Here are questions pertaining to policies. I am glad to have the
opportunity to step back and consider these over the long term:
1. When interpreting the neutrality mandate with regards to candidates, but
policy implies support of specific candidates or candidate-associated
action, how are we supposed to report that?
2. What is the standard for determining whether reasons to keep logs (i.e.,
ops, research, and possibly unknown other needs) when compared to the
possible implications of reader privacy requirements?
3. If staff suggests there is no time to research reasons to keep logs, let
alone comparison to the likely implications of reader privacy violations,
how are we supposed to report that?
4. What happened to the Chief Privacy Officer position?
5. Does ops need records of articles, or just lists of accessing
6. Is there a "hash/rotating salt/pepper" technique which will fulfill
7. Does including the log proxy information with the IP address prevent
cryptographic hash guess reversals?
8. To what extent are ALA's Privacy standards pertinent:
I am not advocating eliminating IP address retention from editors' edits
(please see Brion Vibber's earlier proposal on this list this month.)
Wikimedia-l mailing list, guidelines at:
New messages to: Wikimediafirstname.lastname@example.org