Hi again Luis,

Thank you for commenting my open letter to Lila. I guess if I send an open 
letter I should expect open responses, however I surely hope Lila will speak on 
the matter, "yea," "nay," or "not of concern to me," as I asked.

Yes, I recall your previous response to my previous email (which was actually 
larger in scope, criticizing the now-effective overall privacy policy, whereas 
I now focus on the access-to-non-public information sub-policy, not yet in 
effect). In it you said the policies would never attain "perfection." Below you 
assert "there is no magical answer." These are examples of thought-terminating 
cliches. Presented with reasoned criticism of the policies, you attempt to stop 
discussion by saying they can never be perfect or magical. To give you credit, 
a lot of times thought-terminating cliches are effective in debate with 

I'm going to go ahead and answer your "perhaps when we next look at the 
question in a few years" with the obvious observation that the procedures the 
policy lays out now are going to affect contributors mightily within the next 
few years. The access policy is not effective yet and can still be amended. So 
I'm going to resist your kicking the can down the road a few years.

Now, to dig into the actual merits of what you say, I respond that these 
policies were not "discussed extensively with the community." You obtained 
input almost exclusively from the *administrative subset* of the community, and 
none no more so than the individuals that currently have or stand to obtain the 
accesses in question. Should we be surprised that they prefer anonymity for 
themselves, as they explore the IPs and browser signatures and so on of the 
rank and file content editors? No. "The community" according to Lila is *all* 
the editors, a mere fraction (though powerful) of which are the insider and 
involved administrative types that commented on the policy drafts. I'm 
confident you'll agree that this distinction is more or less accurate, that in 
fact it is the administrative participants particularly that tend to comment 
this stuff, and not so much representatives of the great masses of content 
editors that actually built Wikipedia. Please do not gloss over this 
distinction in the future when claiming immense "community" participation. I'm 
not saying it's your fault that the discussion wasn't representative though. 
I'm just saying that's how it is.   

Neither am I faulting, or at least I shouldn't fault, anything about Michelle 
Paulson's hard work on the matter. I think the bad decision to accord anonymity 
to the checkusers and so forth was made higher up. In fact it's interesting to 
look back in the discussion to see what she said: "1) We do not believe that 
the current practices regarding collection and retention of community member 
identification are in compliance with the Board’s current Access to nonpublic 
data policy and hoped to bring the policy and practices closer to fulfilling 
the original intent of the policy" 
 What she's saying is that WMF Legal became uncomfortable with the fact that 
what the responsible individuals were doing with the identifications 
(shredding, deleting) was at odds with what the policy clearly stated to 
editors was the case (identifying). Faced with this problem, there were two 
ways to go: 1) change the practice to conform with the policy (i.e. start 
securely keeping the identifications), or 2) change the policy to conform to 
the practice (i.e. grant anonymity to those granted access to non-anonymous 
information of others). What I am saying here, and if Lila is reading this far, 
is that you chose the wrong option.

This email is already long, and I am not going to start commenting again why I 
think the administrative culture has attracted exactly the wrong kind of 
people, cyber-bullies, MMORPG players, creepers, and that this change to the 
policy is going to magnify that. I guess I'll just close by saying that it is 
not that hard to buy a secure file cabinet for the identification faxes and, 
say, the removable hard-drive containing the identification emails. There 
aren't all that great many checkusers and oversighters and OTRS volunteers and 
so forth, and they're not being added that fast. The existing ones can be 
accounted for in stages. So these "practical difficulties" you refer to Luis, I 
don't see them as so severe. As for the "risks to volunteers" what are you 
saying? Are you saying the WMF cannot securely keep some copies of 
identifications? The real volunteers at risk are those rank and file editors 
you propose to expose to a group of anonymous and unaccountable administrative 

Trillium Corsage    

27.06.2014, 01:48, "Luis Villa" <lvi...@wikimedia.org>:
> Hi, Trillium-
> As I pointed out to you the last time we discussed the privacy
> policy[1], this issue (and the rest of the policy) were discussed
> extensively with the community, with the board, and with the previous
> Executive Director. It was then approved by the Board.
> This particular topic was discussed particularly thoroughly, with a
> separate consultation and additional discussion with the Board. We did
> all that because, as we said in our blog post on the topic[2], this
> was a tough question that required everyone involved to balance
> difficult privacy concerns with the risks and practical difficulties
> of identifying volunteers. There was no magical answer that could
> please everyone, despite sincere efforts to find creative solutions
> informed by several years of experience building and operating the
> previous policy.
> Since we made that post (and since the Board approved the decision)
> nothing has changed. The factors being balanced are still difficult,
> and Legal would still come down the same way we did in February (when
> we finished the public consultation) and April (when we presented our
> recommendation to the Board).
> Perhaps when we next look at the question in a few years the facts
> will have substantially changed and it will make sense to revisit this
> decision and tighten the requirements. But right now, within months of
> board approval after a lot of discussion, is not that time.
> For what it is worth-
> Luis
> [1] https://www.mail-archive.com/wikimedia-l@lists.wikimedia.org/msg12552.htm
> [2] 
> http://blog.wikimedia.org/2014/02/14/a-new-access-to-nonpublic-information/
> P.S. Tangentially, and speaking mostly for myself, I want to thank the
> many Wikimedians I've talked with in the past ~18 months who have been
> patient and supportive as we try our best to talk with you, weigh
> costs and benefits with you, and make difficult decisions - not just
> about privacy but also about many other things large and small. We'd
> love to be perfect, have infinite time and infinite resources and
> infinite patience, or no hard problems. Since we don't, we have to
> just try our best. I'm grateful for and deeply appreciate all the
> people who understand that and have worked with us in patient good
> faith to move ahead the mission we all share. Corny, I know, but true.
> :)
> On Thu, Jun 26, 2014 at 9:06 AM, Trillium Corsage
> <trillium2...@yandex.com> wrote:
>>  Dear Ms. Tretikov,
>>  Would you please speak on the new revision of the "Access to Non-Public 
>> Information" policy? Can you express your objection to it? Can you express 
>> your support of it? You'll find it here:
>>  http://meta.wikimedia.org/wiki/Access_to_nonpublic_information_policy
>>  This governs the conditions by which the WMF grants access to potentially 
>> personally-identifying data such as IPs and web-browser profiles of 
>> Wikipedia editors. It grants these to particular administrative 
>> participants, for example checkusers and oversighters and arbitrators, of 
>> the various "communities," for example the Wikipedias of various languages.
>>  Under the terms of the prior access policy, those administrative 
>> participants were required to send a fax or scanned copy of an 
>> identification document. Editors were led to believe that the WMF kept 
>> record of who these people actually were. It was repeatedly claimed that 
>> they had "identified to WMF." This soothed the concerns of editors like me 
>> that thought, okay, well at least someone knows who they are. The truth was 
>> that a WMF employee marked a chart of usernames only that the administrative 
>> participant's ID showed someone 18 or over, and then shredded or otherwise 
>> destroyed those records. The phrase that so-and-so "has identified to WMF" 
>> or "is identified to WMF" was so commonly stated, including by the WMF, that 
>> I regard it as a great deception and betrayal that it really was shredding 
>> and destroying the identifications.
>>  The new policy is even worse. It abandons the mere pretense of an 
>> identification. So while it goes the wrong direction, at least it ceases to 
>> deceive. All it calls for now is an email address, an assertion that the 
>> person is 18 or over, and an assertion that the owner of the email account 
>> has read a short confidentiality agreement. The person need not provide a 
>> real name. You are well aware that various web-email services offer 
>> basically untraceable email addresses. You are well aware that only a named 
>> person can enter into agreement on confidentiality. An agreement by a 
>> Wikipedia username with an untraceable email address is not only 
>> unenforceable, it is a ludicrous proposition.
>>  The webpage says the policy is not in effect yet. I urge you to reject it 
>> as written and instead have it amended to actually require identification 
>> for those faceless entities you prepare to turn loose with potentially 
>> cyberstalker tools.
>>  Whatever your stance, I do call on you to speak on the question. Say "yea," 
>> say "nay," or say "not my concern," but at least speak.
>>  Trillium Corsage
>>  _______________________________________________
>>  Wikimedia-l mailing list, guidelines at: 
>> https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
>>  Wikimedia-l@lists.wikimedia.org
>>  Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 
>> <mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe>
> --
> Luis Villa
> Deputy General Counsel
> Wikimedia Foundation
> 415.839.6885 ext. 6810
> This message may be confidential or legally privileged. If you have
> received it by accident, please delete it and let us know about the
> mistake. As an attorney for the Wikimedia Foundation, for
> legal/ethical reasons I cannot give legal advice to, or serve as a
> lawyer for, community members, volunteers, or staff members in their
> personal capacity. For more on what this means, please see our legal
> disclaimer.
> _______________________________________________
> Wikimedia-l mailing list, guidelines at: 
> https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
> Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 
> <mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe>
Wikimedia-l mailing list, guidelines at: 
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Reply via email to