[Foundation-l] should not web server logs (of requests) be published?

FastLizard4 fastlizard4 at gmail.com
Sun Nov 28 10:11:00 UTC 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The Wikimedia Foundation believes otherwise.  Take a look at their
Privacy Policy <http://meta.wikimedia.org/wiki/Privacy_Policy> (relevant
excerpt follows):

"=== IP and other technical information ===
When a visitor requests or reads a page, or sends email to a Wikimedia
server, no more information is collected than is typically collected by
web sites. The Wikimedia Foundation may keep raw logs of such
transactions, but these will not be published or used to track
legitimate users."

I find it extremely unlikely that the WMF will allow an exception to
this rule.  While I don't care if people know my IP address(es), some
people are understandably quite frankly scared by the idea of
broadcasting their IP address to the world, since very often, rather
accurate details about the location - amongst other things - of the user
can be found from checking the IP address.  In the end, it pretty much
comes down to the fact that the WMF simply won't release this
information, short of a ruling from the Board of Trustees.  Not very
likely to happen.  In addition, by extension of that excerpt from the
privacy policy, I don't think the Foundation would agree to publish
anonymized logs either.  You also point out that many users edit
anonymously, publishing their IP address instead of a username.  I would
view this under the context of the Privacy Policy as voluntary release
of IP address by a user, much as if I posted the IP address I use on my
Wikipedia userpage.

As for NATs and dynamic IP addresses, NATs really don't mean anything
except at large corporations or schools (aside from a convenient way to
put multiple computers on one network); even then, the "external" IP
used by the NAT/Internet gateway is usually a sufficient privacy
concern.  And dynamic IP addresses usually don't change very much - for
example, my dynamic IP doesn't actually change unless I shut off my DSL
modem for a good few minutes, which I haven't done since the last power
outage.  And, of course, anyone editing from a school, business, or
other institution would most likely have a static IP address, which
could (should?) even, through RDNS, resolve back to the name of that
institution.  As for open proxies for editing, they are generally
disallowed from editing.
- --
- --FastLizard4 (http://en.wikipedia.org/wiki/User:FastLizard4)

dinar qorbanof wrote:
> i do not think that ip address is so important private information,
> many people browse through dynamic ip and NAT.
> 
> _______________________________________________
> foundation-l mailing list
> foundation-l at lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iD8DBQFM8iqzIUvvVwjDo7YRAs4hAKDGfnpsRk6iBkUf4C1jiIWSF1UCzQCePU2O
a/ji6Ujigzv/i9oDGNDlfKY=
=AM8U
-----END PGP SIGNATURE-----

More information about the foundation-l mailing list