Having managed for long time a huge mass of data of people, I would use a
Latin sentence: "Est modus in rebus"

To protect all data is a Sisiphus work, the same European law
differentiates between most critical data and they put several levels of
attention. The heath data, for instance, have a specific Swiss law to be
used and there is a stronger protection of them.

In the other hand the data like email address, phones, home address are
considered with a low level of priority.

Probably to protect us we should not use Ipad or Iphone or we should not
use free email account, the advantage to use gmail is that it is free, easy
to use and easy to configure in devices.

Every time we discover that our data are not protected in Internet it's
like to discover that green tee protects from cancer and we start to drink
liters of green tee but we definitively reach the maturity that we are full
of green tee and we start to disagree it. It would be better to drink green
tee but using the correct level.

So don't panic (and I am not speaking about this discussion but about those
happening in other wikimedia mailing lists).

I always used gmail for "innocent" content and always used some other
private emails for "reserved content" or to contact my family or my beloved
friends. My gmail's account is easy to reach, it's public and always
available because my goal is to be reachable, so everyone can use hangout
to contact me.

But in the other side I have never received critical data in my gmail. I
invite all people to write them in a specific OTRS queue in order to use
the protection that is present around it or to move in my private emails.

Basically I would say that the email is something that allows people to be
contacted easily and to be checked easily, but there is also the compromise
with the security and the protection of data.

The correct approach is in the middle.

Regards



On Mon, Jun 10, 2013 at 8:22 PM, Emmanuel Engelhart <
emmanuel.engelh...@wikimedia.ch> wrote:

> Hi Manuel
>
> Le 10/06/2013 19:53, Manuel Schneider a écrit :
> > Am 10.06.2013 19:31, schrieb Emmanuel Engelhart:
> >> I propose to invite all concerned users to:
> >> * create a WMCH mailbox for them
> >> * change the target email address to something more acceptable like
> >> email box from the provider or european web mails like GMX.
> >>
> >> Would that be feasible?
> >> Does something speaks against such type of restriction?
> >
> > generally all users who have asked for a WMCH mail address are initially
> > offered an IMAP mailbox and I normally tell people why this is better
> > than a redirect - just out of practical reasons, put ideological / data
> > security aside.
> > Anyway, if it is the whish of the user to get his mail forwarded
> > instead, who am I to deny it?
> >
> > Anything else - any restrictions - should be decided by the board.
> >
> > Just as a summary what we are talking about, after a short look on the
> > mailserver:
> > * 6 redirects to gmail (Google) (1 staff)
> > * 1 redirect to Hotmail (Microsoft) (1 board)
> > * 2 swiss domains whose MX records point to swiss mailservers (both
> board)
> > * 5 addresses redirecting to the WMF
> >
> > To be honest: I understand and agree with your scepticism towards
> > private data flowing through third parties which are bound to make
> > benefit with that data (Google and Hotmail are free, and not because the
> > are philantroph) even withing countries which are known to spy on their
> > citizens. Anyway I am not sure that even if we were sure that our data
> > is being spied at if it was valuable enough to force our volunteers to
> > abandon their primary mail accounts.
> >
> > It is a different situation for the board, even though they are still
> > volunteers they do deal with sensitive data, but that should not
> > normally not be transfered via e-mail anyway.
>
> Your approach of promoting mailboxes vs. redirects makes a lot of sense.
> If we achieve to do that for staff/board, we are on the secure side.
>
> Other email addresses are less critical... but we should keep a vigilant
> eye on that, we are responsible for our data... also if that could
> bother users.
>
> > For the staff it is clear: that can only be a mailbox. So in that one
> > case I am happy you made me aware of a problem. I will talk to that
> person.
> >
> > For myself I try to adopt a sceptic but pragmatic approach: Sometimes I
> > use Google services but only where I have no good replacement (mainly
> > Google spreadsheets) and then only for a temporary usage. I don't want
> > to rely on it. I use it for a certain task, then I store the result
> > elsewhere. Otherwise I use these services - this applies to all kind of
> > Social Networks where we have the same scepticism for a different reason
> > - with data I really and deliberately want to publish. So that data
> > can't be "stolen" or misused anyway.
>
> Great!
>
> Good evening
> Emmanuel
>
> _______________________________________________
> http://wikimedia.ch Wikimedia CH website
> Wikimediach-l mailing list
> https://lists.wikimedia.org/mailman/listinfo/wikimediach-l
>



-- 
Ilario Valdelli
Wikimedia CH
Verein zur Förderung Freien Wissens
Association pour l’avancement des connaissances libre
Associazione per il sostegno alla conoscenza libera
Switzerland - 8008 Zürich
Tel: +41764821371
http://www.wikimedia.ch
_______________________________________________
http://wikimedia.ch Wikimedia CH website
Wikimediach-l mailing list
https://lists.wikimedia.org/mailman/listinfo/wikimediach-l

Antwort per Email an