[Wikimedia-l] PRISM

Rand McRanderson therandshow at gmail.com
Mon Jun 10 17:01:04 UTC 2013 

I think the key here is not to keep more information about users than
necessary.

Of course, there is the question of if the NSA asks for our checkuser data.

I am relatively confident of WMF's honesty here. They have been pretty
concerned about user privacy in general (I am sure that there is some WMF
privacy mishap that happened at some point, but I am judging by my overall
sense of the organization, make of it what you will.

I think it would be a good idea for the WMF legal department to make a
statement (which means I need to remember what mailing list legal is, it's
not a burden but I am a lazy, lazy man)
On Jun 10, 2013 10:39 AM, "Theo10011" <de10011 at gmail.com> wrote:

> On Mon, Jun 10, 2013 at 7:31 PM, John Vandenberg <jayvdb at gmail.com> wrote:
>
> > Or DeCSS, or AACS, ..
> >
> > Or 2012 Benghazi attack, Efforts to impeach Barack Obama, Drone
> > attacks in Pakistan, ..
> >
> > Or PRISM (surveillance program), Edward Snowden, Bradley Manning, ..
> >
> > It would be good *if* the WMF can provide assurances to editors that
> > they havent received any national security letters or other 'trawling'
> > requests from any U.S. agency.
> >
> > If the WMF has received zero such requests, can the WMF say that?
> > There wouldn't be any gag order.
>
>
> You mean like Yahoo, Facebook, Google and Microsoft did at this program's
> first disclosure[1]. They all denied it for the record. They also have long
> running campaigns about security, protecting user data and privacy. After
> Obama and the NSA chief admitted to it, everyone started re-examining the
> language of their denial and found loopholes and similarities between
> carefully worded responses which were written and revised by a team of
> lawyers. There isn't any personal data (more than IP addresses etc.) on
> Wikipedia to compromise.
>
> As a user, I would actually be more concerned if WMF put out a similar
> response along with the big guys. It would be analogous to walking in a
> police station and yelling "I wasn't involved in that......." - when no one
> actually knows or suspects anything.
>
> On Mon, Jun 10, 2013 at 6:59 PM, Fred Bauder <fredbaud at fairpoint.net>
> wrote:
>
> > They tap directly into the internet backbone. Only if there is some
> > particular matter which interests them which they would need our help to
> > decipher would they contact the Foundation. There are a few things out
> > there that I can imagine them being interested in, but very few. For
> > example, there are small groups of people in the United States that
> > support The Shining Path or the Naxalites. Active steps to open a
> > military front in the United States would probably kick them into gear
> > and they might be interested in who edited our articles on these subjects
> > as advocates for that tendency.
>
>
> Actually, it's still not clear the methodology they use - there are
> theories about lockboxes, about a beam splitter at Tier 1 service
> providers, or running a shadow copy from the service provider lines, or
> combination of those, or something else entirely. The original slide did
> mention upstream and downstream surveillance methods as some news stories
> pointed out.
>
> I have no possible way to extract who is a supporter of a cause, based on
> what article they edit or what they read. There can be some form of POV
> pushers but again there is nothing that would require this level of
> circumvention to use a secret government surveillance program to discern.
> More often than not, I and prob. a large number of editors just fix things,
> add something here and there and move on. They don't pay attention to the
> political ramifications of editing that article. The amount of false
> positive they would get from monitoring something like this would be
> several times more than anything resembling a useful and sustained pattern.
> Not to mention, this would require human interpretation to discern when
> someone supports a cause, pushes POV or just curates an article without any
> underlying feeling. Again, all this would be going the long way round to
> prove something they can easily get from a user's email, chat logs and
> searches- the perception of threat would also be more evident from their
> personal communication instead of public editing behavior.
>
> Regards
> Theo
>
> [1]
>
> http://en.wikipedia.org/wiki/PRISM_(surveillance_program)#Response_from_companies
> _______________________________________________
> Wikimedia-l mailing list
> Wikimedia-l at lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
>

More information about the Wikimedia-l mailing list