[Foundation-l] Data retention

[Anthony]

On Sat, Sep 20, 2008 at 9:15 AM, Thomas Dalton <thomas.dalton at gmail.com>wrote:

> > I didn't ask if it I applied, I asked how it applied.  Maybe I should
> have
> > said "in what way" instead of "how"?
> >
> > One question would be, if a "troll hunter" breaks the privacy policy, who
> > would you sue?  The "troll hunter"?  The WMF?  Surely the public can't
> sue
> > the "troll hunter" directly, as the privacy policy is only binding on the
> > WMF.  But surely the WMF would argue that it isn't responsible for the
> > actions of its CheckUsers if it did get sued.
>
> I don't know, ask a lawyer.


If I ever feel I am significantly damaged by a violation of the privacy
policy, I will.  Until then, I'll feel free speculating.  My speculation is
that the proper route would be to sue the WMF claiming that either 1) they
are responsible for the actions of the CheckUser, OR 2) that they have
violated the clause prohibiting sharing of information with third parties.

Of course, the problem is, the privacy policy is so enormously open-ended
that just about nothing anyone does is definitively a violation of it.  Mike
Godwin has worked hard to ensure that the WMF is never legally responsible
for anything, and the community has for the most part applauded this as a
good thing.

The privacy policy certainly applies to
> checkusers, though, otherwise we wouldn't have an ombudsman to deal
> with complaints of checkusers violating it.
>

I'm not questioning whether or not it "applies", though.  I'm questioning
the manner in which it applies.


> > Another question would be, what restrictions are there on retaining
> > CheckUser results?  I don't see any.
>
> There are restrictions on who the information can be distributed to,


There are restrictions on "public distribution" and there are restrictions
on how "Wikimedia" can "share private information".  The "public
distribution" restrictions probably don't apply to information about
"particularly troublesome users", and the restriction on sharing of private
information only applies to sharing by "Wikimedia".

So it's hard for me to see how a CheckUser could violate the privacy policy
in the first place (short of going completely crazy and publishing random
results on her website), and even if they did, there's probably nothing
anyone can do about it except take away their CheckUser rights for the
future (which does nothing to take away the data they've already stored -
Kelly Martin, for instance, has admitted to having a copies of CheckUser
results, and has also admitted to going on fishing expeditions CheckUsering
IP addresses which show up in email headers).


> There may also be issues
> where the WMF no longer has the information so people start
> subpoenaing individual checkusers - would they then be bound by the
> WMF's commitments regarding subpoenas? (They are only in the draft
> policy, not the current one, but I'm sure the draft one will become
> current sooner or later.) I don't know how it would all work, but it's
> something that needs to be considered carefully. I would advise
> against any checkuser storing such data without having discussed it
> with Mike.


Why should they heed your advice, though?  Just so they can help someone
they consider to be a "particularly troublesome user" escape legal
consequences for her actions?

I would advise against making it so easy for so many people, most of whom
have undergone no background check and many of whom have nothing to lose, to
store such data in the first place.  Are there really that many people who
need immediate unfettered access to actual IP addresses from home?

I'd also advise anyone accessing a website run by Wikimedia to assume that
their every action is being recorded and might be shared with anyone for any
reason.