Pathoschild writes:

While the draft is very good as a supporting explanatory essay, I don't think it's written as a policy; it's unnecessarily verbose, reads like an essay or opinion piece, makes incorrect assumptions (like "everyone can contribute", "history [...] is preserved indefinitely", or "you are encouraged but not required to register with your real name" (some wikis specifically discourage that due to stalking, etc)), significantly addresses non-privacy subjects (like community values, copyright, or user access hierarchy), and uses redundant section numbering (sections are numbered automatically in the table of contents). I think the explanatory material should be moved to a separate essay, so that the policy only contains policy.

Thank you for the nice long sentence commenting on the unnecessary verbosity of the draft! :)

I think it's good that people feel invested in improving the draft, which represents an attempt to explain a lot of stuff that is pretty much unexplained to non-technical users in the current draft, in my view.

Without commenting in detail on all proposed criticisms, let me express two small preferences.

First, I think an articulation of privacy principles (perhaps more than one) is absolutely necessary for a good policy. The current privacy policy doesn't explain what the organization's *values* are, and I think all policies should be informed by values that are clearly stated and understood. That is something I take to be essential, speaking as a constitutional lawyer.

Second, and this is less important but still non-trivial -- I understand the preference in our circles for framing documents as hypertext/html/linked text, etc. I think this actually makes the exposition of documents and policies *less* accessible because you see chunks rather than a comprehensive explanation that takes you from beginning to end.

I'll note that the existing policy -- not the draft -- is not hypertextual to any great degree. It's essentially the opposite of an essay, because the ideas don't build easily on what goes before. There are structural benefits to non-hypertextual documents, such as, for example The Universal Declaration of Human Rights, adopted by the United Nations in 1948. (See <http://www.un.org/Overview/ rights.html>.) You'll notice that the United Nations was not shy about articulating rights guarantees in terms of general principles, although it had less to say about turning over IP addresses to the government and/or data retention and/or anonymity.

Finally, I think it's important to remember that we were attempting to systematize the rights in the existing WMF policy, which can be found here:

<http://wikimediafoundation.org/w/index.php?title=Privacy_policy&oldid=14...

. The outcome was longer, I agree, but we were aiming for something

more holistic and accessible to the non-technical reader, in the expectation that, in the future, more non-technical readers will be trying to digest our systematic privacy policies and philosophy. At the same time, we wanted to explain the provisions that were already included in the existing policy. Maybe that was asking too much, but I hope our goals were clear. (By the same token, I also think all calculus books are three or four times too long, but that's a subject for another day.)

I hope this note explains a bit how we were thinking when we developed the current draft. I'll probably refrain from comment further in this thread, in order to encourage the freest possible discussion.

--Mike

--Mike