https://bugzilla.wikimedia.org/show_bug.cgi?id=58196

--- Comment #19 from Liangent <liang...@gmail.com> ---
(In reply to Luis Villa (WMF Legal) from comment #18)
> (In reply to Krinkle from comment #17)
> > So if I understand correctly, the whitelist of properties you approved in
> > comment 12 are in fact allowed for identifiable queries (e.g. with
> > user_id/user name attached to it), as opposed to the anonymized view.
> 
> Yes, that is correct, for those categories. 
> 
> As far as implementation, we'll want to review new fields as they are added,
> which is why I prefer a whitelist approach (review what is released; hard to
> accidentally release data accidentally) to a blacklist approach (review what
> is not released; easy to release data accidentally by not adding it to the
> blacklist).
> 
> > And when you say "OK in principle" for the anonymized view, that means all
> > properties?
> 
> Yes, based on my understanding that they are already available on toolserver
> in user_properties_anonym and/or via the API. If they aren't already public
> (via API or toolserver) we should probably review one-by-one, and/or do a
> more careful scrutiny of the anonymization procedures. Maybe that deserves a
> separate bug?

anonym on Toolserver is also whitelist based. I don't have access to the
original list ts_global.user_properties_anonym_whilelist, but it's possible to
sniff it with select distinct up_property from user_properties_anonym; (a slow
query).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

Reply via email to