Hi, I would like to bring your attention to yet another discussion that's currently taking place, namely the one about the new privacy policy, and the related access to non-public information policy.
The privacy policy consultation is obviously important to all of us. but I'm personally more interested in the draft access to non-public information policy, which influences my daily work as an oversighter on Commons, and also the not-so-regular work as an OTRS agent.
It seems that the Wikimedia Foundation is planning to require users with access to non-public information to re-identify to them, this time with the intention to retain copies of the submitted IDs, for as long as those users have access to such information, and additional three years.
We already went through a similar discussion two and a half years ago, when the WMF planned to make all OTRS agents re-identify to them by sending a copy (or a scan) of their ID to a secure e-mail address (or by using another option provided).
This time, the new requirements are going to concern /all/ users with access to non-public information (such as OTRS agents, checkusers, oversighters, and stewards), and their IDs are planned to be kept by the Foundation, something which was never required before.
The discussion is taking place at https://meta.wikimedia.org/wiki/Talk:Access_to_nonpublic_information_policy and I invite every interested person (with a special invitation to people holding advanced user rights on any Wikimedia wiki) to take an active part in it.
Thanks, Tomasz
Thanks for the pointer, Tomasz. I made a couple of points I'll reiterate here:
1) Under "Secure and Confidential Storage" this is a sentence describing how the WMF will share / release the information submitted by volunteers. Part A allows the WMF to disclose the information to third parties with a WMF-approved non-disclosure agreement, without limitation. Part D allows it to disclose the information to third parties to protect the "rights and property" of the WMF, contractors and employees. Both of these parts need to be substantially tightened, in my opinion, to limit the purpose for which information is disclosed and the circumstances under which any recipient of the information can retain copies.
2) The policy really doesn't make an effort to justify the data retention. Data is retained for three years in case an Arbitration Committee (project undefined, no limitations expressed) needs to see it? Honestly, I'm struggling to understand why any ArbCom would need access to the preserved copy of a government issued ID to begin with. ArbComs are evidently on the "need to know" list for access to stored IDs? That's concerning. I think the policy needs to make a strong argument for why this type of data retention is necessary and useful, and it needs to consist of more than convenience for the WMF.
3) The process for data destruction is pretty weak. It doesn't mention anything about data that has been shared (nowhere in the document is it discussed how and in what form the data will be shared), the process it describes doesn't currently exist, and it relies on the actions of volunteers. Destroying data at the end of the retention period ought to be a WMF responsibility, assigned to an employee, and treated with the seriousness it deserves.
Overall I don't know that the legal team has taken into account the likely reaction of European functionaries in particular; those countries have very popular, and very strict, rules and expectations around the use and retention of private information. Given the conditions set by all the surveillance revelations recently... I'd hate to see an exodus of advanced users on our non-English projects because of this policy.
Tomasz W. Kozlowski, 14/10/2013 21:11:
This time, the new requirements are going to concern /all/ users with access to non-public information (such as OTRS agents, checkusers, oversighters, and stewards) [...]
Just checking: considering that this is a rather limited set of users, I assume they've all been notified by the WMF via email or talk page about the discussion?
Nemo
On 14 October 2013 16:39, Tomasz W. Kozlowski tomasz@twkozlowski.netwrote:
Federico Leva (Nemo) wrote:
Just checking: considering that this is a rather limited set of users, I
assume they've all been notified by the WMF via email or talk page about the discussion?
You must be new here.
That made me smile. :)
In answer to Tomasz's question: Not unless they suddenly forgot my email address, and that of every other checkuser, oversighter, or steward that I know. I was well aware of the ongoing discussion of the revised draft privacy policy, and I was aware that there was *going* to be a discussion about access to non-public information; however, I was unaware that the latter discussion had started.
Risker
Thanks for the notice about this discussion. I knew it was to be a part of the new privacy policy, but I wasn't aware of the talk page.
On Mon, Oct 14, 2013 at 2:11 PM, Tomasz W. Kozlowski <tomasz@twkozlowski.net
wrote:
We already went through a similar discussion two and a half years ago, when the WMF planned to make all OTRS agents re-identify to them by sending a copy (or a scan) of their ID to a secure e-mail address (or by using another option provided).
This isn't 100% correct. The idea was to have agents who had not already identified do so, since OTRS agents have access to a massive amount of non-public information. For those interested in the result, it was posting a public list of OTRS agent usernames on meta. There is no current requirement for agents to ID.
<not wearing OTRS admin hat, just sayin'>
Keegan Peterzell wrote:
This isn't 100% correct. �The idea was to have agents who had not already identified do so, since OTRS agents have access to a massive amount of non-public information. �For those interested in the result, it was posting a public list of OTRS agent usernames on meta. �There is no current requirement for agents to ID.
Not really. The discussion on the OTRS wiki clearly states that the intention was for all OTRS volunteers to "[be] identified just like CheckUsers, Oversights, and Stewards" "in accordance with the non-public data and privacy policies." which, at that time required people to "satisfactorily identify" themselves to the Foundation (and they still do), which in effect means that they need to send a copy of their ID to the WMF.
After various concerns raised by OTRS volunteers on the OTRS wiki, at least two private OTRS mailing lists, and this very list, the issue was frozen after this announcement by Philippe[1].
The posting of a public list of OTRS agents usernames was result of an entirely different discussion, which was only started in January 2013; the one I was referring to took place in February 2011 (and later on).
And yes, there is currently no requirement for OTRS agents to ID themselves to the WMF, but the new draft is, at this point, planning to change this.
Tomasz
== References == * [1] http://lists.wikimedia.org/pipermail/foundation-l/2011-February/063776.html
On Tue, Oct 15, 2013 at 3:14 AM, Tomasz W. Kozlowski <tomasz@twkozlowski.net
wrote:
Keegan Peterzell wrote:
This isn't 100% correct. �The idea was to have agents who had not already
identified do so, since OTRS agents have access to a massive amount of non-public information. �For those interested in the result, it was posting a public list of OTRS agent usernames on meta. �There is no current requirement for agents to ID.
Not really. The discussion on the OTRS wiki clearly states that the intention was for all OTRS volunteers to "[be] identified just like CheckUsers, Oversights, and Stewards" "in accordance with the non-public data and privacy policies." which, at that time required people to "satisfactorily identify" themselves to the Foundation (and they still do), which in effect means that they need to send a copy of their ID to the WMF.
The discussion, as I was clarifying, was about requiring agents that had not Identified to do so. There was no re-identifying require, which is th point that I was making.
The posting of a public list of OTRS agents usernames was result of an entirely different discussion, which was only started in January 2013; the one I was referring to took place in February 2011 (and later on).
The two are related. Both measures seek transparency, one to the WMF and one to the community. The fact that the community side has worked is interesting when there is pushback to private transparency.
Keegan Peterzell wrote:
The discussion, as I was clarifying, was about requiring agents that had not Identified to do so. There was no re-identifying require, which is th point that I was making.
Oh yes, that's right. Thanks for the clarification, Keegan; I'm sorry about the confusion.
The two are related. Both measures seek transparency, one to the WMF and one to the community. The fact that the community side has worked is interesting when there is pushback to private transparency.
The community side, as you call it, has received its share of comments, criticism, and suggestions from OTRS volunteers when the issue was brought to their (our) attention.
There have been many voices opposing the publication or at least concerned about the possible implications of the change, just as there are some voices expressing concerns about the apparent lack of details and deeper thought behind some parts of the policy.
I don't think this is something new or interesting per se; people usually tend to ask tough questions when it comes to their privacy, and I can only hope we will be able to work out the details, and that the WMF will be able to respond to people's concerns.
Tomasz
Keegan Peterzell, 15/10/2013 10:24:
The two are related. Both measures seek transparency, one to the WMF and one to the community. The fact that the community side has worked is interesting when there is pushback to private transparency.
This is an interesting point, thanks for making it. I would never have considered the identification via private means something relating to "transparency", but it's clear that – as you say – people are more likely to accept a transparency which benefits the public.
Nemo
This is directed at the Wikimedia legal team, whom I have cc'd: Even though the pace of contributions to the discussion page of the policy has picked up in the last couple of days, no one from the legal team has commented in about a month. I think it would help the discussion if the legal team would engage while members of the community are also engaged, so that it is truly a discussion and not people talking past each other at different moments in time.
Nathan
Hi Nathan,
My apologies for the delay. We will begin responding asap.
-Michelle
On Tue, Oct 15, 2013 at 9:33 AM, Nathan nawrich@gmail.com wrote:
This is directed at the Wikimedia legal team, whom I have cc'd: Even though the pace of contributions to the discussion page of the policy has picked up in the last couple of days, no one from the legal team has commented in about a month. I think it would help the discussion if the legal team would engage while members of the community are also engaged, so that it is truly a discussion and not people talking past each other at different moments in time.
Nathan
Tomasz W. Kozlowski wrote:
The discussion is taking place at https://meta.wikimedia.org/wiki/Talk:Access_to_nonpublic_info_policy and I invite every interested person (with a special invitation to people holding advanced user rights on any Wikimedia wiki) to take an active part in it.
This discussion... isn't going great. There's now a talk page section devoted to users signing a pledge that should the policy, as written, be enacted by the Board, they'll resign their advanced privileges (steward access, CheckUser access, etc.). It's up to eight signatories.
Reading through some of the discussion, I have two questions for the Wikimedia Foundation Board (copied on this e-mail):
* Is the Board interested in updating its 2007 access to nonpublic data policy?
* Has there been any consideration of removing volunteers from these types of roles and relying solely on staff?
On a typical site, paid staff would deal with problematic users. There's a lot of hoopla being put in place ("confidentiality pledges," etc.) that would be much easier to implement if everyone with this type of access were simply paid staff members or contractors. (Though contractors can still leak, heh.) But this seems like a legitimate enough question in the context of the current discussion: should volunteers be filling these roles or should they be focused more purely on education content creation?
MZMcBride
On 10/21/2013 08:13 PM, MZMcBride wrote:
On a typical site, paid staff would deal with problematic users.
The obvious, and perhaps a bit trite, answer would be that we are most certainly not a typical site by any meaning of the term. :-)
Seriously, however, I can understand why some current holders of rights might have reservations about a policy that tightens greatly how private information is handled and how much vetting is done on who does the handling; but that tightening does very much need to take place.
It's not clear to me what those people who have signed the petition think they can accomplish; those new rules (perhaps altered through feedback) will need to be installed eventually, but nobody is obliged to abide them if they do not feel comfortable doing so; being a steward, oversighter or checkuser is not something one is forced into doing. If they prefer not to proceed with the new system, they don't actually need to resign.
As a volunteer, I'd *much* rather those functions be held by active members of the community than by staff; and as long as there remains sufficient volunteers to do the job, then this is what should happen. (We'd probably get more people willing to step forward if we stopped - collectively - heaping so much crap on the heads of functionaries; but that's a different issue).
-- Coren / Marc
Although I personally didn't consider identifying to be onerous, I've never thought the entire identification requirement and process were necessary, since nothing is ever done with the identification data. Can anyone think of a situation that would have been handled differently if the proposed policy had been in place at the relevant time? (I myself can think of one and only one, but am curious if there are others.)
Newyorkbrad
On Wed, Oct 23, 2013 at 6:45 PM, Marc A. Pelletier marc@uberbox.org wrote:
On 10/21/2013 08:13 PM, MZMcBride wrote:
On a typical site, paid staff would deal with problematic users.
The obvious, and perhaps a bit trite, answer would be that we are most certainly not a typical site by any meaning of the term. :-)
Seriously, however, I can understand why some current holders of rights might have reservations about a policy that tightens greatly how private information is handled and how much vetting is done on who does the handling; but that tightening does very much need to take place.
It's not clear to me what those people who have signed the petition think they can accomplish; those new rules (perhaps altered through feedback) will need to be installed eventually, but nobody is obliged to abide them if they do not feel comfortable doing so; being a steward, oversighter or checkuser is not something one is forced into doing. If they prefer not to proceed with the new system, they don't actually need to resign.
As a volunteer, I'd *much* rather those functions be held by active members of the community than by staff; and as long as there remains sufficient volunteers to do the job, then this is what should happen. (We'd probably get more people willing to step forward if we stopped - collectively - heaping so much crap on the heads of functionaries; but that's a different issue).
-- Coren / Marc
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
On 10/23/2013 07:01 PM, Newyorkbrad wrote:
(I myself can think of one and only one, but am curious if there are others.)
I can also think of exactly one off the cuff (and it is almost certainly the same); but I can think of a couple of scenarios where the dissuasive effect alone might have made a difference.
But my understanding is that this is prompted by a more serious focus on accountability than over any particular incident.
-- Marc
On 24 October 2013 00:07, Marc A. Pelletier marc@uberbox.org wrote:
On 10/23/2013 07:01 PM, Newyorkbrad wrote:
(I myself can think of one and only one, but am curious if there are others.)
I can also think of exactly one off the cuff (and it is almost certainly the same); but I can think of a couple of scenarios where the dissuasive effect alone might have made a difference. But my understanding is that this is prompted by a more serious focus on accountability than over any particular incident.
I'm thinking of a case, but I can't see how this would have dissuaded the individual in question, who was almost obsessive.
- d.
Speaking for myself, I have no problems with the overall idea, and I doubt that a lot of the others who have signed the petition do either.
The problem is in the details of how it is implemented, and that appropriate safeguards are not written into place to protect the privacy and legal rights of those who (re)identify. I know some European users have raised concerns about how the overall policy does not work for them and/or would cause them to break the law. I don't believe that they should have to stand alone.
Thanks,
Rschen7754 rschen7754.wiki@gmail.com
On Oct 23, 2013, at 4:07 PM, Marc A. Pelletier marc@uberbox.org wrote:
On 10/23/2013 07:01 PM, Newyorkbrad wrote:
(I myself can think of one and only one, but am curious if there are others.)
I can also think of exactly one off the cuff (and it is almost certainly the same); but I can think of a couple of scenarios where the dissuasive effect alone might have made a difference.
But my understanding is that this is prompted by a more serious focus on accountability than over any particular incident.
-- Marc
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Going back to the 2011 discussions on otrs lists, a flag was raised that challenged whether the WMF had sufficiently secure servers to host copies of ID documents that might be electronically submitted, including sufficient firewalling and/or airgapping, internal access controls, etc.
My impression was that once that was raised as a detailed concern, the push died off rapidly, but I may be misremembering.
Let me now ask - Can the WMF either publicly or privately (I live in the SF Bay Area and can come over and talk) provide enough detailed assurance as to the digital medium storage plan for these IDs?
This is enough data for someone to do an identity theft with. The physical handling is relatively easy to ensure is proper (locked cabinet or the like requires a physical office intrusion). The electronic...
On Wed, Oct 23, 2013 at 4:15 PM, Rschen7754 rschen7754.wiki@gmail.comwrote:
Speaking for myself, I have no problems with the overall idea, and I doubt that a lot of the others who have signed the petition do either.
The problem is in the details of how it is implemented, and that appropriate safeguards are not written into place to protect the privacy and legal rights of those who (re)identify. I know some European users have raised concerns about how the overall policy does not work for them and/or would cause them to break the law. I don't believe that they should have to stand alone.
Thanks,
Rschen7754 rschen7754.wiki@gmail.com
On Oct 23, 2013, at 4:07 PM, Marc A. Pelletier marc@uberbox.org wrote:
On 10/23/2013 07:01 PM, Newyorkbrad wrote:
(I myself can think of one and only one, but am curious if there are others.)
I can also think of exactly one off the cuff (and it is almost certainly the same); but I can think of a couple of scenarios where the dissuasive effect alone might have made a difference.
But my understanding is that this is prompted by a more serious focus on accountability than over any particular incident.
-- Marc
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
As far as " The physical handling is relatively easy to ensure is proper", well... Considering that some of our less sane problematic users have, if I'm remembering correctly, shown up at the WMF office itself and would have loved to get their hands on the real-life documents of our advanced-privilege users, I'm not all that confident that *any *storage on the WMF premises, short of a vault, is adequate. When crazies go crazy about Wikipedia, they go *very *crazy, and breaking a padlock in an office isn't that outlandish for some of them.
-Fluff
On Wed, Oct 23, 2013 at 7:21 PM, George Herbert george.herbert@gmail.comwrote:
Going back to the 2011 discussions on otrs lists, a flag was raised that challenged whether the WMF had sufficiently secure servers to host copies of ID documents that might be electronically submitted, including sufficient firewalling and/or airgapping, internal access controls, etc.
My impression was that once that was raised as a detailed concern, the push died off rapidly, but I may be misremembering.
Let me now ask - Can the WMF either publicly or privately (I live in the SF Bay Area and can come over and talk) provide enough detailed assurance as to the digital medium storage plan for these IDs?
This is enough data for someone to do an identity theft with. The physical handling is relatively easy to ensure is proper (locked cabinet or the like requires a physical office intrusion). The electronic...
On Wed, Oct 23, 2013 at 4:15 PM, Rschen7754 <rschen7754.wiki@gmail.com
wrote:
Speaking for myself, I have no problems with the overall idea, and I
doubt
that a lot of the others who have signed the petition do either.
The problem is in the details of how it is implemented, and that appropriate safeguards are not written into place to protect the privacy and legal rights of those who (re)identify. I know some European users
have
raised concerns about how the overall policy does not work for them
and/or
would cause them to break the law. I don't believe that they should have
to
stand alone.
Thanks,
Rschen7754 rschen7754.wiki@gmail.com
On Oct 23, 2013, at 4:07 PM, Marc A. Pelletier marc@uberbox.org wrote:
On 10/23/2013 07:01 PM, Newyorkbrad wrote:
(I myself can think of one and only one, but am curious if there are others.)
I can also think of exactly one off the cuff (and it is almost
certainly
the same); but I can think of a couple of scenarios where the
dissuasive
effect alone might have made a difference.
But my understanding is that this is prompted by a more serious focus
on
accountability than over any particular incident.
-- Marc
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
-- -george william herbert george.herbert@gmail.com _______________________________________________ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Fluff-
When crazies go crazy
about Wikipedia, they go *very *crazy, and breaking a padlock in an office isn't that outlandish for some of them.
It will not happen without staff being fully aware, and an intruder knowing which cabinet to break into without significant effort is extremely unlikely, would require either cooperation of an insider and/or office visits while acting considerably saner (at least; if not much more than that).
Even if the risk is nonzero, the risk to me that it will happen secretly (as opposed to, "X broke in but the SFPD arrested them with a handful of docs including your ID photocopies") is very low.
I am much more worried about accidental unrecognized leaks of digital data. MUCH.
On Wed, Oct 23, 2013 at 4:27 PM, Katherine Casey < fluffernutter.wiki@gmail.com> wrote:
As far as " The physical handling is relatively easy to ensure is proper", well... Considering that some of our less sane problematic users have, if I'm remembering correctly, shown up at the WMF office itself and would have loved to get their hands on the real-life documents of our advanced-privilege users, I'm not all that confident that *any *storage on the WMF premises, short of a vault, is adequate. When crazies go crazy about Wikipedia, they go *very *crazy, and breaking a padlock in an office isn't that outlandish for some of them.
-Fluff
On Wed, Oct 23, 2013 at 7:21 PM, George Herbert <george.herbert@gmail.com
wrote:
Going back to the 2011 discussions on otrs lists, a flag was raised that challenged whether the WMF had sufficiently secure servers to host copies of ID documents that might be electronically submitted, including sufficient firewalling and/or airgapping, internal access controls, etc.
My impression was that once that was raised as a detailed concern, the
push
died off rapidly, but I may be misremembering.
Let me now ask - Can the WMF either publicly or privately (I live in the
SF
Bay Area and can come over and talk) provide enough detailed assurance as to the digital medium storage plan for these IDs?
This is enough data for someone to do an identity theft with. The
physical
handling is relatively easy to ensure is proper (locked cabinet or the
like
requires a physical office intrusion). The electronic...
On Wed, Oct 23, 2013 at 4:15 PM, Rschen7754 <rschen7754.wiki@gmail.com
wrote:
Speaking for myself, I have no problems with the overall idea, and I
doubt
that a lot of the others who have signed the petition do either.
The problem is in the details of how it is implemented, and that appropriate safeguards are not written into place to protect the
privacy
and legal rights of those who (re)identify. I know some European users
have
raised concerns about how the overall policy does not work for them
and/or
would cause them to break the law. I don't believe that they should
have
to
stand alone.
Thanks,
Rschen7754 rschen7754.wiki@gmail.com
On Oct 23, 2013, at 4:07 PM, Marc A. Pelletier marc@uberbox.org
wrote:
On 10/23/2013 07:01 PM, Newyorkbrad wrote:
(I myself can think of one and only one, but am curious if there are others.)
I can also think of exactly one off the cuff (and it is almost
certainly
the same); but I can think of a couple of scenarios where the
dissuasive
effect alone might have made a difference.
But my understanding is that this is prompted by a more serious focus
on
accountability than over any particular incident.
-- Marc
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
-- -george william herbert george.herbert@gmail.com _______________________________________________ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Again I ask:
Can the WMF either publicly or privately provide enough detailed assurance as to the digital medium storage plan for these IDs?
This is or should be a no-go for requiring IDs (or at least allowing them to be transferred that way).
I would be happy to contribute a free independent security audit to a plan, if there is a detailed plan to audit. And do so under confidentiality agreement if you need that, as long as you let me share a non-exploitable summary with the community...
On Wed, Oct 23, 2013 at 4:21 PM, George Herbert george.herbert@gmail.comwrote:
Going back to the 2011 discussions on otrs lists, a flag was raised that challenged whether the WMF had sufficiently secure servers to host copies of ID documents that might be electronically submitted, including sufficient firewalling and/or airgapping, internal access controls, etc.
My impression was that once that was raised as a detailed concern, the push died off rapidly, but I may be misremembering.
Let me now ask - Can the WMF either publicly or privately (I live in the SF Bay Area and can come over and talk) provide enough detailed assurance as to the digital medium storage plan for these IDs?
This is enough data for someone to do an identity theft with. The physical handling is relatively easy to ensure is proper (locked cabinet or the like requires a physical office intrusion). The electronic...
On Wed, Oct 23, 2013 at 4:15 PM, Rschen7754 rschen7754.wiki@gmail.comwrote:
Speaking for myself, I have no problems with the overall idea, and I doubt that a lot of the others who have signed the petition do either.
The problem is in the details of how it is implemented, and that appropriate safeguards are not written into place to protect the privacy and legal rights of those who (re)identify. I know some European users have raised concerns about how the overall policy does not work for them and/or would cause them to break the law. I don't believe that they should have to stand alone.
Thanks,
Rschen7754 rschen7754.wiki@gmail.com
On Oct 23, 2013, at 4:07 PM, Marc A. Pelletier marc@uberbox.org wrote:
On 10/23/2013 07:01 PM, Newyorkbrad wrote:
(I myself can think of one and only one, but am curious if there are others.)
I can also think of exactly one off the cuff (and it is almost certainly the same); but I can think of a couple of scenarios where the dissuasive effect alone might have made a difference.
But my understanding is that this is prompted by a more serious focus on accountability than over any particular incident.
-- Marc
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
-- -george william herbert george.herbert@gmail.com
Hi George -
I can tell you that I was in the room as this was being discussed today. I'm fairly sure that Michelle is going to be following up on this question shortly. It wasn't being ignored - we are just in that territory where lawyers like to be certain that when they answer clarifying queries like yours, they aren't accidentally muddying the waters further. More soon.
pb
————————— Philippe Beaudette Director, Community Advocacy Wikimedia Foundation, Inc
On Oct 25, 2013, at 9:19 PM, George Herbert george.herbert@gmail.com wrote:
Again I ask:
Can the WMF either publicly or privately provide enough detailed assurance as to the digital medium storage plan for these IDs?
This is or should be a no-go for requiring IDs (or at least allowing them to be transferred that way).
I would be happy to contribute a free independent security audit to a plan, if there is a detailed plan to audit. And do so under confidentiality agreement if you need that, as long as you let me share a non-exploitable summary with the community...
On Wed, Oct 23, 2013 at 4:21 PM, George Herbert george.herbert@gmail.comwrote:
Going back to the 2011 discussions on otrs lists, a flag was raised that challenged whether the WMF had sufficiently secure servers to host copies of ID documents that might be electronically submitted, including sufficient firewalling and/or airgapping, internal access controls, etc.
My impression was that once that was raised as a detailed concern, the push died off rapidly, but I may be misremembering.
Let me now ask - Can the WMF either publicly or privately (I live in the SF Bay Area and can come over and talk) provide enough detailed assurance as to the digital medium storage plan for these IDs?
This is enough data for someone to do an identity theft with. The physical handling is relatively easy to ensure is proper (locked cabinet or the like requires a physical office intrusion). The electronic...
On Wed, Oct 23, 2013 at 4:15 PM, Rschen7754 rschen7754.wiki@gmail.comwrote:
Speaking for myself, I have no problems with the overall idea, and I doubt that a lot of the others who have signed the petition do either.
The problem is in the details of how it is implemented, and that appropriate safeguards are not written into place to protect the privacy and legal rights of those who (re)identify. I know some European users have raised concerns about how the overall policy does not work for them and/or would cause them to break the law. I don't believe that they should have to stand alone.
Thanks,
Rschen7754 rschen7754.wiki@gmail.com
On Oct 23, 2013, at 4:07 PM, Marc A. Pelletier marc@uberbox.org wrote:
On 10/23/2013 07:01 PM, Newyorkbrad wrote: (I myself can think of one and only one, but am curious if there are others.)
I can also think of exactly one off the cuff (and it is almost certainly the same); but I can think of a couple of scenarios where the dissuasive effect alone might have made a difference.
But my understanding is that this is prompted by a more serious focus on accountability than over any particular incident.
-- Marc
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
-- -george william herbert george.herbert@gmail.com
-- -george william herbert george.herbert@gmail.com _______________________________________________ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Ok. As long as it wasn't missed, in all the other topics.
Thanks, I will be patient.
On Fri, Oct 25, 2013 at 11:10 PM, Philippe Beaudette < pbeaudette@wikimedia.org> wrote:
Hi George -
I can tell you that I was in the room as this was being discussed today. I'm fairly sure that Michelle is going to be following up on this question shortly. It wasn't being ignored - we are just in that territory where lawyers like to be certain that when they answer clarifying queries like yours, they aren't accidentally muddying the waters further. More soon.
pb
————————— Philippe Beaudette Director, Community Advocacy Wikimedia Foundation, Inc
On Oct 25, 2013, at 9:19 PM, George Herbert george.herbert@gmail.com
wrote:
Again I ask:
Can the WMF either publicly or privately provide enough detailed
assurance
as to the digital medium storage plan for these IDs?
This is or should be a no-go for requiring IDs (or at least allowing them to be transferred that way).
I would be happy to contribute a free independent security audit to a
plan,
if there is a detailed plan to audit. And do so under confidentiality agreement if you need that, as long as you let me share a non-exploitable summary with the community...
On Wed, Oct 23, 2013 at 4:21 PM, George Herbert <
george.herbert@gmail.com>wrote:
Going back to the 2011 discussions on otrs lists, a flag was raised that challenged whether the WMF had sufficiently secure servers to host
copies
of ID documents that might be electronically submitted, including sufficient firewalling and/or airgapping, internal access controls, etc.
My impression was that once that was raised as a detailed concern, the push died off rapidly, but I may be misremembering.
Let me now ask - Can the WMF either publicly or privately (I live in the SF Bay Area and can come over and talk) provide enough detailed
assurance
as to the digital medium storage plan for these IDs?
This is enough data for someone to do an identity theft with. The physical handling is relatively easy to ensure is proper (locked
cabinet or
the like requires a physical office intrusion). The electronic...
On Wed, Oct 23, 2013 at 4:15 PM, Rschen7754 <rschen7754.wiki@gmail.com
wrote:
Speaking for myself, I have no problems with the overall idea, and I doubt that a lot of the others who have signed the petition do either.
The problem is in the details of how it is implemented, and that appropriate safeguards are not written into place to protect the
privacy
and legal rights of those who (re)identify. I know some European users
have
raised concerns about how the overall policy does not work for them
and/or
would cause them to break the law. I don't believe that they should
have to
stand alone.
Thanks,
Rschen7754 rschen7754.wiki@gmail.com
On Oct 23, 2013, at 4:07 PM, Marc A. Pelletier marc@uberbox.org
wrote:
On 10/23/2013 07:01 PM, Newyorkbrad wrote: (I myself can think of one and only one, but am curious if there are others.)
I can also think of exactly one off the cuff (and it is almost
certainly
the same); but I can think of a couple of scenarios where the
dissuasive
effect alone might have made a difference.
But my understanding is that this is prompted by a more serious focus
on
accountability than over any particular incident.
-- Marc
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
,
mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
-- -george william herbert george.herbert@gmail.com
-- -george william herbert george.herbert@gmail.com _______________________________________________ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
As for I, I have totally given up with the idea of preservation of confidential data when the US are somehow involved (if the NSA is already involved in recording German president phone conversations or French diplomatic department communications, who are we to hope that our every steps can be private anyway ?).
My trust in WMF ability to provide security to our private information also dramatically dropped with the password leak a couple of months ago.
So what are the risks left ? I see mostly three main ones
1) that a digital version of my passport get in the hands of scammers. We know some of the risks associated to this, one of which being identity theft. Collection of a bunch of private data (name, email, phone number, postal address...) is one thing. Preservation of official identity paper is another. I think that's a non-acceptable risk.
2) that WMF disclose private information about us (OTRS member for example) volunteers to other volunteers, who may not even be identified in the least (as in "arbitration committee members"). Main risk associated imho would go from mild online bullying to severe irl mishandling. I have very acute memory of this sick person sending me emails threatening my life and the life of my own kids when I was Chair of WMF. I was happy he was in the USA and me in France. I was not happy he knew of my postal address. And I was scared when I met him at the WMF doors irl. Disclosing private information about us to a lawyer or a policeman is one thing. Disclosing private information about us to an "unknown" wikimedia member not bound by similar rules related to private data is unacceptable.
3) last, that WMF disclose private information about us without having the obligation to inform us it did so. The draft proposes that The Wikimedia Foundation will not share submitted materials with third parties, unless such disclosure is (A) permitted by a non-disclosure agreement approved by the Wikimedia Foundation’s legal department; (B) required by law; (C) needed to protect against immediate threat to life or limb; or (D) needed to protect the rights, property, or safety of the Wikimedia Foundation, its employees, or contractors. This is vague enough that it may happen that our private data is disclosed to about whoever (who will access our private data thanks to this "permitted by a non-disclosure agreement approved by the Wikimedia Foundation’s legal department" ???), possibly without us knowing. Consequences may be various (being citing in a legal case without even knowning; having personal information disclosed to spammers or scammers; being sued by an "unhappy customer" after we failed to fix his case on otrs etc.) A good part of benefit of this agreement would be that covered person better feel accountable. I think a fitting balance would be that WMF agree to mandatorily inform ANY covered person WHEN and to WHOM his/her information has been disclosed.
Florence
On 10/26/13 8:20 AM, George Herbert wrote:
Ok. As long as it wasn't missed, in all the other topics.
Thanks, I will be patient.
On Fri, Oct 25, 2013 at 11:10 PM, Philippe Beaudette < pbeaudette@wikimedia.org> wrote:
Hi George -
I can tell you that I was in the room as this was being discussed today. I'm fairly sure that Michelle is going to be following up on this question shortly. It wasn't being ignored - we are just in that territory where lawyers like to be certain that when they answer clarifying queries like yours, they aren't accidentally muddying the waters further. More soon.
pb
————————— Philippe Beaudette Director, Community Advocacy Wikimedia Foundation, Inc
On Oct 25, 2013, at 9:19 PM, George Herbert george.herbert@gmail.com
wrote:
Again I ask:
Can the WMF either publicly or privately provide enough detailed
assurance
as to the digital medium storage plan for these IDs?
This is or should be a no-go for requiring IDs (or at least allowing them to be transferred that way).
I would be happy to contribute a free independent security audit to a
plan,
if there is a detailed plan to audit. And do so under confidentiality agreement if you need that, as long as you let me share a non-exploitable summary with the community...
On Wed, Oct 23, 2013 at 4:21 PM, George Herbert <
george.herbert@gmail.com>wrote:
Going back to the 2011 discussions on otrs lists, a flag was raised that challenged whether the WMF had sufficiently secure servers to host
copies
of ID documents that might be electronically submitted, including sufficient firewalling and/or airgapping, internal access controls, etc.
My impression was that once that was raised as a detailed concern, the push died off rapidly, but I may be misremembering.
Let me now ask - Can the WMF either publicly or privately (I live in the SF Bay Area and can come over and talk) provide enough detailed
assurance
as to the digital medium storage plan for these IDs?
This is enough data for someone to do an identity theft with. The physical handling is relatively easy to ensure is proper (locked
cabinet or
the like requires a physical office intrusion). The electronic...
On Wed, Oct 23, 2013 at 4:15 PM, Rschen7754 <rschen7754.wiki@gmail.com
wrote:
Speaking for myself, I have no problems with the overall idea, and I doubt that a lot of the others who have signed the petition do either.
The problem is in the details of how it is implemented, and that appropriate safeguards are not written into place to protect the
privacy
and legal rights of those who (re)identify. I know some European users
have
raised concerns about how the overall policy does not work for them
and/or
would cause them to break the law. I don't believe that they should
have to
stand alone.
Thanks,
Rschen7754 rschen7754.wiki@gmail.com
On Oct 23, 2013, at 4:07 PM, Marc A. Pelletier marc@uberbox.org
wrote:
> On 10/23/2013 07:01 PM, Newyorkbrad wrote: > (I myself can > think of one and only one, but am curious if there are others.)
I can also think of exactly one off the cuff (and it is almost
certainly
the same); but I can think of a couple of scenarios where the
dissuasive
effect alone might have made a difference.
But my understanding is that this is prompted by a more serious focus
on
accountability than over any particular incident.
-- Marc
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
,
mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
-- -george william herbert george.herbert@gmail.com
-- -george william herbert george.herbert@gmail.com _______________________________________________ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
On 10/26/2013 10:00 AM, Florence Devouard wrote:
- that WMF disclose private information about us (OTRS member for
example) volunteers to other volunteers, who may not even be identified in the least (as in "arbitration committee members")
The members of the English Wikipedia Arbcom, at least, are all identified.
-- Marc
On 10/26/13 4:22 PM, Marc A. Pelletier wrote:
On 10/26/2013 10:00 AM, Florence Devouard wrote:
- that WMF disclose private information about us (OTRS member for
example) volunteers to other volunteers, who may not even be identified in the least (as in "arbitration committee members")
The members of the English Wikipedia Arbcom, at least, are all identified.
-- Marc
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
So I heard.
But not the case of other arbcom.
Flo
On Sat, Oct 26, 2013 at 10:00 AM, Florence Devouard anthere9@yahoo.comwrote:
As for I, I have totally given up with the idea of preservation of confidential data when the US are somehow involved (if the NSA is already involved in recording German president phone conversations or French diplomatic department communications, who are we to hope that our every steps can be private anyway ?).
This bit is extraneous and unnecessary because (a) no one is asking the WMF to hide details from the NSA, who let's agree couldn't care less about that bit of data and (b) anything the NSA is capturing in Germany or France was already quite certainly being captured by the governments of Germany and France (or really, both).
That said, I agree with your three main points and think the WMF legal team should consider them very strongly as they bring their failed policy proposal back to the drawing board.
On 10/26/13 5:37 PM, Nathan wrote:
On Sat, Oct 26, 2013 at 10:00 AM, Florence Devouard anthere9@yahoo.comwrote:
As for I, I have totally given up with the idea of preservation of confidential data when the US are somehow involved (if the NSA is already involved in recording German president phone conversations or French diplomatic department communications, who are we to hope that our every steps can be private anyway ?).
This bit is extraneous and unnecessary because (a) no one is asking the WMF to hide details from the NSA, who let's agree couldn't care less about that bit of data and (b) anything the NSA is capturing in Germany or France was already quite certainly being captured by the governments of Germany and France (or really, both).
At 45, I am still perhaps very innocent about my gov. But really, I do not think the French gov is recording Ms Merkel. If only because they very likely do not have the tech means to do so ;)
Still, I disagree with you that the bit is extraneous. The thing is that most Europeans were really very shocked to read all that stuff about the NSA in the past few months. People are probably more sensitive about their private data than they were a couple of days ago because that was the opportunity for much talk on the general subject in the past few months (which data is recorded, by who, what for and so on).
Flo
That said, I agree with your three main points and think the WMF legal team should consider them very strongly as they bring their failed policy proposal back to the drawing board. _______________________________________________ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Hi All,
I wanted to let you know that I have posted a responsehttps://meta.wikimedia.org/wiki/Talk:Access_to_nonpublic_information_policy#Rethinking_the_access_policy:_Response_to_recent_feedbackto the recent feedback we have received and very much look forward to hearing your thoughts on the ideas proposed. I also wanted to thank you all for the feedback over the past week and a half. It really helped us understand your concerns and go back to the drawing board -- this discussion has really reemphasized the value of community consultations periods to me. In the end, we want to do what works for the community and the movement.
Best,
Michelle
On Wed, Oct 23, 2013 at 4:07 PM, Marc A. Pelletier marc@uberbox.org wrote:
On 10/23/2013 07:01 PM, Newyorkbrad wrote:
(I myself can think of one and only one, but am curious if there are others.)
I can also think of exactly one off the cuff (and it is almost certainly the same); but I can think of a couple of scenarios where the dissuasive effect alone might have made a difference.
But my understanding is that this is prompted by a more serious focus on accountability than over any particular incident.
-- Marc
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
On Wed, Oct 23, 2013 at 4:24 PM, Michelle Paulson mpaulson@wikimedia.org wrote:
Hi All,
I wanted to let you know that I have posted a responsehttps://meta.wikimedia.org/wiki/Talk:Access_to_nonpublic_information_policy#Rethinking_the_access_policy:_Response_to_recent_feedbackto the recent feedback we have received and very much look forward to hearing your thoughts on the ideas proposed. I also wanted to thank you all for the feedback over the past week and a half. It really helped us understand your concerns and go back to the drawing board -- this discussion has really reemphasized the value of community consultations periods to me. In the end, we want to do what works for the community and the movement.
Best,
Michelle
Hi guys,
In addition to the continuing discussion Michelle started above on whether we should check ID or not the legal team has also started responding with thoughts and some options on other suggestions and questions (such as retention time and keeping the data instead of the id). In all of these they’ve asked for thoughts if you haven’t checked the page since early/mid last week it would be great if you could check it again to weigh in. They will also be continuing to respond to unanswered questions and concerns so please don’t think your specific concern is being ignored.
We have also reached out to all OTRS agents to make sure they are aware of a discussion on whether they should be included in the policy (currently only OTRS admins are). That conversation is ongoing at https://meta.wikimedia.org/wiki/Talk:Access_to_nonpublic_information_policy#... and could, again, use more comments whether you’re a member of OTRS or not.
James
James Alexander Legal and Community Advocacy Wikimedia Foundation (415) 839-6885 x6716 @jamesofur
I can think of three times that people with access to private information misled the community about their identity and it would have been better if there were records showing who they were. Being able to audit the records for false documentation would have been useful in two and probably would have prevented the other.
Sydney
Sent from my iPhone
On Oct 23, 2013, at 19:01, Newyorkbrad newyorkbrad@gmail.com wrote:
Although I personally didn't consider identifying to be onerous, I've never thought the entire identification requirement and process were necessary, since nothing is ever done with the identification data. Can anyone think of a situation that would have been handled differently if the proposed policy had been in place at the relevant time? (I myself can think of one and only one, but am curious if there are others.)
Newyorkbrad
On Wed, Oct 23, 2013 at 6:45 PM, Marc A. Pelletier marc@uberbox.org wrote:
On 10/21/2013 08:13 PM, MZMcBride wrote:
On a typical site, paid staff would deal with problematic users.
The obvious, and perhaps a bit trite, answer would be that we are most certainly not a typical site by any meaning of the term. :-)
Seriously, however, I can understand why some current holders of rights might have reservations about a policy that tightens greatly how private information is handled and how much vetting is done on who does the handling; but that tightening does very much need to take place.
It's not clear to me what those people who have signed the petition think they can accomplish; those new rules (perhaps altered through feedback) will need to be installed eventually, but nobody is obliged to abide them if they do not feel comfortable doing so; being a steward, oversighter or checkuser is not something one is forced into doing. If they prefer not to proceed with the new system, they don't actually need to resign.
As a volunteer, I'd *much* rather those functions be held by active members of the community than by staff; and as long as there remains sufficient volunteers to do the job, then this is what should happen. (We'd probably get more people willing to step forward if we stopped - collectively - heaping so much crap on the heads of functionaries; but that's a different issue).
-- Coren / Marc
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Marc A. Pelletier wrote:
Seriously, however, I can understand why some current holders of rights might have reservations about a policy that tightens greatly how private information is handled and how much vetting is done on who does the handling; but that tightening does very much need to take place.
Says who? I've been trying to get a clear answer to this question for the past few days. The access to non-public info policy is the Board's creation and the Board's prerogative. Is the Board interested in updating this policy? If not, then politely: why are we having this conversation? If so, why and in what ways would the Board like to see the policy updated?
MZMcBride
MZMcBride, 24/10/2013 05:47:
Marc A. Pelletier wrote:
Seriously, however, I can understand why some current holders of rights might have reservations about a policy that tightens greatly how private information is handled and how much vetting is done on who does the handling; but that tightening does very much need to take place.
Says who? I've been trying to get a clear answer to this question for the past few days.
Seconded. The last message by legals on the talk page doesn't address this root issue.
The access to non-public info policy is the Board's creation and the Board's prerogative. Is the Board interested in updating this policy? If not, then politely: why are we having this conversation? If so, why and in what ways would the Board like to see the policy updated?
Apparently, legals say that the current policy is too flexible for the board to have really meant approving it, so of course the board will like to change his mind and make it much stricter, while if one wanted to keep it as flexible as it is now one would need the board to change his mind. Hmmmmmm.
Nemo
...
Apparently, legals say that the current policy is too flexible for the board to have really meant approving it, so of course the board will like to change his mind and make it much stricter, while if one wanted to keep it as flexible as it is now one would need the board to change his mind. Hmmmmmm.
Nemo
Without an explanation of why this was an issue or a priority legal matter, it seems perfectly reasonable to fill in the gaps with wild fantasy and speculation. I rather like the idea that someone in the WMF legal team read something about privacy on their top of the range internet tablet, while drinking freshly ground top of the range coffee, and as it was an otherwise dull day on the subpoena front, decided to give this policy a poke to see the ants scurry about. It certainly seems to have kept many volunteers busy this week.
Fae
On 24 October 2013 08:10, Fæ faewik@gmail.com wrote:
...
Apparently, legals say that the current policy is too flexible for the
board
to have really meant approving it, so of course the board will like to change his mind and make it much stricter, while if one wanted to keep
it as
flexible as it is now one would need the board to change his mind.
Hmmmmmm.
Nemo
Without an explanation of why this was an issue or a priority legal matter, it seems perfectly reasonable to fill in the gaps with wild fantasy and speculation. I rather like the idea that someone in the WMF legal team read something about privacy on their top of the range internet tablet, while drinking freshly ground top of the range coffee, and as it was an otherwise dull day on the subpoena front, decided to give this policy a poke to see the ants scurry about. It certainly seems to have kept many volunteers busy this week.
Wow, Fae. Just....wow.
Now, how about we look at this from the perspective of the editor whose non-public personal information is available to checkusers, or who has to rely on an oversighter to address an accidental logged-out edit. If I am that editor, I really want the WMF, who has granted those individuals access to this personal (and in some cases private) information, to know exactly who has that access. I want them to know who those people are, I want them to know how to contact them directly, and I want them to make sure that those individuals have personally undertaken to keep any information confidential with very limited exceptions.
This is actually a Privacy 101 situation: an organization that grants access to non-public personal information needs to know exactly who it is granting that access to, and the person who has access to that information needs to agree to keep it confidential.
The majority of the discussion in the last period has been about the mechanics of collecting and retaining the identifying information of those who have access. There are some good points being raised by several people, and they do need to be addressed; however, the underlying principle is absolutely sound. I'm actually kind of shocked that there would be much debate about the core principle, and I find it concerning that there is the suggestion some individuals who have access to huge amounts of non-public personal information about others should be exempted from having their own identity known to the organization responsible for keeping this non-public information secure.
Risker
On 24 October 2013 15:01, Marc A. Pelletier marc@uberbox.org wrote:
On 10/24/2013 09:37 AM, Risker wrote:
Wow, Fae. Just....wow.
I think Fae was being highly ironic there.
-- Marc
;-)
Some of you might know there is a bit of a significant history here when it comes to interpreting what I say, in this case even when clearly marked as a work of fiction. Certainly I would rather redact my comment if there were any way it could be used to accused of me of some sort of crime.
Cheers, Fae
On Thu, Oct 24, 2013 at 10:01 AM, Marc A. Pelletier marc@uberbox.org wrote:
On 10/24/2013 09:37 AM, Risker wrote:
Wow, Fae. Just....wow.
I think Fae was being highly ironic there.
If so, I think we just ran into Poe's law.[1]
[1]: https://en.wikipedia.org/wiki/Poe%27s_law (of course)
wikimedia-l@lists.wikimedia.org