In the case of Wikipedia, it's an instrument for public display and use, and anyone posting to it is doing so in a VERY public forum. I think it's entirely reasonable to request some shred of identity from them. I don't think it would even be out of line to require people to register before being allowed to edit articles.
-- John Knouse (user:jaknouse)
There are a few people (for example sitting judges) who need anonymity. For some other people it may be desirable, if not necessary. However most of our anonymous users have no real reason for anonymity.
Fred
From: John Knouse jaknouse@frognet.net Reply-To: wikien-l@wikipedia.org Date: Thu, 03 Apr 2003 09:43:05 -0800 To: wikien-l@wikipedia.org Subject: [WikiEN-l] Wikipedia privacy
In the case of Wikipedia, it's an instrument for public display and use, and anyone posting to it is doing so in a VERY public forum. I think it's entirely reasonable to request some shred of identity from them. I don't think it would even be out of line to require people to register before being allowed to edit articles.
-- John Knouse (user:jaknouse)
WikiEN-l mailing list WikiEN-l@wikipedia.org http://www.wikipedia.org/mailman/listinfo/wikien-l
You've got Descartes before Horace. People have the right to remain anonymous, and aren't required to show why they "need" to. Rather the burden is on you, to show a compelling reason why you should be allowed to invade their privacy.
-----Original Message----- From: wikien-l-admin@wikipedia.org [mailto:wikien-l-admin@wikipedia.org]On Behalf Of Fred Bauder Sent: Thursday, April 03, 2003 07:11 To: wikien-l@wikipedia.org Subject: Re: [WikiEN-l] Wikipedia privacy
There are a few people (for example sitting judges) who need anonymity. For some other people it may be desirable, if not necessary. However most of our anonymous users have no real reason for anonymity.
Fred
From: John Knouse jaknouse@frognet.net Reply-To: wikien-l@wikipedia.org Date: Thu, 03 Apr 2003 09:43:05 -0800 To: wikien-l@wikipedia.org Subject: [WikiEN-l] Wikipedia privacy
In the case of Wikipedia, it's an instrument for public display and use, and anyone posting to it is doing so in a VERY public forum. I think it's entirely reasonable to request some shred of identity from them. I don't think it would even be out of line to require people to register before being allowed to edit articles.
-- John Knouse (user:jaknouse)
WikiEN-l mailing list WikiEN-l@wikipedia.org http://www.wikipedia.org/mailman/listinfo/wikien-l
_______________________________________________ WikiEN-l mailing list WikiEN-l@wikipedia.org http://www.wikipedia.org/mailman/listinfo/wikien-l
Sean Barrett wrote:
You've got Descartes before Horace. People have the right to remain anonymous, and aren't required to show why they "need" to.
I agree.
The problem is that there is no anonymity on the Internet. Not at the level of IP numbers at least. It's a myth.
And Wikipedia should not contribute to this myth. I don't support giving sysops secret superpowers when it can be avoided, which is why I think that *anybody* should be able to see *any* IP number. And we should make it very clear up front that edits are logged by IP number, so that nobody gets the wrong impression and falls for the myth anymore. Let it be clear to all involved that wherever you go on Wikipedia (and indeed wherever you go on the World Wide Web), the sites that you go to know your IP address and log it forever.
If you want to retain your anonymity, then, your *only* recourse is your ISP, since only they can make the link between your IP number and your identity. Wikipedia shouldn't fool anybody about that. We know your IP address, and so does every other site that you visit. Never think otherwise.
-- Toby 138.23.202.213
On Thu, 2003-04-03 at 10:11, Fred Bauder wrote:
There are a few people (for example sitting judges) who need anonymity. For some other people it may be desirable, if not necessary. However most of our anonymous users have no real reason for anonymity.
How do you know? After all, they're anonymous.
Fred Bauder wrote:
There are a few people (for example sitting judges) who need anonymity. For some other people it may be desirable, if not necessary. However most of our anonymous users have no real reason for anonymity.
Well, I side generally with those who say that we should respect anonymity. But I also still say that allowing sysops to access signed-in-users ip numbers for the purpose of stopping logged-in-vandal-attacks is not a significant compromise of anyone's anonymity.
People seem to have a wrong idea of how much information an ip number contains. Usually, very little. An ip number gets you as far as an ISP, no further. There may be rare exceptions, but in the main, knowing an ip number doesn't tell you very much that's personally identifiable about a person.
We should respect anonymity, but we should also recognize that there are a lot of myths about anonymity. Just think how many people refuse to log in because they want to remain anonymous. They don't really get it, I think.
--------
I think a useful distinction can be made between anonymity and privacy. Privacy is impossible in the wikipedia context -- people can see everything that we do. But anonymity is pretty easy -- people can see everything that we do, we can associate individual edits with individual markers (accounts, ip numbers), but we have *no* real way to get at who people really are, without going through some actual process with an ISP.
--Jimbo
On Thu, 2003-04-03 at 09:51, Jimmy Wales wrote:
Well, I side generally with those who say that we should respect anonymity. But I also still say that allowing sysops to access signed-in-users ip numbers for the purpose of stopping logged-in-vandal-attacks is not a significant compromise of anyone's anonymity.
I have no firm objection to allowing sysops to see users' ips, but I see limited benefit in it and it's not on my list of priorities. If someone else wants to code it up, they're welcome to do so.
But do remember that that's one more magic sysop power for the cabal. I don't like widening the gap like that, even if it is free to join.
People seem to have a wrong idea of how much information an ip number contains. Usually, very little. An ip number gets you as far as an ISP, no further. There may be rare exceptions, but in the main, knowing an ip number doesn't tell you very much that's personally identifiable about a person.
Well, it's rare that an IP will resolve to something as detailed as Joe.Blow.At.34.Sycamore.Street.Idylville.city.CA.US. ;) However IPs that belong to a small school, company, or local ISP can give more localizing information with just a reverse DNS lookup than many people might be comfortable with handing out.
And of course, if _everybody_ shows IP addresses left and right, you're opening up possibilities for cross-referencing and profile-building, which is where the privacy advocates will really start freaking out.
If Joe Blow posts an article under a pseudonym on Wikipedia that's critical of his employer / repressive government, then posts a boring everyday message on some bulletin board under his real name, and the two can be connected by a publicly visible IP address... Goodbye, Joe!
I'm not saying we should shred all records after 24 hours and encrypt our hard drives. ;) But we should pay attention to how our behavior fits into a larger context. If our policy is that sysophood is what everyone should have, but you have to show good faith and ask for it, then allowing sysops to view IP addresses of logged-in users is very nearly equivalent to posting them in public view.
The reason we show IP addresses for "anonymous" edits is in my view not to track and ban vandals. It's just to tack the only identifying information we have available onto edits as an attribution. If that helps to stop vandalism, well that's helpful too.
We should respect anonymity, but we should also recognize that there are a lot of myths about anonymity. Just think how many people refuse to log in because they want to remain anonymous. They don't really get it, I think.
Yes, that's counterproductive. :)
-- brion vibber (brion @ pobox.com)
The scenario, which already happened once, is that a hostile person decides to make dozens of vandal-edits while logged in. In an emergency like that, sysops can (physically) ban the login id, but the bad person just keeps logging in with different ids.
That's what we want to be better able to defend against.
If there's a way we could do that, without giving sysops the ability to see ip numbers, that'd be good. I think in most cases, ip number bans will take care of this, since it's a bit more effort for the vandal to get a new ip number. It will effectively slow them down, at least.
--Jimbo
On Thu, 3 Apr 2003 11:43:21 -0800, Jimmy Wales jwales@bomis.com wrote:
The scenario, which already happened once, is that a hostile person decides to make dozens of vandal-edits while logged in. In an emergency like that, sysops can (physically) ban the login id, but the bad person just keeps logging in with different ids.
That's what we want to be better able to defend against.
We could make it harder to have multiple ID's - requiring each ID to have a unique email address and verifying that by way of initial password issue would be one technique. It's not perfect, because anyone like me who owns a domain still has access to an infinite number of unique e-mail addresses.
Actually, for anonymity, I think we shouldn't store any information potentially linking names and IP addresses to messages. According to the "patriot" act, the government can search anything (like servers) with automatic permission from a judge to find evidence for terrorist suspects. If someone were to write on a talk page "I love Sadam Hussein and Osama bin Laden", then the government would try to trace it to someone, and if they have DSL, they might find someone and "detain" them. Don't say it's a hypothetical situation, it's happened before. The CIA is starting a program called "Total Information Awareness". They won't release much about it, but it sounds really bad for websites.
Brion Vibber brion@pobox.com wrote: I'm not saying we should shred all records after 24 hours and encrypt our hard drives. ;) But we should pay attention to how our behavior fits into a larger context.
--------------------------------- Do you Yahoo!? Yahoo! Tax Center - File online, calculators, forms, and more
On Thu, 2003-04-03 at 12:43, John Knouse wrote:
In the case of Wikipedia, it's an instrument for public display and use, and anyone posting to it is doing so in a VERY public forum. I think it's entirely reasonable to request some shred of identity from them. I don't think it would even be out of line to require people to register before being allowed to edit articles.
Why?
The Cunctator wrote:
On Thu, 2003-04-03 at 12:43, John Knouse wrote:
In the case of Wikipedia, it's an instrument for public display and use, and anyone posting to it is doing so in a VERY public forum. I think it's entirely reasonable to request some shred of identity from them. I don't think it would even be out of line to require people to register before being allowed to edit articles.
Why?
That's easy! If they don't register we won't be able to pay them the big royalties. ;-)
Ec
--- The Cunctator cunctator@kband.com wrote:
On Thu, 2003-04-03 at 12:43, John Knouse wrote:
In the case of Wikipedia, it's an instrument for public display and use, and anyone posting to it is doing so in a VERY public forum. I think it's entirely reasonable to request some shred of identity from them. I don't think it would even be out of line to require people to register before being allowed to edit articles.
Why?
In order to be allowed to distribute a modified version of a GFDL document, you have to list the person responsible for the modification (section 4B).
Axel
__________________________________________________ Do you Yahoo!? Yahoo! Tax Center - File online, calculators, forms, and more http://tax.yahoo.com
On Fri, 2003-04-04 at 13:52, Axel Boldt wrote:
--- The Cunctator cunctator@kband.com wrote:
On Thu, 2003-04-03 at 12:43, John Knouse wrote:
In the case of Wikipedia, it's an instrument for public display and use, and anyone posting to it is doing so in a VERY public forum. I think it's entirely reasonable to request some shred of identity from them. I don't think it would even be out of line to require people to register before being allowed to edit articles.
Why?
In order to be allowed to distribute a modified version of a GFDL document, you have to list the person responsible for the modification (section 4B).
No; the GFDL states you have to list "one or more persons or entities responsible for authorship of the modifications".
Note: "entity". "The Wikipedia Contributors" is such an entity.
Note also "one or more persons". Not "every person".
There is nothing in the GFDL that makes anonymous edits problematic.
--- The Cunctator cunctator@kband.com wrote:
On Fri, 2003-04-04 at 13:52, Axel Boldt wrote:
In order to be allowed to distribute a modified version of a GFDL document, you have to list the person responsible for the modification (section 4B).
No; the GFDL states you have to list "one or more persons or entities responsible for authorship of the modifications".
Note: "entity". "The Wikipedia Contributors" is such an entity.
No. If Helga makes an edit somewhere, then the vast majority of the "Wikipedia Contributors" won't even know about it, and even if they did, they certainly have never agreed to be "responsible" for her work.
You might just as well use "Humanity" as the entity. Clearly, that's trying to circumvent the intended meaning of clause 4B.
Note also "one or more persons". Not "every person".
If Helga makes a modification, then there is only one person, Helga, responsible for it. "Every person" and "one or more persons" is the same in this case.
There is nothing in the GFDL that makes anonymous edits problematic.
There sure is.
Axel
__________________________________________________ Do you Yahoo!? Yahoo! Tax Center - File online, calculators, forms, and more http://tax.yahoo.com
Axel Boldt wrote:
The Cunctator wrote:
There is nothing in the GFDL that makes anonymous edits problematic.
There sure is.
I can see the argument that the GFDL requires that we keep track of every contributor -- I buy that "the Wikipedia community" is insufficient. What I don't understand is the difference between a pseudonymous ID like "maveric149" and a pseudonymous ID like "12.246.119.xxx" (which is not *anonymous* either). These are names used by the individual Daniel Mayer on various occasions, but even if we didn't know that the person behind them was really Mayer, still they remain the names that he used when contributing the work. Or, what's the difference between a pseudonymous ID like "Koyaanis Qatsi" and a pseudonymous ID like "66.157.145.251"? These are names used by an individual whose real name we *don't* know, but again they're the IDs that he chose to use when contributing.
Even if we adopt KQ's suggestion of encrypting IP addresses, then we should be all right if we confirm from contributors that their contributions will be logged under a given random ID. The edit page can say (in wiki markup):
---- Your contribution will be logged under the identifier ~~~. Depending on how your Internet service provider works, future contributions by you may or may not have this same identifier, and future contributions logged under this identifier may or may not always be from you. If that's OK, then you can sumbit your contribution now. But if you wish to choose your own unique identifier, then you can [[Special:Login|register]] before submitting your contribution. If you've already registered, then you can [[Special:Login|log in]]. ----
IOW, we provide them with a pseudonym, or they may choose their own.
-- Toby