On 13 June 2012 15:06, Nathan <nawr...@gmail.com> wrote:

> On Wed, Jun 13, 2012 at 2:42 PM, Risker <risker...@gmail.com> wrote:
> >
> > I think perhaps I was not clear in what I meant by "nefarious" purposes.
> > The IP addresses in our contribution logs have been used by others to
> > locate editors, to make allegations against individuals and organizations
> > because their IP address showed up in those logs, and so on. It is a key
> > reason why "accidentally editing logged out" is one of the top reasons
> for
> > suppression requests, because it can provide a non-negligible amount of
> > information about the user.
> >
> I think I understood what you meant by nefarious, but regardless of the
> definition, the point remains: unless you restrict any IP-related data to
> administrators and/or CUs, the type of masking FT2 described is ineffective
> at improving privacy.
> I would put to you that, actually, our publishing of full IP addresses of
> > our logged-out contributors is a very significant privacy issue. There is
> > no other top-10 website that publishes this information; in fact, the
> > number of websites that attributes contributions to specific (often
> > traceable) IP addresses is minuscule.  The only rationale that has ever
> > been given for publishing of IP addresses is for the purpose of edit
> > attribution.  That can be done any number of other ways.
> >
> > Risker
> >
> >
> I have to disagree for several reasons. First, while you are correct that
> no other top 10 website publishes IP information of users, that is in no
> small part a byproduct of how different Wikipedia is from the other 9.
> Without belaboring the point too much, search engines and passive viewing
> sites don't publish user information at all in any format, and commercial
> social networks have a wholly different set of interests than do Wikimedia
> projects.  Second, more complete anonymity is and has always been available
> to any editor; while the primary and original purpose of an IP address in
> edit history is attribution, it has long been put to many other beneficial
> uses. Given that we've had a stable approach to IP addresses for 10 years,
> and no rush of demand to change the paradigm, it makes sense to balance the
> public benefit nature of the projects against the reasonable privacy needs
> (on which we all generally agree). We should discuss that balance rather
> than just assume that more perfect privacy is worth significantly less
> transparency.

The original Wikipedia platform (lo those long years ago) published only
partial IP addresses.  Today, "significantly less transparency" seems to
mean "create an acccount" to many people. However, that is antithetical to
the "anyone can edit" principle on which our projects are based.  "Anyone
can edit, as long as they don't mind that everyone in the world will know
where they're from, what ISP they use, and possibly even the physical
location from which they are editing and what equipment they're using to do
so,  unless they create an account" is what it has become.

We want the edits. We don't need to know the rest, and never have. If we
needed to know that information, we would have decided not to permit
account-based editing in the first place.  There's no template at the
bottom of the talk pages of editors with accounts that allows
identification and geolocation of their IP.  If it's useful for logged-out
editors, it is just as useful for logged-in ones, according to the
"transparency" logic.

One of the reasons that many of us were taken by surprise with the sudden
appearance of the IPv6 change was that this very discussion could have
taken place beforehand, and would have guided the Engineering team in their
progress.  I for one have long been concerned about the use of IP addresses
to attribute edits, but that may be because I'm one of the few people who
winds up suppressing those that happen accidentally to account holders.
It's a discussion we need to have, though.

Wikimedia-l mailing list
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l

Reply via email to