The CC BY-SA license, used on most WMF projects, requires /attribution/. Attribution for edits made by unregistered/unlogged users is done by the exclusive means of their IP address. By clicking the 'Save' button, they agreed to release their edits under CC BY-SA, and that their IP address would have been the only form of attribution of their changes to them. While we can assume that there aren't any collisions between hashes of IP addresses, and we could change the attribution requirements for new edits, hiding or modifying the way IP addresses /of unregistered users who edited before that change/ are shown would be a substantial CC BY-SA infringement, as would be a change of registered users' names without their consent and without public logs of that change.
Il 11/07/2014 15:34, Gilles Dubuc ha scritto:
This interesting bot showed up on hackernews today: https://news.ycombinator.com/item?id=8018284
While in this instance the access to anonymous' editors IP addresses is definitely useful in terms of identifying edits with probable conflict of interest, it makes me wonder what the history is behind the fact that anonymous editors are identified by their IP addresses on WMF-hosted wikis.
IP addresses are closely guarded for registered users, why wouldn't anonymous users be identified by a hash of their IP address in order to protect their privacy as well? The exact same functionality of being able to see all edits by a given anonymous IP would still exist, the IP itself just wouldn't be publicly available, protected with the same access rights as registered users'.
The "use case" that makes me think of that is someone living in a totalitarian regime making a sensitive edit and forgetting that they're logged out. Or just being unaware that being anonymous on the wiki doesn't mean that their local authorities can figure out who they are based on IP address and time. Understanding that they're somewhat protected when logged in and not when logged out requires a certain level of technical understanding. The easy way out of this argument is to state that these users should be using Tor or something similar. But I still wonder why we have this double standard of protecting registered users' privacy in regards to IP addresses and not applying the same for anonymous users, when simple hashing would do the job. _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l