Re: [WikiEN-l] Privacy Study Looking for Volunteers
Real name editing is a very different obligation depending on how common your real name is and how many edits you make. There are only a handful of people who share my real name, if my surname was Smith then real name disclosure would be a much lighter imposition. It is also a very different thing depending on your subject area. No one is likely to make a fuss about my fixing typos on Wikipedia, but we need to protect those who seek to keep our articles on businesses honest and neutral. If we insist on real names there, then it will be much more difficult to deal with companies who can write legal letters to anyone who disputes their version of the wikipedia article on them. There are also likely to be some people who write about topics that would be controversial in their real life community and don't want their real life identities linked to that, for example if we had an editor in the Bible belt writing about evolution or atheism. And of course people who do things that they don't consider overly controversial but which provoke rape and murder threats on IRC, here or elsewhere. Then there is the question of what level of authentication you go to. Simply requiring people to state that their account name is their real name will exclude a proportion of goodfaith editors who aren't prepared to do that, but it won't get rid of any badfaith editors. Verifying identity by requiring all new editors to pay $5 by a credit card in the same name as their account would get rid of most vandalism, but make it much harder to recruit Wikipedians. It would also lose us a lot of editors especially those who come from cultures where $5 is a lot for a hobby and or credit cards are rare. Authentication by Facebook would make vandalism a little more difficult, though I know people whose pets have accounts, but I'm pretty sure that those of us who support the open source lobby could prevent such a path. Over the years we've had lots of people propose that we move to real names, but I've not yet seen a proposal that would do so in a way that would keep almost all of our current and future goodfaith editors whilst losing a significant proportion of the badfaith ones. Jonathan On 8 April 2015 at 20:21, Alan Liefting alieft...@ihug.co.nz wrote: I use my own name on WMF sites. I was warned against doing that not long after I started editing back in 2004. Ten years later and as a hothead editor having my real identity known does not seem to be a problem. Most editors use an alias. I don't know why. What are they afraid of? Editing wikis, if you are doing it right, is a laudable task and editors should be proud of the fact that they are helping to share knowledge in an altruistic manner. Rather than ensuring privacy of editors the WMF should DEMAND that editors make their identity known. I am sure that this may cure some of the many problems that we are seeing on WMF projects. Having said all that there is of course a problem in some of the dodgy countries where speaking out gets you killed. It has happened with journalists, bloggers, activists etc. It could (has?) happen with WMF project editors. Alan Liefting On 09/04/15 00:06, Andrea Forte wrote: The discussion here has been great. I've been keeping out of it since I have an active research project and I don't want to seed my own ideas, but to circle back to the original post... if anyone here would like to contribute their experiences with privacy on Wikipedia to our project, please consider doing an interview. This is not related to the lawsuit, btw, we started the project before that happened. The consent form is here: http://drexel.qualtrics.com/jfe/form/SV_elzNLEUeTjIphrv Thanks, Andrea On Tue, Apr 7, 2015 at 9:00 AM, WereSpielChequers werespielchequ...@gmail.com wrote: There is an important difference here. The WMF does not publicly log the IP addresses of visitors to the site. https://meta.wikimedia.org/wiki/Privacy_policy#your-use-of-wm-sites It does however publish the IP addresses of editors who are not logged in. I could understand the elitist claim if the WMF were more privacy conscious of editors than readers. But it isn't, if anything the divide is a three way one, with unregistered editors as the ones who by default have least privacy Regards Jonathan On 5 April 2015 at 21:18, Federico Leva (Nemo) nemow...@gmail.com wrote: I propose we run a study. We will survey random editors I always find it curious that we had dozens or hundreds of threads on having IPs in history: this worry is very elitist, at most few millions people ever edited. What about the hundreds millions users who never edited? What are *their* IPs being logged for? It would be rather trivial to do as the IA does: http://blog.archive.org/2013/10/25/reader-privacy-at-the- internet-archive/ I'll start worrying about the millions when we have solved privacy issues for the billions. Nemo
Re: [WikiEN-l] Privacy Study Looking for Volunteers
The discussion here has been great. I've been keeping out of it since I have an active research project and I don't want to seed my own ideas, but to circle back to the original post... if anyone here would like to contribute their experiences with privacy on Wikipedia to our project, please consider doing an interview. This is not related to the lawsuit, btw, we started the project before that happened. The consent form is here: http://drexel.qualtrics.com/jfe/form/SV_elzNLEUeTjIphrv Thanks, Andrea On Tue, Apr 7, 2015 at 9:00 AM, WereSpielChequers werespielchequ...@gmail.com wrote: There is an important difference here. The WMF does not publicly log the IP addresses of visitors to the site. https://meta.wikimedia.org/wiki/Privacy_policy#your-use-of-wm-sites It does however publish the IP addresses of editors who are not logged in. I could understand the elitist claim if the WMF were more privacy conscious of editors than readers. But it isn't, if anything the divide is a three way one, with unregistered editors as the ones who by default have least privacy Regards Jonathan On 5 April 2015 at 21:18, Federico Leva (Nemo) nemow...@gmail.com wrote: I propose we run a study. We will survey random editors I always find it curious that we had dozens or hundreds of threads on having IPs in history: this worry is very elitist, at most few millions people ever edited. What about the hundreds millions users who never edited? What are *their* IPs being logged for? It would be rather trivial to do as the IA does: http://blog.archive.org/2013/10/25/reader-privacy-at-the-internet-archive/ I'll start worrying about the millions when we have solved privacy issues for the billions. Nemo ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l -- :: Andrea Forte :: Assistant Professor :: College of Computing and Informatics, Drexel University :: http://www.andreaforte.net ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
I use my own name on WMF sites. I was warned against doing that not long after I started editing back in 2004. Ten years later and as a hothead editor having my real identity known does not seem to be a problem. Most editors use an alias. I don't know why. What are they afraid of? Editing wikis, if you are doing it right, is a laudable task and editors should be proud of the fact that they are helping to share knowledge in an altruistic manner. Rather than ensuring privacy of editors the WMF should DEMAND that editors make their identity known. I am sure that this may cure some of the many problems that we are seeing on WMF projects. Having said all that there is of course a problem in some of the dodgy countries where speaking out gets you killed. It has happened with journalists, bloggers, activists etc. It could (has?) happen with WMF project editors. Alan Liefting On 09/04/15 00:06, Andrea Forte wrote: The discussion here has been great. I've been keeping out of it since I have an active research project and I don't want to seed my own ideas, but to circle back to the original post... if anyone here would like to contribute their experiences with privacy on Wikipedia to our project, please consider doing an interview. This is not related to the lawsuit, btw, we started the project before that happened. The consent form is here: http://drexel.qualtrics.com/jfe/form/SV_elzNLEUeTjIphrv Thanks, Andrea On Tue, Apr 7, 2015 at 9:00 AM, WereSpielChequers werespielchequ...@gmail.com wrote: There is an important difference here. The WMF does not publicly log the IP addresses of visitors to the site. https://meta.wikimedia.org/wiki/Privacy_policy#your-use-of-wm-sites It does however publish the IP addresses of editors who are not logged in. I could understand the elitist claim if the WMF were more privacy conscious of editors than readers. But it isn't, if anything the divide is a three way one, with unregistered editors as the ones who by default have least privacy Regards Jonathan On 5 April 2015 at 21:18, Federico Leva (Nemo) nemow...@gmail.com wrote: I propose we run a study. We will survey random editors I always find it curious that we had dozens or hundreds of threads on having IPs in history: this worry is very elitist, at most few millions people ever edited. What about the hundreds millions users who never edited? What are *their* IPs being logged for? It would be rather trivial to do as the IA does: http://blog.archive.org/2013/10/25/reader-privacy-at-the-internet-archive/ I'll start worrying about the millions when we have solved privacy issues for the billions. Nemo ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
On Wed, Apr 8, 2015 at 12:21 PM, Alan Liefting alieft...@ihug.co.nz wrote: Rather than ensuring privacy of editors the WMF should DEMAND that editors make their identity known. I am sure that this may cure some of the many problems that we are seeing on WMF projects. Having said all that there is of course a problem in some of the dodgy countries where speaking out gets you killed. It has happened with journalists, bloggers, activists etc. It could (has?) happen with WMF project editors. I can't think about specifics but I will say that on a personal (as well as staff) level I'd be against mandating public identity for many reasons. The biggest one, however, is indeed the safety side. I also have edited under my real name since the start (my username isn't but I've said my full name and identifying info on my user page since I started getting more active) but I personally know far too many editors who have been dramatically harassed, threatened and abused by both private and public (governmental) individuals because of their on-wiki activities. Some of those editors did stupid things (but still didn't deserve the reaction they got in my mind) but most of them wrote good to incredibly good content that was well sourced and, as far as I could tell, completely correct and important to have in the public sphere. We need to be able to allow folks to edit in controversial areas (and depending on where you are the definition of controversial can be very different) with as little fear of retaliation as possible. There are some countries and topics where editors take an inherent risk upon themselves by editing (and they know that) but I want to keep that risk as limited as possible. James Alexander Community Advocacy Wikimedia Foundation @jamesofur ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
There's also a massive problem with the non-dodgy countries. I edit under my real name. I've had multiple death threats from people physically proximate to me. The WMF should not DEMAND this, or even ask for it. The idea that oh, this is laudable, you should be proud! ignores that there are lunatics out there, or simply people who do not share your worldview, and they have access to google. On 8 April 2015 at 15:21, Alan Liefting alieft...@ihug.co.nz wrote: I use my own name on WMF sites. I was warned against doing that not long after I started editing back in 2004. Ten years later and as a hothead editor having my real identity known does not seem to be a problem. Most editors use an alias. I don't know why. What are they afraid of? Editing wikis, if you are doing it right, is a laudable task and editors should be proud of the fact that they are helping to share knowledge in an altruistic manner. Rather than ensuring privacy of editors the WMF should DEMAND that editors make their identity known. I am sure that this may cure some of the many problems that we are seeing on WMF projects. Having said all that there is of course a problem in some of the dodgy countries where speaking out gets you killed. It has happened with journalists, bloggers, activists etc. It could (has?) happen with WMF project editors. Alan Liefting On 09/04/15 00:06, Andrea Forte wrote: The discussion here has been great. I've been keeping out of it since I have an active research project and I don't want to seed my own ideas, but to circle back to the original post... if anyone here would like to contribute their experiences with privacy on Wikipedia to our project, please consider doing an interview. This is not related to the lawsuit, btw, we started the project before that happened. The consent form is here: http://drexel.qualtrics.com/jfe/form/SV_elzNLEUeTjIphrv Thanks, Andrea On Tue, Apr 7, 2015 at 9:00 AM, WereSpielChequers werespielchequ...@gmail.com wrote: There is an important difference here. The WMF does not publicly log the IP addresses of visitors to the site. https://meta.wikimedia.org/wiki/Privacy_policy#your-use-of-wm-sites It does however publish the IP addresses of editors who are not logged in. I could understand the elitist claim if the WMF were more privacy conscious of editors than readers. But it isn't, if anything the divide is a three way one, with unregistered editors as the ones who by default have least privacy Regards Jonathan On 5 April 2015 at 21:18, Federico Leva (Nemo) nemow...@gmail.com wrote: I propose we run a study. We will survey random editors I always find it curious that we had dozens or hundreds of threads on having IPs in history: this worry is very elitist, at most few millions people ever edited. What about the hundreds millions users who never edited? What are *their* IPs being logged for? It would be rather trivial to do as the IA does: http://blog.archive.org/2013/10/25/reader-privacy-at-the-internet-archive/ I'll start worrying about the millions when we have solved privacy issues for the billions. Nemo ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l -- Oliver Keyes Research Analyst Wikimedia Foundation ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
There is an important difference here. The WMF does not publicly log the IP addresses of visitors to the site. https://meta.wikimedia.org/wiki/Privacy_policy#your-use-of-wm-sites It does however publish the IP addresses of editors who are not logged in. I could understand the elitist claim if the WMF were more privacy conscious of editors than readers. But it isn't, if anything the divide is a three way one, with unregistered editors as the ones who by default have least privacy Regards Jonathan On 5 April 2015 at 21:18, Federico Leva (Nemo) nemow...@gmail.com wrote: I propose we run a study. We will survey random editors I always find it curious that we had dozens or hundreds of threads on having IPs in history: this worry is very elitist, at most few millions people ever edited. What about the hundreds millions users who never edited? What are *their* IPs being logged for? It would be rather trivial to do as the IA does: http://blog.archive.org/2013/10/25/reader-privacy-at-the-internet-archive/ I'll start worrying about the millions when we have solved privacy issues for the billions. Nemo ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
I propose we run a study. We will survey random editors I always find it curious that we had dozens or hundreds of threads on having IPs in history: this worry is very elitist, at most few millions people ever edited. What about the hundreds millions users who never edited? What are *their* IPs being logged for? It would be rather trivial to do as the IA does: http://blog.archive.org/2013/10/25/reader-privacy-at-the-internet-archive/ I'll start worrying about the millions when we have solved privacy issues for the billions. Nemo ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
I'm far from convinced that the Foundation should be involved in push-polling. On 31 Mar 2015 09:24, Brian J Mingus brian.min...@colorado.edu wrote: I propose we run a study. We will survey random editors and ask them if they realize that there is a chance they are leaking enough information for their identity to be revealed. *Even if they are logged in.* Regarding comparisons - institutions have structure, and if there is a structure mapping, then it's a matter of fact. A given mapping will have strengths and weaknesses. You may prefer one mapping to another. If you have reasons for preferring one mapping (other than that it offends you), I'm all ears. But be aware: simply changing the vocabulary that you use to describe the space doesn't mean that two different descriptions of institutions aren't in fact describing a construct that is more similar than different, or that is similar in important ways. This is all to say, there are often reasons that institutions like the NSA and WMF are structured the way they are. Given the investment in the topic, it's probably worth exploring how the institutional structures emerged. But given the investment, confirmation bias may prevail in this case: even if there are important similarities, nobody wants to look like a hypocrite. That's OK, though. Much as I am invested in Wikipedia and appreciate the WMF, if I turn out to be a hypocrite, *I* will call myself one. Just as I will do it to others. Best, Brian *Other dogs bite only their enemies, whereas I bite also my friends.* - Diogenes the Cynic On Mon, Mar 30, 2015 at 10:32 AM, Oliver Keyes oke...@wikimedia.org wrote: Or perhaps you're reading far too much into it, and in the process, being incredibly rude to the WMF employees reading this thread, who are people too, and don't particularly appreciate being compared to the NSA. If you're trying to have a constructive discussion, you should pick a better format and attitude. On 29 March 2015 at 19:02, Brian J Mingus brian.min...@colorado.edu wrote: The notice just says that the IP is public. Most people have no idea what that means. It will absolutely make those problems harder. Perhaps it is the Foundation's trusted role to hide that information from the public and be trusted with it on the backend. This institutional design sounds similar to another institution in certain ways.. On Sun, Mar 29, 2015 at 6:58 PM, Dustin Muniz dah...@bsugmail.net wrote: People are made aware with each edit as an I am that their information is publicly available. What concerns me about removing IP information is that it'll remove our ability to fight spam, detect socks, and respond to emergency@ issues, unless I've missed something? Sent from Samsung Mobile Original message From: Brian J Mingus Date:03-29-2015 4:36 PM (GMT-05:00) To: David Carson Cc: English Wikipedia Subject: Re: [WikiEN-l] Privacy Study Looking for Volunteers Wikipedia is set up such that if you don't take the measures mentioned in the OP, you are dox'ing yourself. Users are not aware of this. On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com wrote: Wikipedia:Free speech ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a read. http://en.wikipedia.org/wiki/Wikipedia:Free_speech It's not directly about privacy but I think it clearly covers the ground that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate that goal. If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not Wikipedia. Cheers, David... On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus brian.min...@colorado.edu wrote: In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them. But if you recall, I simply stated that recording IP addresses is invasive. And it is. This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming. For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical. Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people. On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote: In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about
Re: [WikiEN-l] Privacy Study Looking for Volunteers
I propose we run a study. We will survey random editors and ask them if they realize that there is a chance they are leaking enough information for their identity to be revealed. *Even if they are logged in.* Regarding comparisons - institutions have structure, and if there is a structure mapping, then it's a matter of fact. A given mapping will have strengths and weaknesses. You may prefer one mapping to another. If you have reasons for preferring one mapping (other than that it offends you), I'm all ears. But be aware: simply changing the vocabulary that you use to describe the space doesn't mean that two different descriptions of institutions aren't in fact describing a construct that is more similar than different, or that is similar in important ways. This is all to say, there are often reasons that institutions like the NSA and WMF are structured the way they are. Given the investment in the topic, it's probably worth exploring how the institutional structures emerged. But given the investment, confirmation bias may prevail in this case: even if there are important similarities, nobody wants to look like a hypocrite. That's OK, though. Much as I am invested in Wikipedia and appreciate the WMF, if I turn out to be a hypocrite, *I* will call myself one. Just as I will do it to others. Best, Brian *Other dogs bite only their enemies, whereas I bite also my friends.* - Diogenes the Cynic On Mon, Mar 30, 2015 at 10:32 AM, Oliver Keyes oke...@wikimedia.org wrote: Or perhaps you're reading far too much into it, and in the process, being incredibly rude to the WMF employees reading this thread, who are people too, and don't particularly appreciate being compared to the NSA. If you're trying to have a constructive discussion, you should pick a better format and attitude. On 29 March 2015 at 19:02, Brian J Mingus brian.min...@colorado.edu wrote: The notice just says that the IP is public. Most people have no idea what that means. It will absolutely make those problems harder. Perhaps it is the Foundation's trusted role to hide that information from the public and be trusted with it on the backend. This institutional design sounds similar to another institution in certain ways.. On Sun, Mar 29, 2015 at 6:58 PM, Dustin Muniz dah...@bsugmail.net wrote: People are made aware with each edit as an I am that their information is publicly available. What concerns me about removing IP information is that it'll remove our ability to fight spam, detect socks, and respond to emergency@ issues, unless I've missed something? Sent from Samsung Mobile Original message From: Brian J Mingus Date:03-29-2015 4:36 PM (GMT-05:00) To: David Carson Cc: English Wikipedia Subject: Re: [WikiEN-l] Privacy Study Looking for Volunteers Wikipedia is set up such that if you don't take the measures mentioned in the OP, you are dox'ing yourself. Users are not aware of this. On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com wrote: Wikipedia:Free speech ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a read. http://en.wikipedia.org/wiki/Wikipedia:Free_speech It's not directly about privacy but I think it clearly covers the ground that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate that goal. If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not Wikipedia. Cheers, David... On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus brian.min...@colorado.edu wrote: In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them. But if you recall, I simply stated that recording IP addresses is invasive. And it is. This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming. For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical. Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people. On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote: In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do
Re: [WikiEN-l] Privacy Study Looking for Volunteers
On 30 March 2015 at 16:00, Brian J Mingus brian.min...@colorado.edu wrote: I propose we run a study. We will survey random editors and ask them if they realize that there is a chance they are leaking enough information for their identity to be revealed. *Even if they are logged in.* What exactly do you hope to learn? Regarding comparisons - institutions have structure, and if there is a structure mapping, then it's a matter of fact. A given mapping will have strengths and weaknesses. You may prefer one mapping to another. If you have reasons for preferring one mapping (other than that it offends you), I'm all ears. But be aware: simply changing the vocabulary that you use to describe the space doesn't mean that two different descriptions of institutions aren't in fact describing a construct that is more similar than different, or that is similar in important ways. This is all to say, there are often reasons that institutions like the NSA and WMF are structured the way they are. Given the investment in the topic, it's probably worth exploring how the institutional structures emerged. But given the investment, confirmation bias may prevail in this case: even if there are important similarities, nobody wants to look like a hypocrite. What does this have to do with anything? -- geni ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
Or perhaps you're reading far too much into it, and in the process, being incredibly rude to the WMF employees reading this thread, who are people too, and don't particularly appreciate being compared to the NSA. If you're trying to have a constructive discussion, you should pick a better format and attitude. On 29 March 2015 at 19:02, Brian J Mingus brian.min...@colorado.edu wrote: The notice just says that the IP is public. Most people have no idea what that means. It will absolutely make those problems harder. Perhaps it is the Foundation's trusted role to hide that information from the public and be trusted with it on the backend. This institutional design sounds similar to another institution in certain ways.. On Sun, Mar 29, 2015 at 6:58 PM, Dustin Muniz dah...@bsugmail.net wrote: People are made aware with each edit as an I am that their information is publicly available. What concerns me about removing IP information is that it'll remove our ability to fight spam, detect socks, and respond to emergency@ issues, unless I've missed something? Sent from Samsung Mobile Original message From: Brian J Mingus Date:03-29-2015 4:36 PM (GMT-05:00) To: David Carson Cc: English Wikipedia Subject: Re: [WikiEN-l] Privacy Study Looking for Volunteers Wikipedia is set up such that if you don't take the measures mentioned in the OP, you are dox'ing yourself. Users are not aware of this. On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com wrote: Wikipedia:Free speech ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a read. http://en.wikipedia.org/wiki/Wikipedia:Free_speech It's not directly about privacy but I think it clearly covers the ground that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate that goal. If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not Wikipedia. Cheers, David... On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus brian.min...@colorado.edu wrote: In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them. But if you recall, I simply stated that recording IP addresses is invasive. And it is. This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming. For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical. Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people. On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote: In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way. The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers. That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus there would be a good starting point to changing this. On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote: Wikipedia is suing the NSA? Seriously? On 28 Mar 2015 11:23, Brian J Mingus
Re: [WikiEN-l] Privacy Study Looking for Volunteers
Just like the Netflix Prize, knowing which topics an entity is interested in, and having access to text they have written, is, in many cases, enough information to reveal who that person is, where they live, etc. You just plug the data into Google and correlate away. On Sun, Mar 29, 2015 at 7:19 PM, David Carson carson63...@gmail.com wrote: Hi Brian, I'm still not entirely clear on your complaint. Are you talking about Wikimedia (not random users, nor Wikipedia Administrators) having access to IP addresses from system logs? Or something else? What does The IP address is helpful, but not necessary mean? Cheers, David... On Mon, Mar 30, 2015 at 10:14 AM, Brian J Mingus brian.min...@colorado.edu wrote: Hi David, It is a bit of hyperbole, but reductio arguments have their role in helping to make certain things clear. If you force users to log in, you can still identify them. The IP address is helpful, but not necessary. On Sun, Mar 29, 2015 at 7:12 PM, David Carson carson63...@gmail.com wrote: Hi Brian, Dox'ing yourself? That's a pretty wild hyperbole. But just to clarify: are you taking issue with the fact that not-logged-in users have their IP addresses publicly visible? Or with the fact that all edits have IP addresses privately recorded? I originally thought you were talking about the latter, but now I'm not sure. If it's actually the former, I've got no disagreement with you. Given that anyone can edit without making their IP public simply by registering a pseudonym and logging in, and given that many new editors might not be aware of the implications of revealing their IP (if they're editing from a static address at work, for instance), it seems to me that the easiest solution - and one which I think would cause absolutely zero astonishment in the minds of new users - would simply be to require users to register a pseudonym and log in in order to edit. But if you're concerned about the effect that this would have on casual drive-by fixes and improvements by people who aren't invested enough in the project to register, then sure, encrypt or hash the IP address before displaying it publicly. I don't think randomizing it on every edit would be a good idea, because I think it's important to be able to tell whether a succession of edits were from the same editor. Cheers, David... On Mon, Mar 30, 2015 at 7:36 AM, Brian J Mingus brian.min...@colorado.edu wrote: Wikipedia is set up such that if you don't take the measures mentioned in the OP, you are dox'ing yourself. Users are not aware of this. On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com wrote: Wikipedia:Free speech ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a read. http://en.wikipedia.org/wiki/Wikipedia:Free_speech It's not directly about privacy but I think it clearly covers the ground that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate that goal. If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not Wikipedia. Cheers, David... On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus brian.min...@colorado.edu wrote: In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them. But if you recall, I simply stated that recording IP addresses is invasive. And it is. This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming. For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical. Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people. On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote: In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way. The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written
Re: [WikiEN-l] Privacy Study Looking for Volunteers
People are made aware with each edit as an I am that their information is publicly available. What concerns me about removing IP information is that it'll remove our ability to fight spam, detect socks, and respond to emergency@ issues, unless I've missed something? Sent from Samsung Mobile div Original message /divdivFrom: Brian J Mingus brian.min...@colorado.edu /divdivDate:03-29-2015 4:36 PM (GMT-05:00) /divdivTo: David Carson carson63...@gmail.com /divdivCc: English Wikipedia wikien-l@lists.wikimedia.org /divdivSubject: Re: [WikiEN-l] Privacy Study Looking for Volunteers /divdiv /divWikipedia is set up such that if you don't take the measures mentioned in the OP, you are dox'ing yourself. Users are not aware of this. On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com wrote: Wikipedia:Free speech ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a read. http://en.wikipedia.org/wiki/Wikipedia:Free_speech It's not directly about privacy but I think it clearly covers the ground that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate that goal. If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not Wikipedia. Cheers, David... On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus brian.min...@colorado.edu wrote: In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them. But if you recall, I simply stated that recording IP addresses is invasive. And it is. This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming. For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical. Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people. On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote: In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way. The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers. That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus there would be a good starting point to changing this. On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote: Wikipedia is suing the NSA? Seriously? On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu wrote: It has worked up to now, but I'm thinking that, especially given Wikimedia is suing the NSA, it is no longer justifiable. If the NSA can't track citizens, Wikimedia shouldn't be tracking them either. Seems simple :) On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while still allowing non registered users editing rights ___ WikiEN-l mailing list WikiEN-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
On 30 March 2015 at 00:24, Brian J Mingus brian.min...@colorado.edu wrote: Just like the Netflix Prize, knowing which topics an entity is interested in, and having access to text they have written, is, in many cases, enough information to reveal who that person is, where they live, etc. You just plug the data into Google and correlate away. Then if we want to stop being being able to identify our users, we would have to stop allowing our users to write things... More seriously, yes, we *could* do radical anonymisation of all contributions to Wikipedia - it would be technically possible to make every non-account contribution labelled anonymous (one giant pseudo-account?) rather than an IP number, removing any linkage between those edits. But that would have immense social costs on the Wikipedia community - we would lose a substantial proportion of our capacity to prevent spamming, vandalism, defamation, or other forms of abuse, and put substantially more work on our volunteers handling these problems. I really doubt our overworked community would be able to cope with that. Some kind of semi-anonymisation, as James suggests, is workable, obfuscating IPs - but not complete disconnection. The other alternative would be to close off unregistered contributions, which has been discussed repeatedly in the past and is generally unpopular. But it's achievable with our current setup, and if you want to change things advocating for that might be a better approach. A. -- - Andrew Gray andrew.g...@dunelm.org.uk ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
Wikipedia is suing the NSA? Seriously? On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu wrote: It has worked up to now, but I'm thinking that, especially given Wikimedia is suing the NSA, it is no longer justifiable. If the NSA can't track citizens, Wikimedia shouldn't be tracking them either. Seems simple :) On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while still allowing non registered users editing rights ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
The WMF keeps data on an informed group of people, those who edit on WMF sites, and for a fixed period of time, (apart of course from the public listing of IP addresses). If the NSA was only keeping data for as long as the WMF and only keeping data on people who post on the NSA site then the comparison would be more meaningful. I'm not actually suggesting that the NSA match the WMF for privacy, but then I doubt that the WMF would try importing the sort of data on everyone that the NSA tries to hoover up. Regards Jonathan Cardy On 29 Mar 2015, at 14:18, Brian J Mingus brian.min...@colorado.edu wrote: Do you see the irony here? The NSA needs to keep harvesting metadata in order to stop terrorism. The WMF needs to keep harvesting metadata in order to stop vandalism. On Sun, Mar 29, 2015 at 9:16 AM, Oliver Keyes oke...@wikimedia.org wrote: .at which point it can no longer be used for checkuser or for rangeblocks. I really don't see the hypocricy there. Are we: 1. Taking user data; 2. Storing it and not saying for how long; 3. Not telling the user we're taking it in the first place, and; 4. Not tellning anyone what we're using it for? If yes to all of the above, the NSA is broadly analogous. If no...a better analogy is needed. On 28 March 2015 at 11:44, Brian J Mingus brian.min...@colorado.edu wrote: I think now that we are suing the NSA that it's deeply hypocritical to be surveilling users. A quick fix: stuff the ip field with random numbers. On Sat, Mar 28, 2015 at 8:38 AM, James Alexander jalexan...@wikimedia.org wrote: The idea of the IP being more private in the history/ public logs (for example a unique hash so that you know it's an IP but not where/what IP ) is one that I know has been discussed and is desired by a good number within the foundation including within legal. I'll try to look for the phabricator task about it tomorrow. I think that's something that is likely to happen, it isn't easy though and requires a fair number of resources to be pointed at it to get it done so it's a question of priorities and convincing those who decide those things that it should be higher. I believe it's something, privacy wise, that legal would really like. I think it is unlikely in the short to medium term, however, to get rid of the IPs in the backend (in server logs and in the checkuser system for example) because the replacements just aren't there. I've spent a good amount of time thinking of a way to make the checkuser system as usable as necessary without revealing IPs for example (including a consultant who looked a lot but didn't really come up with anything we didn't know already). I think it's doable, but it would be a very difficult and long design process and I think it's unlikely in the near future. James Alexander Community Advocacy Wikimedia Foundation (415) 839-6885 x6716 @jamesofur On Fri, Mar 27, 2015 at 10:17 PM, Kyanos someanon...@gmail.com wrote: I don't believe a different license is needed. CC licenses can be used for anonymous works: The author is not given and does not have to be credited, but everything else (attribution of the work and share-alike) would stay the same. So a change in the terms of use to the effect of, Unregistered edits are considered to have no named author, would be sufficient. Kyanos On 03/27/2015 06:41 AM, WereSpielChequers wrote: Perhaps we should move to a different licensing model for future IP edits. CC0 for IP edits would be a more sensible license for edits by an IP where in many cases no-one could attribute the edit to the individual who made it. If people don't want to release their edits as CC0 they can always create an account. Regards Jonathan Cardy On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote: It's actually required so as to provide attribution as per the Creative Commons and other licenses we operate under. Sent from my Droid 4 Elias Friedman A.S., CCEMT-P אליהו מתתיהו בן צבי elipo...@gmail.com יְהִי אוֹר ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l -- Oliver Keyes Research Analyst Wikimedia Foundation ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
I think now that we are suing the NSA that it's deeply hypocritical to be surveilling users. A quick fix: stuff the ip field with random numbers. On Sat, Mar 28, 2015 at 8:38 AM, James Alexander jalexan...@wikimedia.org wrote: The idea of the IP being more private in the history/ public logs (for example a unique hash so that you know it's an IP but not where/what IP ) is one that I know has been discussed and is desired by a good number within the foundation including within legal. I'll try to look for the phabricator task about it tomorrow. I think that's something that is likely to happen, it isn't easy though and requires a fair number of resources to be pointed at it to get it done so it's a question of priorities and convincing those who decide those things that it should be higher. I believe it's something, privacy wise, that legal would really like. I think it is unlikely in the short to medium term, however, to get rid of the IPs in the backend (in server logs and in the checkuser system for example) because the replacements just aren't there. I've spent a good amount of time thinking of a way to make the checkuser system as usable as necessary without revealing IPs for example (including a consultant who looked a lot but didn't really come up with anything we didn't know already). I think it's doable, but it would be a very difficult and long design process and I think it's unlikely in the near future. James Alexander Community Advocacy Wikimedia Foundation (415) 839-6885 x6716 @jamesofur On Fri, Mar 27, 2015 at 10:17 PM, Kyanos someanon...@gmail.com wrote: I don't believe a different license is needed. CC licenses can be used for anonymous works: The author is not given and does not have to be credited, but everything else (attribution of the work and share-alike) would stay the same. So a change in the terms of use to the effect of, Unregistered edits are considered to have no named author, would be sufficient. Kyanos On 03/27/2015 06:41 AM, WereSpielChequers wrote: Perhaps we should move to a different licensing model for future IP edits. CC0 for IP edits would be a more sensible license for edits by an IP where in many cases no-one could attribute the edit to the individual who made it. If people don't want to release their edits as CC0 they can always create an account. Regards Jonathan Cardy On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote: It's actually required so as to provide attribution as per the Creative Commons and other licenses we operate under. Sent from my Droid 4 Elias Friedman A.S., CCEMT-P אליהו מתתיהו בן צבי elipo...@gmail.com יְהִי אוֹר ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
Do you see the irony here? The NSA needs to keep harvesting metadata in order to stop terrorism. The WMF needs to keep harvesting metadata in order to stop vandalism. On Sun, Mar 29, 2015 at 9:16 AM, Oliver Keyes oke...@wikimedia.org wrote: .at which point it can no longer be used for checkuser or for rangeblocks. I really don't see the hypocricy there. Are we: 1. Taking user data; 2. Storing it and not saying for how long; 3. Not telling the user we're taking it in the first place, and; 4. Not tellning anyone what we're using it for? If yes to all of the above, the NSA is broadly analogous. If no...a better analogy is needed. On 28 March 2015 at 11:44, Brian J Mingus brian.min...@colorado.edu wrote: I think now that we are suing the NSA that it's deeply hypocritical to be surveilling users. A quick fix: stuff the ip field with random numbers. On Sat, Mar 28, 2015 at 8:38 AM, James Alexander jalexan...@wikimedia.org wrote: The idea of the IP being more private in the history/ public logs (for example a unique hash so that you know it's an IP but not where/what IP ) is one that I know has been discussed and is desired by a good number within the foundation including within legal. I'll try to look for the phabricator task about it tomorrow. I think that's something that is likely to happen, it isn't easy though and requires a fair number of resources to be pointed at it to get it done so it's a question of priorities and convincing those who decide those things that it should be higher. I believe it's something, privacy wise, that legal would really like. I think it is unlikely in the short to medium term, however, to get rid of the IPs in the backend (in server logs and in the checkuser system for example) because the replacements just aren't there. I've spent a good amount of time thinking of a way to make the checkuser system as usable as necessary without revealing IPs for example (including a consultant who looked a lot but didn't really come up with anything we didn't know already). I think it's doable, but it would be a very difficult and long design process and I think it's unlikely in the near future. James Alexander Community Advocacy Wikimedia Foundation (415) 839-6885 x6716 @jamesofur On Fri, Mar 27, 2015 at 10:17 PM, Kyanos someanon...@gmail.com wrote: I don't believe a different license is needed. CC licenses can be used for anonymous works: The author is not given and does not have to be credited, but everything else (attribution of the work and share-alike) would stay the same. So a change in the terms of use to the effect of, Unregistered edits are considered to have no named author, would be sufficient. Kyanos On 03/27/2015 06:41 AM, WereSpielChequers wrote: Perhaps we should move to a different licensing model for future IP edits. CC0 for IP edits would be a more sensible license for edits by an IP where in many cases no-one could attribute the edit to the individual who made it. If people don't want to release their edits as CC0 they can always create an account. Regards Jonathan Cardy On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote: It's actually required so as to provide attribution as per the Creative Commons and other licenses we operate under. Sent from my Droid 4 Elias Friedman A.S., CCEMT-P אליהו מתתיהו בן צבי elipo...@gmail.com יְהִי אוֹר ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l -- Oliver Keyes Research Analyst Wikimedia Foundation ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
.at which point it can no longer be used for checkuser or for rangeblocks. I really don't see the hypocricy there. Are we: 1. Taking user data; 2. Storing it and not saying for how long; 3. Not telling the user we're taking it in the first place, and; 4. Not tellning anyone what we're using it for? If yes to all of the above, the NSA is broadly analogous. If no...a better analogy is needed. On 28 March 2015 at 11:44, Brian J Mingus brian.min...@colorado.edu wrote: I think now that we are suing the NSA that it's deeply hypocritical to be surveilling users. A quick fix: stuff the ip field with random numbers. On Sat, Mar 28, 2015 at 8:38 AM, James Alexander jalexan...@wikimedia.org wrote: The idea of the IP being more private in the history/ public logs (for example a unique hash so that you know it's an IP but not where/what IP ) is one that I know has been discussed and is desired by a good number within the foundation including within legal. I'll try to look for the phabricator task about it tomorrow. I think that's something that is likely to happen, it isn't easy though and requires a fair number of resources to be pointed at it to get it done so it's a question of priorities and convincing those who decide those things that it should be higher. I believe it's something, privacy wise, that legal would really like. I think it is unlikely in the short to medium term, however, to get rid of the IPs in the backend (in server logs and in the checkuser system for example) because the replacements just aren't there. I've spent a good amount of time thinking of a way to make the checkuser system as usable as necessary without revealing IPs for example (including a consultant who looked a lot but didn't really come up with anything we didn't know already). I think it's doable, but it would be a very difficult and long design process and I think it's unlikely in the near future. James Alexander Community Advocacy Wikimedia Foundation (415) 839-6885 x6716 @jamesofur On Fri, Mar 27, 2015 at 10:17 PM, Kyanos someanon...@gmail.com wrote: I don't believe a different license is needed. CC licenses can be used for anonymous works: The author is not given and does not have to be credited, but everything else (attribution of the work and share-alike) would stay the same. So a change in the terms of use to the effect of, Unregistered edits are considered to have no named author, would be sufficient. Kyanos On 03/27/2015 06:41 AM, WereSpielChequers wrote: Perhaps we should move to a different licensing model for future IP edits. CC0 for IP edits would be a more sensible license for edits by an IP where in many cases no-one could attribute the edit to the individual who made it. If people don't want to release their edits as CC0 they can always create an account. Regards Jonathan Cardy On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote: It's actually required so as to provide attribution as per the Creative Commons and other licenses we operate under. Sent from my Droid 4 Elias Friedman A.S., CCEMT-P אליהו מתתיהו בן צבי elipo...@gmail.com יְהִי אוֹר ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l -- Oliver Keyes Research Analyst Wikimedia Foundation ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way. The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers. That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus there would be a good starting point to changing this. On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote: Wikipedia is suing the NSA? Seriously? On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu wrote: It has worked up to now, but I'm thinking that, especially given Wikimedia is suing the NSA, it is no longer justifiable. If the NSA can't track citizens, Wikimedia shouldn't be tracking them either. Seems simple :) On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while still allowing non registered users editing rights ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l -- Oliver Keyes Research Analyst Wikimedia Foundation ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
At this point we're really getting somewhat off-topic; Brian, if you want to continue this discussion about the trade-offs around privacy and oversight, feel free to drop me an email. In the meantime, we should probably leave the thread for the original subject ;) On 29 March 2015 at 14:55, Oliver Keyes oke...@wikimedia.org wrote: Yes, you did state that, but you equated the explanation and circumstances with the NSA's behaviour, when in actual fact they are very different. I note that while you've argued that privacy policies aren't read, that's as far as your rebuttal goes. There's no trump of one principle over another, and this is nothing to do with content neutrality; again, I invite you to surface your proposal on enwiki. It will completely eliminate the utility of checkuser or hard-blocks or range blocks, but if the community wants it as much as you seem to think I'm sure they'll support the idea. On 29 March 2015 at 14:10, Brian J Mingus brian.min...@colorado.edu wrote: In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them. But if you recall, I simply stated that recording IP addresses is invasive. And it is. This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming. For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical. Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people. On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote: In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way. The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers. That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus there would be a good starting point to changing this. On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote: Wikipedia is suing the NSA? Seriously? On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu wrote: It has worked up to now, but I'm thinking that, especially given Wikimedia is suing the NSA, it is no longer justifiable. If the NSA can't track citizens, Wikimedia shouldn't be tracking them either. Seems simple :) On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while still allowing non registered users editing rights ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit:
Re: [WikiEN-l] Privacy Study Looking for Volunteers
In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them. But if you recall, I simply stated that recording IP addresses is invasive. And it is. This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming. For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical. Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people. On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote: In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way. The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers. That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus there would be a good starting point to changing this. On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote: Wikipedia is suing the NSA? Seriously? On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu wrote: It has worked up to now, but I'm thinking that, especially given Wikimedia is suing the NSA, it is no longer justifiable. If the NSA can't track citizens, Wikimedia shouldn't be tracking them either. Seems simple :) On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while still allowing non registered users editing rights ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l -- Oliver Keyes Research Analyst Wikimedia Foundation ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
Yes, you did state that, but you equated the explanation and circumstances with the NSA's behaviour, when in actual fact they are very different. I note that while you've argued that privacy policies aren't read, that's as far as your rebuttal goes. There's no trump of one principle over another, and this is nothing to do with content neutrality; again, I invite you to surface your proposal on enwiki. It will completely eliminate the utility of checkuser or hard-blocks or range blocks, but if the community wants it as much as you seem to think I'm sure they'll support the idea. On 29 March 2015 at 14:10, Brian J Mingus brian.min...@colorado.edu wrote: In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them. But if you recall, I simply stated that recording IP addresses is invasive. And it is. This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming. For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical. Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people. On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote: In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way. The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers. That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus there would be a good starting point to changing this. On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote: Wikipedia is suing the NSA? Seriously? On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu wrote: It has worked up to now, but I'm thinking that, especially given Wikimedia is suing the NSA, it is no longer justifiable. If the NSA can't track citizens, Wikimedia shouldn't be tracking them either. Seems simple :) On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while still allowing non registered users editing rights ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l -- Oliver Keyes Research Analyst Wikimedia Foundation -- Oliver Keyes Research Analyst Wikimedia Foundation ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
Somewhat off topic? That means we're somewhat on topic then, right? It sure seems like we're on topic. I would prefer it of the WMF took the initiative and asked the community what they think about this issue as a whole. The discussion seems to have lacked transparency up to now. We're suing the NSA for something we're doing. Yes, we're aware of that, and we'd like to do something about it, but it's a low priority and that's the final word. I'm not sure everyone will agree with that. Best, On Sun, Mar 29, 2015 at 2:58 PM, Oliver Keyes oke...@wikimedia.org wrote: At this point we're really getting somewhat off-topic; Brian, if you want to continue this discussion about the trade-offs around privacy and oversight, feel free to drop me an email. In the meantime, we should probably leave the thread for the original subject ;) On 29 March 2015 at 14:55, Oliver Keyes oke...@wikimedia.org wrote: Yes, you did state that, but you equated the explanation and circumstances with the NSA's behaviour, when in actual fact they are very different. I note that while you've argued that privacy policies aren't read, that's as far as your rebuttal goes. There's no trump of one principle over another, and this is nothing to do with content neutrality; again, I invite you to surface your proposal on enwiki. It will completely eliminate the utility of checkuser or hard-blocks or range blocks, but if the community wants it as much as you seem to think I'm sure they'll support the idea. On 29 March 2015 at 14:10, Brian J Mingus brian.min...@colorado.edu wrote: In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them. But if you recall, I simply stated that recording IP addresses is invasive. And it is. This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming. For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical. Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people. On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote: In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way. The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers. That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus there would be a good starting point to changing this. On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote: Wikipedia is suing the NSA? Seriously? On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu wrote: It has worked up to now, but I'm thinking that, especially given Wikimedia is suing the NSA, it is no longer justifiable. If the NSA can't track citizens, Wikimedia shouldn't be tracking them either. Seems simple :) On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while
Re: [WikiEN-l] Privacy Study Looking for Volunteers
Wikipedia:Free speech (http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a read. http://en.wikipedia.org/wiki/Wikipedia:Free_speech It's not directly about privacy but I think it clearly covers the ground that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate that goal. If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not Wikipedia. Cheers, David... On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus brian.min...@colorado.edu wrote: In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them. But if you recall, I simply stated that recording IP addresses is invasive. And it is. This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming. For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical. Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people. On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote: In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way. The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers. That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus there would be a good starting point to changing this. On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote: Wikipedia is suing the NSA? Seriously? On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu wrote: It has worked up to now, but I'm thinking that, especially given Wikimedia is suing the NSA, it is no longer justifiable. If the NSA can't track citizens, Wikimedia shouldn't be tracking them either. Seems simple :) On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while still allowing non registered users editing rights ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l -- Oliver Keyes Research Analyst Wikimedia Foundation ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
The notice just says that the IP is public. Most people have no idea what that means. It will absolutely make those problems harder. Perhaps it is the Foundation's trusted role to hide that information from the public and be trusted with it on the backend. This institutional design sounds similar to another institution in certain ways.. On Sun, Mar 29, 2015 at 6:58 PM, Dustin Muniz dah...@bsugmail.net wrote: People are made aware with each edit as an I am that their information is publicly available. What concerns me about removing IP information is that it'll remove our ability to fight spam, detect socks, and respond to emergency@ issues, unless I've missed something? Sent from Samsung Mobile Original message From: Brian J Mingus Date:03-29-2015 4:36 PM (GMT-05:00) To: David Carson Cc: English Wikipedia Subject: Re: [WikiEN-l] Privacy Study Looking for Volunteers Wikipedia is set up such that if you don't take the measures mentioned in the OP, you are dox'ing yourself. Users are not aware of this. On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com wrote: Wikipedia:Free speech ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a read. http://en.wikipedia.org/wiki/Wikipedia:Free_speech It's not directly about privacy but I think it clearly covers the ground that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate that goal. If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not Wikipedia. Cheers, David... On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus brian.min...@colorado.edu wrote: In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them. But if you recall, I simply stated that recording IP addresses is invasive. And it is. This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming. For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical. Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people. On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote: In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way. The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers. That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus there would be a good starting point to changing this. On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote: Wikipedia is suing the NSA? Seriously? On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu wrote: It has worked up to now, but I'm thinking that, especially given Wikimedia is suing the NSA, it is no longer justifiable. If the NSA can't track citizens, Wikimedia shouldn't be tracking them either. Seems simple :) On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM
Re: [WikiEN-l] Privacy Study Looking for Volunteers
Hi Brian, Dox'ing yourself? That's a pretty wild hyperbole. But just to clarify: are you taking issue with the fact that not-logged-in users have their IP addresses publicly visible? Or with the fact that all edits have IP addresses privately recorded? I originally thought you were talking about the latter, but now I'm not sure. If it's actually the former, I've got no disagreement with you. Given that anyone can edit without making their IP public simply by registering a pseudonym and logging in, and given that many new editors might not be aware of the implications of revealing their IP (if they're editing from a static address at work, for instance), it seems to me that the easiest solution - and one which I think would cause absolutely zero astonishment in the minds of new users - would simply be to require users to register a pseudonym and log in in order to edit. But if you're concerned about the effect that this would have on casual drive-by fixes and improvements by people who aren't invested enough in the project to register, then sure, encrypt or hash the IP address before displaying it publicly. I don't think randomizing it on every edit would be a good idea, because I think it's important to be able to tell whether a succession of edits were from the same editor. Cheers, David... On Mon, Mar 30, 2015 at 7:36 AM, Brian J Mingus brian.min...@colorado.edu wrote: Wikipedia is set up such that if you don't take the measures mentioned in the OP, you are dox'ing yourself. Users are not aware of this. On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com wrote: Wikipedia:Free speech ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a read. http://en.wikipedia.org/wiki/Wikipedia:Free_speech It's not directly about privacy but I think it clearly covers the ground that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate that goal. If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not Wikipedia. Cheers, David... On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus brian.min...@colorado.edu wrote: In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them. But if you recall, I simply stated that recording IP addresses is invasive. And it is. This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming. For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical. Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people. On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote: In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way. The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers. That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and explain to them that being able to checkuser potential sockpuppets or hard-block users is not needed: gaining consensus there would be a good starting point to changing this. On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote: Wikipedia is suing the NSA? Seriously? On 28 Mar 2015 11:23, Brian J Mingus
Re: [WikiEN-l] Privacy Study Looking for Volunteers
Hi David, It is a bit of hyperbole, but reductio arguments have their role in helping to make certain things clear. If you force users to log in, you can still identify them. The IP address is helpful, but not necessary. On Sun, Mar 29, 2015 at 7:12 PM, David Carson carson63...@gmail.com wrote: Hi Brian, Dox'ing yourself? That's a pretty wild hyperbole. But just to clarify: are you taking issue with the fact that not-logged-in users have their IP addresses publicly visible? Or with the fact that all edits have IP addresses privately recorded? I originally thought you were talking about the latter, but now I'm not sure. If it's actually the former, I've got no disagreement with you. Given that anyone can edit without making their IP public simply by registering a pseudonym and logging in, and given that many new editors might not be aware of the implications of revealing their IP (if they're editing from a static address at work, for instance), it seems to me that the easiest solution - and one which I think would cause absolutely zero astonishment in the minds of new users - would simply be to require users to register a pseudonym and log in in order to edit. But if you're concerned about the effect that this would have on casual drive-by fixes and improvements by people who aren't invested enough in the project to register, then sure, encrypt or hash the IP address before displaying it publicly. I don't think randomizing it on every edit would be a good idea, because I think it's important to be able to tell whether a succession of edits were from the same editor. Cheers, David... On Mon, Mar 30, 2015 at 7:36 AM, Brian J Mingus brian.min...@colorado.edu wrote: Wikipedia is set up such that if you don't take the measures mentioned in the OP, you are dox'ing yourself. Users are not aware of this. On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com wrote: Wikipedia:Free speech ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a read. http://en.wikipedia.org/wiki/Wikipedia:Free_speech It's not directly about privacy but I think it clearly covers the ground that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate that goal. If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not Wikipedia. Cheers, David... On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus brian.min...@colorado.edu wrote: In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them. But if you recall, I simply stated that recording IP addresses is invasive. And it is. This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming. For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical. Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people. On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote: In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way. The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that being able to make rangeblocks and prohibit sockpuppetry is beneficial to the community we are all a part of and the wider population of readers. That's what's actually going on, here. If you thing these situations are roughly analogous, that's your prerogative. If you think the storage of this data is unnecessary, I recommend you go to your local project and
Re: [WikiEN-l] Privacy Study Looking for Volunteers
Hi Brian, I'm still not entirely clear on your complaint. Are you talking about Wikimedia (not random users, nor Wikipedia Administrators) having access to IP addresses from system logs? Or something else? What does The IP address is helpful, but not necessary mean? Cheers, David... On Mon, Mar 30, 2015 at 10:14 AM, Brian J Mingus brian.min...@colorado.edu wrote: Hi David, It is a bit of hyperbole, but reductio arguments have their role in helping to make certain things clear. If you force users to log in, you can still identify them. The IP address is helpful, but not necessary. On Sun, Mar 29, 2015 at 7:12 PM, David Carson carson63...@gmail.com wrote: Hi Brian, Dox'ing yourself? That's a pretty wild hyperbole. But just to clarify: are you taking issue with the fact that not-logged-in users have their IP addresses publicly visible? Or with the fact that all edits have IP addresses privately recorded? I originally thought you were talking about the latter, but now I'm not sure. If it's actually the former, I've got no disagreement with you. Given that anyone can edit without making their IP public simply by registering a pseudonym and logging in, and given that many new editors might not be aware of the implications of revealing their IP (if they're editing from a static address at work, for instance), it seems to me that the easiest solution - and one which I think would cause absolutely zero astonishment in the minds of new users - would simply be to require users to register a pseudonym and log in in order to edit. But if you're concerned about the effect that this would have on casual drive-by fixes and improvements by people who aren't invested enough in the project to register, then sure, encrypt or hash the IP address before displaying it publicly. I don't think randomizing it on every edit would be a good idea, because I think it's important to be able to tell whether a succession of edits were from the same editor. Cheers, David... On Mon, Mar 30, 2015 at 7:36 AM, Brian J Mingus brian.min...@colorado.edu wrote: Wikipedia is set up such that if you don't take the measures mentioned in the OP, you are dox'ing yourself. Users are not aware of this. On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com wrote: Wikipedia:Free speech ( http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a read. http://en.wikipedia.org/wiki/Wikipedia:Free_speech It's not directly about privacy but I think it clearly covers the ground that Wikipedia is a project to create an online encyclopedia, not an experiment in radical free speech. The system is set up to facilitate that goal. If you think that recording IP addresses is invasive, then you should probably be publishing your content on your own website, not Wikipedia. Cheers, David... On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus brian.min...@colorado.edu wrote: In general people do not read privacy policies, nor do they understand what IP addresses are or what you can do with them. But if you recall, I simply stated that recording IP addresses is invasive. And it is. This is especially true when you know that your recordings are faciliating the active de-anonymization of people who are editing Wikipedia. Not just de-anonymization, but often public shaming. For WMF, the principle of neutrality clearly trumps the principles of privacy and free speech. For the NSA, substitute security for neutrality. It's hypocritical. Luckily, it's easy to fix. Just stuff the ip fields with random numbers and deal with the fallout. Stop tracking people. On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote: In order: 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts about this people here can point you to. 2. Brian: The NSA needs to store data without the permission or consent of the people generating it, sometimes through forcible interception, decryption and the introduction and maintenance of software exploits that allow them to do this but also allow any other reasonably technical nation or non-nation actor who is paying attention to exploit the same vulnerability, keeping this data for an indefinite period, with very little legal or political oversight, in order to stop terrorism, where very little evidence exists that this has helped in any way. The WMF needs to store data for a 90 day period, which is explicitly set down in a privacy policy that is transparent, human-readable, linked from every edit interface, written with the involvement of the people whose data is being stored, administered by a committee of people who come from this population of editors, and explicitly sets out what the data may or may not be used for, even within the Wikimedia Foundation, in order to stop vandalism, where multiple scientific studies have validated the hypothesis that
Re: [WikiEN-l] Privacy Study Looking for Volunteers
Just like the Netflix Prize, knowing which topics an entity is interested in, and having access to text they have written, is, in many cases, enough information to reveal who that person is, where they live, etc. You just plug the data into Google and correlate away. On Sun, Mar 29, 2015 at 7:19 PM, David Carson carson63...@gmail.com wrote: Hi Brian, I'm still not entirely clear on your complaint. Are you talking about Wikimedia (not random users, nor Wikipedia Administrators) having access to IP addresses from system logs? Or something else? What does The IP address is helpful, but not necessary mean? Cheers, David... ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
The idea of the IP being more private in the history/ public logs (for example a unique hash so that you know it's an IP but not where/what IP ) is one that I know has been discussed and is desired by a good number within the foundation including within legal. I'll try to look for the phabricator task about it tomorrow. I think that's something that is likely to happen, it isn't easy though and requires a fair number of resources to be pointed at it to get it done so it's a question of priorities and convincing those who decide those things that it should be higher. I believe it's something, privacy wise, that legal would really like. I think it is unlikely in the short to medium term, however, to get rid of the IPs in the backend (in server logs and in the checkuser system for example) because the replacements just aren't there. I've spent a good amount of time thinking of a way to make the checkuser system as usable as necessary without revealing IPs for example (including a consultant who looked a lot but didn't really come up with anything we didn't know already). I think it's doable, but it would be a very difficult and long design process and I think it's unlikely in the near future. James Alexander Community Advocacy Wikimedia Foundation (415) 839-6885 x6716 @jamesofur On Fri, Mar 27, 2015 at 10:17 PM, Kyanos someanon...@gmail.com wrote: I don't believe a different license is needed. CC licenses can be used for anonymous works: The author is not given and does not have to be credited, but everything else (attribution of the work and share-alike) would stay the same. So a change in the terms of use to the effect of, Unregistered edits are considered to have no named author, would be sufficient. Kyanos On 03/27/2015 06:41 AM, WereSpielChequers wrote: Perhaps we should move to a different licensing model for future IP edits. CC0 for IP edits would be a more sensible license for edits by an IP where in many cases no-one could attribute the edit to the individual who made it. If people don't want to release their edits as CC0 they can always create an account. Regards Jonathan Cardy On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote: It's actually required so as to provide attribution as per the Creative Commons and other licenses we operate under. Sent from my Droid 4 Elias Friedman A.S., CCEMT-P אליהו מתתיהו בן צבי elipo...@gmail.com יְהִי אוֹר ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
A very precise timestamp would seem to suffice for attribution. Anyone caring to prove they wrote something could take a video of them making the edit, thus confirming the timestamp is them. On Fri, Mar 27, 2015 at 6:28 AM, Elias Friedman elipo...@gmail.com wrote: It's actually required so as to provide attribution as per the Creative Commons and other licenses we operate under. Sent from my Droid 4 Elias Friedman A.S., CCEMT-P אליהו מתתיהו בן צבי elipo...@gmail.com יְהִי אוֹר On Mar 27, 2015 4:15 AM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while still allowing non registered users editing rights ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
I don't see a need to change the copyright. Just switch from the IP address to something that doesn't allow you to personally identify the user, but allows the user to claim ownership over the post if they want to, by recording some bit of information. I think a cryptographer could design a nice scheme here. This scheme should be such that neither WMF nor the public can identify the editor, but the editor can prove that they are the one who wrote the post. On Fri, Mar 27, 2015 at 9:59 AM, Elias Friedman elipo...@gmail.com wrote: Nice on paper, but the wiki-drama from the switch from GFDL was bad enough for me. Sent from my Droid 4 Elias Friedman A.S., CCEMT-P אליהו מתתיהו בן צבי elipo...@gmail.com יְהִי אוֹר On Mar 27, 2015 9:41 AM, WereSpielChequers werespielchequ...@gmail.com wrote: Perhaps we should move to a different licensing model for future IP edits. CC0 for IP edits would be a more sensible license for edits by an IP where in many cases no-one could attribute the edit to the individual who made it. If people don't want to release their edits as CC0 they can always create an account. Regards Jonathan Cardy On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote: It's actually required so as to provide attribution as per the Creative Commons and other licenses we operate under. Sent from my Droid 4 Elias Friedman A.S., CCEMT-P אליהו מתתיהו בן צבי elipo...@gmail.com יְהִי אוֹר On Mar 27, 2015 4:15 AM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while still allowing non registered users editing rights ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
It has worked up to now, but I'm thinking that, especially given Wikimedia is suing the NSA, it is no longer justifiable. If the NSA can't track citizens, Wikimedia shouldn't be tracking them either. Seems simple :) On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while still allowing non registered users editing rights ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
I don't believe a different license is needed. CC licenses can be used for anonymous works: The author is not given and does not have to be credited, but everything else (attribution of the work and share-alike) would stay the same. So a change in the terms of use to the effect of, Unregistered edits are considered to have no named author, would be sufficient. Kyanos On 03/27/2015 06:41 AM, WereSpielChequers wrote: Perhaps we should move to a different licensing model for future IP edits. CC0 for IP edits would be a more sensible license for edits by an IP where in many cases no-one could attribute the edit to the individual who made it. If people don't want to release their edits as CC0 they can always create an account. Regards Jonathan Cardy On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote: It's actually required so as to provide attribution as per the Creative Commons and other licenses we operate under. Sent from my Droid 4 Elias Friedman A.S., CCEMT-P אליהו מתתיהו בן צבי elipo...@gmail.com יְהִי אוֹר ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
It's actually required so as to provide attribution as per the Creative Commons and other licenses we operate under. Sent from my Droid 4 Elias Friedman A.S., CCEMT-P אליהו מתתיהו בן צבי elipo...@gmail.com יְהִי אוֹר On Mar 27, 2015 4:15 AM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while still allowing non registered users editing rights ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while still allowing non registered users editing rights ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
Perhaps we should move to a different licensing model for future IP edits. CC0 for IP edits would be a more sensible license for edits by an IP where in many cases no-one could attribute the edit to the individual who made it. If people don't want to release their edits as CC0 they can always create an account. Regards Jonathan Cardy On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote: It's actually required so as to provide attribution as per the Creative Commons and other licenses we operate under. Sent from my Droid 4 Elias Friedman A.S., CCEMT-P אליהו מתתיהו בן צבי elipo...@gmail.com יְהִי אוֹר On Mar 27, 2015 4:15 AM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while still allowing non registered users editing rights ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
Nice on paper, but the wiki-drama from the switch from GFDL was bad enough for me. Sent from my Droid 4 Elias Friedman A.S., CCEMT-P אליהו מתתיהו בן צבי elipo...@gmail.com יְהִי אוֹר On Mar 27, 2015 9:41 AM, WereSpielChequers werespielchequ...@gmail.com wrote: Perhaps we should move to a different licensing model for future IP edits. CC0 for IP edits would be a more sensible license for edits by an IP where in many cases no-one could attribute the edit to the individual who made it. If people don't want to release their edits as CC0 they can always create an account. Regards Jonathan Cardy On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote: It's actually required so as to provide attribution as per the Creative Commons and other licenses we operate under. Sent from my Droid 4 Elias Friedman A.S., CCEMT-P אליהו מתתיהו בן צבי elipo...@gmail.com יְהִי אוֹר On Mar 27, 2015 4:15 AM, Francesco Ariis fa...@ariis.it wrote: On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. I guess it's a sensible choice against abuse (vandalism) while still allowing non registered users editing rights ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
I'm not seeing a reference to IP addresses in this thread or the associated research page (my ctrl-f-fu may just be weak, though): as to why IPs are logged server-side, well, checkuser is a useful tool and that's how rangeblocks work. On 25 March 2015 at 13:19, Brian J Mingus brian.min...@colorado.edu wrote: I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. On Wed, Mar 25, 2015 at 12:53 PM, Andrea Forte andrea.fo...@gmail.com wrote: Hi all, I'm representing a team of researchers from Drexel University who are researching privacy practices among Wikipedia editors. If you have ever thought about your privacy when editing Wikipedia or taken steps to protect your privacy when you edit, we’d like to learn from you about it. The study is titled “Privacy, Anonymity, and Peer Production.” Details can be found on meta where the project was discussed before beginning recruitment here: ( https://meta.wikimedia.org/wiki/Research:Anonymity_and_Peer_Production). If you would like to help us out, you need to read and complete the online consent form linked here and we will get in contact with you: http://andreaforte.net/wp.html. We are planning to conduct interviews that will last anywhere from 30-90 minutes (depending on how much you have to say) by phone or Skype and we can offer you $20 for your time, but you do not need to accept payment to participate. I have been researching Wikipedia since 2004 and have conducted many studies, most of which have resulted in papers that you can find here: http://andreaforte.net. Thanks for considering it, please contact me if you have questions! Andrea Forte http://en.wikipedia.org/wiki/User:Andicat and Rachel Greenstadt Nazanin Andalibi ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l -- Oliver Keyes Research Analyst Wikimedia Foundation ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Re: [WikiEN-l] Privacy Study Looking for Volunteers
I think it's rather curious that edits to Wikipedia aren't private. Why log the IP address? Why log anything? It's invasive. On Wed, Mar 25, 2015 at 12:53 PM, Andrea Forte andrea.fo...@gmail.com wrote: Hi all, I'm representing a team of researchers from Drexel University who are researching privacy practices among Wikipedia editors. If you have ever thought about your privacy when editing Wikipedia or taken steps to protect your privacy when you edit, we’d like to learn from you about it. The study is titled “Privacy, Anonymity, and Peer Production.” Details can be found on meta where the project was discussed before beginning recruitment here: ( https://meta.wikimedia.org/wiki/Research:Anonymity_and_Peer_Production). If you would like to help us out, you need to read and complete the online consent form linked here and we will get in contact with you: http://andreaforte.net/wp.html. We are planning to conduct interviews that will last anywhere from 30-90 minutes (depending on how much you have to say) by phone or Skype and we can offer you $20 for your time, but you do not need to accept payment to participate. I have been researching Wikipedia since 2004 and have conducted many studies, most of which have resulted in papers that you can find here: http://andreaforte.net. Thanks for considering it, please contact me if you have questions! Andrea Forte http://en.wikipedia.org/wiki/User:Andicat and Rachel Greenstadt Nazanin Andalibi ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
[WikiEN-l] Privacy Study Looking for Volunteers
Hi all, I'm representing a team of researchers from Drexel University who are researching privacy practices among Wikipedia editors. If you have ever thought about your privacy when editing Wikipedia or taken steps to protect your privacy when you edit, we’d like to learn from you about it. The study is titled “Privacy, Anonymity, and Peer Production.” Details can be found on meta where the project was discussed before beginning recruitment here: ( https://meta.wikimedia.org/wiki/Research:Anonymity_and_Peer_Production). If you would like to help us out, you need to read and complete the online consent form linked here and we will get in contact with you: http://andreaforte.net/wp.html. We are planning to conduct interviews that will last anywhere from 30-90 minutes (depending on how much you have to say) by phone or Skype and we can offer you $20 for your time, but you do not need to accept payment to participate. I have been researching Wikipedia since 2004 and have conducted many studies, most of which have resulted in papers that you can find here: http://andreaforte.net. Thanks for considering it, please contact me if you have questions! Andrea Forte http://en.wikipedia.org/wiki/User:Andicat and Rachel Greenstadt Nazanin Andalibi ___ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l