Hi, On 05/04/2017 09:33 PM, Michał Brzozowski wrote: > I don't like the idea how this was never introduced and discussed > outside of the German forum. > I think that such "privacy" measures are futile and go against the > spirit of OSM - transparency.
I think that what we mainly want to create in OSM is a geo database, not a database of where a particular OSM mapper was at a particular time, or whether a particular OSM mapper tends to stay up long at night editing OSM. I have personally talked to people who said they don't want to contribute to OSM because Pascal Neis' page was "inviting stalkers". Those people were not the geek elite who have made it a habit to thoroughly think about what gets published and how to ensure that there's no link between their online identity and their private live if they don't want their privacy violated. Those were people from groups currently underrepresented in OSM, people whom we would like to see more of in OSM, but who felt unsafe making themselves visible like that. We are currently doing far too little to protect the privacy of our mappers, and our methods of educating mappers about the privacy consequences of their actions in OSM are laughable at best. That your contributions to OSM can lead to a detailed analysis of your online behaviour like the one produced by Pascal Neis is obvious to the tech-savvy among us but certainly not to everyone who signs up. We have a duty to, at the very least, educate new mappers about what happens to their data, and ideally we should also do more to protect their data. The "metadata" of *who* edited what when is not a necessary part of our database proper; someone just wanting to *use* the data does not have to know. We use this information inside of OSM to improve quality, to contact mappers, to find vandalism and so on. But I don't think that the broader public necessarily needs to know about such internal aspects. I am very much in favour of limiting at least the value of the "user name" field to project-internal use. Pascal has made a first step in that direction. Currently, anyone can download the planet file with all user information intact and thereby circumvent the (extremely low) barrier of having to provide an OSM username; I hope that in the long run, we will stop making username information available to the public, and instead make the user name only available "for project internal purposes", i.e. to logged in users. I think this will not hurt any legitimate use case, while at the same time making clear that we consider this information privileged and not for general consumption. It doesn't matter that anyone can sign up and then view that data; we can at least make people promise to only use the data for project internal use when they sign up. > Maybe this is due to some "moral panic" in Germany revolving around > privacy, just like StreetView ban - except it's made clear that your > edits are public and you agree to it! It is made clear that your edits are public, and we even explain about the meta data (the Privacy Policy says: "All edits made to the map are recorded in the database with the user ID of the user making the change, and a timestamp at the time of change upload. In general all of this information is also made available to everyone via the website, including links to allow everyone to easily cross-reference which user has made which edit. "). But we are hiding this like the small print in a contract; there are many people who have signed up to OSM and who are shocked to find their life reflected in Pascal's analyses. You might say it's their fault, they are stupid not to read what they signed up to; I say it's out fault, we have a duty of explaining to them what they are signing up to. Every single person who signs up to OSM and who doesn't understand what they are publishing about themselves is our fault. Pascal has recevied numerous legal threats about his pages. Making them "for project internal use only" considerably improves his legal standing should anyone ever actually try and sue him. It's his service, his legal risk, and his decision. New EU data protection regulations announced for 2017 will make things even stricter, and we will have to spend serious thought on how we can protect the privacy of our mappers if we want to expand the project past the group of geeks who know how to manage their privacy online. And it is not just a legal issue; you might call it a "moral panic", I call it a moral duty to do everything we can to ensure that our mappers don't suffer disadvantages from contributing to OSM. Bye Frederik -- Frederik Ramm ## eMail frede...@remote.org ## N49°00'09" E008°23'33" _______________________________________________ talk mailing list talk@openstreetmap.org https://lists.openstreetmap.org/listinfo/talk