[Foundation-l] Genisis of WMF Identification policy?

Birgitte SB birgitte_sb at yahoo.com
Sat Feb 26 22:58:13 UTC 2011 





________________________________
From: Lodewijk <lodewijk at effeietsanders.org>
To: Wikimedia Foundation Mailing List <foundation-l at lists.wikimedia.org>
Cc: Birgitte SB <birgitte_sb at yahoo.com>
Sent: Fri, February 25, 2011 3:51:50 PM
Subject: Re: [Foundation-l] Genisis of WMF Identification policy?

It should be clear and transparant why the WMF is collecting this
information, and what they intend to do with it. If they want to be able to
sue people - fine, but then just say that. Then people know what they are up
against, and what the reasoning is. That way alone volunteers can make their
rational decision. But also chapters, because it might have quite some legal
complications if the WMF wants to force a chapter to submit private data
about one of their members because they want to sue this person.


The problem with is that none of us can imagine all the future possibilities 
that could occur.  The WMF can't know what they could be up against.   So how 
can they possibly tell you what they can't know?

You seem to suggest the WMF suing someone is an extreme thing.  But what is 
really extreme is asking WMF to vow *not* to sue anyone. Lets say they do this 
and imagine if a checkuser User:Foobar publishes private information on their 
blog obtained as a checkuser. Someone whose privacy was violated identifies who 
User:Foobar was through their blog; sues them and wins.  User:Foobar sues WMF 
claiming something frivolous about not protecting them from the situation and 
loses. Because of the vow WMF cannot counter-sue User:Foobar for lawyer fees and 
court costs even though WMF does not even need to the recorded identification 
provided through the policy in this case because User:Foobar identified themself 
in the lawsuit they filed against WMF.
 
Also the privacy policy is a joke without the identification policy.  Say 
checkuser User:Foo breaches the privacy policy and rightly loses checkuser 
rights.  There is no record available to WMF identifying  RealName as User:Foo.  
So RealName retires User:Foo and registers User:Bar who is then able to become a 
checkuser. Is this truly a responsible privacy policy when there is no way of 
preventing those who have abused their access to private data from once again 
obtaining access to private data?

As I said in my first email.  There are valid concerns about the identification 
policy that must be resolved.  However, deciding to indefinitely give 
unidentifiable people access to private data can not be an option.  It just too 
irresponsible.  This is *my* private data you are all playing with.  I won't get 
to have *your* private data in return, but you can at least give it the WMF to 
act as a responsible party protecting *my* interests. I understand that you need 
some safeguards about security at WMF Office or WMF Chapters. However if you 
won't be comfortable with any possible procedure where they could keep *your* 
private data, then stay away from *my* private data.  


Birgitte SB

More information about the foundation-l mailing list