-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Sorry, can't let this go by unanswered. My statements are historical and have no bearing on what is presently being done, as I have nothing to do with the Foundation anymore. But:
1) Information obtained by the Foundation is subject to the privacy policy adopted by the board. Always.
2) What happens if...? I don't understand your question. If there is a security breach, etc., it's a big problem, like it would be for any company or organization.
3) Will the Foundation fight? That depends, but the clearest answer you will get is, there is no guarantee of security, only the best anyone can offer. Any other statement is hogwash. If your identity is so secret that you can't let it be shared, then don't share it. That is your decision, and no one elses. For example, I appreciate what sannse is saying, and I hold her in very high regard, but I think her opposition to the policy is misguided. People *do* already know who she is. The point is that the Foundation cannot risk letting people no Foundation person has shaken hands with, spoken to on the phone, etc., from having the capacity to expose confidential information. One word: Essjay.
In practice, persons who are the object of investigation by a third party usually know someone is after them. The standard practice supported by EFF and other free speech organizations, and encouraged under Florida law, is to advise the individual of the subpoena to allow them the opportunity to file a motion to quash the subpoena and to seek to intervene to limit or supply conditions for the discovery. There is never a guarantee the information can *never* be turned over. Under most normal situations, however, it won't be.
4) Bogus suits are bogus suits, and run afoul of state and federal rules. In Florida, you don't get that discovery automatically.
5) What legal relationship do you think changes?
Brad Patrick
Matthew Brown wrote:
On 5/1/07, David Gerard dgerard@gmail.com wrote:
Except on those occasions when, as Sannse's case demonstrates, that the Foundation cannot be trusted to keep the personal data secure of someone needing it kept secure.
Which reminds me to ask: if we have a duty to identify ourselves to the Foundation, what duties of confidentiality does the Foundation agree to hold itself to?
What happens if this information is leaked - accidentally, on purpose, through security breach or robbery or ... ?
Will the foundation fight a discovery motion or subpoena or the like asking for our personal information, or will it roll over and give up the information without a fight, in the hope a potential lawsuit will go after us rather than them? Will the Foundation even notify us in this case? I am concerned that harassing individuals, knowing the Foundation has this info on file, will file bogus lawsuits just to get their hands on it.
I'm also curious as to whether this changes our legal relationship with the Foundation in other ways.
Most of this does not personally concern me all that much since I've never made that much of an effort to keep my online identity private: I am no good at keeping secrets. But the implications may concern others more than I.
-Matt
foundation-l mailing list foundation-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/foundation-l