[Labs-l] Labs privacy policy questions

Andrew Bogott abogott at wikimedia.org
Tue Mar 8 05:25:53 UTC 2016 

Pine --

I was not involved in crafting the language of this policy, but I can at 
least start to answer your questions.

On 3/7/16 9:54 PM, Pine W wrote:
> The Wikimetrics login screen [1] presents me with this information:
>
> "By using this project, you agree that any private information you 
> give to this project may be made publicly available and not be treated 
> as confidential.
>
> "By using this project, you agree that the volunteer administrators of 
> this project will have access to any data you submit. This can include 
> your IP address, your username/password combination for accounts 
> created in Labs services, and any other information that you send. The 
> volunteer administrators of this project are bound by the Wikimedia 
> Labs Terms of Use, and are not allowed to share this information or 
> use it in any non-approved way.
>
> "Since access to this information is fundamental to the operation of 
> Wikimedia Labs, these terms regarding use of your data expressly 
> override the Wikimedia Foundation's Privacy Policy as it relates to 
> the use and access of your personal information."
>
> I have two questions to start.
>
> 1. Why would my IP, password, or other "private information" that I 
> give to Labs ever "be made publicly available and not treated as 
> confidential"?
Clearly that's a question for the project admins -- I don't know what 
they're planning to do with your data.  The main take-away is that you 
are giving your information to them, /not/ to NDA-bound WMF staff.  In 
my (non-legal) option, that means we're already outside the realm of 
'confidential'.  Furthermore, project membership is only informally 
managed, and most likely any member of the wikimetrics project can also 
access identifying information.

I can think of lots of good reasons why a user's IP address might be 
interesting as research data and might legitimately find it's way into 
public view, /if a user willingly discloses it/.  That's exactly why we 
have disclosures like this:  so that real, confidential Wikimedia 
projects don't quietly dump their traffic into a Labs back-end without 
seriously considering the possible breaches of privacy that might result.

>
> 2. Why would Labs volunteer administrators ever have access to my 
> password? To the best of my knowledge, even WMF staff never have 
> access to plaintext passwords of anyone but themselves unless someone 
> chooses to disclose their password on a one-time basis.
>
I believe you're referring to this text:

"This can include your IP address, your username/password combination 
for accounts created in Labs services, and any other information that 
you send."

Again, the point is that you are logging into software that is created 
and maintained by volunteers -- therefore by definition your information 
is passing through their hands.  Clearly a well-made project will not 
present plaintext passwords to actual human eyes, but you are typing 
your password into a text field maintained by actual human volunteers, 
which in terms of security amounts to the same thing:  you are trusting 
those volunteers with your password.

I hope that helps!  I don't think there's a lot of wiggle-room here... 
if you are uncomfortable with the terms of use for a given labs project, 
best not to use it.

-Andrew


> Thanks,
>
> Pine
>
>
> [1] 
> https://metrics.wmflabs.org/login?next=%2Freports%2Fprogram-global-metrics
>
>
> _______________________________________________
> Labs-l mailing list
> Labs-l at lists.wikimedia.org
> https://lists.wikimedia.org/mailman/listinfo/labs-l

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.wikimedia.org/pipermail/labs-l/attachments/20160307/14fba5a9/attachment.html>

More information about the Labs-l mailing list