[Foundation-l] Wikipedia tracks user behaviour via third party companies #2
Domas Mituzas
midom.lists at gmail.com
Sun Jun 7 17:17:02 UTC 2009
Hi!
> Are the developers lawyers?
IANAL.
> A developer claiming something has an
> unwanted privacy issue is very different from making claims about
> something being a legal issue on the behalf of Foundation. Simply
> don't
> do it.
I failed to phrase what I wanted to write you in a way, that I
wouldn't make me look like an arrogant prick, so I will not write it.
Let me tell something else, instead.
Anyway, WMF has always been standing for privacy of our users. I
wholeheartedly approve the privacy stance, which means that we don't
even consider exceptions when it comes to giving away private data. We
just don't give it away. This is why we opt out of phorm, this is why
we don't facilitate numerous researchers (or whomever hide behind
those names), and we don't even keep most of private data ourselves.
Someone on this thread said, that WMF keeps private data internally.
We don't have readership data, there're no such thing as "access logs"
in our farm, the closest one to the concept is "one out of overall
requests", which doesn't have long retention, and is used for short
term operational purposes. Every other private data point is the one
that is visible by checkusers, has both audit trail, and quite
restricted access to information (at least there are verification
procedures).
So, we tend to understand data privacy policies internally quite well,
that was incentive of written down privacy policy, and that has been
part of constant internal dialogue how to handle overall privacy. We
know that our reader privacy is quite good (especially if people use
TOR and HTTPS :), we know that we have to balance our contributor
privacy issues in order to be what we are. We err to the side of
privacy, as that is where we would have highest damages.
Anyway, I answered your question, IANAL, but I'm in one way or another
part of organization that has one. We asked the lawyer to describe our
intent and position, and he did. We're happy to enforce it.
And, Brian,
> Volunteer admins cannot take user privacy into their own hands,
> under their
> own interpretation. That's just not how it works!
You don't seen to have sufficient understanding how it works. :(
Domas
More information about the foundation-l
mailing list