Hi all,
We had a rather large discussion today on privacy and its application on Wikipedia (specifically anonymous editing and the checkuser tool which is the subject of much debate at the moment).
I am curious to whether the Wikimedia Foundation's privacy policy is compatible with EU legislation on privacy (which is tightly regulated), and whether it is obliged to be, as the Foundation hosts servers in the European Union (which are presumably subject to EU law).
I would also like to propose that any person with access to server logs (which include IP addresses), including people with access to the checkuser tool, should sign a legal agreement of some sort with the Wikimedia Foundation concerning non-disclosure of this information.
I am unsure whether or not an IP address qualifies as "personal information" under EU law and I have contacted the UK Information Commissioner's Office asking them for their opinion.
Thoughts on the legal agreement proposal, and answers to the question of legal obligations are much appreciated.
Chris