[Foundation-l] foundation-l Digest, Vol 88, Issue 19

[Robin McCain]

If I might interject, it seems that the sole purpose of the snail mail 
described is to link a physical person to a login name in such a way 
that there is some accountability for one's actions that is acceptable 
to the organization. Is it really necessary to copy an identity 
document? Could a document with a notary seal accomplish much the same 
purpose without the need for a copy (and thus avoid possible legal 
issues arising from making such a copy)?

We had similar identity concerns when CAcert <http://www.cacert.org/> 
became intercontinental - originally one had to go through a somewhat 
complicated process with two notarys, etc. to gain certain trust levels, 
but as the project grew and the founders began to travel all over the 
world it became possible to meet in person with an "Assurer" and present 
one's identity documents (which were NOT copied) and thus gain points 
towards becoming a trusted person to the certification authority (ie. 
able to generate server keys chained to the CAcert organization's root 
keys, etc.).



On 7/9/2011 4:45 AM, foundation-l-request at lists.wikimedia.org wrote:
> I do think it is absolutely a problem when people on a WMF-hosted wiki
> are using an unofficial mechanism to demand copies of people's
> passports.
>
> Note that WMF does not allow local communities to do other things that
> would violate the privacy policy, such as run Google Analytics, even
> if the local community is all for it.
>
> When passports are requested of people on the wiki, does the requester
> stress that this is not WMF-official, not covered by the privacy
> policy and there is no official oversight whatsoever of the mechanism?
>
> It looks to me like Huib has alerted us to a potentially disastrous
> privacy time bomb.
>