Legal talk:Data retention guidelines

From Wikimedia Foundation Governance Wiki
Revision as of 00:21, 10 January 2014 by LuisV (WMF) (talk | contribs) (Add a section header for easier reference)

Gender?

The examples list "email and gender in account settings" as examples of non-public data; however the account settings 'gender' property is publicly disclosed by necessity due to its purpose in producing grammatically correct strings.

Is this meant only to treat the combination of the two as private? Otherwise, we're leaking gender-by-username... --brion (talk) 21:24, 9 January 2014 (UTC)[reply]

Someone removed it, so ... :D --brion (talk) 21:41, 9 January 2014 (UTC)[reply]
Michelle did, but her login is apparently still on vacation :) It was removed in response to this remark. —LVilla (WMF) (talk) 21:49, 9 January 2014 (UTC)[reply]

Section 4 (Definition of personal information)

Information you provide us or information we collect from you that could be used to personally identify you. Reads a bit strange. Maybe a full sentence would be better here? Something like "Personal information means information you provide ..." maybe? --თოგო (D) 22:14, 9 January 2014 (UTC)[reply]

Possibilities in case of breaches

Maybe the policy should contain information about a place where users can go if they feel that the policy was breached. --თოგო (D) 22:17, 9 January 2014 (UTC)[reply]

Thank you თოგო for your comment - this makes sense. What if we added this sentence to the last section of the document (“Ongoing handling…”):
If you think that these guidelines have been breached, or if you have questions or comments about compliance with the guidelines, please contact us at privacy@wikimedia.org.
Would that address your concern? Any suggestions on how to improve it? --JVargas (WMF) (talk) 00:14, 10 January 2014 (UTC)[reply]

Who are "we"?

Does this mean WMF? Or does this mean Wikimedia sites in general? --Rschen7754 23:46, 9 January 2014 (UTC)[reply]

Comments from //Shell

  • Introduction
    • "Data is important. It is how we can learn and grow as an organization and a movement..." It's not the only way to learn and grow. Is there a way to rephrase it to say that it's an (important) way to learn and grow?
    • "for the shortest possible time that is consistent with maintenance, understanding, and improving the Wikimedia Sites, and our obligations under applicable U.S. law" This exact text is not (any longer?) in the privacy policy, though two very similar sections are there. You might want to have the two sections actually say the same thing also in the privacy policy.
  • How long do we retain non-public data?
    • "After no more than 90 days..." I had to think twice about what it means. Would it be possible to say "After at most 90 days..."?
    • "Anonymized" What does this mean? Does it mean that it becomes very difficult to associate the data to a specific user, or that it's completely impossible?
    • "Email address in account settings: Indefinitely" Does this mean that if I remove or change my email address, the old address will still be kept? Is that the meaning? Is it desirable? Not sure how to rephrase it to only be about the current email address.
    • "Non-personal information associated with a user account: Collected from user: Indefinitely" While the given examples seem okay, this category seems broad and that's particularly bad since the data is kept indefinitely. The given examples seem okay, since they're almost already public data (first edit, when a user has verified email, and whether the user edits through mobile are public data). E.g. the list of read articles is not public, but could be covered by this category.
    • "Non-personal information associated with a user account: Optionally provided by a user: Logs of terms entered into the site's search box" I realize that "optional" here means that not every WM site visitor must search, but since it's a key part of any wiki it doesn't feel like I "optionally provided" it - I must do it to see the article I'm interested in (ignoring other search engines). No biggie, but feels a bit weird.
    • Do you intend to have most common data in this table, in the form of examples? It would be nice to see a complete list somewhere (though that might be asking too much).
  • Definition of personal information (good job!)
    • I can think of a couple more items to put in (b), though I'm not sure if it's necessary: (current) city, marital status, family ties
  • Exceptions to these guidelines: "Data may be retained in system backups for longer periods of time." Is there any restriction on how long those backups can exist? Would it be possible, for instance, to delete, aggregate, or anonymize them after at most 5 years?
  • Design of new systems: "inclusion of privacy considerations in the code review process". Would this be added to some checklist, or is it just a general guideline?

Great to see this stuff be explicit. //Shell 00:15, 10 January 2014 (UTC)[reply]

Retrieved from "https://foundation.wikimedia.org/w/index.php?title=Legal_talk:Data_retention_guidelines&oldid=173027"