Access to nonpublic data policy
2. Any volunteer who is chosen by any community process to be granted access rights to restricted data shall not be granted that access until that volunteer has satisfactorily identified himself or herself to the Foundation, which may include proof that such user is at least 18 and explicitly over the age at which they are capable to act without the consent of their parent in the jurisdiction in which they reside.
3. Any volunteer who holds such access rights at the time of the adoption of this resolution must satisfactorily identify himself or herself to the Foundation within 60 days of the adoption of this resolution, or have any and all such access rights revoked. Volunteers otherwise in good standing whose access is revoked for failure to identify may have those access rights restored after providing identification, at the discretion of the Foundation.
4. Volunteer positions covered by this resolution include, without limitation, all stewards, all holders of the "checkuser" and "oversight" rights, and all developers with access to any electronic records which contains nonpublic information (such as the IP addresses of readers or contributors).
5. The access policies for OTRS e-mail queues or other communication systems of the Wikimedia Foundation are defined by WMF office staff in accordance with the intent of this policy.
6. Access to deleted revisions on a publicly editable project, such as that held by administrators, is not sufficient to require identification under this policy.
8. Exceptions to this policy may be made only by resolution of the Board of Trustees.
Policy last updated: June 2, 2007