Bump.
Is anything happening at WMF to assist corporate compliance directors and site administrators, who run MediaWiki, in their obligations with respect to GDPR?
May 25th is right around the corner. Projects like Drupal, CiviCRM, Discourse, Platform.sh; plus every major software vendor and social website is announcing their compliance with GDPR and/or has a publicly visible project and discussion about compliance. I can't find any information regarding GDPR compliance with regards to websites powered by MediaWiki. The 'Scrum of Scrums' message from today does not mention GDPR. I did find information about how Wikimedia Sweden is tackling the issue. [1]
[1] https://se.wikimedia.org/wiki/Kategori:GDPR
Thanks,
~ Greg
Greg Rundlett https://eQuality-Tech.com https://freephile.org
On Tue, May 15, 2018 at 1:57 PM, Greg Rundlett (freephile) < greg@freephile.com> wrote:
Is there any update on GDPR compliance for third-parties using MediaWiki software?
Aside from Sabine Melnicki's presentation [1] at EMWCon in March, demonstrating the 'Data Cockpit' application to track compliance [2], I'm not aware of any extensions, or methods for ensuring compliance for organizations using MediaWiki. Ideally, there would be an extension, like the one developed for CiviCRM, that could integrate with MediaWiki to anonymize, report and/or delete user data in ways that comply with the GDPR.
[1] https://www.mediawiki.org/wiki/EMWCon_Spring_2018/ MediaWiki_and_the_European_GDPR [2] http://www.datencockpit.at [3] https://github.com/veda-consulting/uk.co.vedaconsulting.gdpr
Greg Rundlett https://eQuality-Tech.com https://freephile.org
On Wed, Feb 21, 2018 at 9:34 AM, [[kgh]] mediawiki@kghoffmeyer.de wrote:
Thanks Tom for bringing up the issue to the list and thanks Victoria for noting the WMF is already in the process of tackling this presumably rather complex issue. I do not envy you for this task.
From what I have heard, I may be wrong here, any "solution" no matter what it looks like, should be in place by End of May this year. This would leave us with another three months which sounds more like a sprint effort. Moreover this "solution" should also cater for not just WMF but third party users too, i.e. users of MediaWiki 1.27, at least this would be my wish at this point.
I guess it will be great if at one point the resprective Phabricator tasks could be shared over this list and if it is only for allowing people to follow the discussion and stay in the loop. I am sure that there are other people on this list who are interested in this topic too and also have the problem of trying to be somewhat compliant with regulations.
Cheers Karsten
Am 20.02.2018 um 04:55 schrieb Victoria Coleman:
We are still in process of defining the work that needs to be done for
compliance. We are planning a cross Departmental program as part of annual plan which will include all the necessary work - so Phabricator has not been populated yet. This is a great time for input like this so I encourage you to discuss it with John and Tony. Thanks Tom!
Best regards,
Victoria
Sent from my iPhone
On Feb 19, 2018, at 7:38 PM, Tom tom@hutch4.us wrote:
Thanks Victoria
My main concern and this should include any wiki admin with an open
registration on their wiki, is there any available information on the technical side?
I found a few tasks on phabricator but nothing specific for handling
explicit consent of users nor any tools for wiki admins using the MediaWiki software to assist them with compliance of GDPR. There are many open source projects scrambling to improve user registration and user account tools making sure websites run by their software is ready for GDPR.
Yes, a few things can be handled with extensions, but at best they
would be patch and make compliance difficult.
Tom
On Feb 19, 2018, at 7:47 PM, Victoria Coleman vcoleman@wikimedia.org
wrote:
Hi Tom,
John Bennett, our Security Director, and Tony Sebro, our Deputy
General Counsel, are leading our work on GDPR compliance. It is a significant priority for both Tech and the Legal departments at the WMF.
Best,
Victoria
On Feb 19, 2018, at 7:15 PM, Tom tom@hutch4.us wrote:
Hey Everyone
Is there any roadmap for MediaWiki that addresses the EU’s GDPR
(General Data Protection Regulation) being enforced as of 28 May 2018?
Mainly addressing user registration on websites and holding what the
EU deems personally identifiable information of EU residents such as usernames, real names, email addresses, etc. A method to prove consent such as a checkbox for Terms of Service and the date consent was given.
From the read of GDPR, it effects any company or organization (even
those outside the EU) who store data on someone living in the EU.
Tom
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l