[Foundation-l] Abuse filter

John at Darkstar vacuum at jeb.no
Wed Mar 25 15:35:07 UTC 2009

It is not refusing to accept some kind of edit that creates the problem,
it is the logging of the action because you then collect information
about the users. Preventing the vandalism instead of reacting to it
shifts the actions from a public context to a private context. By
avoiding collecting such information and adhering to "administration of
the system" most of the problem simply goes away. Its not about using or
not using the extension, its about limiting the logging so that no one
can gain access to any data to make later actions against the users (ie.
the vandals).

WMF may choose to log the information anyhow, like it may choose to not
respect copyright laws in some countries. I don't think that is very
wise, but I can only say what I believe is right.


Nathan skrev:
> The peculiarity in some respects of Scandinavian law seems to come up on
> this list fairly frequently, but it's usually short on specifics or actual
> cases. John, do you have any specific references to what you've described as
> a problem?
> Adhering to your interpretation on the possible limits on "private"
> information would effectively eliminate the abuse filter as a useful tool.
> I'm having a hard time seeing this as a widespread problem; there can't be
> many jurisdictions that define public and private in this way, or place such
> restrictions on what can be done with this data that blocking someone from a
> private website in another country could be a violation of the law.
> To my mind, private data of the sort we need to worry about is not "private"
> in the sense that it is owned by the Foundation or not publicly viewable,
> but "private" in the sense that it contains potentially sensitive details of
> individual editors and readers. Nothing in the abuse filter would seem to
> change the public availability of this sort of data, and I can hardly see
> Wikimedia being penalized simply for preventing vandalism instead of
> reacting to it.
> Nathan
> On Wed, Mar 25, 2009 at 8:35 AM, John at Darkstar <vacuum at jeb.no> wrote:
>> The problem is that something that previously was public (vandal moving
>>  the page "George W. Bush" to "moron") will now be private (he get a
>> message that hi isn't allowed to do that), this shifts the context from
>> a public context to a private context. Then the extension do logging of
>> actions done in this private context to another site. Users of this site
>> will then have access to private information. It is not the information
>> _disclosed_ which creates the problem, it is the information
>> _collected_. It seems like the information is legal for "administrative
>> purposes", but as soon as it is used for anything other it creates a lot
>> of problems. For example, if anyone takes actions against an user based
>> on this collected information it could be a violation of local laws.
>> (Imagine collected data being integrated with CU) If such actions must
>> be taken, then the central problems are identification of who has access
>> to the logs and are they in fact accurate. That is something you don't
>> want in a wiki with anonymous contributors! :D
>> The only solution I see is to avoid all logging of private actions if
>> the actions themselves does not lead to a publication of something.
>> Probably it will be legal to do some statistical analysis to administer
>> the system, but that should limit the possibility of later
>> identification of the involved users.
>> There are a lot of other problems, but I think most of them are minor to
>> this.
>> John
> _______________________________________________
> foundation-l mailing list
> foundation-l at lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

More information about the foundation-l mailing list