People are made aware with each edit as an I am that their information is publicly available. What concerns me about removing IP information is that it'll remove our ability to fight spam, detect socks, and respond to emergency@ issues, unless I've missed something?
Sent from Samsung Mobile
<div>-------- Original message --------</div><div>From: Brian J Mingus brian.mingus@colorado.edu </div><div>Date:03-29-2015 4:36 PM (GMT-05:00) </div><div>To: David Carson carson63000@gmail.com </div><div>Cc: English Wikipedia wikien-l@lists.wikimedia.org </div><div>Subject: Re: [WikiEN-l] Privacy Study Looking for Volunteers </div><div> </div>Wikipedia is set up such that if you don't take the measures mentioned in the OP, you are dox'ing yourself. Users are not aware of this.
On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63000@gmail.com wrote:
"Wikipedia:Free speech" ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a read.
http://en.wikipedia.org/wiki/Wikipedia:Free_speech
It's not directly about privacy but I think it clearly covers the ground that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate that goal.
If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not Wikipedia.
Cheers, David...
On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus <brian.mingus@colorado.edu
wrote:
In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them.
But if you recall, I simply stated that recording IP addresses is invasive. And it is.
This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming.
For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical.
Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people.
On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes okeyes@wikimedia.org wrote:
In order:
- Yes, the WMF is suing the NSA. There are a few threads/blog posts
about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way.
The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers.
That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus there would be a good starting point to changing this.
On 29 March 2015 at 11:57, James Farrar james.farrar@gmail.com wrote:
Wikipedia is suing the NSA? Seriously? On 28 Mar 2015 11:23, "Brian J Mingus" brian.mingus@colorado.edu
wrote:
It has worked up to now, but I'm thinking that, especially given
Wikimedia
is suing the NSA, it is no longer justifiable. If the NSA can't track citizens, Wikimedia shouldn't be tracking them either. Seems simple
:)
On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa-ml@ariis.it
wrote:
On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: > I think it's rather curious that edits to Wikipedia aren't
private.
Why
log > the IP address? Why log anything? It's invasive.
I guess it's a sensible choice against abuse (vandalism) while
still
allowing non registered users editing rights
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
-- Oliver Keyes Research Analyst Wikimedia Foundation
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
_______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
The notice just says that the IP is public. Most people have no idea what that means.
It will absolutely make those problems harder. Perhaps it is the Foundation's trusted role to hide that information from the public and be trusted with it on the backend. This institutional design sounds similar to another institution in certain ways..
On Sun, Mar 29, 2015 at 6:58 PM, Dustin Muniz dahowe@bsugmail.net wrote:
People are made aware with each edit as an I am that their information is publicly available. What concerns me about removing IP information is that it'll remove our ability to fight spam, detect socks, and respond to emergency@ issues, unless I've missed something?
Sent from Samsung Mobile
-------- Original message -------- From: Brian J Mingus Date:03-29-2015 4:36 PM (GMT-05:00) To: David Carson Cc: English Wikipedia Subject: Re: [WikiEN-l] Privacy Study Looking for Volunteers
Wikipedia is set up such that if you don't take the measures mentioned in the OP, you are dox'ing yourself. Users are not aware of this.
On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63000@gmail.com wrote:
"Wikipedia:Free speech" ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a read.
http://en.wikipedia.org/wiki/Wikipedia:Free_speech
It's not directly about privacy but I think it clearly covers the ground that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate
that
goal.
If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not Wikipedia.
Cheers, David...
On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus <
brian.mingus@colorado.edu
wrote:
In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them.
But if you recall, I simply stated that recording IP addresses is invasive. And it is.
This is especially true when you know that your recordings are
faciliating
the active de-anonymization of people who are editing Wikipedia. Not
just
de-anonymization, but often public shaming.
For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for
neutrality.
It's hypocritical.
Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people.
On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes okeyes@wikimedia.org wrote:
In order:
- Yes, the WMF is suing the NSA. There are a few threads/blog posts
about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way.
The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers.
That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus there would be a good starting point to changing this.
On 29 March 2015 at 11:57, James Farrar james.farrar@gmail.com
wrote:
Wikipedia is suing the NSA? Seriously? On 28 Mar 2015 11:23, "Brian J Mingus" brian.mingus@colorado.edu
wrote:
It has worked up to now, but I'm thinking that, especially given
Wikimedia
is suing the NSA, it is no longer justifiable. If the NSA can't
track
citizens, Wikimedia shouldn't be tracking them either. Seems simple
:)
On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa-ml@ariis.it
wrote:
> On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: > > I think it's rather curious that edits to Wikipedia aren't
private.
Why
> log > > the IP address? Why log anything? It's invasive. > > I guess it's a sensible choice against abuse (vandalism) while
still
> allowing non registered users editing rights > > > _______________________________________________ > WikiEN-l mailing list > WikiEN-l@lists.wikimedia.org > To unsubscribe from this mailing list, visit: > https://lists.wikimedia.org/mailman/listinfo/wikien-l > _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
-- Oliver Keyes Research Analyst Wikimedia Foundation
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Or perhaps you're reading far too much into it, and in the process, being incredibly rude to the WMF employees reading this thread, who are people too, and don't particularly appreciate being compared to the NSA. If you're trying to have a constructive discussion, you should pick a better format and attitude.
On 29 March 2015 at 19:02, Brian J Mingus brian.mingus@colorado.edu wrote:
The notice just says that the IP is public. Most people have no idea what that means.
It will absolutely make those problems harder. Perhaps it is the Foundation's trusted role to hide that information from the public and be trusted with it on the backend. This institutional design sounds similar to another institution in certain ways..
On Sun, Mar 29, 2015 at 6:58 PM, Dustin Muniz dahowe@bsugmail.net wrote:
People are made aware with each edit as an I am that their information is publicly available. What concerns me about removing IP information is that it'll remove our ability to fight spam, detect socks, and respond to emergency@ issues, unless I've missed something?
Sent from Samsung Mobile
-------- Original message -------- From: Brian J Mingus Date:03-29-2015 4:36 PM (GMT-05:00) To: David Carson Cc: English Wikipedia Subject: Re: [WikiEN-l] Privacy Study Looking for Volunteers
Wikipedia is set up such that if you don't take the measures mentioned in the OP, you are dox'ing yourself. Users are not aware of this.
On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63000@gmail.com wrote:
"Wikipedia:Free speech" ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a read.
http://en.wikipedia.org/wiki/Wikipedia:Free_speech
It's not directly about privacy but I think it clearly covers the ground that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate
that
goal.
If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not Wikipedia.
Cheers, David...
On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus <
brian.mingus@colorado.edu
wrote:
In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them.
But if you recall, I simply stated that recording IP addresses is invasive. And it is.
This is especially true when you know that your recordings are
faciliating
the active de-anonymization of people who are editing Wikipedia. Not
just
de-anonymization, but often public shaming.
For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for
neutrality.
It's hypocritical.
Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people.
On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes okeyes@wikimedia.org wrote:
In order:
- Yes, the WMF is suing the NSA. There are a few threads/blog posts
about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way.
The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers.
That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus there would be a good starting point to changing this.
On 29 March 2015 at 11:57, James Farrar james.farrar@gmail.com
wrote:
Wikipedia is suing the NSA? Seriously? On 28 Mar 2015 11:23, "Brian J Mingus" brian.mingus@colorado.edu
wrote:
> It has worked up to now, but I'm thinking that, especially given
Wikimedia
> is suing the NSA, it is no longer justifiable. If the NSA can't
track
> citizens, Wikimedia shouldn't be tracking them either. Seems simple
:)
> > On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa-ml@ariis.it
wrote:
> > > On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: > > > I think it's rather curious that edits to Wikipedia aren't
private.
Why
> > log > > > the IP address? Why log anything? It's invasive. > > > > I guess it's a sensible choice against abuse (vandalism) while
still
> > allowing non registered users editing rights > > > > > > _______________________________________________ > > WikiEN-l mailing list > > WikiEN-l@lists.wikimedia.org > > To unsubscribe from this mailing list, visit: > > https://lists.wikimedia.org/mailman/listinfo/wikien-l > > > _______________________________________________ > WikiEN-l mailing list > WikiEN-l@lists.wikimedia.org > To unsubscribe from this mailing list, visit: > https://lists.wikimedia.org/mailman/listinfo/wikien-l > _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
-- Oliver Keyes Research Analyst Wikimedia Foundation
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
I propose we run a study. We will survey random editors and ask them if they realize that there is a chance they are leaking enough information for their identity to be revealed. *Even if they are logged in.*
Regarding comparisons - institutions have structure, and if there is a structure mapping, then it's a matter of fact. A given mapping will have strengths and weaknesses. You may prefer one mapping to another. If you have reasons for preferring one mapping (other than that it offends you), I'm all ears. But be aware: simply changing the vocabulary that you use to describe the space doesn't mean that two different descriptions of institutions aren't in fact describing a construct that is more similar than different, or that is similar in important ways.
This is all to say, there are often reasons that institutions like the NSA and WMF are structured the way they are. Given the investment in the topic, it's probably worth exploring how the institutional structures emerged. But given the investment, confirmation bias may prevail in this case: even if there are important similarities, nobody wants to look like a hypocrite.
That's OK, though. Much as I am invested in Wikipedia and appreciate the WMF, if I turn out to be a hypocrite, *I* will call myself one. Just as I will do it to others.
Best,
Brian
"*Other dogs bite only their enemies, whereas I bite also my friends.*" - Diogenes the Cynic
On Mon, Mar 30, 2015 at 10:32 AM, Oliver Keyes okeyes@wikimedia.org wrote:
Or perhaps you're reading far too much into it, and in the process, being incredibly rude to the WMF employees reading this thread, who are people too, and don't particularly appreciate being compared to the NSA. If you're trying to have a constructive discussion, you should pick a better format and attitude.
On 29 March 2015 at 19:02, Brian J Mingus brian.mingus@colorado.edu wrote:
The notice just says that the IP is public. Most people have no idea what that means.
It will absolutely make those problems harder. Perhaps it is the Foundation's trusted role to hide that information from the public and be trusted with it on the backend. This institutional design sounds similar
to
another institution in certain ways..
On Sun, Mar 29, 2015 at 6:58 PM, Dustin Muniz dahowe@bsugmail.net
wrote:
People are made aware with each edit as an I am that their information
is
publicly available. What concerns me about removing IP information is
that
it'll remove our ability to fight spam, detect socks, and respond to emergency@ issues, unless I've missed something?
Sent from Samsung Mobile
-------- Original message -------- From: Brian J Mingus Date:03-29-2015 4:36 PM (GMT-05:00) To: David Carson Cc: English Wikipedia Subject: Re: [WikiEN-l] Privacy Study Looking for Volunteers
Wikipedia is set up such that if you don't take the measures mentioned
in
the OP, you are dox'ing yourself. Users are not aware of this.
On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63000@gmail.com wrote:
"Wikipedia:Free speech" ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably
worth a
read.
http://en.wikipedia.org/wiki/Wikipedia:Free_speech
It's not directly about privacy but I think it clearly covers the
ground
that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate
that
goal.
If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not
Wikipedia.
Cheers, David...
On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus <
brian.mingus@colorado.edu
wrote:
In general people do not read privacy policies, nor do they
understand
what IP addresses are or what you can do with them.
But if you recall, I simply stated that recording IP addresses is invasive. And it is.
This is especially true when you know that your recordings are
faciliating
the active de-anonymization of people who are editing Wikipedia. Not
just
de-anonymization, but often public shaming.
For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for
neutrality.
It's hypocritical.
Luckily, it's easy to fix. Just stuff the ip fields with random
numbers
and deal with the fallout. Stop tracking people.
On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes okeyes@wikimedia.org wrote:
In order:
- Yes, the WMF is suing the NSA. There are a few threads/blog
posts
about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any
other
reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for
an
indefinite period, with very little legal or political oversight,
in
order to stop terrorism, where very little evidence exists that
this
has helped in any way.
The WMF needs to store data for a 90 day period, which is
explicitly
set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of
the
people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly
sets
out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers.
That's what's actually going on, here. If you thing these
situations
are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your
local
project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus
there
would be a good starting point to changing this.
On 29 March 2015 at 11:57, James Farrar james.farrar@gmail.com
wrote:
> Wikipedia is suing the NSA? Seriously? > On 28 Mar 2015 11:23, "Brian J Mingus" <
brian.mingus@colorado.edu>
wrote: > >> It has worked up to now, but I'm thinking that, especially given Wikimedia >> is suing the NSA, it is no longer justifiable. If the NSA can't
track
>> citizens, Wikimedia shouldn't be tracking them either. Seems
simple
:)
>> >> On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis <
fa-ml@ariis.it>
wrote: >> >> > On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus
wrote:
>> > > I think it's rather curious that edits to Wikipedia aren't
private.
Why >> > log >> > > the IP address? Why log anything? It's invasive. >> > >> > I guess it's a sensible choice against abuse (vandalism) while
still
>> > allowing non registered users editing rights >> > >> > >> > _______________________________________________ >> > WikiEN-l mailing list >> > WikiEN-l@lists.wikimedia.org >> > To unsubscribe from this mailing list, visit: >> > https://lists.wikimedia.org/mailman/listinfo/wikien-l >> > >> _______________________________________________ >> WikiEN-l mailing list >> WikiEN-l@lists.wikimedia.org >> To unsubscribe from this mailing list, visit: >> https://lists.wikimedia.org/mailman/listinfo/wikien-l >> > _______________________________________________ > WikiEN-l mailing list > WikiEN-l@lists.wikimedia.org > To unsubscribe from this mailing list, visit: > https://lists.wikimedia.org/mailman/listinfo/wikien-l
-- Oliver Keyes Research Analyst Wikimedia Foundation
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
-- Oliver Keyes Research Analyst Wikimedia Foundation
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
On 30 March 2015 at 16:00, Brian J Mingus brian.mingus@colorado.edu wrote:
I propose we run a study. We will survey random editors and ask them if they realize that there is a chance they are leaking enough information for their identity to be revealed. *Even if they are logged in.*
What exactly do you hope to learn?
Regarding comparisons - institutions have structure, and if there is a structure mapping, then it's a matter of fact. A given mapping will have strengths and weaknesses. You may prefer one mapping to another. If you have reasons for preferring one mapping (other than that it offends you), I'm all ears. But be aware: simply changing the vocabulary that you use to describe the space doesn't mean that two different descriptions of institutions aren't in fact describing a construct that is more similar than different, or that is similar in important ways.
This is all to say, there are often reasons that institutions like the NSA and WMF are structured the way they are. Given the investment in the topic, it's probably worth exploring how the institutional structures emerged. But given the investment, confirmation bias may prevail in this case: even if there are important similarities, nobody wants to look like a hypocrite.
What does this have to do with anything?
I'm far from convinced that the Foundation should be involved in push-polling. On 31 Mar 2015 09:24, "Brian J Mingus" brian.mingus@colorado.edu wrote:
I propose we run a study. We will survey random editors and ask them if they realize that there is a chance they are leaking enough information for their identity to be revealed. *Even if they are logged in.*
Regarding comparisons - institutions have structure, and if there is a structure mapping, then it's a matter of fact. A given mapping will have strengths and weaknesses. You may prefer one mapping to another. If you have reasons for preferring one mapping (other than that it offends you), I'm all ears. But be aware: simply changing the vocabulary that you use to describe the space doesn't mean that two different descriptions of institutions aren't in fact describing a construct that is more similar than different, or that is similar in important ways.
This is all to say, there are often reasons that institutions like the NSA and WMF are structured the way they are. Given the investment in the topic, it's probably worth exploring how the institutional structures emerged. But given the investment, confirmation bias may prevail in this case: even if there are important similarities, nobody wants to look like a hypocrite.
That's OK, though. Much as I am invested in Wikipedia and appreciate the WMF, if I turn out to be a hypocrite, *I* will call myself one. Just as I will do it to others.
Best,
Brian
"*Other dogs bite only their enemies, whereas I bite also my friends.*" - Diogenes the Cynic
On Mon, Mar 30, 2015 at 10:32 AM, Oliver Keyes okeyes@wikimedia.org wrote:
Or perhaps you're reading far too much into it, and in the process, being incredibly rude to the WMF employees reading this thread, who are people too, and don't particularly appreciate being compared to the NSA. If you're trying to have a constructive discussion, you should pick a better format and attitude.
On 29 March 2015 at 19:02, Brian J Mingus brian.mingus@colorado.edu wrote:
The notice just says that the IP is public. Most people have no idea
what
that means.
It will absolutely make those problems harder. Perhaps it is the Foundation's trusted role to hide that information from the public and
be
trusted with it on the backend. This institutional design sounds
similar
to
another institution in certain ways..
On Sun, Mar 29, 2015 at 6:58 PM, Dustin Muniz dahowe@bsugmail.net
wrote:
People are made aware with each edit as an I am that their information
is
publicly available. What concerns me about removing IP information is
that
it'll remove our ability to fight spam, detect socks, and respond to emergency@ issues, unless I've missed something?
Sent from Samsung Mobile
-------- Original message -------- From: Brian J Mingus Date:03-29-2015 4:36 PM (GMT-05:00) To: David Carson Cc: English Wikipedia Subject: Re: [WikiEN-l] Privacy Study Looking for Volunteers
Wikipedia is set up such that if you don't take the measures mentioned
in
the OP, you are dox'ing yourself. Users are not aware of this.
On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63000@gmail.com wrote:
"Wikipedia:Free speech" ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably
worth a
read.
http://en.wikipedia.org/wiki/Wikipedia:Free_speech
It's not directly about privacy but I think it clearly covers the
ground
that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to
facilitate
that
goal.
If you think that recording IP addresses is invasive, then you
should
probably be publishing your content on your own website, not
Wikipedia.
Cheers, David...
On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus <
brian.mingus@colorado.edu
wrote:
In general people do not read privacy policies, nor do they
understand
what IP addresses are or what you can do with them.
But if you recall, I simply stated that recording IP addresses is invasive. And it is.
This is especially true when you know that your recordings are
faciliating
the active de-anonymization of people who are editing Wikipedia.
Not
just
de-anonymization, but often public shaming.
For WMF, the principle of neutrality clearly trumps the principles
of
privacy and free speech. For the NSA, substitute security for
neutrality.
It's hypocritical.
Luckily, it's easy to fix. Just stuff the ip fields with random
numbers
and deal with the fallout. Stop tracking people.
On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes <
okeyes@wikimedia.org>
wrote:
> In order: > > 1. Yes, the WMF is suing the NSA. There are a few threads/blog
posts
> about this people here can point you to. > 2. Brian: The NSA needs to store data without the permission or > consent of the people generating it, sometimes through forcible > interception, decryption and the introduction and maintenance of > software exploits that allow them to do this but also allow any
other
> reasonably technical nation or non-nation actor who is paying > attention to exploit the same vulnerability, keeping this data
for
an
> indefinite period, with very little legal or political oversight,
in
> order to stop terrorism, where very little evidence exists that
this
> has helped in any way. > > The WMF needs to store data for a 90 day period, which is
explicitly
> set down in a privacy policy that is transparent, human-readable, > linked from every edit interface, written with the involvement of
the
> people whose data is being stored, administered by a committee of > people who come from this population of editors, and explicitly
sets
> out what the data may or may not be used for, even within the > Wikimedia Foundation, in order to stop vandalism, where multiple > scientific studies have validated the hypothesis that being able
to
> make rangeblocks and prohibit sockpuppetry is beneficial to the > community we are all a part of and the wider population of
readers.
> > That's what's actually going on, here. If you thing these
situations
> are roughly analogous, that's your prerogative. If you think the > storage of this data is unnecessary, I recommend you go to your
local
> project and explain to them that being able to checkuser
potential
> sockpuppets or hard-block users is not needed: gaining consensus
there
> would be a good starting point to changing this. > > On 29 March 2015 at 11:57, James Farrar james.farrar@gmail.com
wrote:
> > Wikipedia is suing the NSA? Seriously? > > On 28 Mar 2015 11:23, "Brian J Mingus" <
brian.mingus@colorado.edu>
> wrote: > > > >> It has worked up to now, but I'm thinking that, especially
given
> Wikimedia > >> is suing the NSA, it is no longer justifiable. If the NSA
can't
track
> >> citizens, Wikimedia shouldn't be tracking them either. Seems
simple
:) > >> > >> On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis <
fa-ml@ariis.it>
> wrote: > >> > >> > On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus
wrote:
> >> > > I think it's rather curious that edits to Wikipedia aren't private. > Why > >> > log > >> > > the IP address? Why log anything? It's invasive. > >> > > >> > I guess it's a sensible choice against abuse (vandalism)
while
still > >> > allowing non registered users editing rights > >> > > >> > > >> > _______________________________________________ > >> > WikiEN-l mailing list > >> > WikiEN-l@lists.wikimedia.org > >> > To unsubscribe from this mailing list, visit: > >> > https://lists.wikimedia.org/mailman/listinfo/wikien-l > >> > > >> _______________________________________________ > >> WikiEN-l mailing list > >> WikiEN-l@lists.wikimedia.org > >> To unsubscribe from this mailing list, visit: > >> https://lists.wikimedia.org/mailman/listinfo/wikien-l > >> > > _______________________________________________ > > WikiEN-l mailing list > > WikiEN-l@lists.wikimedia.org > > To unsubscribe from this mailing list, visit: > > https://lists.wikimedia.org/mailman/listinfo/wikien-l > > > > -- > Oliver Keyes > Research Analyst > Wikimedia Foundation > _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
-- Oliver Keyes Research Analyst Wikimedia Foundation
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
I propose we run a study. We will survey random editors
I always find it curious that we had dozens or hundreds of threads on having IPs in history: this worry is very elitist, at most few millions people ever edited.
What about the hundreds millions users who never edited? What are *their* IPs being logged for? It would be rather trivial to do as the IA does: http://blog.archive.org/2013/10/25/reader-privacy-at-the-internet-archive/
I'll start worrying about the millions when we have solved privacy issues for the billions.
Nemo