Hi, On 05.05.2017 11:01, Christoph Hormann wrote: > ... or use some rouge open instance running anonymiously somewhere.
I am aware that no matter what we do there will always be "rogue" uses of our data. Therefore making all contributors aware of what they are releasing about themselves and how it could be used against them remains important no matter what we do. (And we have to find ways to do that without sounding alarmist.) In fact, we have a similar situation with our license: We spent countless years debating and then changed our license to what we thought was best. We all know that we cannot keep a rogue user from ignoring our license - but at least we can define what we want to allow. I am expecting the same for the sensitive user data. We will never be able to ensure that the data is not used against the wishes of the users - but we can ensure that those who do this are in clear violation of our terms and hence "bad guys". Just to pick a random example: Today, if you are looking for a job and you're being interviewed by a potential employer, the potential employer could say: "I can see from OpenStreetMap that you've been editing a lot during the day in your last job. Did you not have any work to do?" - and the employer would not even be "wrong". Harvesting the full history file for totally OSM unrelated information like that is not against any of our rules; it might be against the law in some countries but certainly not in others. If you publicly complained about what happened to you, it is very likely that there will be many people like in this thread who will say "duh, you idiot why didn't you use a pseudonym, didn't you read what you signed up for, lah lah lah". I would like to come to a point where, if this happened to you in a job interview, you could afterwards point to an OSM policy and say: Clearly this company has violated OSM rules, they must have created an account under false pretenses to get at this data and they're using it for purposes not sanctioned by OSM. That won't make you get the job, but it would at least make clear that we stand with our contributors against abuse of their data. (If that hasn't become clear already, I am of the opinion that the current contributor terms don't necessarily mean that the contributor asks OSMF to distribute their *metadata* under ODbL - I think it just applies to the *geodata*, and if we wanted we could slap restrictions on the *metadata* part of things.) > For a balanced discussion - and i am not saying i would actually prefer > this approach to what you are suggesting - the whole problem could also > be approached from the other side by reconsidering the possibility for > partly anonymous edits. Yes. I think both approaches could be grouped under "restricted access to personal information", and there will probably be still other approaches with their own advantages and disadvantages. , and I would even assume that "restricted access to personal information" and " >> Hence, >> anyone with an OSM account could make such an animated progress map, >> and it could be shown to anyone with an OSM account. Only if you want >> to distribute it outside of OSM you'd either have to >> remove/pseudonymize the user names [...] > > That part is really tricky, you'd have to be very specific on what kind > of aggregation is necessary to make the data ok to be published. > Obviously just replacing each user name with user<hash_value> is not > going to cut it. Without clear rules here anyone who publishes > anything based on such data would be in a legal mine field. Yes; even today if a person uses a nickname with OSM and not their real name, I think it would in many cases be easy to make the case that it is very easy to de-pseudonymize the person. Currently when someone asks us to delete their account we simply replace their user name with user_1234 (their numeric user id); it is quite possible that this is totally insufficient at least in countries with strong data protection laws such as the UK because the person can still be identified and connected to all their edits. Bye Frederik -- Frederik Ramm ## eMail [email protected] ## N49°00'09" E008°23'33" _______________________________________________ talk mailing list [email protected] https://lists.openstreetmap.org/listinfo/talk
