you are not "exposing the user unknowingly visiting the site" with the bot itself...when you visit the site you are integrated in the SUL, it's public information since ages. The fact that a bot takes care of it or a human being leaves a message does not tell you a lot more. Sometimes on certain wiki welcome messages are delivered sometimes they are not. Sometimes immediately, sometimes later. It's a very fragmented situation so the bot tells you basically nothing per se, it simple makes some people aware that the information of visiting a site exists and it is public. So the question is not about the bot, the question is if when you do thishttps://commons.wikimedia.org/w/index.php?title=Special%3ACentralAuth&ta... and you can read that it's public that for example I was attached on fawiki on 21:41, 11 April 2012, which is basically when I visited it the first time. Although not strictly, I could have visited it and the system having problem and log me out (that also happen) so technically this is not even true sometimes... But even if it was precise, is the public knowledge of this information really a threat to my privacy? or it is justing many of the things I implicitly agree when I make an account? The "violation of privacy" of such information, it's not even comparable with dozen of other things in your life. But seriously if THIS is a problem and had to be "put secret" than I'd expect to be informed when a check user look at my data. You know.... a few group of people decide when it's right or wrong to look at my personal data and not informing me when they do it probably because they found nothing (but they have such information in their hand now, don't they? Shouldn't I generic user be informed about it?), that's not very nice for the privacy of anyone. So the core point is not that I receive a message once a year that makes me aware that the SUL information exist, but that I don't receive a lot of other messages that I should receiving about who's looking at many others of my personal data. Privacy is a serious matter. I expect RfC for things that have impact. Now imagine that I go to people that are worried and tell them the nobody really cares that they are not informed when someone look inside their provider data (because put in the end of a small group of people is "enough") or that the disaggregated information of CU activity is not public for the majority of platforms... but someone cares so much if they receive a welcoming message by bot when they visit a platform for the first time. I am quite sure that the users I know will not be impressed.
Il Venerdì 26 Gennaio 2018 0:27, John Erling Blad jeblad@gmail.com ha scritto:
I can't see that T42006 is relevant in this case. It is about abusive use of a bot, not about creation of the central account in itself.
The existence of a central account leads to creation of the local account. This is probably acceptable. Then this may lead to the abusiv behavior, ie exposing the user unknowingly visiting the site. This is probably not intended and not acceptable.
I wonder if the solution is to filter down the new users to real contributors, that would be pretty simple
Den tor. 25. jan. 2018, 22.55 skrev Pine W wiki.pine@gmail.com:
Joe,
I believe that the issue of a potential privacy violation was first raised on this list on December 30th, and I first emailed WMF Legal about this issue on January 1st. Keeping in mind that the issue involves potential privacy violations, I think that it's reasonable to think that this issue should have been reviewed within days, not weeks. I disagree with the statement that "A subsequent review is clearly going to be a low priority task as I am sure you can understand Pine." If anything, I think that the situation is clear to the contrary and it should have been reviewed within days.
For me, an RfC about this matter would be for the purposes of (1) encouraging WMF to give more attention to this matter, (2) attempting to establish community consensus about whether the matters being raised here involve privacy violations, and (3) what should be done, if anything. Personally, I think that the status quo does involve privacy violations and that there should be changes. Whether that view is shared by others is something that the RfC would attempt to measure.
In this circumstance I consider RfC to be similar to a ballot measure, and I think that it's appropriate for me to say that if I think that there are problems then I may use tools that are available to me to attempt to address them, preferably with WMF's cooperation, but without WMF"s cooperation if necessary and if possible.
John,
A previous discussion about the privacy issues occurred in https://phabricator.wikimedia.org/T42006. I received a new email from WMF Legal in which they affirmed their department's 2012 view on this matter. The most recent email gave me the impression that they are receptive to discussion about whether there should be changes although there may be resource limitations. That sounds like a good starting place for a conversation, and I think that on the community's side an RfC is the best way to gauge the community's views. I am busy for the next few days but I'll try to set up an RfC on Meta during the weekend.
Pine https://meta.wikimedia.org/wiki/User:Pine https://en.wikipedia.org/wiki/User:CatherineMunro/Bright_Places
On Wed, Jan 24, 2018 at 2:29 AM, Joseph Seddon jseddon@wikimedia.org wrote:
This conversation started in the middle of the Christmas break following which I suspect many staff took extended holidays, most departments are
in
the middle annual planning and this week WMF are gathering for their
annual
all hands meetings. So lets firtst consider the fact that senior legal staff have a lot on their plate.
This problem has been discussed before and reviewed by legal as
acceptable.
A subsequent review is clearly going to be a low priority task as I am
sure
you can understand Pine.
Making threats to handle ones demand and only in a manner that is acceptable to you is hardly going to make staff receptive to expediting your request. Lets give the good people time, afford them patience on our behalf and let them do their jobs.
On Wed, Jan 24, 2018 at 2:04 AM, Pine W wiki.pine@gmail.com wrote:
FYI for those on WIkimedia-l who may be interested, conversation about
this
matter is ongoing. I am waiting a response from WMF Legal, and there
may
be
others who have opened their own lines of inquiry.
If I don't receive a reply from WMF Legal that I feel is satisfactory,
or
if I don't receive one at all, then I plan to set up an RfC about this matter.
Pine https://meta.wikimedia.org/wiki/User:Pine https://en.wikipedia.org/wiki/User:CatherineMunro/Bright_Places
On Mon, Jan 1, 2018 at 2:17 PM, Vi to vituzzu.wiki@gmail.com wrote:
I'm scared of the solutions that will "fix" this. I expect something as dramatically useful as the removal of "unblock
this
IP" button for IPs caught by autoblocks of registered users.
Vito
2018-01-01 22:46 GMT+01:00 Pine W wiki.pine@gmail.com:
I have created https://phabricator.wikimedia.org/T183876 and am
pinging
Legal to request a review of this matter.
Happy new year,
Pine _______________________________________________ Wikimedia-l mailing list, guidelines at:
wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/ma
ilman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org
?subject=unsubscribe>
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
-- Seddon
*Community and Audience Engagement Associate* *Advancement (Fundraising), Wikimedia Foundation* _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wik i/Mailing_lists/Guidelines and
https://meta.wikimedia.org/wiki/Wikimedia-l
New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
_______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe