Well, Legal normally makes those calls with the information provided by the devs. I believe Legal is working on dedicated privacy nerds (or was, some months ago?) but with the current environment I've trended towards not believing anything written down more than 3 months ago ;p
On 8 March 2016 at 21:07, Justin Ormont justin.ormont@gmail.com wrote:
This is a very good document.
Does WMF have a privacy role?
The role, as I see it, is to be an advocate for the user's interests, answering questions like "would the user be surprised to know their data is being used for X", "would it be ok for NYT to publish that we're doing Y", "what's the impact if this dataset was released/hacked", and making sure data handling procedures are in place and followed. The privacy roles I've interacted with sit between dev/management and legal. Dev says "X would be a great feature"; legal says "here are the risks of doing X", and privacy says "X sounds great, go ahead; there is no private data handled in this pipeline" or "X is doable within a constrained access controlled, strictly logged and reviewed environment as it contains moderate PII".
--justin
On Tue, Mar 8, 2016 at 12:40 PM, Stas Malyshev smalyshev@wikimedia.org wrote:
Hi!
As my final hurrah, I've released the data access guidelines used by the Discovery team in research and analysis on to Meta. It can be found at https://meta.wikimedia.org/wiki/Discovery/Data_access_guidelines
Thank you very much for getting this done!
-- Stas Malyshev smalyshev@wikimedia.org
discovery mailing list discovery@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/discovery
discovery mailing list discovery@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/discovery