So my conclusion was that users should be better informed about the fact that personal data is gathered, what use will be done of it, and what they can do (explain them where to get information on it, modify it or delete it).
soufron.free.fr/soufron-spip/article.php3?id_article=103
Just mentioning that somewhere would be enough to comply with the EU regulations... but it needs to be done.
Chris Jenkinson wrote:
Hi all,
We had a rather large discussion today on privacy and its application on Wikipedia (specifically anonymous editing and the checkuser tool which is the subject of much debate at the moment).
I am curious to whether the Wikimedia Foundation's privacy policy is compatible with EU legislation on privacy (which is tightly regulated), and whether it is obliged to be, as the Foundation hosts servers in the European Union (which are presumably subject to EU law).
I would also like to propose that any person with access to server logs (which include IP addresses), including people with access to the checkuser tool, should sign a legal agreement of some sort with the Wikimedia Foundation concerning non-disclosure of this information.
I am unsure whether or not an IP address qualifies as "personal information" under EU law and I have contacted the UK Information Commissioner's Office asking them for their opinion.
Thoughts on the legal agreement proposal, and answers to the question of legal obligations are much appreciated.
Chris _______________________________________________ foundation-l mailing list foundation-l@wikimedia.org http://mail.wikipedia.org/mailman/listinfo/foundation-l