On Fri, Jun 5, 2009 at 4:44 PM, Tisza Gergő <gti...@gmail.com> wrote:
> Mark (Markie <newsmar...@...> writes: > > > I still fail to see how, at this point (not before when there was no > policy) > > this can be considered to be acceptable. IP information etc is still > being > > passed to an external server, regardless of who it is being operated by. > As > > we can see at http://meta.wikimedia.org/wiki/Privacy and copied below I > > don't see where this is acceptable. > > > > Release: Policy on Release of Data > > > > It is the policy of Wikimedia that personally identifiable data collected > in > > the server logs, or through records in the database via the CheckUser > > feature, or through other non-publicly-available methods, may be released > by > > Wikimedia volunteers or staff, in any of the following situations: > > > > 1. In response to a valid subpoena or other compulsory request from > law > > enforcement, > > 2. With permission of the affected user, > > 3. When necessary for investigation of abuse complaints, > > 4. Where the information pertains to page views generated by a spider > or > > bot and its dissemination is necessary to illustrate or resolve > technical > > issues, > > 5. Where the user has been vandalizing articles or persistently > behaving > > in a disruptive way, data may be released to a service provider, > carrier, or > > other third-party entity to assist in the targeting of IP blocks, or > to > > assist in the formulation of a complaint to relevant Internet Service > > Providers, > > 6. Where it is reasonably necessary to protect the rights, property or > > safety of the Wikimedia Foundation, its users or the public. > > > > Except as described above, Wikimedia policy does not permit distribution > of > > personally identifiable information under any circumstances. > > It also says, a few sentences earlier, that "Sharing information with other > privileged users is not considered distribution." And Peter has identified > himself to the foundation according to the access to nonpublic data policy, > so > he is a privileged user. I still don't see any violation there - the point > of > the privacy policy is to regulate release of personally identifiable > information > from those who have access to those who have not, and in this case no such > release happened. > Minor correction: Privacy-related trusted users are required to be identified to the foundation. Yes. But doesn't work the other way: just by sending id to the foundation doesn't make you automatically a trusted user for private data. Peter may well be knowledgeable and trusted, but not becuse he has identified to the foundation _______________________________________________ foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
