[Foundation-l] WMF resolution on access to non-public data passed

[Matthew Brown]

Thanks for your answers, Brad, and I appreciate that you can only
speak for the situation before your leaving.

A lot of what I'm getting at, I guess, is wondering how seriously the
privacy policy will be enforced and whether this information will be
common knowledge in the office (and thus easily accidentally
disclosed) or whether it will be checked by someone and then placed
somewhere secure and not generally known by everyone who works in the
office.

My concerns are also that security breaches may be swept under the
carpet, and ignored or denied as the easier option.

Thank you for the clarification as to Florida law and the likely
policy the Foundation would follow if they received a legal request
for the information.  While I realize that the Foundation may not be
in the position of an iron-clad guarantee about anything, I would hope
at least that the correct procedure to follow will be decided upon in
advance and that the standard procedure include notifying the subject
of any subpoena/investigation/discovery if that is possible.

I know under certain circumstances such a notification is prohibited
and that the Foundation may not be able to contact someone, but my
concern is that if what to do in that circumstance is not considered
in advance, policy may be made up on-the-fly in a panic and my
experience is that poor decisions are sometimes made in such
circumstances.

As I said, my own identity is by no means considered a secret, though
my real name is sufficiently frequent that it's not enough to obtain
positive identification.  I'm asking more out of a feeling that some
of these things need to be raised in advance of problems.

Thanks,

-Matt