[Foundation-l] WMF resolution on access to non-public data passed

[Matthew Brown]

On 5/1/07, David Gerard <dgerard at gmail.com> wrote:
> Except on those occasions when, as Sannse's case demonstrates, that
> the Foundation cannot be trusted to keep the personal data secure of
> someone needing it kept secure.

Which reminds me to ask: if we have a duty to identify ourselves to
the Foundation, what duties of confidentiality does the Foundation
agree to hold itself to?

What happens if this information is leaked - accidentally, on purpose,
through security breach or robbery or ... ?

Will the foundation fight a discovery motion or subpoena or the like
asking for our personal information, or will it roll over and give up
the information without a fight, in the hope a potential lawsuit will
go after us rather than them?  Will the Foundation even notify us in
this case?  I am concerned that harassing individuals, knowing the
Foundation has this info on file, will file bogus lawsuits just to get
their hands on it.

I'm also curious as to whether this changes our legal relationship
with the Foundation in other ways.

Most of this does not personally concern me all that much since I've
never made that much of an effort to keep my online identity private:
I am no good at keeping secrets.  But the implications may concern
others more than I.

-Matt