Dario, I assumed that when an affiliated researcher apart from Foundation staff says, "we have the complete server logs for Wikipedia," amounting to 17 terabytes per month, that means they possess the information. I am glad to be wrong about that, but I object to the implication that such an assumption based on the plain language of the statement could possibly be made in bad faith.
> the terms of our formal collaborations > https://www.mediawiki.org/wiki/Wikimedia_Research/Formal_collaborations > prohibit the sharing of any raw data containing PII (such as > webrequest logs) outside of WMF operated servers, There is nothing on that page which suggests that prohibition. > as well as the retention of any such data past our data retention > period https://meta.wikimedia.org/wiki/Data_retention_guidelines That page says, "Information (including personal information) collected through participation in a survey or other research conducted by the Wikimedia Foundation will be retained indefinitely for educational, development, or other related purposes, unless otherwise indicated in the privacy policy or statement of such survey or research." https://meta.wikimedia.org/w/index.php?title=Talk:2016_Strategy/Draft_WMF_Strategy&diff=15467086&oldid=15466763 says that the Foundation's standard research NDAs include an "obligation to return or destroy any copies of confidential information the individual may have upon request by WMF" Does that not imply that such copies are allowed in general? I hope we can move forward to a solution to the general problem. Is there any legitimate research or any other need to save IP addresses associated with HTTP GET web logs to disk prior to creating a secure hash of them? _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe>
