Hi all, At this week's ArchCom Office hour, we'd like to help the WMF Legal team ensure our software development practices don't accidentally cause us to enable all sorts of creepy surveillance because a naive developer adds it. The challenge, of course, is when the royal "we" accidentally add something, and then we deploy it (because that's a pretty routine thing these days). Sometimes, no amount of begging "NO WAIT, WE DIDN'T *MEAN* TO DO THAT" (no matter how sincere) can undo the damage done. Wikimedia seems to have a pretty good reputation in the grand scheme of things, but maintaining that reputation is going to take a lot of vigilance.
Zhou Zhou filed an RFC about this: <https://phabricator.wikimedia.org/T145472> <https://www.mediawiki.org/wiki/Requests_for_comment/Survey_Cookies/Local_Storage_on_Wikimedia> ...which seems like a good topic for our Wednesday meeting[1]. Zhou is hoping to figure out how to build the alerts necessary to understand when some new form of tracking is created. I'm guessing there's lots of automated and semi-automated monitoring that we could create to make keeping track of new cookie uses easier; let's talk about what's realistic, what WMF needs to invest in directly, and how our wider community of developers can chip in. Our meeting is at its usual time (Wednesday 21 UTC, 14 PDT, 23 CEST) and place (#wikimedia-office). Rob p.s. Obligatory reminder about ArchComStatus page[2] [1]: <https://phabricator.wikimedia.org/E316> [2]: <https://www.mediawiki.org/wiki/ArchComStatus> _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l