ground top of the range coffee, and as it was an otherwise dull day on the subpoena front, decided to give this policy a poke to see the ants scurry about. It certainly seems to have kept many volunteers busy this week. Fae -- faewik(a)gmail.com http://j.mp/faewm

On 10/24/2013 09:37 AM, Risker wrote: I think Fae was being highly ironic there. -- Marc

On Thu, Oct 24, 2013 at 10:01 AM, Marc A. Pelletier &lt;marc(a)uberbox.org&gt; wrote: If so, I think we just ran into Poe's law.[1] [1]: https://en.wikipedia.org/wiki/Poe%27s_law (of course)