Hey Everyone
Is there any roadmap for MediaWiki that addresses the EU’s GDPR (General Data Protection Regulation) being enforced as of 28 May 2018?
Mainly addressing user registration on websites and holding what the EU deems personally identifiable information of EU residents such as usernames, real names, email addresses, etc. A method to prove consent such as a checkbox for Terms of Service and the date consent was given.
From the read of GDPR, it effects any company or organization (even those outside the EU) who store data on someone living in the EU.
Tom
Hi Tom,
John Bennett, our Security Director, and Tony Sebro, our Deputy General Counsel, are leading our work on GDPR compliance. It is a significant priority for both Tech and the Legal departments at the WMF.
Best,
Victoria
On Feb 19, 2018, at 7:15 PM, Tom tom@hutch4.us wrote:
Hey Everyone
Is there any roadmap for MediaWiki that addresses the EU’s GDPR (General Data Protection Regulation) being enforced as of 28 May 2018?
Mainly addressing user registration on websites and holding what the EU deems personally identifiable information of EU residents such as usernames, real names, email addresses, etc. A method to prove consent such as a checkbox for Terms of Service and the date consent was given.
From the read of GDPR, it effects any company or organization (even those outside the EU) who store data on someone living in the EU.
Tom
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Thanks Victoria
My main concern and this should include any wiki admin with an open registration on their wiki, is there any available information on the technical side?
I found a few tasks on phabricator but nothing specific for handling explicit consent of users nor any tools for wiki admins using the MediaWiki software to assist them with compliance of GDPR. There are many open source projects scrambling to improve user registration and user account tools making sure websites run by their software is ready for GDPR.
Yes, a few things can be handled with extensions, but at best they would be patch and make compliance difficult.
Tom
On Feb 19, 2018, at 7:47 PM, Victoria Coleman vcoleman@wikimedia.org wrote:
Hi Tom,
John Bennett, our Security Director, and Tony Sebro, our Deputy General Counsel, are leading our work on GDPR compliance. It is a significant priority for both Tech and the Legal departments at the WMF.
Best,
Victoria
On Feb 19, 2018, at 7:15 PM, Tom tom@hutch4.us wrote:
Hey Everyone
Is there any roadmap for MediaWiki that addresses the EU’s GDPR (General Data Protection Regulation) being enforced as of 28 May 2018?
Mainly addressing user registration on websites and holding what the EU deems personally identifiable information of EU residents such as usernames, real names, email addresses, etc. A method to prove consent such as a checkbox for Terms of Service and the date consent was given.
From the read of GDPR, it effects any company or organization (even those outside the EU) who store data on someone living in the EU.
Tom
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
We are still in process of defining the work that needs to be done for compliance. We are planning a cross Departmental program as part of annual plan which will include all the necessary work - so Phabricator has not been populated yet. This is a great time for input like this so I encourage you to discuss it with John and Tony. Thanks Tom!
Best regards,
Victoria
Sent from my iPhone
On Feb 19, 2018, at 7:38 PM, Tom tom@hutch4.us wrote:
Thanks Victoria
My main concern and this should include any wiki admin with an open registration on their wiki, is there any available information on the technical side?
I found a few tasks on phabricator but nothing specific for handling explicit consent of users nor any tools for wiki admins using the MediaWiki software to assist them with compliance of GDPR. There are many open source projects scrambling to improve user registration and user account tools making sure websites run by their software is ready for GDPR.
Yes, a few things can be handled with extensions, but at best they would be patch and make compliance difficult.
Tom
On Feb 19, 2018, at 7:47 PM, Victoria Coleman vcoleman@wikimedia.org wrote:
Hi Tom,
John Bennett, our Security Director, and Tony Sebro, our Deputy General Counsel, are leading our work on GDPR compliance. It is a significant priority for both Tech and the Legal departments at the WMF.
Best,
Victoria
On Feb 19, 2018, at 7:15 PM, Tom tom@hutch4.us wrote:
Hey Everyone
Is there any roadmap for MediaWiki that addresses the EU’s GDPR (General Data Protection Regulation) being enforced as of 28 May 2018?
Mainly addressing user registration on websites and holding what the EU deems personally identifiable information of EU residents such as usernames, real names, email addresses, etc. A method to prove consent such as a checkbox for Terms of Service and the date consent was given.
From the read of GDPR, it effects any company or organization (even those outside the EU) who store data on someone living in the EU.
Tom
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Thanks Tom for bringing up the issue to the list and thanks Victoria for noting the WMF is already in the process of tackling this presumably rather complex issue. I do not envy you for this task.
From what I have heard, I may be wrong here, any "solution" no matter what it looks like, should be in place by End of May this year. This would leave us with another three months which sounds more like a sprint effort. Moreover this "solution" should also cater for not just WMF but third party users too, i.e. users of MediaWiki 1.27, at least this would be my wish at this point.
I guess it will be great if at one point the resprective Phabricator tasks could be shared over this list and if it is only for allowing people to follow the discussion and stay in the loop. I am sure that there are other people on this list who are interested in this topic too and also have the problem of trying to be somewhat compliant with regulations.
Cheers Karsten
Am 20.02.2018 um 04:55 schrieb Victoria Coleman:
We are still in process of defining the work that needs to be done for compliance. We are planning a cross Departmental program as part of annual plan which will include all the necessary work - so Phabricator has not been populated yet. This is a great time for input like this so I encourage you to discuss it with John and Tony. Thanks Tom!
Best regards,
Victoria
Sent from my iPhone
On Feb 19, 2018, at 7:38 PM, Tom tom@hutch4.us wrote:
Thanks Victoria
My main concern and this should include any wiki admin with an open registration on their wiki, is there any available information on the technical side?
I found a few tasks on phabricator but nothing specific for handling explicit consent of users nor any tools for wiki admins using the MediaWiki software to assist them with compliance of GDPR. There are many open source projects scrambling to improve user registration and user account tools making sure websites run by their software is ready for GDPR.
Yes, a few things can be handled with extensions, but at best they would be patch and make compliance difficult.
Tom
On Feb 19, 2018, at 7:47 PM, Victoria Coleman vcoleman@wikimedia.org wrote:
Hi Tom,
John Bennett, our Security Director, and Tony Sebro, our Deputy General Counsel, are leading our work on GDPR compliance. It is a significant priority for both Tech and the Legal departments at the WMF.
Best,
Victoria
On Feb 19, 2018, at 7:15 PM, Tom tom@hutch4.us wrote:
Hey Everyone
Is there any roadmap for MediaWiki that addresses the EU’s GDPR (General Data Protection Regulation) being enforced as of 28 May 2018?
Mainly addressing user registration on websites and holding what the EU deems personally identifiable information of EU residents such as usernames, real names, email addresses, etc. A method to prove consent such as a checkbox for Terms of Service and the date consent was given.
From the read of GDPR, it effects any company or organization (even those outside the EU) who store data on someone living in the EU.
Tom
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Is there any update on GDPR compliance for third-parties using MediaWiki software?
Aside from Sabine Melnicki's presentation [1] at EMWCon in March, demonstrating the 'Data Cockpit' application to track compliance [2], I'm not aware of any extensions, or methods for ensuring compliance for organizations using MediaWiki. Ideally, there would be an extension, like the one developed for CiviCRM, that could integrate with MediaWiki to anonymize, report and/or delete user data in ways that comply with the GDPR.
[1] https://www.mediawiki.org/wiki/EMWCon_Spring_2018/MediaWiki_and_the_European... [2] http://www.datencockpit.at [3] https://github.com/veda-consulting/uk.co.vedaconsulting.gdpr
Greg Rundlett https://eQuality-Tech.com https://freephile.org
On Wed, Feb 21, 2018 at 9:34 AM, [[kgh]] mediawiki@kghoffmeyer.de wrote:
Thanks Tom for bringing up the issue to the list and thanks Victoria for noting the WMF is already in the process of tackling this presumably rather complex issue. I do not envy you for this task.
From what I have heard, I may be wrong here, any "solution" no matter what it looks like, should be in place by End of May this year. This would leave us with another three months which sounds more like a sprint effort. Moreover this "solution" should also cater for not just WMF but third party users too, i.e. users of MediaWiki 1.27, at least this would be my wish at this point.
I guess it will be great if at one point the resprective Phabricator tasks could be shared over this list and if it is only for allowing people to follow the discussion and stay in the loop. I am sure that there are other people on this list who are interested in this topic too and also have the problem of trying to be somewhat compliant with regulations.
Cheers Karsten
Am 20.02.2018 um 04:55 schrieb Victoria Coleman:
We are still in process of defining the work that needs to be done for
compliance. We are planning a cross Departmental program as part of annual plan which will include all the necessary work - so Phabricator has not been populated yet. This is a great time for input like this so I encourage you to discuss it with John and Tony. Thanks Tom!
Best regards,
Victoria
Sent from my iPhone
On Feb 19, 2018, at 7:38 PM, Tom tom@hutch4.us wrote:
Thanks Victoria
My main concern and this should include any wiki admin with an open
registration on their wiki, is there any available information on the technical side?
I found a few tasks on phabricator but nothing specific for handling
explicit consent of users nor any tools for wiki admins using the MediaWiki software to assist them with compliance of GDPR. There are many open source projects scrambling to improve user registration and user account tools making sure websites run by their software is ready for GDPR.
Yes, a few things can be handled with extensions, but at best they
would be patch and make compliance difficult.
Tom
On Feb 19, 2018, at 7:47 PM, Victoria Coleman vcoleman@wikimedia.org
wrote:
Hi Tom,
John Bennett, our Security Director, and Tony Sebro, our Deputy
General Counsel, are leading our work on GDPR compliance. It is a significant priority for both Tech and the Legal departments at the WMF.
Best,
Victoria
On Feb 19, 2018, at 7:15 PM, Tom tom@hutch4.us wrote:
Hey Everyone
Is there any roadmap for MediaWiki that addresses the EU’s GDPR
(General Data Protection Regulation) being enforced as of 28 May 2018?
Mainly addressing user registration on websites and holding what the
EU deems personally identifiable information of EU residents such as usernames, real names, email addresses, etc. A method to prove consent such as a checkbox for Terms of Service and the date consent was given.
From the read of GDPR, it effects any company or organization (even
those outside the EU) who store data on someone living in the EU.
Tom
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Bump.
Is anything happening at WMF to assist corporate compliance directors and site administrators, who run MediaWiki, in their obligations with respect to GDPR?
May 25th is right around the corner. Projects like Drupal, CiviCRM, Discourse, Platform.sh; plus every major software vendor and social website is announcing their compliance with GDPR and/or has a publicly visible project and discussion about compliance. I can't find any information regarding GDPR compliance with regards to websites powered by MediaWiki. The 'Scrum of Scrums' message from today does not mention GDPR. I did find information about how Wikimedia Sweden is tackling the issue. [1]
[1] https://se.wikimedia.org/wiki/Kategori:GDPR
Thanks,
~ Greg
Greg Rundlett https://eQuality-Tech.com https://freephile.org
On Tue, May 15, 2018 at 1:57 PM, Greg Rundlett (freephile) < greg@freephile.com> wrote:
Is there any update on GDPR compliance for third-parties using MediaWiki software?
Aside from Sabine Melnicki's presentation [1] at EMWCon in March, demonstrating the 'Data Cockpit' application to track compliance [2], I'm not aware of any extensions, or methods for ensuring compliance for organizations using MediaWiki. Ideally, there would be an extension, like the one developed for CiviCRM, that could integrate with MediaWiki to anonymize, report and/or delete user data in ways that comply with the GDPR.
[1] https://www.mediawiki.org/wiki/EMWCon_Spring_2018/ MediaWiki_and_the_European_GDPR [2] http://www.datencockpit.at [3] https://github.com/veda-consulting/uk.co.vedaconsulting.gdpr
Greg Rundlett https://eQuality-Tech.com https://freephile.org
On Wed, Feb 21, 2018 at 9:34 AM, [[kgh]] mediawiki@kghoffmeyer.de wrote:
Thanks Tom for bringing up the issue to the list and thanks Victoria for noting the WMF is already in the process of tackling this presumably rather complex issue. I do not envy you for this task.
From what I have heard, I may be wrong here, any "solution" no matter what it looks like, should be in place by End of May this year. This would leave us with another three months which sounds more like a sprint effort. Moreover this "solution" should also cater for not just WMF but third party users too, i.e. users of MediaWiki 1.27, at least this would be my wish at this point.
I guess it will be great if at one point the resprective Phabricator tasks could be shared over this list and if it is only for allowing people to follow the discussion and stay in the loop. I am sure that there are other people on this list who are interested in this topic too and also have the problem of trying to be somewhat compliant with regulations.
Cheers Karsten
Am 20.02.2018 um 04:55 schrieb Victoria Coleman:
We are still in process of defining the work that needs to be done for
compliance. We are planning a cross Departmental program as part of annual plan which will include all the necessary work - so Phabricator has not been populated yet. This is a great time for input like this so I encourage you to discuss it with John and Tony. Thanks Tom!
Best regards,
Victoria
Sent from my iPhone
On Feb 19, 2018, at 7:38 PM, Tom tom@hutch4.us wrote:
Thanks Victoria
My main concern and this should include any wiki admin with an open
registration on their wiki, is there any available information on the technical side?
I found a few tasks on phabricator but nothing specific for handling
explicit consent of users nor any tools for wiki admins using the MediaWiki software to assist them with compliance of GDPR. There are many open source projects scrambling to improve user registration and user account tools making sure websites run by their software is ready for GDPR.
Yes, a few things can be handled with extensions, but at best they
would be patch and make compliance difficult.
Tom
On Feb 19, 2018, at 7:47 PM, Victoria Coleman vcoleman@wikimedia.org
wrote:
Hi Tom,
John Bennett, our Security Director, and Tony Sebro, our Deputy
General Counsel, are leading our work on GDPR compliance. It is a significant priority for both Tech and the Legal departments at the WMF.
Best,
Victoria
On Feb 19, 2018, at 7:15 PM, Tom tom@hutch4.us wrote:
Hey Everyone
Is there any roadmap for MediaWiki that addresses the EU’s GDPR
(General Data Protection Regulation) being enforced as of 28 May 2018?
Mainly addressing user registration on websites and holding what the
EU deems personally identifiable information of EU residents such as usernames, real names, email addresses, etc. A method to prove consent such as a checkbox for Terms of Service and the date consent was given.
From the read of GDPR, it effects any company or organization (even
those outside the EU) who store data on someone living in the EU.
Tom
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
On May 16, 2018 at 1:00:13 PM, Greg Rundlett (freephile) (greg@freephile.com) wrote:
Bump.
Is anything happening at WMF to assist corporate compliance directors and site administrators, who run MediaWiki, in their obligations with respect to GDPR?
May 25th is right around the corner. Projects like Drupal, CiviCRM, Discourse, Platform.sh; plus every major software vendor and social website is announcing their compliance with GDPR and/or has a publicly visible project and discussion about compliance. I can't find any information regarding GDPR compliance with regards to websites powered by MediaWiki. The 'Scrum of Scrums' message from today does not mention GDPR. I did find information about how Wikimedia Sweden is tackling the issue. [1]
[1] https://se.wikimedia.org/wiki/Kategori:GDPR
Part of the draft Wikimedia Foundation annual plan for this coming fiscal year (starting July 1) includes work on GDPR compliance: < https://www.mediawiki.org/wiki/Wikimedia_Technology/Annual_Plans/FY2019/CDP1.... Full disclosure, I am not involved in this program, but have some familiarity with the Foundation’s efforts toward privacy and security.
Technically speaking the final plan hasn’t been approved yet (that’s up to the board) but I think what will end up being approved will be materially similar to this current draft.
Cheers,
James Hare
To be clear, there are two totally different aspects to GDPR compliance. The WikiMedia Foundation can be compliant - or risk the penalties for non-compliance. And totally separately, those third-party users of MediaWiki software, who use it to run their own public and private websites, are also subject to the legislation. It is this external audience that I am concerned with. It is the features and capabilities of the MediaWiki software to anonymize user data, retrieve, report, download, delete this data that helps organizations comply with the GDPR. For example, Drupal has a module called "General Data Protection Regulation (GDPR) - Obfuscated SQL Dump" that when enabled, allows you to select those data fields in your Drupal schema that you determine to contain sensitive data, and then it obfuscates those fields so that developers can load data without leaking sensitive information. And the main GDPR module for Drupal provides a checklist for site administrators to do a self-assessment in an effort to ensure their website is in compliance.
~ Greg
Greg Rundlett https://eQuality-Tech.com https://freephile.org
On Wed, May 16, 2018 at 4:11 PM, James Hare jamesmhare@gmail.com wrote:
On May 16, 2018 at 1:00:13 PM, Greg Rundlett (freephile) ( greg@freephile.com) wrote:
Bump.
Is anything happening at WMF to assist corporate compliance directors and site administrators, who run MediaWiki, in their obligations with respect to GDPR?
May 25th is right around the corner. Projects like Drupal, CiviCRM, Discourse, Platform.sh; plus every major software vendor and social website is announcing their compliance with GDPR and/or has a publicly visible project and discussion about compliance. I can't find any information regarding GDPR compliance with regards to websites powered by MediaWiki. The 'Scrum of Scrums' message from today does not mention GDPR. I did find information about how Wikimedia Sweden is tackling the issue. [1]
[1] https://se.wikimedia.org/wiki/Kategori:GDPR
Part of the draft Wikimedia Foundation annual plan for this coming fiscal year (starting July 1) includes work on GDPR compliance: < https://www.mediawiki.org/wiki/Wikimedia_Technology/ Annual_Plans/FY2019/CDP1:_Privacy,_Security,_and_Data_Management>. Full disclosure, I am not involved in this program, but have some familiarity with the Foundation’s efforts toward privacy and security.
Technically speaking the final plan hasn’t been approved yet (that’s up to the board) but I think what will end up being approved will be materially similar to this current draft.
Cheers,
James Hare
Bump, is there a date set for how the wmf will handle the gdpr? The date is almost here for the law to be in affect. (25 may) On Wednesday, 16 May 2018, 21:40:12 BST, Greg Rundlett (freephile) greg@freephile.com wrote:
To be clear, there are two totally different aspects to GDPR compliance. The WikiMedia Foundation can be compliant - or risk the penalties for non-compliance. And totally separately, those third-party users of MediaWiki software, who use it to run their own public and private websites, are also subject to the legislation. It is this external audience that I am concerned with. It is the features and capabilities of the MediaWiki software to anonymize user data, retrieve, report, download, delete this data that helps organizations comply with the GDPR. For example, Drupal has a module called "General Data Protection Regulation (GDPR) - Obfuscated SQL Dump" that when enabled, allows you to select those data fields in your Drupal schema that you determine to contain sensitive data, and then it obfuscates those fields so that developers can load data without leaking sensitive information. And the main GDPR module for Drupal provides a checklist for site administrators to do a self-assessment in an effort to ensure their website is in compliance.
~ Greg
Greg Rundlett https://eQuality-Tech.com https://freephile.org
On Wed, May 16, 2018 at 4:11 PM, James Hare jamesmhare@gmail.com wrote:
On May 16, 2018 at 1:00:13 PM, Greg Rundlett (freephile) ( greg@freephile.com) wrote:
Bump.
Is anything happening at WMF to assist corporate compliance directors and site administrators, who run MediaWiki, in their obligations with respect to GDPR?
May 25th is right around the corner. Projects like Drupal, CiviCRM, Discourse, Platform.sh; plus every major software vendor and social website is announcing their compliance with GDPR and/or has a publicly visible project and discussion about compliance. I can't find any information regarding GDPR compliance with regards to websites powered by MediaWiki. The 'Scrum of Scrums' message from today does not mention GDPR. I did find information about how Wikimedia Sweden is tackling the issue. [1]
[1] https://se.wikimedia.org/wiki/Kategori:GDPR
Part of the draft Wikimedia Foundation annual plan for this coming fiscal year (starting July 1) includes work on GDPR compliance: < https://www.mediawiki.org/wiki/Wikimedia_Technology/ Annual_Plans/FY2019/CDP1:_Privacy,_Security,_and_Data_Management>. Full disclosure, I am not involved in this program, but have some familiarity with the Foundation’s efforts toward privacy and security.
Technically speaking the final plan hasn’t been approved yet (that’s up to the board) but I think what will end up being approved will be materially similar to this current draft.
Cheers,
James Hare
_______________________________________________ MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Hmm, ... Wikia has created the "DownloadYourData" extension [0]. Perhaps all what is needed is to port this to run with regular MediaWiki 1.27 and later, install it on your wiki and everything is hopefully fluffy again. However it appears to me that this only covers the topic of informing about personal information stored by MediaWiki itself. Moreover they regrettably do not specifiy a license so this one may be assumed a copyrighted extension.
Cheers Karsten
[0] https://github.com/Wikia/app/tree/dev/extensions/wikia/DownloadYourData
Am 21.05.2018 um 20:14 schrieb Paladox:
Bump, is there a date set for how the wmf will handle the gdpr? The date is almost here for the law to be in affect. (25 may) On Wednesday, 16 May 2018, 21:40:12 BST, Greg Rundlett (freephile) greg@freephile.com wrote:
To be clear, there are two totally different aspects to GDPR compliance. The WikiMedia Foundation can be compliant - or risk the penalties for non-compliance. And totally separately, those third-party users of MediaWiki software, who use it to run their own public and private websites, are also subject to the legislation. It is this external audience that I am concerned with. It is the features and capabilities of the MediaWiki software to anonymize user data, retrieve, report, download, delete this data that helps organizations comply with the GDPR. For example, Drupal has a module called "General Data Protection Regulation (GDPR) - Obfuscated SQL Dump" that when enabled, allows you to select those data fields in your Drupal schema that you determine to contain sensitive data, and then it obfuscates those fields so that developers can load data without leaking sensitive information. And the main GDPR module for Drupal provides a checklist for site administrators to do a self-assessment in an effort to ensure their website is in compliance.
~ Greg
Greg Rundlett https://eQuality-Tech.com https://freephile.org
On Wed, May 16, 2018 at 4:11 PM, James Hare jamesmhare@gmail.com wrote:
On May 16, 2018 at 1:00:13 PM, Greg Rundlett (freephile) ( greg@freephile.com) wrote:
Bump.
Is anything happening at WMF to assist corporate compliance directors and site administrators, who run MediaWiki, in their obligations with respect to GDPR?
May 25th is right around the corner. Projects like Drupal, CiviCRM, Discourse, Platform.sh; plus every major software vendor and social website is announcing their compliance with GDPR and/or has a publicly visible project and discussion about compliance. I can't find any information regarding GDPR compliance with regards to websites powered by MediaWiki. The 'Scrum of Scrums' message from today does not mention GDPR. I did find information about how Wikimedia Sweden is tackling the issue. [1]
[1] https://se.wikimedia.org/wiki/Kategori:GDPR
Part of the draft Wikimedia Foundation annual plan for this coming fiscal year (starting July 1) includes work on GDPR compliance: < https://www.mediawiki.org/wiki/Wikimedia_Technology/ Annual_Plans/FY2019/CDP1:_Privacy,_Security,_and_Data_Management>. Full disclosure, I am not involved in this program, but have some familiarity with the Foundation’s efforts toward privacy and security.
Technically speaking the final plan hasn’t been approved yet (that’s up to the board) but I think what will end up being approved will be materially similar to this current draft.
Cheers,
James Hare
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
On Tue, May 22, 2018 at 11:55 AM, [[kgh]] mediawiki@kghoffmeyer.de wrote:
Moreover they regrettably do not specifiy a license so this one may be assumed a copyrighted extension.
*Any* extension developed for MediaWiki and "distributed" (as is the case
here), can be assumed to be released under the same license (GPL v2+); or a GPL-compatible license.
In the case of Wikia, they do have a LICENSE https://github.com/Wikia/app/blob/dev/extensions/wikia/LICENSE file in their wikia/extensions folder that states the license is GPLv3+
~ Greg
Greg Rundlett https://eQuality-Tech.com https://equality-tech.com/ https://freephile.org
mediawiki-l@lists.wikimedia.org