[WikiEN-l] Privacy Study Looking for Volunteers

David Carson carson63000 at gmail.com
Sun Mar 29 23:12:00 UTC 2015


Hi Brian,

"Dox'ing yourself"? That's a pretty wild hyperbole.

But just to clarify: are you taking issue with the fact that not-logged-in
users have their IP addresses publicly visible? Or with the fact that all
edits have IP addresses privately recorded?

I originally thought you were talking about the latter, but now I'm not
sure. If it's actually the former, I've got no disagreement with you.

Given that anyone can edit without making their IP public simply by
registering a pseudonym and logging in, and given that many new editors
might not be aware of the implications of revealing their IP (if they're
editing from a static address at work, for instance), it seems to me that
the easiest solution - and one which I think would cause absolutely zero
astonishment in the minds of new users - would simply be to require users
to register a pseudonym and log in in order to edit.

But if you're concerned about the effect that this would have on casual
"drive-by" fixes and improvements by people who aren't invested enough in
the project to register, then sure, encrypt or hash the IP address before
displaying it publicly. I don't think randomizing it on every edit would be
a good idea, because I think it's important to be able to tell whether a
succession of edits were from the same editor.

Cheers,
David...


On Mon, Mar 30, 2015 at 7:36 AM, Brian J Mingus <brian.mingus at colorado.edu>
wrote:

> Wikipedia is set up such that if you don't take the measures mentioned in
> the OP, you are dox'ing yourself. Users are not aware of this.
>
> On Sun, Mar 29, 2015 at 4:33 PM, David Carson <carson63000 at gmail.com>
> wrote:
>
>> "Wikipedia:Free speech" (
>> http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a
>> read.
>>
>> http://en.wikipedia.org/wiki/Wikipedia:Free_speech
>>
>> It's not directly about privacy but I think it clearly covers the ground
>> that Wikipedia is a project to create an online encyclopedia, not an
>> experiment in radical free speech. The system is set up to facilitate that
>> goal.
>>
>> If you think that recording IP addresses is invasive, then you should
>> probably be publishing your content on your own website, not Wikipedia.
>>
>> Cheers,
>> David...
>>
>>
>> On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus <
>> brian.mingus at colorado.edu> wrote:
>>
>>> In general people do not read privacy policies, nor do they understand
>>> what
>>> IP addresses are or what you can do with them.
>>>
>>> But if you recall, I simply stated that recording IP addresses is
>>> invasive.
>>> And it is.
>>>
>>> This is especially true when you know that your recordings are
>>> faciliating
>>> the active de-anonymization of people who are editing Wikipedia. Not just
>>> de-anonymization, but often public shaming.
>>>
>>> For WMF, the principle of neutrality clearly trumps the principles of
>>> privacy and free speech. For the NSA, substitute security for neutrality.
>>> It's hypocritical.
>>>
>>> Luckily, it's easy to fix. Just stuff the ip fields with random numbers
>>> and
>>> deal with the fallout. Stop tracking people.
>>>
>>>
>>>
>>> On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes <okeyes at wikimedia.org>
>>> wrote:
>>>
>>> > In order:
>>> >
>>> > 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts
>>> > about this people here can point you to.
>>> > 2. Brian: The NSA needs to store data without the permission or
>>> > consent of the people generating it, sometimes through forcible
>>> > interception, decryption and the introduction and maintenance of
>>> > software exploits that allow them to do this but also allow any other
>>> > reasonably technical nation or non-nation actor who is paying
>>> > attention to exploit the same vulnerability, keeping this data for an
>>> > indefinite period, with very little legal or political oversight, in
>>> > order to stop terrorism, where very little evidence exists that this
>>> > has helped in any way.
>>> >
>>> > The WMF needs to store data for a 90 day period, which is explicitly
>>> > set down in a privacy policy that is transparent, human-readable,
>>> > linked from every edit interface, written with the involvement of the
>>> > people whose data is being stored, administered by a committee of
>>> > people who come from this population of editors, and explicitly sets
>>> > out what the data may or may not be used for, even within the
>>> > Wikimedia Foundation, in order to stop vandalism, where multiple
>>> > scientific studies have validated the hypothesis that being able to
>>> > make rangeblocks and prohibit sockpuppetry is beneficial to the
>>> > community we are all a part of and the wider population of readers.
>>> >
>>> > That's what's actually going on, here. If you thing these situations
>>> > are roughly analogous, that's your prerogative. If you think the
>>> > storage of this data is unnecessary, I recommend you go to your local
>>> > project and explain to them that being able to checkuser potential
>>> > sockpuppets or hard-block users is not needed: gaining consensus there
>>> > would be a good starting point to changing this.
>>> >
>>> > On 29 March 2015 at 11:57, James Farrar <james.farrar at gmail.com>
>>> wrote:
>>> > > Wikipedia is suing the NSA? Seriously?
>>> > > On 28 Mar 2015 11:23, "Brian J Mingus" <brian.mingus at colorado.edu>
>>> > wrote:
>>> > >
>>> > >> It has worked up to now, but I'm thinking that, especially given
>>> > Wikimedia
>>> > >> is suing the NSA, it is no longer justifiable. If the NSA can't
>>> track
>>> > >> citizens, Wikimedia shouldn't be tracking them either. Seems simple
>>> :)
>>> > >>
>>> > >> On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis <fa-ml at ariis.it>
>>> > wrote:
>>> > >>
>>> > >> > On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
>>> > >> > > I think it's rather curious that edits to Wikipedia aren't
>>> private.
>>> > Why
>>> > >> > log
>>> > >> > > the IP address? Why log anything? It's invasive.
>>> > >> >
>>> > >> > I guess it's a sensible choice against abuse (vandalism) while
>>> still
>>> > >> > allowing non registered users editing rights
>>> > >> >
>>> > >> >
>>> > >> > _______________________________________________
>>> > >> > WikiEN-l mailing list
>>> > >> > WikiEN-l at lists.wikimedia.org
>>> > >> > To unsubscribe from this mailing list, visit:
>>> > >> > https://lists.wikimedia.org/mailman/listinfo/wikien-l
>>> > >> >
>>> > >> _______________________________________________
>>> > >> WikiEN-l mailing list
>>> > >> WikiEN-l at lists.wikimedia.org
>>> > >> To unsubscribe from this mailing list, visit:
>>> > >> https://lists.wikimedia.org/mailman/listinfo/wikien-l
>>> > >>
>>> > > _______________________________________________
>>> > > WikiEN-l mailing list
>>> > > WikiEN-l at lists.wikimedia.org
>>> > > To unsubscribe from this mailing list, visit:
>>> > > https://lists.wikimedia.org/mailman/listinfo/wikien-l
>>> >
>>> >
>>> >
>>> > --
>>> > Oliver Keyes
>>> > Research Analyst
>>> > Wikimedia Foundation
>>> >
>>> _______________________________________________
>>> WikiEN-l mailing list
>>> WikiEN-l at lists.wikimedia.org
>>> To unsubscribe from this mailing list, visit:
>>> https://lists.wikimedia.org/mailman/listinfo/wikien-l
>>>
>>
>>
>


More information about the WikiEN-l mailing list