Agree about the privacy and security worries shared by some in the list.

From a software maintenance pov, developing a new tool is sometimes easier but maintaining and keeping up with the ever-changing internet standards (and new vulnerabilities and security changes) is hard. That said, a movement that actively uses surveys and forms does need to make the personal data transactions secure. To be able to do that, using both open source tools and (preferably self-hosted) platforms that use e2ee (which provides better security except in some extraordinary situations [1]) should be preferred. I'd argue a proprietary platform that protects user data in surveys and collects little metadata is far better than an open source one that collects and saves user data in plaintext in cloud. But open source helps to some extent as proprietary platforms could claim many things when there is no option for public audit of proprietary platforms. But just open source does *not* help. An additional level of security is a must and should be the foundational layer when it comes to a survey platform.

As far as possible solutions go, it would be a good investment to support developers from the open source community for a survey tool that protects the privacy of survey participants by the use of e2ee and can be well integrated into MediaWiki (bonus if not a primary goal). The Foundation and the larger community (including Chapters and User Groups) would be greatly benefitted from this. But until a good in-house solution is there, it might be useful to reach out to other friendly faces in the development world -- Access Now, Article 19, Amnesty International, etc. -- to check what works for them now.

If and when a platform develops, registered users can then use their Mediawiki auth for creating privkeys to sign. This would add a non-repudiable logging mechanism in the backend to add more transparency and accountability.

1. https://en.wikipedia.org/wiki/Key_disclosure_law/

Subhashish


On Tue, Feb 23, 2021 at 8:21 AM K. Peachey <p858snake@gmail.com> wrote:


On Tue, 23 Feb 2021, 7:18 am Valerio Bozzolan via Wikimedia-l, <wikimedia-l@lists.wikimedia.org> wrote:
Hello everyone,

Apologies for my TL;DR

Interesting topic. I'm recently working on making ethical surveys more and more widespread, starting from here:
Every hand is welcome.

Warm wishes!
-- 
[[User:Valerio Bozzan]]

Did WMIT do any sort of security review before deploying lime?

Security issues were found the previous two times wmf looked at from my understanding and that was without doing a full security review process....

Have any sort of privacy impact assessment (PIA) since surveys could potentially collect personally identifiable data (PIDs)
_______________________________________________
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/wiki/Wikimedia-l
New messages to: Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>