Re: [WikiEN-l] Privacy Study Looking for Volunteers

[WereSpielChequers]

Real name editing is a very different obligation depending on how common
your real name is and how many edits you make. There are only a handful of
people who share my real name, if my surname was Smith then real name
disclosure would be a much lighter imposition.

It is also a very different thing depending on your subject area. No one is
likely to make a fuss about my fixing typos on Wikipedia, but we need to
protect those who seek to keep our articles on businesses honest and
neutral. If we insist on real names there, then it will be much more
difficult to deal with companies who can write legal letters to anyone who
disputes their version of the wikipedia article on them.

There are also likely to be some people who  write about topics that would
be controversial in their real life community and don't want their real
life identities linked to that, for example if we had an editor in the
Bible belt writing about evolution or atheism. And of course people who
do things that they don't consider overly controversial but which provoke
rape and murder threats on IRC, here or elsewhere.

Then there is the question of what level of authentication you go to.
Simply requiring people to state that their account name is their real name
will exclude a proportion of goodfaith editors who aren't prepared to do
that, but it won't get rid of any badfaith editors. Verifying identity by
requiring all new editors to pay $5 by a credit card in the same name as
their account would get rid of most vandalism, but make it much harder to
recruit Wikipedians. It would also lose us a lot of editors especially
those who come from cultures where $5 is a lot for a hobby and or credit
cards are rare. Authentication by Facebook would make vandalism a little
more difficult,  though I know people whose pets have accounts, but I'm
pretty sure that those of us who support the open source lobby could
prevent such a path.  Over the years we've had lots of people propose that
we move to real names, but I've not yet seen a proposal that would do so in
a way that would keep almost all of our current and future goodfaith
editors whilst losing a significant proportion of the badfaith ones.

Jonathan

On 8 April 2015 at 20:21, Alan Liefting alieft...@ihug.co.nz wrote:

 I use my own name on WMF sites.  I was warned against doing that not long
 after I started editing back in 2004.  Ten years later and as a hothead
 editor having my real identity known does not seem to be a problem.

 Most editors use an alias.  I don't know why.  What are they afraid of?
 Editing wikis, if you are doing it right, is a laudable task and editors
 should be proud of the fact that they are helping to share knowledge in an
 altruistic manner.

 Rather than ensuring privacy of editors the WMF should DEMAND that editors
 make their identity known.  I am sure that this may cure some of the many
 problems that we are seeing on WMF projects.

 Having said all that there is of course a problem in some of the dodgy
 countries where speaking out gets you killed.  It has happened with
 journalists, bloggers, activists etc.  It could (has?) happen with WMF
 project editors.


 Alan Liefting





 On 09/04/15 00:06, Andrea Forte wrote:

 The discussion here has been great. I've been keeping out of it since I
 have an active research project and I don't want to seed my own ideas, but
 to circle back to the original post... if anyone here would like to
 contribute their experiences with privacy on Wikipedia to our project,
 please consider doing an interview. This is not related to the lawsuit,
 btw, we started the project before that happened.

 The consent form is here:
 http://drexel.qualtrics.com/jfe/form/SV_elzNLEUeTjIphrv

 Thanks,
 Andrea



 On Tue, Apr 7, 2015 at 9:00 AM, WereSpielChequers 
 werespielchequ...@gmail.com wrote:

  There is an important difference here. The WMF does not publicly log the
 IP
 addresses of visitors to the site.
 https://meta.wikimedia.org/wiki/Privacy_policy#your-use-of-wm-sites It
 does however publish the IP addresses of editors who are not logged in.

 I could understand the elitist claim if the WMF were more privacy
 conscious
 of editors than readers. But it isn't, if anything the divide is a three
 way one, with unregistered editors as the ones who by default have least
 privacy

 Regards

 Jonathan

 On 5 April 2015 at 21:18, Federico Leva (Nemo) nemow...@gmail.com
 wrote:

  I propose we run a study. We will survey random editors

 I always find it curious that we had dozens or hundreds of threads on
 having IPs in history: this worry is very elitist, at most few millions
 people ever edited.

 What about the hundreds millions users who never edited? What are
 *their*
 IPs being logged for? It would be rather trivial to do as the IA does:

  http://blog.archive.org/2013/10/25/reader-privacy-at-the-
 internet-archive/

 I'll start worrying about the millions when we have solved privacy
 issues
 for the billions.

 Nemo


 

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Andrea Forte]

The discussion here has been great. I've been keeping out of it since I
have an active research project and I don't want to seed my own ideas, but
to circle back to the original post... if anyone here would like to
contribute their experiences with privacy on Wikipedia to our project,
please consider doing an interview. This is not related to the lawsuit,
btw, we started the project before that happened.

The consent form is here:
http://drexel.qualtrics.com/jfe/form/SV_elzNLEUeTjIphrv

Thanks,
Andrea



On Tue, Apr 7, 2015 at 9:00 AM, WereSpielChequers 
werespielchequ...@gmail.com wrote:

 There is an important difference here. The WMF does not publicly log the IP
 addresses of visitors to the site.
 https://meta.wikimedia.org/wiki/Privacy_policy#your-use-of-wm-sites It
 does however publish the IP addresses of editors who are not logged in.

 I could understand the elitist claim if the WMF were more privacy conscious
 of editors than readers. But it isn't, if anything the divide is a three
 way one, with unregistered editors as the ones who by default have least
 privacy

 Regards

 Jonathan

 On 5 April 2015 at 21:18, Federico Leva (Nemo) nemow...@gmail.com wrote:

   I propose we run a study. We will survey random editors
 
  I always find it curious that we had dozens or hundreds of threads on
  having IPs in history: this worry is very elitist, at most few millions
  people ever edited.
 
  What about the hundreds millions users who never edited? What are *their*
  IPs being logged for? It would be rather trivial to do as the IA does:
 
 http://blog.archive.org/2013/10/25/reader-privacy-at-the-internet-archive/
 
  I'll start worrying about the millions when we have solved privacy issues
  for the billions.
 
  Nemo
 
 
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l
 
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l




-- 
 :: Andrea Forte
 :: Assistant Professor
 :: College of Computing and Informatics, Drexel University
 :: http://www.andreaforte.net
___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Alan Liefting]

I use my own name on WMF sites.  I was warned against doing that not 
long after I started editing back in 2004.  Ten years later and as a 
hothead editor having my real identity known does not seem to be a problem.


Most editors use an alias.  I don't know why.  What are they afraid of?  
Editing wikis, if you are doing it right, is a laudable task and editors 
should be proud of the fact that they are helping to share knowledge in 
an altruistic manner.


Rather than ensuring privacy of editors the WMF should DEMAND that 
editors make their identity known.  I am sure that this may cure some of 
the many problems that we are seeing on WMF projects.


Having said all that there is of course a problem in some of the dodgy 
countries where speaking out gets you killed.  It has happened with 
journalists, bloggers, activists etc.  It could (has?) happen with WMF 
project editors.



Alan Liefting




On 09/04/15 00:06, Andrea Forte wrote:

The discussion here has been great. I've been keeping out of it since I
have an active research project and I don't want to seed my own ideas, but
to circle back to the original post... if anyone here would like to
contribute their experiences with privacy on Wikipedia to our project,
please consider doing an interview. This is not related to the lawsuit,
btw, we started the project before that happened.

The consent form is here:
http://drexel.qualtrics.com/jfe/form/SV_elzNLEUeTjIphrv

Thanks,
Andrea



On Tue, Apr 7, 2015 at 9:00 AM, WereSpielChequers 
werespielchequ...@gmail.com wrote:


There is an important difference here. The WMF does not publicly log the IP
addresses of visitors to the site.
https://meta.wikimedia.org/wiki/Privacy_policy#your-use-of-wm-sites It
does however publish the IP addresses of editors who are not logged in.

I could understand the elitist claim if the WMF were more privacy conscious
of editors than readers. But it isn't, if anything the divide is a three
way one, with unregistered editors as the ones who by default have least
privacy

Regards

Jonathan

On 5 April 2015 at 21:18, Federico Leva (Nemo) nemow...@gmail.com wrote:


I propose we run a study. We will survey random editors

I always find it curious that we had dozens or hundreds of threads on
having IPs in history: this worry is very elitist, at most few millions
people ever edited.

What about the hundreds millions users who never edited? What are *their*
IPs being logged for? It would be rather trivial to do as the IA does:


http://blog.archive.org/2013/10/25/reader-privacy-at-the-internet-archive/

I'll start worrying about the millions when we have solved privacy issues
for the billions.

Nemo


___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l


___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l







___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[James Alexander]

On Wed, Apr 8, 2015 at 12:21 PM, Alan Liefting alieft...@ihug.co.nz wrote:

 Rather than ensuring privacy of editors the WMF should DEMAND that editors
 make their identity known.  I am sure that this may cure some of the many
 problems that we are seeing on WMF projects.

 Having said all that there is of course a problem in some of the dodgy
 countries where speaking out gets you killed.  It has happened with
 journalists, bloggers, activists etc.  It could (has?) happen with WMF
 project editors.


I can't think about specifics but I will say that on a personal (as well as
staff) level I'd be against mandating public identity for many reasons. The
biggest one, however, is indeed the safety side. I also have edited under
my real name since the start (my username isn't but I've said my full name
and identifying info on my user page since I started getting more active)
but I personally know far too many editors who have been dramatically
harassed, threatened and abused by both private and public (governmental)
individuals because of their on-wiki activities. Some of those editors did
stupid things (but still didn't deserve the reaction they got in my mind)
but most of them wrote good to incredibly good content that was well
sourced and, as far as I could tell, completely correct and important to
have in the public sphere.

We need to be able to allow folks to edit in controversial areas (and
depending on where you are the definition of controversial can be very
different) with as little fear of retaliation as possible. There are some
countries and topics where editors take an inherent risk upon themselves by
editing (and they know that) but I want to keep that risk as limited as
possible.

James Alexander
Community Advocacy
Wikimedia Foundation
@jamesofur
___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Oliver Keyes]

There's also a massive problem with the non-dodgy countries. I edit
under my real name. I've had multiple death threats from people
physically proximate to me. The WMF should not DEMAND this, or even
ask for it. The idea that oh, this is laudable, you should be proud!
ignores that there are lunatics out there, or simply people who do not
share your worldview, and they have access to google.

On 8 April 2015 at 15:21, Alan Liefting alieft...@ihug.co.nz wrote:
 I use my own name on WMF sites.  I was warned against doing that not long
 after I started editing back in 2004.  Ten years later and as a hothead
 editor having my real identity known does not seem to be a problem.

 Most editors use an alias.  I don't know why.  What are they afraid of?
 Editing wikis, if you are doing it right, is a laudable task and editors
 should be proud of the fact that they are helping to share knowledge in an
 altruistic manner.

 Rather than ensuring privacy of editors the WMF should DEMAND that editors
 make their identity known.  I am sure that this may cure some of the many
 problems that we are seeing on WMF projects.

 Having said all that there is of course a problem in some of the dodgy
 countries where speaking out gets you killed.  It has happened with
 journalists, bloggers, activists etc.  It could (has?) happen with WMF
 project editors.


 Alan Liefting





 On 09/04/15 00:06, Andrea Forte wrote:

 The discussion here has been great. I've been keeping out of it since I
 have an active research project and I don't want to seed my own ideas, but
 to circle back to the original post... if anyone here would like to
 contribute their experiences with privacy on Wikipedia to our project,
 please consider doing an interview. This is not related to the lawsuit,
 btw, we started the project before that happened.

 The consent form is here:
 http://drexel.qualtrics.com/jfe/form/SV_elzNLEUeTjIphrv

 Thanks,
 Andrea



 On Tue, Apr 7, 2015 at 9:00 AM, WereSpielChequers 
 werespielchequ...@gmail.com wrote:

 There is an important difference here. The WMF does not publicly log the
 IP
 addresses of visitors to the site.
 https://meta.wikimedia.org/wiki/Privacy_policy#your-use-of-wm-sites It
 does however publish the IP addresses of editors who are not logged in.

 I could understand the elitist claim if the WMF were more privacy
 conscious
 of editors than readers. But it isn't, if anything the divide is a three
 way one, with unregistered editors as the ones who by default have least
 privacy

 Regards

 Jonathan

 On 5 April 2015 at 21:18, Federico Leva (Nemo) nemow...@gmail.com
 wrote:

 I propose we run a study. We will survey random editors

 I always find it curious that we had dozens or hundreds of threads on
 having IPs in history: this worry is very elitist, at most few millions
 people ever edited.

 What about the hundreds millions users who never edited? What are
 *their*
 IPs being logged for? It would be rather trivial to do as the IA does:


 http://blog.archive.org/2013/10/25/reader-privacy-at-the-internet-archive/

 I'll start worrying about the millions when we have solved privacy
 issues
 for the billions.

 Nemo


 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l





 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l



-- 
Oliver Keyes
Research Analyst
Wikimedia Foundation

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[WereSpielChequers]

There is an important difference here. The WMF does not publicly log the IP
addresses of visitors to the site.
https://meta.wikimedia.org/wiki/Privacy_policy#your-use-of-wm-sites It
does however publish the IP addresses of editors who are not logged in.

I could understand the elitist claim if the WMF were more privacy conscious
of editors than readers. But it isn't, if anything the divide is a three
way one, with unregistered editors as the ones who by default have least
privacy

Regards

Jonathan

On 5 April 2015 at 21:18, Federico Leva (Nemo) nemow...@gmail.com wrote:

  I propose we run a study. We will survey random editors

 I always find it curious that we had dozens or hundreds of threads on
 having IPs in history: this worry is very elitist, at most few millions
 people ever edited.

 What about the hundreds millions users who never edited? What are *their*
 IPs being logged for? It would be rather trivial to do as the IA does:
 http://blog.archive.org/2013/10/25/reader-privacy-at-the-internet-archive/

 I'll start worrying about the millions when we have solved privacy issues
 for the billions.

 Nemo


 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Federico Leva (Nemo)]

 I propose we run a study. We will survey random editors

I always find it curious that we had dozens or hundreds of threads on 
having IPs in history: this worry is very elitist, at most few millions 
people ever edited.


What about the hundreds millions users who never edited? What are 
*their* IPs being logged for? It would be rather trivial to do as the IA 
does: 
http://blog.archive.org/2013/10/25/reader-privacy-at-the-internet-archive/


I'll start worrying about the millions when we have solved privacy 
issues for the billions.


Nemo

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[James Farrar]

I'm far from convinced that the Foundation should be involved in
push-polling.
On 31 Mar 2015 09:24, Brian J Mingus brian.min...@colorado.edu wrote:

 I propose we run a study. We will survey random editors and ask them if
 they realize that there is a chance they are leaking enough information for
 their identity to be revealed. *Even if they are logged in.*

 Regarding comparisons - institutions have structure, and if there is a
 structure mapping, then it's a matter of fact. A given mapping will have
 strengths and weaknesses. You may prefer one mapping to another. If you
 have reasons for preferring one mapping (other than that it offends you),
 I'm all ears. But be aware: simply changing the vocabulary that you use to
 describe the space doesn't mean that two different descriptions of
 institutions aren't in fact describing a construct that is more similar
 than different, or that is similar in important ways.

 This is all to say, there are often reasons that institutions like the NSA
 and WMF are structured the way they are. Given the investment in the topic,
 it's probably worth exploring how the institutional structures emerged. But
 given the investment, confirmation bias may prevail in this case: even if
 there are important similarities, nobody wants to look like a hypocrite.

 That's OK, though. Much as I am invested in Wikipedia and appreciate the
 WMF, if I turn out to be a hypocrite, *I* will call myself one. Just as I
 will do it to others.

 Best,

 Brian

 *Other dogs bite only their enemies, whereas I bite also my friends.* -
 Diogenes the Cynic


 On Mon, Mar 30, 2015 at 10:32 AM, Oliver Keyes oke...@wikimedia.org
 wrote:

  Or perhaps you're reading far too much into it, and in the process,
  being incredibly rude to the WMF employees reading this thread, who
  are people too, and don't particularly appreciate being compared to
  the NSA. If you're trying to have a constructive discussion, you
  should pick a better format and attitude.
 
  On 29 March 2015 at 19:02, Brian J Mingus brian.min...@colorado.edu
  wrote:
   The notice just says that the IP is public. Most people have no idea
 what
   that means.
  
   It will absolutely make those problems harder. Perhaps it is the
   Foundation's trusted role to hide that information from the public and
 be
   trusted with it on the backend. This institutional design sounds
 similar
  to
   another institution in certain ways..
  
  
  
   On Sun, Mar 29, 2015 at 6:58 PM, Dustin Muniz dah...@bsugmail.net
  wrote:
  
   People are made aware with each edit as an I am that their information
  is
   publicly available. What concerns me about removing IP information is
  that
   it'll remove our ability to fight spam, detect socks, and respond to
   emergency@ issues, unless I've missed something?
  
  
   Sent from Samsung Mobile
  
  
    Original message 
   From: Brian J Mingus
   Date:03-29-2015 4:36 PM (GMT-05:00)
   To: David Carson
   Cc: English Wikipedia
   Subject: Re: [WikiEN-l] Privacy Study Looking for Volunteers
  
   Wikipedia is set up such that if you don't take the measures mentioned
  in
   the OP, you are dox'ing yourself. Users are not aware of this.
  
   On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com
   wrote:
  
Wikipedia:Free speech (
http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably
  worth a
read.
   
http://en.wikipedia.org/wiki/Wikipedia:Free_speech
   
It's not directly about privacy but I think it clearly covers the
  ground
that Wikipedia is a project to create an online encyclopedia, not an
experiment in radical free speech. The system is set up to
 facilitate
   that
goal.
   
If you think that recording IP addresses is invasive, then you
 should
probably be publishing your content on your own website, not
  Wikipedia.
   
Cheers,
David...
   
   
On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus 
   brian.min...@colorado.edu
 wrote:
   
In general people do not read privacy policies, nor do they
  understand
what
IP addresses are or what you can do with them.
   
But if you recall, I simply stated that recording IP addresses is
invasive.
And it is.
   
This is especially true when you know that your recordings are
   faciliating
the active de-anonymization of people who are editing Wikipedia.
 Not
   just
de-anonymization, but often public shaming.
   
For WMF, the principle of neutrality clearly trumps the principles
 of
privacy and free speech. For the NSA, substitute security for
   neutrality.
It's hypocritical.
   
Luckily, it's easy to fix. Just stuff the ip fields with random
  numbers
and
deal with the fallout. Stop tracking people.
   
   
   
On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes 
 oke...@wikimedia.org
wrote:
   
 In order:

 1. Yes, the WMF is suing the NSA. There are a few threads/blog
  posts
 about

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Brian J Mingus]

I propose we run a study. We will survey random editors and ask them if
they realize that there is a chance they are leaking enough information for
their identity to be revealed. *Even if they are logged in.*

Regarding comparisons - institutions have structure, and if there is a
structure mapping, then it's a matter of fact. A given mapping will have
strengths and weaknesses. You may prefer one mapping to another. If you
have reasons for preferring one mapping (other than that it offends you),
I'm all ears. But be aware: simply changing the vocabulary that you use to
describe the space doesn't mean that two different descriptions of
institutions aren't in fact describing a construct that is more similar
than different, or that is similar in important ways.

This is all to say, there are often reasons that institutions like the NSA
and WMF are structured the way they are. Given the investment in the topic,
it's probably worth exploring how the institutional structures emerged. But
given the investment, confirmation bias may prevail in this case: even if
there are important similarities, nobody wants to look like a hypocrite.

That's OK, though. Much as I am invested in Wikipedia and appreciate the
WMF, if I turn out to be a hypocrite, *I* will call myself one. Just as I
will do it to others.

Best,

Brian

*Other dogs bite only their enemies, whereas I bite also my friends.* -
Diogenes the Cynic


On Mon, Mar 30, 2015 at 10:32 AM, Oliver Keyes oke...@wikimedia.org wrote:

 Or perhaps you're reading far too much into it, and in the process,
 being incredibly rude to the WMF employees reading this thread, who
 are people too, and don't particularly appreciate being compared to
 the NSA. If you're trying to have a constructive discussion, you
 should pick a better format and attitude.

 On 29 March 2015 at 19:02, Brian J Mingus brian.min...@colorado.edu
 wrote:
  The notice just says that the IP is public. Most people have no idea what
  that means.
 
  It will absolutely make those problems harder. Perhaps it is the
  Foundation's trusted role to hide that information from the public and be
  trusted with it on the backend. This institutional design sounds similar
 to
  another institution in certain ways..
 
 
 
  On Sun, Mar 29, 2015 at 6:58 PM, Dustin Muniz dah...@bsugmail.net
 wrote:
 
  People are made aware with each edit as an I am that their information
 is
  publicly available. What concerns me about removing IP information is
 that
  it'll remove our ability to fight spam, detect socks, and respond to
  emergency@ issues, unless I've missed something?
 
 
  Sent from Samsung Mobile
 
 
   Original message 
  From: Brian J Mingus
  Date:03-29-2015 4:36 PM (GMT-05:00)
  To: David Carson
  Cc: English Wikipedia
  Subject: Re: [WikiEN-l] Privacy Study Looking for Volunteers
 
  Wikipedia is set up such that if you don't take the measures mentioned
 in
  the OP, you are dox'ing yourself. Users are not aware of this.
 
  On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com
  wrote:
 
   Wikipedia:Free speech (
   http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably
 worth a
   read.
  
   http://en.wikipedia.org/wiki/Wikipedia:Free_speech
  
   It's not directly about privacy but I think it clearly covers the
 ground
   that Wikipedia is a project to create an online encyclopedia, not an
   experiment in radical free speech. The system is set up to facilitate
  that
   goal.
  
   If you think that recording IP addresses is invasive, then you should
   probably be publishing your content on your own website, not
 Wikipedia.
  
   Cheers,
   David...
  
  
   On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus 
  brian.min...@colorado.edu
wrote:
  
   In general people do not read privacy policies, nor do they
 understand
   what
   IP addresses are or what you can do with them.
  
   But if you recall, I simply stated that recording IP addresses is
   invasive.
   And it is.
  
   This is especially true when you know that your recordings are
  faciliating
   the active de-anonymization of people who are editing Wikipedia. Not
  just
   de-anonymization, but often public shaming.
  
   For WMF, the principle of neutrality clearly trumps the principles of
   privacy and free speech. For the NSA, substitute security for
  neutrality.
   It's hypocritical.
  
   Luckily, it's easy to fix. Just stuff the ip fields with random
 numbers
   and
   deal with the fallout. Stop tracking people.
  
  
  
   On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org
   wrote:
  
In order:
   
1. Yes, the WMF is suing the NSA. There are a few threads/blog
 posts
about this people here can point you to.
2. Brian: The NSA needs to store data without the permission or
consent of the people generating it, sometimes through forcible
interception, decryption and the introduction and maintenance of
software exploits that allow them to do

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[geni]

On 30 March 2015 at 16:00, Brian J Mingus brian.min...@colorado.edu wrote:

 I propose we run a study. We will survey random editors and ask them if
 they realize that there is a chance they are leaking enough information for
 their identity to be revealed. *Even if they are logged in.*



What exactly do you hope to learn?




 Regarding comparisons - institutions have structure, and if there is a
 structure mapping, then it's a matter of fact. A given mapping will have
 strengths and weaknesses. You may prefer one mapping to another. If you
 have reasons for preferring one mapping (other than that it offends you),
 I'm all ears. But be aware: simply changing the vocabulary that you use to
 describe the space doesn't mean that two different descriptions of
 institutions aren't in fact describing a construct that is more similar
 than different, or that is similar in important ways.

 This is all to say, there are often reasons that institutions like the NSA
 and WMF are structured the way they are. Given the investment in the topic,
 it's probably worth exploring how the institutional structures emerged. But
 given the investment, confirmation bias may prevail in this case: even if
 there are important similarities, nobody wants to look like a hypocrite.


What does this have to do with anything?

-- 
geni
___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Oliver Keyes]

Or perhaps you're reading far too much into it, and in the process,
being incredibly rude to the WMF employees reading this thread, who
are people too, and don't particularly appreciate being compared to
the NSA. If you're trying to have a constructive discussion, you
should pick a better format and attitude.

On 29 March 2015 at 19:02, Brian J Mingus brian.min...@colorado.edu wrote:
 The notice just says that the IP is public. Most people have no idea what
 that means.

 It will absolutely make those problems harder. Perhaps it is the
 Foundation's trusted role to hide that information from the public and be
 trusted with it on the backend. This institutional design sounds similar to
 another institution in certain ways..



 On Sun, Mar 29, 2015 at 6:58 PM, Dustin Muniz dah...@bsugmail.net wrote:

 People are made aware with each edit as an I am that their information is
 publicly available. What concerns me about removing IP information is that
 it'll remove our ability to fight spam, detect socks, and respond to
 emergency@ issues, unless I've missed something?


 Sent from Samsung Mobile


  Original message 
 From: Brian J Mingus
 Date:03-29-2015 4:36 PM (GMT-05:00)
 To: David Carson
 Cc: English Wikipedia
 Subject: Re: [WikiEN-l] Privacy Study Looking for Volunteers

 Wikipedia is set up such that if you don't take the measures mentioned in
 the OP, you are dox'ing yourself. Users are not aware of this.

 On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com
 wrote:

  Wikipedia:Free speech (
  http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a
  read.
 
  http://en.wikipedia.org/wiki/Wikipedia:Free_speech
 
  It's not directly about privacy but I think it clearly covers the ground
  that Wikipedia is a project to create an online encyclopedia, not an
  experiment in radical free speech. The system is set up to facilitate
 that
  goal.
 
  If you think that recording IP addresses is invasive, then you should
  probably be publishing your content on your own website, not Wikipedia.
 
  Cheers,
  David...
 
 
  On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus 
 brian.min...@colorado.edu
   wrote:
 
  In general people do not read privacy policies, nor do they understand
  what
  IP addresses are or what you can do with them.
 
  But if you recall, I simply stated that recording IP addresses is
  invasive.
  And it is.
 
  This is especially true when you know that your recordings are
 faciliating
  the active de-anonymization of people who are editing Wikipedia. Not
 just
  de-anonymization, but often public shaming.
 
  For WMF, the principle of neutrality clearly trumps the principles of
  privacy and free speech. For the NSA, substitute security for
 neutrality.
  It's hypocritical.
 
  Luckily, it's easy to fix. Just stuff the ip fields with random numbers
  and
  deal with the fallout. Stop tracking people.
 
 
 
  On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org
  wrote:
 
   In order:
  
   1. Yes, the WMF is suing the NSA. There are a few threads/blog posts
   about this people here can point you to.
   2. Brian: The NSA needs to store data without the permission or
   consent of the people generating it, sometimes through forcible
   interception, decryption and the introduction and maintenance of
   software exploits that allow them to do this but also allow any other
   reasonably technical nation or non-nation actor who is paying
   attention to exploit the same vulnerability, keeping this data for an
   indefinite period, with very little legal or political oversight, in
   order to stop terrorism, where very little evidence exists that this
   has helped in any way.
  
   The WMF needs to store data for a 90 day period, which is explicitly
   set down in a privacy policy that is transparent, human-readable,
   linked from every edit interface, written with the involvement of the
   people whose data is being stored, administered by a committee of
   people who come from this population of editors, and explicitly sets
   out what the data may or may not be used for, even within the
   Wikimedia Foundation, in order to stop vandalism, where multiple
   scientific studies have validated the hypothesis that being able to
   make rangeblocks and prohibit sockpuppetry is beneficial to the
   community we are all a part of and the wider population of readers.
  
   That's what's actually going on, here. If you thing these situations
   are roughly analogous, that's your prerogative. If you think the
   storage of this data is unnecessary, I recommend you go to your local
   project and explain to them that being able to checkuser potential
   sockpuppets or hard-block users is not needed: gaining consensus there
   would be a good starting point to changing this.
  
   On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com
 wrote:
Wikipedia is suing the NSA? Seriously?
On 28 Mar 2015 11:23, Brian J Mingus

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Brian J Mingus]

Just like the Netflix Prize, knowing which topics an entity is interested
in, and having access to text they have written, is, in many cases, enough
information to reveal who that person is, where they live, etc. You just
plug the data into Google and correlate away.

On Sun, Mar 29, 2015 at 7:19 PM, David Carson carson63...@gmail.com wrote:

 Hi Brian,

 I'm still not entirely clear on your complaint. Are you talking about
 Wikimedia (not random users, nor Wikipedia Administrators) having access to
 IP addresses from system logs? Or something else? What does The IP address
 is helpful, but not necessary mean?

 Cheers,
 David...


 On Mon, Mar 30, 2015 at 10:14 AM, Brian J Mingus 
 brian.min...@colorado.edu wrote:

 Hi David,

 It is a bit of hyperbole, but reductio arguments have their role in
 helping to make certain things clear.

 If you force users to log in, you can still identify them. The IP address
 is helpful, but not necessary.



 On Sun, Mar 29, 2015 at 7:12 PM, David Carson carson63...@gmail.com
 wrote:

 Hi Brian,

 Dox'ing yourself? That's a pretty wild hyperbole.

 But just to clarify: are you taking issue with the fact that
 not-logged-in users have their IP addresses publicly visible? Or with the
 fact that all edits have IP addresses privately recorded?

 I originally thought you were talking about the latter, but now I'm not
 sure. If it's actually the former, I've got no disagreement with you.

 Given that anyone can edit without making their IP public simply by
 registering a pseudonym and logging in, and given that many new editors
 might not be aware of the implications of revealing their IP (if they're
 editing from a static address at work, for instance), it seems to me that
 the easiest solution - and one which I think would cause absolutely zero
 astonishment in the minds of new users - would simply be to require users
 to register a pseudonym and log in in order to edit.

 But if you're concerned about the effect that this would have on casual
 drive-by fixes and improvements by people who aren't invested enough in
 the project to register, then sure, encrypt or hash the IP address before
 displaying it publicly. I don't think randomizing it on every edit would be
 a good idea, because I think it's important to be able to tell whether a
 succession of edits were from the same editor.

 Cheers,
 David...


 On Mon, Mar 30, 2015 at 7:36 AM, Brian J Mingus 
 brian.min...@colorado.edu wrote:

 Wikipedia is set up such that if you don't take the measures mentioned
 in the OP, you are dox'ing yourself. Users are not aware of this.

 On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com
 wrote:

 Wikipedia:Free speech (
 http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth
 a read.

 http://en.wikipedia.org/wiki/Wikipedia:Free_speech

 It's not directly about privacy but I think it clearly covers the
 ground that Wikipedia is a project to create an online encyclopedia, not 
 an
 experiment in radical free speech. The system is set up to facilitate that
 goal.

 If you think that recording IP addresses is invasive, then you should
 probably be publishing your content on your own website, not Wikipedia.

 Cheers,
 David...


 On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus 
 brian.min...@colorado.edu wrote:

 In general people do not read privacy policies, nor do they
 understand what
 IP addresses are or what you can do with them.

 But if you recall, I simply stated that recording IP addresses is
 invasive.
 And it is.

 This is especially true when you know that your recordings are
 faciliating
 the active de-anonymization of people who are editing Wikipedia. Not
 just
 de-anonymization, but often public shaming.

 For WMF, the principle of neutrality clearly trumps the principles of
 privacy and free speech. For the NSA, substitute security for
 neutrality.
 It's hypocritical.

 Luckily, it's easy to fix. Just stuff the ip fields with random
 numbers and
 deal with the fallout. Stop tracking people.



 On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org
 wrote:

  In order:
 
  1. Yes, the WMF is suing the NSA. There are a few threads/blog posts
  about this people here can point you to.
  2. Brian: The NSA needs to store data without the permission or
  consent of the people generating it, sometimes through forcible
  interception, decryption and the introduction and maintenance of
  software exploits that allow them to do this but also allow any
 other
  reasonably technical nation or non-nation actor who is paying
  attention to exploit the same vulnerability, keeping this data for
 an
  indefinite period, with very little legal or political oversight, in
  order to stop terrorism, where very little evidence exists that this
  has helped in any way.
 
  The WMF needs to store data for a 90 day period, which is explicitly
  set down in a privacy policy that is transparent, human-readable,
  linked from every edit interface, written 

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Dustin Muniz]

People are made aware with each edit as an I am that their information is 
publicly available. What concerns me about removing IP information is that 
it'll remove our ability to fight spam, detect socks, and respond to emergency@ 
issues, unless I've missed something?


Sent from Samsung Mobile

div Original message /divdivFrom: Brian J Mingus 
brian.min...@colorado.edu /divdivDate:03-29-2015  4:36 PM  (GMT-05:00) 
/divdivTo: David Carson carson63...@gmail.com /divdivCc: English 
Wikipedia wikien-l@lists.wikimedia.org /divdivSubject: Re: [WikiEN-l] 
Privacy Study Looking for Volunteers /divdiv
/divWikipedia is set up such that if you don't take the measures mentioned in
the OP, you are dox'ing yourself. Users are not aware of this.

On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com wrote:

 Wikipedia:Free speech (
 http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a
 read.

 http://en.wikipedia.org/wiki/Wikipedia:Free_speech

 It's not directly about privacy but I think it clearly covers the ground
 that Wikipedia is a project to create an online encyclopedia, not an
 experiment in radical free speech. The system is set up to facilitate that
 goal.

 If you think that recording IP addresses is invasive, then you should
 probably be publishing your content on your own website, not Wikipedia.

 Cheers,
 David...


 On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus brian.min...@colorado.edu
  wrote:

 In general people do not read privacy policies, nor do they understand
 what
 IP addresses are or what you can do with them.

 But if you recall, I simply stated that recording IP addresses is
 invasive.
 And it is.

 This is especially true when you know that your recordings are faciliating
 the active de-anonymization of people who are editing Wikipedia. Not just
 de-anonymization, but often public shaming.

 For WMF, the principle of neutrality clearly trumps the principles of
 privacy and free speech. For the NSA, substitute security for neutrality.
 It's hypocritical.

 Luckily, it's easy to fix. Just stuff the ip fields with random numbers
 and
 deal with the fallout. Stop tracking people.



 On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org
 wrote:

  In order:
 
  1. Yes, the WMF is suing the NSA. There are a few threads/blog posts
  about this people here can point you to.
  2. Brian: The NSA needs to store data without the permission or
  consent of the people generating it, sometimes through forcible
  interception, decryption and the introduction and maintenance of
  software exploits that allow them to do this but also allow any other
  reasonably technical nation or non-nation actor who is paying
  attention to exploit the same vulnerability, keeping this data for an
  indefinite period, with very little legal or political oversight, in
  order to stop terrorism, where very little evidence exists that this
  has helped in any way.
 
  The WMF needs to store data for a 90 day period, which is explicitly
  set down in a privacy policy that is transparent, human-readable,
  linked from every edit interface, written with the involvement of the
  people whose data is being stored, administered by a committee of
  people who come from this population of editors, and explicitly sets
  out what the data may or may not be used for, even within the
  Wikimedia Foundation, in order to stop vandalism, where multiple
  scientific studies have validated the hypothesis that being able to
  make rangeblocks and prohibit sockpuppetry is beneficial to the
  community we are all a part of and the wider population of readers.
 
  That's what's actually going on, here. If you thing these situations
  are roughly analogous, that's your prerogative. If you think the
  storage of this data is unnecessary, I recommend you go to your local
  project and explain to them that being able to checkuser potential
  sockpuppets or hard-block users is not needed: gaining consensus there
  would be a good starting point to changing this.
 
  On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote:
   Wikipedia is suing the NSA? Seriously?
   On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu
  wrote:
  
   It has worked up to now, but I'm thinking that, especially given
  Wikimedia
   is suing the NSA, it is no longer justifiable. If the NSA can't track
   citizens, Wikimedia shouldn't be tracking them either. Seems simple
 :)
  
   On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it
  wrote:
  
On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
 I think it's rather curious that edits to Wikipedia aren't
 private.
  Why
log
 the IP address? Why log anything? It's invasive.
   
I guess it's a sensible choice against abuse (vandalism) while
 still
allowing non registered users editing rights
   
   
___
WikiEN-l mailing list
WikiEN-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Andrew Gray]

On 30 March 2015 at 00:24, Brian J Mingus brian.min...@colorado.edu wrote:
 Just like the Netflix Prize, knowing which topics an entity is interested
 in, and having access to text they have written, is, in many cases, enough
 information to reveal who that person is, where they live, etc. You just
 plug the data into Google and correlate away.

Then if we want to stop being being able to identify our users, we
would have to stop allowing our users to write things...

More seriously, yes, we *could* do radical anonymisation of all
contributions to Wikipedia - it would be technically possible to make
every non-account contribution labelled anonymous (one giant
pseudo-account?) rather than an IP number, removing any linkage
between those edits. But that would have immense social costs on the
Wikipedia community - we would lose a substantial proportion of our
capacity to prevent spamming, vandalism, defamation, or other forms of
abuse, and put substantially more work on our volunteers handling
these problems.

I really doubt our overworked community would be able to cope with that.

Some kind of semi-anonymisation, as James suggests, is workable,
obfuscating IPs - but not complete disconnection. The other
alternative would be to close off unregistered contributions, which
has been discussed repeatedly in the past and is generally unpopular.
But it's achievable with our current setup, and if you want to change
things advocating for that might be a better approach.

A.

-- 
- Andrew Gray
  andrew.g...@dunelm.org.uk

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[James Farrar]

Wikipedia is suing the NSA? Seriously?
On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu wrote:

 It has worked up to now, but I'm thinking that, especially given Wikimedia
 is suing the NSA, it is no longer justifiable. If the NSA can't track
 citizens, Wikimedia shouldn't be tracking them either. Seems simple :)

 On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it wrote:

  On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
   I think it's rather curious that edits to Wikipedia aren't private. Why
  log
   the IP address? Why log anything? It's invasive.
 
  I guess it's a sensible choice against abuse (vandalism) while still
  allowing non registered users editing rights
 
 
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l
 
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[WereSpielChequers]

The WMF keeps data on an informed group of people, those who edit on WMF sites, 
and for a fixed period of time, (apart of course from the public listing of IP 
addresses).

If the NSA was only keeping data for as long as the WMF and only keeping data 
on people who post on the NSA site then the comparison would be more 
meaningful. I'm not actually suggesting that the NSA match the WMF for privacy, 
but then I doubt that the WMF would try importing the sort of data on everyone 
that the NSA tries to hoover up.

Regards

Jonathan Cardy


 On 29 Mar 2015, at 14:18, Brian J Mingus brian.min...@colorado.edu wrote:
 
 Do you see the irony here?
 
 The NSA needs to keep harvesting metadata in order to stop terrorism.
 
 The WMF needs to keep harvesting metadata in order to stop vandalism.
 
 On Sun, Mar 29, 2015 at 9:16 AM, Oliver Keyes oke...@wikimedia.org wrote:
 
 .at which point it can no longer be used for checkuser or for
 rangeblocks. I really don't see the hypocricy there. Are we:
 
 1. Taking user data;
 2. Storing it and not saying for how long;
 3. Not telling the user we're taking it in the first place, and;
 4. Not tellning anyone what we're using it for?
 
 If yes to all of the above, the NSA is broadly analogous. If no...a
 better analogy is needed.
 
 On 28 March 2015 at 11:44, Brian J Mingus brian.min...@colorado.edu
 wrote:
 I think now that we are suing the NSA that it's deeply hypocritical to be
 surveilling users. A quick fix: stuff the ip field with random numbers.
 
 On Sat, Mar 28, 2015 at 8:38 AM, James Alexander 
 jalexan...@wikimedia.org
 wrote:
 
 The idea of the IP being more private in the history/ public logs (for
 example a unique hash so that you know it's an IP but not where/what
 IP
 ) is one that I know has been discussed and is desired by a good number
 within the foundation including within legal. I'll try to look for the
 phabricator task about it tomorrow. I think that's something that is
 likely
 to happen, it isn't easy though and requires a fair number of resources
 to
 be pointed at it to get it done so it's a question of priorities and
 convincing those who decide those things that it should be higher. I
 believe it's something, privacy wise, that legal would really like.
 
 I think it is unlikely in the short to medium term, however, to get rid
 of
 the IPs in the backend (in server logs and in the checkuser system for
 example) because the replacements just aren't there. I've spent a good
 amount of time thinking of a way to make the checkuser system as usable
 as
 necessary without revealing IPs for example (including a consultant who
 looked a lot but didn't really come up with anything we didn't know
 already). I think it's doable, but it would be a very difficult and long
 design process and I think it's unlikely in the near future.
 
 James Alexander
 Community Advocacy
 Wikimedia Foundation
 (415) 839-6885 x6716 @jamesofur
 
 On Fri, Mar 27, 2015 at 10:17 PM, Kyanos someanon...@gmail.com wrote:
 
 I don't believe a different license is needed. CC licenses can be used
 for
 anonymous works: The author is not given and does not have to be
 credited,
 but everything else (attribution of the work and share-alike) would
 stay
 the same. So a change in the terms of use to the effect of,
 Unregistered
 edits are considered to have no named author, would be sufficient.
 
 Kyanos
 
 On 03/27/2015 06:41 AM, WereSpielChequers wrote:
 
 Perhaps we should move to a different licensing model for future IP
 edits. CC0 for IP edits would be a more sensible license for edits by
 an IP
 where in many cases no-one could attribute the edit to the individual
 who
 made it. If people don't want to release their edits as CC0 they can
 always
 create an account.
 
 Regards
 
 Jonathan Cardy
 
 
 On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com
 wrote:
 
 It's actually required so as to provide attribution as per the
 Creative
 Commons and other licenses we operate under.
 
 Sent from my Droid 4
 Elias Friedman A.S., CCEMT-P
 אליהו מתתיהו בן צבי
 elipo...@gmail.com
 יְהִי אוֹר
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l
 
 
 
 --
 Oliver Keyes
 Research Analyst
 Wikimedia Foundation
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Brian J Mingus]

I think now that we are suing the NSA that it's deeply hypocritical to be
surveilling users. A quick fix: stuff the ip field with random numbers.

On Sat, Mar 28, 2015 at 8:38 AM, James Alexander jalexan...@wikimedia.org
wrote:

 The idea of the IP being more private in the history/ public logs (for
 example a unique hash so that you know it's an IP but not where/what IP
 ) is one that I know has been discussed and is desired by a good number
 within the foundation including within legal. I'll try to look for the
 phabricator task about it tomorrow. I think that's something that is likely
 to happen, it isn't easy though and requires a fair number of resources to
 be pointed at it to get it done so it's a question of priorities and
 convincing those who decide those things that it should be higher. I
 believe it's something, privacy wise, that legal would really like.

 I think it is unlikely in the short to medium term, however, to get rid of
 the IPs in the backend (in server logs and in the checkuser system for
 example) because the replacements just aren't there. I've spent a good
 amount of time thinking of a way to make the checkuser system as usable as
 necessary without revealing IPs for example (including a consultant who
 looked a lot but didn't really come up with anything we didn't know
 already). I think it's doable, but it would be a very difficult and long
 design process and I think it's unlikely in the near future.

 James Alexander
 Community Advocacy
 Wikimedia Foundation
 (415) 839-6885 x6716 @jamesofur

 On Fri, Mar 27, 2015 at 10:17 PM, Kyanos someanon...@gmail.com wrote:

  I don't believe a different license is needed. CC licenses can be used
 for
  anonymous works: The author is not given and does not have to be
 credited,
  but everything else (attribution of the work and share-alike) would stay
  the same. So a change in the terms of use to the effect of, Unregistered
  edits are considered to have no named author, would be sufficient.
 
  Kyanos
 
  On 03/27/2015 06:41 AM, WereSpielChequers wrote:
 
  Perhaps we should move to a different licensing model for future IP
  edits. CC0 for IP edits would be a more sensible license for edits by
 an IP
  where in many cases no-one could attribute the edit to the individual
 who
  made it. If people don't want to release their edits as CC0 they can
 always
  create an account.
 
  Regards
 
  Jonathan Cardy
 
 
   On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote:
 
  It's actually required so as to provide attribution as per the Creative
  Commons and other licenses we operate under.
 
  Sent from my Droid 4
  Elias Friedman A.S., CCEMT-P
  אליהו מתתיהו בן צבי
  elipo...@gmail.com
  יְהִי אוֹר
 
 
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l
 
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Brian J Mingus]

Do you see the irony here?

The NSA needs to keep harvesting metadata in order to stop terrorism.

The WMF needs to keep harvesting metadata in order to stop vandalism.

On Sun, Mar 29, 2015 at 9:16 AM, Oliver Keyes oke...@wikimedia.org wrote:

 .at which point it can no longer be used for checkuser or for
 rangeblocks. I really don't see the hypocricy there. Are we:

 1. Taking user data;
 2. Storing it and not saying for how long;
 3. Not telling the user we're taking it in the first place, and;
 4. Not tellning anyone what we're using it for?

 If yes to all of the above, the NSA is broadly analogous. If no...a
 better analogy is needed.

 On 28 March 2015 at 11:44, Brian J Mingus brian.min...@colorado.edu
 wrote:
  I think now that we are suing the NSA that it's deeply hypocritical to be
  surveilling users. A quick fix: stuff the ip field with random numbers.
 
  On Sat, Mar 28, 2015 at 8:38 AM, James Alexander 
 jalexan...@wikimedia.org
  wrote:
 
  The idea of the IP being more private in the history/ public logs (for
  example a unique hash so that you know it's an IP but not where/what
 IP
  ) is one that I know has been discussed and is desired by a good number
  within the foundation including within legal. I'll try to look for the
  phabricator task about it tomorrow. I think that's something that is
 likely
  to happen, it isn't easy though and requires a fair number of resources
 to
  be pointed at it to get it done so it's a question of priorities and
  convincing those who decide those things that it should be higher. I
  believe it's something, privacy wise, that legal would really like.
 
  I think it is unlikely in the short to medium term, however, to get rid
 of
  the IPs in the backend (in server logs and in the checkuser system for
  example) because the replacements just aren't there. I've spent a good
  amount of time thinking of a way to make the checkuser system as usable
 as
  necessary without revealing IPs for example (including a consultant who
  looked a lot but didn't really come up with anything we didn't know
  already). I think it's doable, but it would be a very difficult and long
  design process and I think it's unlikely in the near future.
 
  James Alexander
  Community Advocacy
  Wikimedia Foundation
  (415) 839-6885 x6716 @jamesofur
 
  On Fri, Mar 27, 2015 at 10:17 PM, Kyanos someanon...@gmail.com wrote:
 
   I don't believe a different license is needed. CC licenses can be used
  for
   anonymous works: The author is not given and does not have to be
  credited,
   but everything else (attribution of the work and share-alike) would
 stay
   the same. So a change in the terms of use to the effect of,
 Unregistered
   edits are considered to have no named author, would be sufficient.
  
   Kyanos
  
   On 03/27/2015 06:41 AM, WereSpielChequers wrote:
  
   Perhaps we should move to a different licensing model for future IP
   edits. CC0 for IP edits would be a more sensible license for edits by
  an IP
   where in many cases no-one could attribute the edit to the individual
  who
   made it. If people don't want to release their edits as CC0 they can
  always
   create an account.
  
   Regards
  
   Jonathan Cardy
  
  
On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com
 wrote:
  
   It's actually required so as to provide attribution as per the
 Creative
   Commons and other licenses we operate under.
  
   Sent from my Droid 4
   Elias Friedman A.S., CCEMT-P
   אליהו מתתיהו בן צבי
   elipo...@gmail.com
   יְהִי אוֹר
  
  
   ___
   WikiEN-l mailing list
   WikiEN-l@lists.wikimedia.org
   To unsubscribe from this mailing list, visit:
   https://lists.wikimedia.org/mailman/listinfo/wikien-l
  
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l
 
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l



 --
 Oliver Keyes
 Research Analyst
 Wikimedia Foundation

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Oliver Keyes]

.at which point it can no longer be used for checkuser or for
rangeblocks. I really don't see the hypocricy there. Are we:

1. Taking user data;
2. Storing it and not saying for how long;
3. Not telling the user we're taking it in the first place, and;
4. Not tellning anyone what we're using it for?

If yes to all of the above, the NSA is broadly analogous. If no...a
better analogy is needed.

On 28 March 2015 at 11:44, Brian J Mingus brian.min...@colorado.edu wrote:
 I think now that we are suing the NSA that it's deeply hypocritical to be
 surveilling users. A quick fix: stuff the ip field with random numbers.

 On Sat, Mar 28, 2015 at 8:38 AM, James Alexander jalexan...@wikimedia.org
 wrote:

 The idea of the IP being more private in the history/ public logs (for
 example a unique hash so that you know it's an IP but not where/what IP
 ) is one that I know has been discussed and is desired by a good number
 within the foundation including within legal. I'll try to look for the
 phabricator task about it tomorrow. I think that's something that is likely
 to happen, it isn't easy though and requires a fair number of resources to
 be pointed at it to get it done so it's a question of priorities and
 convincing those who decide those things that it should be higher. I
 believe it's something, privacy wise, that legal would really like.

 I think it is unlikely in the short to medium term, however, to get rid of
 the IPs in the backend (in server logs and in the checkuser system for
 example) because the replacements just aren't there. I've spent a good
 amount of time thinking of a way to make the checkuser system as usable as
 necessary without revealing IPs for example (including a consultant who
 looked a lot but didn't really come up with anything we didn't know
 already). I think it's doable, but it would be a very difficult and long
 design process and I think it's unlikely in the near future.

 James Alexander
 Community Advocacy
 Wikimedia Foundation
 (415) 839-6885 x6716 @jamesofur

 On Fri, Mar 27, 2015 at 10:17 PM, Kyanos someanon...@gmail.com wrote:

  I don't believe a different license is needed. CC licenses can be used
 for
  anonymous works: The author is not given and does not have to be
 credited,
  but everything else (attribution of the work and share-alike) would stay
  the same. So a change in the terms of use to the effect of, Unregistered
  edits are considered to have no named author, would be sufficient.
 
  Kyanos
 
  On 03/27/2015 06:41 AM, WereSpielChequers wrote:
 
  Perhaps we should move to a different licensing model for future IP
  edits. CC0 for IP edits would be a more sensible license for edits by
 an IP
  where in many cases no-one could attribute the edit to the individual
 who
  made it. If people don't want to release their edits as CC0 they can
 always
  create an account.
 
  Regards
 
  Jonathan Cardy
 
 
   On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote:
 
  It's actually required so as to provide attribution as per the Creative
  Commons and other licenses we operate under.
 
  Sent from my Droid 4
  Elias Friedman A.S., CCEMT-P
  אליהו מתתיהו בן צבי
  elipo...@gmail.com
  יְהִי אוֹר
 
 
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l
 
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l



-- 
Oliver Keyes
Research Analyst
Wikimedia Foundation

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Oliver Keyes]

In order:

1. Yes, the WMF is suing the NSA. There are a few threads/blog posts
about this people here can point you to.
2. Brian: The NSA needs to store data without the permission or
consent of the people generating it, sometimes through forcible
interception, decryption and the introduction and maintenance of
software exploits that allow them to do this but also allow any other
reasonably technical nation or non-nation actor who is paying
attention to exploit the same vulnerability, keeping this data for an
indefinite period, with very little legal or political oversight, in
order to stop terrorism, where very little evidence exists that this
has helped in any way.

The WMF needs to store data for a 90 day period, which is explicitly
set down in a privacy policy that is transparent, human-readable,
linked from every edit interface, written with the involvement of the
people whose data is being stored, administered by a committee of
people who come from this population of editors, and explicitly sets
out what the data may or may not be used for, even within the
Wikimedia Foundation, in order to stop vandalism, where multiple
scientific studies have validated the hypothesis that being able to
make rangeblocks and prohibit sockpuppetry is beneficial to the
community we are all a part of and the wider population of readers.

That's what's actually going on, here. If you thing these situations
are roughly analogous, that's your prerogative. If you think the
storage of this data is unnecessary, I recommend you go to your local
project and explain to them that being able to checkuser potential
sockpuppets or hard-block users is not needed: gaining consensus there
would be a good starting point to changing this.

On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote:
 Wikipedia is suing the NSA? Seriously?
 On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu wrote:

 It has worked up to now, but I'm thinking that, especially given Wikimedia
 is suing the NSA, it is no longer justifiable. If the NSA can't track
 citizens, Wikimedia shouldn't be tracking them either. Seems simple :)

 On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it wrote:

  On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
   I think it's rather curious that edits to Wikipedia aren't private. Why
  log
   the IP address? Why log anything? It's invasive.
 
  I guess it's a sensible choice against abuse (vandalism) while still
  allowing non registered users editing rights
 
 
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l
 
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l



-- 
Oliver Keyes
Research Analyst
Wikimedia Foundation

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Oliver Keyes]

At this point we're really getting somewhat off-topic; Brian, if you
want to continue this discussion about the trade-offs around privacy
and oversight, feel free to drop me an email. In the meantime, we
should probably leave the thread for the original subject  ;)

On 29 March 2015 at 14:55, Oliver Keyes oke...@wikimedia.org wrote:
 Yes, you did state that, but you equated the explanation and
 circumstances with the NSA's behaviour, when in actual fact they are
 very different. I note that while you've argued that privacy policies
 aren't read, that's as far as your rebuttal goes.

 There's no trump of one principle over another, and this is nothing to
 do with content neutrality; again, I invite you to surface your
 proposal on enwiki. It will completely eliminate the utility of
 checkuser or hard-blocks or range blocks, but if the community wants
 it as much as you seem to think I'm sure they'll support the idea.

 On 29 March 2015 at 14:10, Brian J Mingus brian.min...@colorado.edu wrote:
 In general people do not read privacy policies, nor do they understand what
 IP addresses are or what you can do with them.

 But if you recall, I simply stated that recording IP addresses is invasive.
 And it is.

 This is especially true when you know that your recordings are faciliating
 the active de-anonymization of people who are editing Wikipedia. Not just
 de-anonymization, but often public shaming.

 For WMF, the principle of neutrality clearly trumps the principles of
 privacy and free speech. For the NSA, substitute security for neutrality.
 It's hypocritical.

 Luckily, it's easy to fix. Just stuff the ip fields with random numbers and
 deal with the fallout. Stop tracking people.



 On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote:

 In order:

 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts
 about this people here can point you to.
 2. Brian: The NSA needs to store data without the permission or
 consent of the people generating it, sometimes through forcible
 interception, decryption and the introduction and maintenance of
 software exploits that allow them to do this but also allow any other
 reasonably technical nation or non-nation actor who is paying
 attention to exploit the same vulnerability, keeping this data for an
 indefinite period, with very little legal or political oversight, in
 order to stop terrorism, where very little evidence exists that this
 has helped in any way.

 The WMF needs to store data for a 90 day period, which is explicitly
 set down in a privacy policy that is transparent, human-readable,
 linked from every edit interface, written with the involvement of the
 people whose data is being stored, administered by a committee of
 people who come from this population of editors, and explicitly sets
 out what the data may or may not be used for, even within the
 Wikimedia Foundation, in order to stop vandalism, where multiple
 scientific studies have validated the hypothesis that being able to
 make rangeblocks and prohibit sockpuppetry is beneficial to the
 community we are all a part of and the wider population of readers.

 That's what's actually going on, here. If you thing these situations
 are roughly analogous, that's your prerogative. If you think the
 storage of this data is unnecessary, I recommend you go to your local
 project and explain to them that being able to checkuser potential
 sockpuppets or hard-block users is not needed: gaining consensus there
 would be a good starting point to changing this.

 On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote:
  Wikipedia is suing the NSA? Seriously?
  On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu
  wrote:
 
  It has worked up to now, but I'm thinking that, especially given
  Wikimedia
  is suing the NSA, it is no longer justifiable. If the NSA can't track
  citizens, Wikimedia shouldn't be tracking them either. Seems simple :)
 
  On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it
  wrote:
 
   On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
I think it's rather curious that edits to Wikipedia aren't private.
Why
   log
the IP address? Why log anything? It's invasive.
  
   I guess it's a sensible choice against abuse (vandalism) while still
   allowing non registered users editing rights
  
  
   ___
   WikiEN-l mailing list
   WikiEN-l@lists.wikimedia.org
   To unsubscribe from this mailing list, visit:
   https://lists.wikimedia.org/mailman/listinfo/wikien-l
  
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l
 
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Brian J Mingus]

In general people do not read privacy policies, nor do they understand what
IP addresses are or what you can do with them.

But if you recall, I simply stated that recording IP addresses is invasive.
And it is.

This is especially true when you know that your recordings are faciliating
the active de-anonymization of people who are editing Wikipedia. Not just
de-anonymization, but often public shaming.

For WMF, the principle of neutrality clearly trumps the principles of
privacy and free speech. For the NSA, substitute security for neutrality.
It's hypocritical.

Luckily, it's easy to fix. Just stuff the ip fields with random numbers and
deal with the fallout. Stop tracking people.



On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote:

 In order:

 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts
 about this people here can point you to.
 2. Brian: The NSA needs to store data without the permission or
 consent of the people generating it, sometimes through forcible
 interception, decryption and the introduction and maintenance of
 software exploits that allow them to do this but also allow any other
 reasonably technical nation or non-nation actor who is paying
 attention to exploit the same vulnerability, keeping this data for an
 indefinite period, with very little legal or political oversight, in
 order to stop terrorism, where very little evidence exists that this
 has helped in any way.

 The WMF needs to store data for a 90 day period, which is explicitly
 set down in a privacy policy that is transparent, human-readable,
 linked from every edit interface, written with the involvement of the
 people whose data is being stored, administered by a committee of
 people who come from this population of editors, and explicitly sets
 out what the data may or may not be used for, even within the
 Wikimedia Foundation, in order to stop vandalism, where multiple
 scientific studies have validated the hypothesis that being able to
 make rangeblocks and prohibit sockpuppetry is beneficial to the
 community we are all a part of and the wider population of readers.

 That's what's actually going on, here. If you thing these situations
 are roughly analogous, that's your prerogative. If you think the
 storage of this data is unnecessary, I recommend you go to your local
 project and explain to them that being able to checkuser potential
 sockpuppets or hard-block users is not needed: gaining consensus there
 would be a good starting point to changing this.

 On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote:
  Wikipedia is suing the NSA? Seriously?
  On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu
 wrote:
 
  It has worked up to now, but I'm thinking that, especially given
 Wikimedia
  is suing the NSA, it is no longer justifiable. If the NSA can't track
  citizens, Wikimedia shouldn't be tracking them either. Seems simple :)
 
  On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it
 wrote:
 
   On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
I think it's rather curious that edits to Wikipedia aren't private.
 Why
   log
the IP address? Why log anything? It's invasive.
  
   I guess it's a sensible choice against abuse (vandalism) while still
   allowing non registered users editing rights
  
  
   ___
   WikiEN-l mailing list
   WikiEN-l@lists.wikimedia.org
   To unsubscribe from this mailing list, visit:
   https://lists.wikimedia.org/mailman/listinfo/wikien-l
  
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l
 
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l



 --
 Oliver Keyes
 Research Analyst
 Wikimedia Foundation

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Oliver Keyes]

Yes, you did state that, but you equated the explanation and
circumstances with the NSA's behaviour, when in actual fact they are
very different. I note that while you've argued that privacy policies
aren't read, that's as far as your rebuttal goes.

There's no trump of one principle over another, and this is nothing to
do with content neutrality; again, I invite you to surface your
proposal on enwiki. It will completely eliminate the utility of
checkuser or hard-blocks or range blocks, but if the community wants
it as much as you seem to think I'm sure they'll support the idea.

On 29 March 2015 at 14:10, Brian J Mingus brian.min...@colorado.edu wrote:
 In general people do not read privacy policies, nor do they understand what
 IP addresses are or what you can do with them.

 But if you recall, I simply stated that recording IP addresses is invasive.
 And it is.

 This is especially true when you know that your recordings are faciliating
 the active de-anonymization of people who are editing Wikipedia. Not just
 de-anonymization, but often public shaming.

 For WMF, the principle of neutrality clearly trumps the principles of
 privacy and free speech. For the NSA, substitute security for neutrality.
 It's hypocritical.

 Luckily, it's easy to fix. Just stuff the ip fields with random numbers and
 deal with the fallout. Stop tracking people.



 On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org wrote:

 In order:

 1. Yes, the WMF is suing the NSA. There are a few threads/blog posts
 about this people here can point you to.
 2. Brian: The NSA needs to store data without the permission or
 consent of the people generating it, sometimes through forcible
 interception, decryption and the introduction and maintenance of
 software exploits that allow them to do this but also allow any other
 reasonably technical nation or non-nation actor who is paying
 attention to exploit the same vulnerability, keeping this data for an
 indefinite period, with very little legal or political oversight, in
 order to stop terrorism, where very little evidence exists that this
 has helped in any way.

 The WMF needs to store data for a 90 day period, which is explicitly
 set down in a privacy policy that is transparent, human-readable,
 linked from every edit interface, written with the involvement of the
 people whose data is being stored, administered by a committee of
 people who come from this population of editors, and explicitly sets
 out what the data may or may not be used for, even within the
 Wikimedia Foundation, in order to stop vandalism, where multiple
 scientific studies have validated the hypothesis that being able to
 make rangeblocks and prohibit sockpuppetry is beneficial to the
 community we are all a part of and the wider population of readers.

 That's what's actually going on, here. If you thing these situations
 are roughly analogous, that's your prerogative. If you think the
 storage of this data is unnecessary, I recommend you go to your local
 project and explain to them that being able to checkuser potential
 sockpuppets or hard-block users is not needed: gaining consensus there
 would be a good starting point to changing this.

 On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote:
  Wikipedia is suing the NSA? Seriously?
  On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu
  wrote:
 
  It has worked up to now, but I'm thinking that, especially given
  Wikimedia
  is suing the NSA, it is no longer justifiable. If the NSA can't track
  citizens, Wikimedia shouldn't be tracking them either. Seems simple :)
 
  On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it
  wrote:
 
   On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
I think it's rather curious that edits to Wikipedia aren't private.
Why
   log
the IP address? Why log anything? It's invasive.
  
   I guess it's a sensible choice against abuse (vandalism) while still
   allowing non registered users editing rights
  
  
   ___
   WikiEN-l mailing list
   WikiEN-l@lists.wikimedia.org
   To unsubscribe from this mailing list, visit:
   https://lists.wikimedia.org/mailman/listinfo/wikien-l
  
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l
 
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l



 --
 Oliver Keyes
 Research Analyst
 Wikimedia Foundation





-- 
Oliver Keyes
Research Analyst
Wikimedia Foundation

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Brian J Mingus]

Somewhat off topic? That means we're somewhat on topic then, right? It sure
seems like we're on topic.

I would prefer it of the WMF took the initiative and asked the community
what they think about this issue as a whole. The discussion seems to have
lacked transparency up to now. We're suing the NSA for something we're
doing. Yes, we're aware of that, and we'd like to do something about it,
but it's a low priority and that's the final word. I'm not sure everyone
will agree with that.

Best,


On Sun, Mar 29, 2015 at 2:58 PM, Oliver Keyes oke...@wikimedia.org wrote:

 At this point we're really getting somewhat off-topic; Brian, if you
 want to continue this discussion about the trade-offs around privacy
 and oversight, feel free to drop me an email. In the meantime, we
 should probably leave the thread for the original subject  ;)

 On 29 March 2015 at 14:55, Oliver Keyes oke...@wikimedia.org wrote:
  Yes, you did state that, but you equated the explanation and
  circumstances with the NSA's behaviour, when in actual fact they are
  very different. I note that while you've argued that privacy policies
  aren't read, that's as far as your rebuttal goes.
 
  There's no trump of one principle over another, and this is nothing to
  do with content neutrality; again, I invite you to surface your
  proposal on enwiki. It will completely eliminate the utility of
  checkuser or hard-blocks or range blocks, but if the community wants
  it as much as you seem to think I'm sure they'll support the idea.
 
  On 29 March 2015 at 14:10, Brian J Mingus brian.min...@colorado.edu
 wrote:
  In general people do not read privacy policies, nor do they understand
 what
  IP addresses are or what you can do with them.
 
  But if you recall, I simply stated that recording IP addresses is
 invasive.
  And it is.
 
  This is especially true when you know that your recordings are
 faciliating
  the active de-anonymization of people who are editing Wikipedia. Not
 just
  de-anonymization, but often public shaming.
 
  For WMF, the principle of neutrality clearly trumps the principles of
  privacy and free speech. For the NSA, substitute security for
 neutrality.
  It's hypocritical.
 
  Luckily, it's easy to fix. Just stuff the ip fields with random numbers
 and
  deal with the fallout. Stop tracking people.
 
 
 
  On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org
 wrote:
 
  In order:
 
  1. Yes, the WMF is suing the NSA. There are a few threads/blog posts
  about this people here can point you to.
  2. Brian: The NSA needs to store data without the permission or
  consent of the people generating it, sometimes through forcible
  interception, decryption and the introduction and maintenance of
  software exploits that allow them to do this but also allow any other
  reasonably technical nation or non-nation actor who is paying
  attention to exploit the same vulnerability, keeping this data for an
  indefinite period, with very little legal or political oversight, in
  order to stop terrorism, where very little evidence exists that this
  has helped in any way.
 
  The WMF needs to store data for a 90 day period, which is explicitly
  set down in a privacy policy that is transparent, human-readable,
  linked from every edit interface, written with the involvement of the
  people whose data is being stored, administered by a committee of
  people who come from this population of editors, and explicitly sets
  out what the data may or may not be used for, even within the
  Wikimedia Foundation, in order to stop vandalism, where multiple
  scientific studies have validated the hypothesis that being able to
  make rangeblocks and prohibit sockpuppetry is beneficial to the
  community we are all a part of and the wider population of readers.
 
  That's what's actually going on, here. If you thing these situations
  are roughly analogous, that's your prerogative. If you think the
  storage of this data is unnecessary, I recommend you go to your local
  project and explain to them that being able to checkuser potential
  sockpuppets or hard-block users is not needed: gaining consensus there
  would be a good starting point to changing this.
 
  On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com
 wrote:
   Wikipedia is suing the NSA? Seriously?
   On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu
   wrote:
  
   It has worked up to now, but I'm thinking that, especially given
   Wikimedia
   is suing the NSA, it is no longer justifiable. If the NSA can't
 track
   citizens, Wikimedia shouldn't be tracking them either. Seems simple
 :)
  
   On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it
   wrote:
  
On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
 I think it's rather curious that edits to Wikipedia aren't
 private.
 Why
log
 the IP address? Why log anything? It's invasive.
   
I guess it's a sensible choice against abuse (vandalism) while
 

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[David Carson]

Wikipedia:Free speech (http://en.wikipedia.org/wiki/Wikipedia:Free_speech)
is probably worth a read.

http://en.wikipedia.org/wiki/Wikipedia:Free_speech

It's not directly about privacy but I think it clearly covers the ground
that Wikipedia is a project to create an online encyclopedia, not an
experiment in radical free speech. The system is set up to facilitate that
goal.

If you think that recording IP addresses is invasive, then you should
probably be publishing your content on your own website, not Wikipedia.

Cheers,
David...


On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus brian.min...@colorado.edu
wrote:

 In general people do not read privacy policies, nor do they understand what
 IP addresses are or what you can do with them.

 But if you recall, I simply stated that recording IP addresses is invasive.
 And it is.

 This is especially true when you know that your recordings are faciliating
 the active de-anonymization of people who are editing Wikipedia. Not just
 de-anonymization, but often public shaming.

 For WMF, the principle of neutrality clearly trumps the principles of
 privacy and free speech. For the NSA, substitute security for neutrality.
 It's hypocritical.

 Luckily, it's easy to fix. Just stuff the ip fields with random numbers and
 deal with the fallout. Stop tracking people.



 On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org
 wrote:

  In order:
 
  1. Yes, the WMF is suing the NSA. There are a few threads/blog posts
  about this people here can point you to.
  2. Brian: The NSA needs to store data without the permission or
  consent of the people generating it, sometimes through forcible
  interception, decryption and the introduction and maintenance of
  software exploits that allow them to do this but also allow any other
  reasonably technical nation or non-nation actor who is paying
  attention to exploit the same vulnerability, keeping this data for an
  indefinite period, with very little legal or political oversight, in
  order to stop terrorism, where very little evidence exists that this
  has helped in any way.
 
  The WMF needs to store data for a 90 day period, which is explicitly
  set down in a privacy policy that is transparent, human-readable,
  linked from every edit interface, written with the involvement of the
  people whose data is being stored, administered by a committee of
  people who come from this population of editors, and explicitly sets
  out what the data may or may not be used for, even within the
  Wikimedia Foundation, in order to stop vandalism, where multiple
  scientific studies have validated the hypothesis that being able to
  make rangeblocks and prohibit sockpuppetry is beneficial to the
  community we are all a part of and the wider population of readers.
 
  That's what's actually going on, here. If you thing these situations
  are roughly analogous, that's your prerogative. If you think the
  storage of this data is unnecessary, I recommend you go to your local
  project and explain to them that being able to checkuser potential
  sockpuppets or hard-block users is not needed: gaining consensus there
  would be a good starting point to changing this.
 
  On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com wrote:
   Wikipedia is suing the NSA? Seriously?
   On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu
  wrote:
  
   It has worked up to now, but I'm thinking that, especially given
  Wikimedia
   is suing the NSA, it is no longer justifiable. If the NSA can't track
   citizens, Wikimedia shouldn't be tracking them either. Seems simple :)
  
   On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it
  wrote:
  
On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
 I think it's rather curious that edits to Wikipedia aren't
 private.
  Why
log
 the IP address? Why log anything? It's invasive.
   
I guess it's a sensible choice against abuse (vandalism) while still
allowing non registered users editing rights
   
   
___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l
   
   ___
   WikiEN-l mailing list
   WikiEN-l@lists.wikimedia.org
   To unsubscribe from this mailing list, visit:
   https://lists.wikimedia.org/mailman/listinfo/wikien-l
  
   ___
   WikiEN-l mailing list
   WikiEN-l@lists.wikimedia.org
   To unsubscribe from this mailing list, visit:
   https://lists.wikimedia.org/mailman/listinfo/wikien-l
 
 
 
  --
  Oliver Keyes
  Research Analyst
  Wikimedia Foundation
 
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Brian J Mingus]

The notice just says that the IP is public. Most people have no idea what
that means.

It will absolutely make those problems harder. Perhaps it is the
Foundation's trusted role to hide that information from the public and be
trusted with it on the backend. This institutional design sounds similar to
another institution in certain ways..



On Sun, Mar 29, 2015 at 6:58 PM, Dustin Muniz dah...@bsugmail.net wrote:

 People are made aware with each edit as an I am that their information is
 publicly available. What concerns me about removing IP information is that
 it'll remove our ability to fight spam, detect socks, and respond to
 emergency@ issues, unless I've missed something?


 Sent from Samsung Mobile


  Original message 
 From: Brian J Mingus
 Date:03-29-2015 4:36 PM (GMT-05:00)
 To: David Carson
 Cc: English Wikipedia
 Subject: Re: [WikiEN-l] Privacy Study Looking for Volunteers

 Wikipedia is set up such that if you don't take the measures mentioned in
 the OP, you are dox'ing yourself. Users are not aware of this.

 On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com
 wrote:

  Wikipedia:Free speech (
  http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a
  read.
 
  http://en.wikipedia.org/wiki/Wikipedia:Free_speech
 
  It's not directly about privacy but I think it clearly covers the ground
  that Wikipedia is a project to create an online encyclopedia, not an
  experiment in radical free speech. The system is set up to facilitate
 that
  goal.
 
  If you think that recording IP addresses is invasive, then you should
  probably be publishing your content on your own website, not Wikipedia.
 
  Cheers,
  David...
 
 
  On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus 
 brian.min...@colorado.edu
   wrote:
 
  In general people do not read privacy policies, nor do they understand
  what
  IP addresses are or what you can do with them.
 
  But if you recall, I simply stated that recording IP addresses is
  invasive.
  And it is.
 
  This is especially true when you know that your recordings are
 faciliating
  the active de-anonymization of people who are editing Wikipedia. Not
 just
  de-anonymization, but often public shaming.
 
  For WMF, the principle of neutrality clearly trumps the principles of
  privacy and free speech. For the NSA, substitute security for
 neutrality.
  It's hypocritical.
 
  Luckily, it's easy to fix. Just stuff the ip fields with random numbers
  and
  deal with the fallout. Stop tracking people.
 
 
 
  On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org
  wrote:
 
   In order:
  
   1. Yes, the WMF is suing the NSA. There are a few threads/blog posts
   about this people here can point you to.
   2. Brian: The NSA needs to store data without the permission or
   consent of the people generating it, sometimes through forcible
   interception, decryption and the introduction and maintenance of
   software exploits that allow them to do this but also allow any other
   reasonably technical nation or non-nation actor who is paying
   attention to exploit the same vulnerability, keeping this data for an
   indefinite period, with very little legal or political oversight, in
   order to stop terrorism, where very little evidence exists that this
   has helped in any way.
  
   The WMF needs to store data for a 90 day period, which is explicitly
   set down in a privacy policy that is transparent, human-readable,
   linked from every edit interface, written with the involvement of the
   people whose data is being stored, administered by a committee of
   people who come from this population of editors, and explicitly sets
   out what the data may or may not be used for, even within the
   Wikimedia Foundation, in order to stop vandalism, where multiple
   scientific studies have validated the hypothesis that being able to
   make rangeblocks and prohibit sockpuppetry is beneficial to the
   community we are all a part of and the wider population of readers.
  
   That's what's actually going on, here. If you thing these situations
   are roughly analogous, that's your prerogative. If you think the
   storage of this data is unnecessary, I recommend you go to your local
   project and explain to them that being able to checkuser potential
   sockpuppets or hard-block users is not needed: gaining consensus there
   would be a good starting point to changing this.
  
   On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com
 wrote:
Wikipedia is suing the NSA? Seriously?
On 28 Mar 2015 11:23, Brian J Mingus brian.min...@colorado.edu
   wrote:
   
It has worked up to now, but I'm thinking that, especially given
   Wikimedia
is suing the NSA, it is no longer justifiable. If the NSA can't
 track
citizens, Wikimedia shouldn't be tracking them either. Seems simple
  :)
   
On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it
   wrote:
   
 On Wed, Mar 25, 2015 at 01:19:35PM

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[David Carson]

Hi Brian,

Dox'ing yourself? That's a pretty wild hyperbole.

But just to clarify: are you taking issue with the fact that not-logged-in
users have their IP addresses publicly visible? Or with the fact that all
edits have IP addresses privately recorded?

I originally thought you were talking about the latter, but now I'm not
sure. If it's actually the former, I've got no disagreement with you.

Given that anyone can edit without making their IP public simply by
registering a pseudonym and logging in, and given that many new editors
might not be aware of the implications of revealing their IP (if they're
editing from a static address at work, for instance), it seems to me that
the easiest solution - and one which I think would cause absolutely zero
astonishment in the minds of new users - would simply be to require users
to register a pseudonym and log in in order to edit.

But if you're concerned about the effect that this would have on casual
drive-by fixes and improvements by people who aren't invested enough in
the project to register, then sure, encrypt or hash the IP address before
displaying it publicly. I don't think randomizing it on every edit would be
a good idea, because I think it's important to be able to tell whether a
succession of edits were from the same editor.

Cheers,
David...


On Mon, Mar 30, 2015 at 7:36 AM, Brian J Mingus brian.min...@colorado.edu
wrote:

 Wikipedia is set up such that if you don't take the measures mentioned in
 the OP, you are dox'ing yourself. Users are not aware of this.

 On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com
 wrote:

 Wikipedia:Free speech (
 http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a
 read.

 http://en.wikipedia.org/wiki/Wikipedia:Free_speech

 It's not directly about privacy but I think it clearly covers the ground
 that Wikipedia is a project to create an online encyclopedia, not an
 experiment in radical free speech. The system is set up to facilitate that
 goal.

 If you think that recording IP addresses is invasive, then you should
 probably be publishing your content on your own website, not Wikipedia.

 Cheers,
 David...


 On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus 
 brian.min...@colorado.edu wrote:

 In general people do not read privacy policies, nor do they understand
 what
 IP addresses are or what you can do with them.

 But if you recall, I simply stated that recording IP addresses is
 invasive.
 And it is.

 This is especially true when you know that your recordings are
 faciliating
 the active de-anonymization of people who are editing Wikipedia. Not just
 de-anonymization, but often public shaming.

 For WMF, the principle of neutrality clearly trumps the principles of
 privacy and free speech. For the NSA, substitute security for neutrality.
 It's hypocritical.

 Luckily, it's easy to fix. Just stuff the ip fields with random numbers
 and
 deal with the fallout. Stop tracking people.



 On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org
 wrote:

  In order:
 
  1. Yes, the WMF is suing the NSA. There are a few threads/blog posts
  about this people here can point you to.
  2. Brian: The NSA needs to store data without the permission or
  consent of the people generating it, sometimes through forcible
  interception, decryption and the introduction and maintenance of
  software exploits that allow them to do this but also allow any other
  reasonably technical nation or non-nation actor who is paying
  attention to exploit the same vulnerability, keeping this data for an
  indefinite period, with very little legal or political oversight, in
  order to stop terrorism, where very little evidence exists that this
  has helped in any way.
 
  The WMF needs to store data for a 90 day period, which is explicitly
  set down in a privacy policy that is transparent, human-readable,
  linked from every edit interface, written with the involvement of the
  people whose data is being stored, administered by a committee of
  people who come from this population of editors, and explicitly sets
  out what the data may or may not be used for, even within the
  Wikimedia Foundation, in order to stop vandalism, where multiple
  scientific studies have validated the hypothesis that being able to
  make rangeblocks and prohibit sockpuppetry is beneficial to the
  community we are all a part of and the wider population of readers.
 
  That's what's actually going on, here. If you thing these situations
  are roughly analogous, that's your prerogative. If you think the
  storage of this data is unnecessary, I recommend you go to your local
  project and explain to them that being able to checkuser potential
  sockpuppets or hard-block users is not needed: gaining consensus there
  would be a good starting point to changing this.
 
  On 29 March 2015 at 11:57, James Farrar james.far...@gmail.com
 wrote:
   Wikipedia is suing the NSA? Seriously?
   On 28 Mar 2015 11:23, Brian J Mingus 

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Brian J Mingus]

Hi David,

It is a bit of hyperbole, but reductio arguments have their role in helping
to make certain things clear.

If you force users to log in, you can still identify them. The IP address
is helpful, but not necessary.



On Sun, Mar 29, 2015 at 7:12 PM, David Carson carson63...@gmail.com wrote:

 Hi Brian,

 Dox'ing yourself? That's a pretty wild hyperbole.

 But just to clarify: are you taking issue with the fact that not-logged-in
 users have their IP addresses publicly visible? Or with the fact that all
 edits have IP addresses privately recorded?

 I originally thought you were talking about the latter, but now I'm not
 sure. If it's actually the former, I've got no disagreement with you.

 Given that anyone can edit without making their IP public simply by
 registering a pseudonym and logging in, and given that many new editors
 might not be aware of the implications of revealing their IP (if they're
 editing from a static address at work, for instance), it seems to me that
 the easiest solution - and one which I think would cause absolutely zero
 astonishment in the minds of new users - would simply be to require users
 to register a pseudonym and log in in order to edit.

 But if you're concerned about the effect that this would have on casual
 drive-by fixes and improvements by people who aren't invested enough in
 the project to register, then sure, encrypt or hash the IP address before
 displaying it publicly. I don't think randomizing it on every edit would be
 a good idea, because I think it's important to be able to tell whether a
 succession of edits were from the same editor.

 Cheers,
 David...


 On Mon, Mar 30, 2015 at 7:36 AM, Brian J Mingus brian.min...@colorado.edu
  wrote:

 Wikipedia is set up such that if you don't take the measures mentioned in
 the OP, you are dox'ing yourself. Users are not aware of this.

 On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com
 wrote:

 Wikipedia:Free speech (
 http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth a
 read.

 http://en.wikipedia.org/wiki/Wikipedia:Free_speech

 It's not directly about privacy but I think it clearly covers the ground
 that Wikipedia is a project to create an online encyclopedia, not an
 experiment in radical free speech. The system is set up to facilitate that
 goal.

 If you think that recording IP addresses is invasive, then you should
 probably be publishing your content on your own website, not Wikipedia.

 Cheers,
 David...


 On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus 
 brian.min...@colorado.edu wrote:

 In general people do not read privacy policies, nor do they understand
 what
 IP addresses are or what you can do with them.

 But if you recall, I simply stated that recording IP addresses is
 invasive.
 And it is.

 This is especially true when you know that your recordings are
 faciliating
 the active de-anonymization of people who are editing Wikipedia. Not
 just
 de-anonymization, but often public shaming.

 For WMF, the principle of neutrality clearly trumps the principles of
 privacy and free speech. For the NSA, substitute security for
 neutrality.
 It's hypocritical.

 Luckily, it's easy to fix. Just stuff the ip fields with random numbers
 and
 deal with the fallout. Stop tracking people.



 On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org
 wrote:

  In order:
 
  1. Yes, the WMF is suing the NSA. There are a few threads/blog posts
  about this people here can point you to.
  2. Brian: The NSA needs to store data without the permission or
  consent of the people generating it, sometimes through forcible
  interception, decryption and the introduction and maintenance of
  software exploits that allow them to do this but also allow any other
  reasonably technical nation or non-nation actor who is paying
  attention to exploit the same vulnerability, keeping this data for an
  indefinite period, with very little legal or political oversight, in
  order to stop terrorism, where very little evidence exists that this
  has helped in any way.
 
  The WMF needs to store data for a 90 day period, which is explicitly
  set down in a privacy policy that is transparent, human-readable,
  linked from every edit interface, written with the involvement of the
  people whose data is being stored, administered by a committee of
  people who come from this population of editors, and explicitly sets
  out what the data may or may not be used for, even within the
  Wikimedia Foundation, in order to stop vandalism, where multiple
  scientific studies have validated the hypothesis that being able to
  make rangeblocks and prohibit sockpuppetry is beneficial to the
  community we are all a part of and the wider population of readers.
 
  That's what's actually going on, here. If you thing these situations
  are roughly analogous, that's your prerogative. If you think the
  storage of this data is unnecessary, I recommend you go to your local
  project and 

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[David Carson]

Hi Brian,

I'm still not entirely clear on your complaint. Are you talking about
Wikimedia (not random users, nor Wikipedia Administrators) having access to
IP addresses from system logs? Or something else? What does The IP address
is helpful, but not necessary mean?

Cheers,
David...


On Mon, Mar 30, 2015 at 10:14 AM, Brian J Mingus brian.min...@colorado.edu
wrote:

 Hi David,

 It is a bit of hyperbole, but reductio arguments have their role in
 helping to make certain things clear.

 If you force users to log in, you can still identify them. The IP address
 is helpful, but not necessary.



 On Sun, Mar 29, 2015 at 7:12 PM, David Carson carson63...@gmail.com
 wrote:

 Hi Brian,

 Dox'ing yourself? That's a pretty wild hyperbole.

 But just to clarify: are you taking issue with the fact that
 not-logged-in users have their IP addresses publicly visible? Or with the
 fact that all edits have IP addresses privately recorded?

 I originally thought you were talking about the latter, but now I'm not
 sure. If it's actually the former, I've got no disagreement with you.

 Given that anyone can edit without making their IP public simply by
 registering a pseudonym and logging in, and given that many new editors
 might not be aware of the implications of revealing their IP (if they're
 editing from a static address at work, for instance), it seems to me that
 the easiest solution - and one which I think would cause absolutely zero
 astonishment in the minds of new users - would simply be to require users
 to register a pseudonym and log in in order to edit.

 But if you're concerned about the effect that this would have on casual
 drive-by fixes and improvements by people who aren't invested enough in
 the project to register, then sure, encrypt or hash the IP address before
 displaying it publicly. I don't think randomizing it on every edit would be
 a good idea, because I think it's important to be able to tell whether a
 succession of edits were from the same editor.

 Cheers,
 David...


 On Mon, Mar 30, 2015 at 7:36 AM, Brian J Mingus 
 brian.min...@colorado.edu wrote:

 Wikipedia is set up such that if you don't take the measures mentioned
 in the OP, you are dox'ing yourself. Users are not aware of this.

 On Sun, Mar 29, 2015 at 4:33 PM, David Carson carson63...@gmail.com
 wrote:

 Wikipedia:Free speech (
 http://en.wikipedia.org/wiki/Wikipedia:Free_speech) is probably worth
 a read.

 http://en.wikipedia.org/wiki/Wikipedia:Free_speech

 It's not directly about privacy but I think it clearly covers the
 ground that Wikipedia is a project to create an online encyclopedia, not an
 experiment in radical free speech. The system is set up to facilitate that
 goal.

 If you think that recording IP addresses is invasive, then you should
 probably be publishing your content on your own website, not Wikipedia.

 Cheers,
 David...


 On Mon, Mar 30, 2015 at 5:10 AM, Brian J Mingus 
 brian.min...@colorado.edu wrote:

 In general people do not read privacy policies, nor do they understand
 what
 IP addresses are or what you can do with them.

 But if you recall, I simply stated that recording IP addresses is
 invasive.
 And it is.

 This is especially true when you know that your recordings are
 faciliating
 the active de-anonymization of people who are editing Wikipedia. Not
 just
 de-anonymization, but often public shaming.

 For WMF, the principle of neutrality clearly trumps the principles of
 privacy and free speech. For the NSA, substitute security for
 neutrality.
 It's hypocritical.

 Luckily, it's easy to fix. Just stuff the ip fields with random
 numbers and
 deal with the fallout. Stop tracking people.



 On Sun, Mar 29, 2015 at 2:02 PM, Oliver Keyes oke...@wikimedia.org
 wrote:

  In order:
 
  1. Yes, the WMF is suing the NSA. There are a few threads/blog posts
  about this people here can point you to.
  2. Brian: The NSA needs to store data without the permission or
  consent of the people generating it, sometimes through forcible
  interception, decryption and the introduction and maintenance of
  software exploits that allow them to do this but also allow any other
  reasonably technical nation or non-nation actor who is paying
  attention to exploit the same vulnerability, keeping this data for an
  indefinite period, with very little legal or political oversight, in
  order to stop terrorism, where very little evidence exists that this
  has helped in any way.
 
  The WMF needs to store data for a 90 day period, which is explicitly
  set down in a privacy policy that is transparent, human-readable,
  linked from every edit interface, written with the involvement of the
  people whose data is being stored, administered by a committee of
  people who come from this population of editors, and explicitly sets
  out what the data may or may not be used for, even within the
  Wikimedia Foundation, in order to stop vandalism, where multiple
  scientific studies have validated the hypothesis that 

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Brian J Mingus]

Just like the Netflix Prize, knowing which topics an entity is interested
in, and having access to text they have written, is, in many cases, enough
information to reveal who that person is, where they live, etc. You just
plug the data into Google and correlate away.

On Sun, Mar 29, 2015 at 7:19 PM, David Carson carson63...@gmail.com wrote:

 Hi Brian,

 I'm still not entirely clear on your complaint. Are you talking about
 Wikimedia (not random users, nor Wikipedia Administrators) having access to
 IP addresses from system logs? Or something else? What does The IP address
 is helpful, but not necessary mean?

 Cheers,
 David...

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[James Alexander]

The idea of the IP being more private in the history/ public logs (for
example a unique hash so that you know it's an IP but not where/what IP
) is one that I know has been discussed and is desired by a good number
within the foundation including within legal. I'll try to look for the
phabricator task about it tomorrow. I think that's something that is likely
to happen, it isn't easy though and requires a fair number of resources to
be pointed at it to get it done so it's a question of priorities and
convincing those who decide those things that it should be higher. I
believe it's something, privacy wise, that legal would really like.

I think it is unlikely in the short to medium term, however, to get rid of
the IPs in the backend (in server logs and in the checkuser system for
example) because the replacements just aren't there. I've spent a good
amount of time thinking of a way to make the checkuser system as usable as
necessary without revealing IPs for example (including a consultant who
looked a lot but didn't really come up with anything we didn't know
already). I think it's doable, but it would be a very difficult and long
design process and I think it's unlikely in the near future.

James Alexander
Community Advocacy
Wikimedia Foundation
(415) 839-6885 x6716 @jamesofur

On Fri, Mar 27, 2015 at 10:17 PM, Kyanos someanon...@gmail.com wrote:

 I don't believe a different license is needed. CC licenses can be used for
 anonymous works: The author is not given and does not have to be credited,
 but everything else (attribution of the work and share-alike) would stay
 the same. So a change in the terms of use to the effect of, Unregistered
 edits are considered to have no named author, would be sufficient.

 Kyanos

 On 03/27/2015 06:41 AM, WereSpielChequers wrote:

 Perhaps we should move to a different licensing model for future IP
 edits. CC0 for IP edits would be a more sensible license for edits by an IP
 where in many cases no-one could attribute the edit to the individual who
 made it. If people don't want to release their edits as CC0 they can always
 create an account.

 Regards

 Jonathan Cardy


  On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote:

 It's actually required so as to provide attribution as per the Creative
 Commons and other licenses we operate under.

 Sent from my Droid 4
 Elias Friedman A.S., CCEMT-P
 אליהו מתתיהו בן צבי
 elipo...@gmail.com
 יְהִי אוֹר


 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Brian J Mingus]

A very precise timestamp would seem to suffice for attribution. Anyone
caring to prove they wrote something could take a video of them making the
edit, thus confirming the timestamp is them.

On Fri, Mar 27, 2015 at 6:28 AM, Elias Friedman elipo...@gmail.com wrote:

 It's actually required so as to provide attribution as per the Creative
 Commons and other licenses we operate under.

 Sent from my Droid 4
 Elias Friedman A.S., CCEMT-P
 אליהו מתתיהו בן צבי
 elipo...@gmail.com
 יְהִי אוֹר
 On Mar 27, 2015 4:15 AM, Francesco Ariis fa...@ariis.it wrote:

  On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
   I think it's rather curious that edits to Wikipedia aren't private. Why
  log
   the IP address? Why log anything? It's invasive.
 
  I guess it's a sensible choice against abuse (vandalism) while still
  allowing non registered users editing rights
 
 
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l
 
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Brian J Mingus]

I don't see a need to change the copyright. Just switch from the IP address
to something that doesn't allow you to personally identify the user, but
allows the user to claim ownership over the post if they want to, by
recording some bit of information. I think a cryptographer could design a
nice scheme here. This scheme should be such that neither WMF nor the
public can identify the editor, but the editor can prove that they are the
one who wrote the post.

On Fri, Mar 27, 2015 at 9:59 AM, Elias Friedman elipo...@gmail.com wrote:

 Nice on paper, but the wiki-drama from the switch from GFDL was bad
 enough for me.

 Sent from my Droid 4
 Elias Friedman A.S., CCEMT-P
 אליהו מתתיהו בן צבי
 elipo...@gmail.com
 יְהִי אוֹר
 On Mar 27, 2015 9:41 AM, WereSpielChequers werespielchequ...@gmail.com
 wrote:

  Perhaps we should move to a different licensing model for future IP
 edits.
  CC0 for IP edits would be a more sensible license for edits by an IP
 where
  in many cases no-one could attribute the edit to the individual who made
  it. If people don't want to release their edits as CC0 they can always
  create an account.
 
  Regards
 
  Jonathan Cardy
 
 
   On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote:
  
   It's actually required so as to provide attribution as per the Creative
   Commons and other licenses we operate under.
  
   Sent from my Droid 4
   Elias Friedman A.S., CCEMT-P
   אליהו מתתיהו בן צבי
   elipo...@gmail.com
   יְהִי אוֹר
   On Mar 27, 2015 4:15 AM, Francesco Ariis fa...@ariis.it wrote:
  
   On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
   I think it's rather curious that edits to Wikipedia aren't private.
 Why
   log
   the IP address? Why log anything? It's invasive.
  
   I guess it's a sensible choice against abuse (vandalism) while still
   allowing non registered users editing rights
  
  
   ___
   WikiEN-l mailing list
   WikiEN-l@lists.wikimedia.org
   To unsubscribe from this mailing list, visit:
   https://lists.wikimedia.org/mailman/listinfo/wikien-l
   ___
   WikiEN-l mailing list
   WikiEN-l@lists.wikimedia.org
   To unsubscribe from this mailing list, visit:
   https://lists.wikimedia.org/mailman/listinfo/wikien-l
 
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l
 
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Brian J Mingus]

It has worked up to now, but I'm thinking that, especially given Wikimedia
is suing the NSA, it is no longer justifiable. If the NSA can't track
citizens, Wikimedia shouldn't be tracking them either. Seems simple :)

On Thu, Mar 26, 2015 at 2:56 PM, Francesco Ariis fa...@ariis.it wrote:

 On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
  I think it's rather curious that edits to Wikipedia aren't private. Why
 log
  the IP address? Why log anything? It's invasive.

 I guess it's a sensible choice against abuse (vandalism) while still
 allowing non registered users editing rights


 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Kyanos]

I don't believe a different license is needed. CC licenses can be used 
for anonymous works: The author is not given and does not have to be 
credited, but everything else (attribution of the work and share-alike) 
would stay the same. So a change in the terms of use to the effect of, 
Unregistered edits are considered to have no named author, would be 
sufficient.


Kyanos

On 03/27/2015 06:41 AM, WereSpielChequers wrote:

Perhaps we should move to a different licensing model for future IP edits. CC0 
for IP edits would be a more sensible license for edits by an IP where in many 
cases no-one could attribute the edit to the individual who made it. If people 
don't want to release their edits as CC0 they can always create an account.

Regards

Jonathan Cardy



On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote:

It's actually required so as to provide attribution as per the Creative
Commons and other licenses we operate under.

Sent from my Droid 4
Elias Friedman A.S., CCEMT-P
אליהו מתתיהו בן צבי
elipo...@gmail.com
יְהִי אוֹר



___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Elias Friedman]

It's actually required so as to provide attribution as per the Creative
Commons and other licenses we operate under.

Sent from my Droid 4
Elias Friedman A.S., CCEMT-P
אליהו מתתיהו בן צבי
elipo...@gmail.com
יְהִי אוֹר
On Mar 27, 2015 4:15 AM, Francesco Ariis fa...@ariis.it wrote:

 On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
  I think it's rather curious that edits to Wikipedia aren't private. Why
 log
  the IP address? Why log anything? It's invasive.

 I guess it's a sensible choice against abuse (vandalism) while still
 allowing non registered users editing rights


 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Francesco Ariis]

On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
 I think it's rather curious that edits to Wikipedia aren't private. Why log
 the IP address? Why log anything? It's invasive.

I guess it's a sensible choice against abuse (vandalism) while still
allowing non registered users editing rights


___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[WereSpielChequers]

Perhaps we should move to a different licensing model for future IP edits. CC0 
for IP edits would be a more sensible license for edits by an IP where in many 
cases no-one could attribute the edit to the individual who made it. If people 
don't want to release their edits as CC0 they can always create an account.

Regards

Jonathan Cardy


 On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote:
 
 It's actually required so as to provide attribution as per the Creative
 Commons and other licenses we operate under.
 
 Sent from my Droid 4
 Elias Friedman A.S., CCEMT-P
 אליהו מתתיהו בן צבי
 elipo...@gmail.com
 יְהִי אוֹר
 On Mar 27, 2015 4:15 AM, Francesco Ariis fa...@ariis.it wrote:
 
 On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
 I think it's rather curious that edits to Wikipedia aren't private. Why
 log
 the IP address? Why log anything? It's invasive.
 
 I guess it's a sensible choice against abuse (vandalism) while still
 allowing non registered users editing rights
 
 
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Elias Friedman]

Nice on paper, but the wiki-drama from the switch from GFDL was bad
enough for me.

Sent from my Droid 4
Elias Friedman A.S., CCEMT-P
אליהו מתתיהו בן צבי
elipo...@gmail.com
יְהִי אוֹר
On Mar 27, 2015 9:41 AM, WereSpielChequers werespielchequ...@gmail.com
wrote:

 Perhaps we should move to a different licensing model for future IP edits.
 CC0 for IP edits would be a more sensible license for edits by an IP where
 in many cases no-one could attribute the edit to the individual who made
 it. If people don't want to release their edits as CC0 they can always
 create an account.

 Regards

 Jonathan Cardy


  On 27 Mar 2015, at 10:28, Elias Friedman elipo...@gmail.com wrote:
 
  It's actually required so as to provide attribution as per the Creative
  Commons and other licenses we operate under.
 
  Sent from my Droid 4
  Elias Friedman A.S., CCEMT-P
  אליהו מתתיהו בן צבי
  elipo...@gmail.com
  יְהִי אוֹר
  On Mar 27, 2015 4:15 AM, Francesco Ariis fa...@ariis.it wrote:
 
  On Wed, Mar 25, 2015 at 01:19:35PM -0400, Brian J Mingus wrote:
  I think it's rather curious that edits to Wikipedia aren't private. Why
  log
  the IP address? Why log anything? It's invasive.
 
  I guess it's a sensible choice against abuse (vandalism) while still
  allowing non registered users editing rights
 
 
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l
  ___
  WikiEN-l mailing list
  WikiEN-l@lists.wikimedia.org
  To unsubscribe from this mailing list, visit:
  https://lists.wikimedia.org/mailman/listinfo/wikien-l

 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Oliver Keyes]

I'm not seeing a reference to IP addresses in this thread or the
associated research page (my ctrl-f-fu may just be weak, though): as
to why IPs are logged server-side, well, checkuser is a useful tool
and that's how rangeblocks work.

On 25 March 2015 at 13:19, Brian J Mingus brian.min...@colorado.edu wrote:
 I think it's rather curious that edits to Wikipedia aren't private. Why log
 the IP address? Why log anything? It's invasive.

 On Wed, Mar 25, 2015 at 12:53 PM, Andrea Forte andrea.fo...@gmail.com
 wrote:

 Hi all,


 I'm representing a team of researchers from Drexel University who are
 researching privacy practices among Wikipedia editors. If you have ever
 thought about your privacy when editing Wikipedia or taken steps to protect
 your privacy when you edit, we’d like to learn from you about it.


 The study is titled “Privacy, Anonymity, and Peer Production.” Details can
 be found on meta where the project was discussed before beginning
 recruitment here: (
 https://meta.wikimedia.org/wiki/Research:Anonymity_and_Peer_Production).


 If you would like to help us out, you need to read and complete the online
 consent form linked here and we will get in contact with you:
 http://andreaforte.net/wp.html.


 We are planning to conduct interviews that will last anywhere from 30-90
 minutes (depending on how much you have to say) by phone or Skype and we
 can offer you $20 for your time, but you do not need to accept payment to
 participate.


 I have been researching Wikipedia since 2004 and have conducted many
 studies, most of which have resulted in papers that you can find here:
 http://andreaforte.net.


 Thanks for considering it, please contact me if you have questions!


 Andrea Forte

 http://en.wikipedia.org/wiki/User:Andicat



 and

 Rachel Greenstadt

 Nazanin Andalibi
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l



-- 
Oliver Keyes
Research Analyst
Wikimedia Foundation

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

Re: [WikiEN-l] Privacy Study Looking for Volunteers

[Brian J Mingus]

I think it's rather curious that edits to Wikipedia aren't private. Why log
the IP address? Why log anything? It's invasive.

On Wed, Mar 25, 2015 at 12:53 PM, Andrea Forte andrea.fo...@gmail.com
wrote:

 Hi all,


 I'm representing a team of researchers from Drexel University who are
 researching privacy practices among Wikipedia editors. If you have ever
 thought about your privacy when editing Wikipedia or taken steps to protect
 your privacy when you edit, we’d like to learn from you about it.


 The study is titled “Privacy, Anonymity, and Peer Production.” Details can
 be found on meta where the project was discussed before beginning
 recruitment here: (
 https://meta.wikimedia.org/wiki/Research:Anonymity_and_Peer_Production).


 If you would like to help us out, you need to read and complete the online
 consent form linked here and we will get in contact with you:
 http://andreaforte.net/wp.html.


 We are planning to conduct interviews that will last anywhere from 30-90
 minutes (depending on how much you have to say) by phone or Skype and we
 can offer you $20 for your time, but you do not need to accept payment to
 participate.


 I have been researching Wikipedia since 2004 and have conducted many
 studies, most of which have resulted in papers that you can find here:
 http://andreaforte.net.


 Thanks for considering it, please contact me if you have questions!


 Andrea Forte

 http://en.wikipedia.org/wiki/User:Andicat



 and

 Rachel Greenstadt

 Nazanin Andalibi
 ___
 WikiEN-l mailing list
 WikiEN-l@lists.wikimedia.org
 To unsubscribe from this mailing list, visit:
 https://lists.wikimedia.org/mailman/listinfo/wikien-l

___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l

[WikiEN-l] Privacy Study Looking for Volunteers

[Andrea Forte]

Hi all,


I'm representing a team of researchers from Drexel University who are
researching privacy practices among Wikipedia editors. If you have ever
thought about your privacy when editing Wikipedia or taken steps to protect
your privacy when you edit, we’d like to learn from you about it.


The study is titled “Privacy, Anonymity, and Peer Production.” Details can
be found on meta where the project was discussed before beginning
recruitment here: (
https://meta.wikimedia.org/wiki/Research:Anonymity_and_Peer_Production).


If you would like to help us out, you need to read and complete the online
consent form linked here and we will get in contact with you:
http://andreaforte.net/wp.html.


We are planning to conduct interviews that will last anywhere from 30-90
minutes (depending on how much you have to say) by phone or Skype and we
can offer you $20 for your time, but you do not need to accept payment to
participate.


I have been researching Wikipedia since 2004 and have conducted many
studies, most of which have resulted in papers that you can find here:
http://andreaforte.net.


Thanks for considering it, please contact me if you have questions!


Andrea Forte

http://en.wikipedia.org/wiki/User:Andicat



and

Rachel Greenstadt

Nazanin Andalibi
___
WikiEN-l mailing list
WikiEN-l@lists.wikimedia.org
To unsubscribe from this mailing list, visit:
https://lists.wikimedia.org/mailman/listinfo/wikien-l