The CC BY-SA license, used on most WMF projects, requires /attribution/.
Attribution for edits made by unregistered/unlogged users is done by the
exclusive means of their IP address.
By clicking the 'Save' button, they agreed to release their edits under
CC BY-SA, and that their IP address would have been the only form of
attribution of their changes to them.
While we can assume that there aren't any collisions between hashes of
IP addresses, and we could change the attribution requirements for new
edits, hiding or modifying the way IP addresses /of unregistered users
who edited before that change/ are shown would be a substantial CC BY-SA
infringement, as would be a change of registered users' names without
their consent and without public logs of that change.
Il 11/07/2014 15:34, Gilles Dubuc ha scritto:
This interesting bot showed up on hackernews today:
https://news.ycombinator.com/item?id=8018284
While in this instance the access to anonymous' editors IP addresses is
definitely useful in terms of identifying edits with probable conflict of
interest, it makes me wonder what the history is behind the fact that
anonymous editors are identified by their IP addresses on WMF-hosted wikis.
IP addresses are closely guarded for registered users, why wouldn't
anonymous users be identified by a hash of their IP address in order to
protect their privacy as well? The exact same functionality of being able
to see all edits by a given anonymous IP would still exist, the IP itself
just wouldn't be publicly available, protected with the same access rights
as registered users'.
The "use case" that makes me think of that is someone living in a
totalitarian regime making a sensitive edit and forgetting that they're
logged out. Or just being unaware that being anonymous on the wiki doesn't
mean that their local authorities can figure out who they are based on IP
address and time. Understanding that they're somewhat protected when logged
in and not when logged out requires a certain level of technical
understanding. The easy way out of this argument is to state that these
users should be using Tor or something similar. But I still wonder why we
have this double standard of protecting registered users' privacy in
regards to IP addresses and not applying the same for anonymous users, when
simple hashing would do the job.
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l