The problem is that something that previously was public (vandal moving
the page "George W. Bush" to "moron") will now be private (he get a
message that hi isn't allowed to do that), this shifts the context from
a public context to a private context. Then the extension do logging of
actions done in this private context to another site. Users of this site
will then have access to private information. It is not the information
_disclosed_ which creates the problem, it is the information
_collected_. It seems like the information is legal for "administrative
purposes", but as soon as it is used for anything other it creates a lot
of problems. For example, if anyone takes actions against an user based
on this collected information it could be a violation of local laws.
(Imagine collected data being integrated with CU) If such actions must
be taken, then the central problems are identification of who has access
to the logs and are they in fact accurate. That is something you don't
want in a wiki with anonymous contributors! :D
The only solution I see is to avoid all logging of private actions if
the actions themselves does not lead to a publication of something.
Probably it will be legal to do some statistical analysis to administer
the system, but that should limit the possibility of later
identification of the involved users.
There are a lot of other problems, but I think most of them are minor to
this.
John
Domas Mituzas skrev:
Hello John,
done, or that any other measure is taken to avoid
said problems. Can
anyone clarify on the matter as it seems that nearly everyone just
hurrays the implementation and there is no effort to solve those
issues.
I discussed this with Andrew (he is not on foundation-l), and
apparently, AbuseFilter does not seem to disclose any information that
would not be available elsewhere.
Is there any particular information released by it you'd consider
leaking private data?
We love privacy, but we want to be consistent :)