[Foundation-l] Wikipedia tracks user behaviour via third party companies #2

Robert Rohde rarohde at gmail.com
Sat Jun 6 02:05:48 UTC 2009

On Fri, Jun 5, 2009 at 4:30 PM, Peter Gervai<grinapo at gmail.com> wrote:
>> The community cannot decide that Random_user1
>> and Random_user2 etc will agree with the communities view on the stats being
>> passed to an external server.
> As you are aware it's not really random user, so what you write is
> more rhetoric and less facts. I debate your statement as I believe the
> community can pretty much decide anything unless it violates some
> higher level policy, and it's been told this predates the PP. And I
> tend to disagree in its violation, but it's an open debate.

The wording of Privacy Policy has always been rather vague and mushy
(something I've complained about in the past).

However the spirit of the policy, and the way it has been applied,
might be summarized thusly:

Personally identifiable data does not leave the WMF's control without
the WMF's express permission.  In general, the circumstances where
people have access to such data and the purposes for which they can
use it are explicitly defined in advance.

You may not be aware, but the relaying of page view data to third
party analysis platforms has been tried on a number of occasions in
the past and consistently shutdown.  (I think this even includes cases
before the Privacy Policy was adopted.)

However, to my recollection there has never been a case that quite
mirrors yours since we are talking about a privately hosted server
administered by a highly trusted community member.

Given the situation with Wikimedia DE and the toolserver cluster etc.,
I think it should be possible in principle for the WMF to reach an
agreement that allows data to be communicated to servers operated by
Wikimedia chapters for purposes that benefit Wikimedia.  In light of
current sentiment and Foundation practice though, I think that any
such arrangements should require prior approval.  That your set up has
existed for years can provide some confidence in its reasonableness
and security, but I wouldn't support turning it back on until people
have looked at and reviewed the details though.

Sorry for the abrupt way that things were handled, but erring on the
side of protecting user privacy is generally a good thing.  Now that
you are here discussing the matter, I'd hope a reasonable solution can
be found.

-Robert Rohde

More information about the foundation-l mailing list