[Labs-l] Labs privacy policy questions

[Tim Landscheidt]

(anonymous) wrote:

> I think the situation with passwords has been clarified. Thanks for that.

> However, there is still the matter of Labs users potentially logging and
> publishing the IPs of users who access the tool. My impression that this
> forbidden by policy but not by technical means. Can the wording of "By
> using this project, you agree that any private information you give to this
> project may be made publicly available and not be treated as confidential."
> be made more narrow to reflect that, in fact, it's not true that "any
> private information you give to this project may be made publicly available
> and not treated as confidential" unless a tool owner is breaking policy?

> Also, I'm wondering what to do about the vulnerability of user IPs being
> recorded and tracked. It sounds like there are three options:
> 1. Use technical means to prevent Labs tools from loading external
> resources that could potentially track IPs
> 2. Prohibit this practice by policy, and run some kind of background check
> on tool admins similar to what's done for CUs
> 3. Keep the status quo of warning users of potential disclosure but not do
> much to protect users against improper disclosure.

> Finally, it seems to me that the penalty for publishing private information
> in violation of Labs policy should involve far more than simply revoking
> Labs permissions. I think that this would merit the same kind of legal
> action that would likely be brought to bear if a checkuser or WMF employee
> did the same thing. There can be real-world consequences for users whose
> private information is made public, and therefore I think that it's
> appropriate that real-world legal action be explicitly included in the
> scope of possible consequences for misconduct of this kind, and I think
> that this should be noted in the Labs Terms of Use.

> Thoughts?

> I'm also looping in Michelle and James.

I live in a country where you need a court order to resolve
an IP and a timestamp to a name and an address, so I would
strongly recommend emigrating from countries where this is
different or using a privacy service in a safe country.

But even if I was concerned about my IP address, I would
certainly not access Wikipedia with it where this precious
datum can be accessed by an indeterminate and fluctuating
number of employees and international contractors of a
Florida organization with offices in San Francisco and a
legal address in Los Angeles, but also by any administrator
on the wiki with the power to add some JavaScript or tracker
images.  Much less would I access any site where the de-
clared purpose is that random users can host their brilliant
tools with no review necessary so that functionality can be
provided immediately and not with the years of delay typical
of WMF software development.

So if someone is blackmailed about their IP address, I would
strongly recommend (even stronger than emigration) to report
the blackmailer and the one emphasizing the danger!!!eleven!
to the police so that law enforcement can deal with the
criminal and investigate any links between the two.

If someone is not blackmailed, they should have plenty of
time to come up with a structure for tools not reviewed in
any way where breaches of privacy are technically impossi-
ble.  It rolls off the tongue like that, so it can't be that
hard to implement.

Tim