Policy talk:Privacy policy: Difference between revisions

Policy talk:Privacy policy/Header User:MiszaBot/config PrivacyPolicy-Invitation

There are obviously a lot of things to talk about and if you aren't interested in this piece of it please feel free to start a new section with your discussion point/question/concern/etc. As you can probably see both here and on some of the other policies and draft pages we rolled out we're trying the idea of having illustrations and light humor in the text. These are not in anyway 'set' and may not appear in the final version if they're not appreciated. Legal documents tend to be lengthy, weighty and difficult to read (and rarely read at that) especially when you consider how many sites the average user visits. We want to make these documents as accessible as possible to as many people as possible. We hope to keep everyone's attention with the illustrations and a bit of levity. This is especially the case in the privacy policy but we've seeded them in a couple other locations as well. Do you like them? Hate them? Any specific ones work well or not work well? Should we think about another scene for a specific area? Jalexander (talk) 01:50, 4 September 2013 (UTC)[reply]

I think the illustrations are a waste of screen space and the web page would be physically easier to read without them - eg I wouldn't need to scroll horizontally when reading in a narrow window.

The levity and humour in the text is unnecessary and possibly counter-productive. It's hard to take a policy seriously when it compares itself to "eating your greens". "Plain English" (instead of "legalese") is a very good thing, but making it too informal or "chatty":

• may create a perception that you don't really care at all - because you're joking about it.
• may create ambiguity or uncertainty because the less formal the language, the less precise it risks becoming.

The policy needs to be easy to read and factual; it does not need to be entertaining. Mitch Ames (talk) 06:55, 4 September 2013 (UTC)[reply]

Yes, something like http://creativecommons.org/licenses/by-sa/2.0/ is perfect, but "funny" images are IMHO a poor idea.

Sorry but this "Hi, I'm Rory! I'm here to help explain this privacy policy. Welcome!" is terrible. It is straight from stupid commercial and/or something for a small children. Bulwersator (talk) 07:03, 4 September 2013 (UTC)[reply]

Agrre with all of the above. Wikipedia (& Wikimedia) is not a children's book. -Nabla (talk) 09:06, 4 September 2013 (UTC)[reply]

Gotta agree with Bulwesator & Nabla. Now if Rory were something with roots in the community (like Wikipe-Tan), I wouldn't be bothered hy this illustration half as much, however Rory is just some plush toy at the Foundation offices, giving the impression this is an initiative from the Foundation & foistering an us-vs.-them feeling to this proposed policy. (Yes, that is an issue that has been hammered ad nauseum, but presently there is a fair amount of distrust from the community about anything the Foundation does. Unforutnately clumsy stuff like this only aggrivates this distrust.) -- Llywrch (talk) 15:43, 4 September 2013 (UTC)[reply]

I personally enjoyed the illustrations and the style of speech as well. In my eyes this is a good way to encourage readers to study the whole document and not stop reading after the first paragraph. Besides that, horizontal scrolling should be prevented through better html. --trm 10:07, 4 September 2013 (UTC)[reply]

I also like the illustration too. Given that some of our contributors and readers are kids, we want them to know how it affects them. Plus, nobody (adults and kids alike) likes to read a text block of quasi-legal stuff. The illustration helps retain some of their attention while they read through the page. OhanaUnited^{Talk page} 18:36, 4 September 2013 (UTC)[reply]

To my definition of a kid is someone who is under the age of teenager. I'm fairly sure that very very few contributors on this site fit my definition of a kid. I'm sure no kid would ever read the policy, consider that most them wouldn't able to understand that much. Even for readers, kids would only made up a very small portion of the total wikipedia readers (I barely can come up with any reasons why any kid would come to read Wikipedia's articles rather than watching TV or doing something fun). I expect this site to be a grown-up one not a website for kids.184.97.201.174 02:06, 5 September 2013 (UTC)[reply]

Look at the 2 things separately - Illustrations are fine, talking down like we're in kindergarten and we're being read a bedtime story, is probably not. I seriously doubt a lot of kids will be reading this quasi-legal, rather lengthy policy with things about metadata, subpoenas and access to nonpublic information policy etc.. With that said, It's actually a good idea to inject some levity in the mix with illustrations (I loved the kittens that used to be in other project and small cutesy things added here and there - but a mascot talking down might not be right for this audience). A little consideration for the audience would go a long way - I would suggest 'In a nutshell' blurbs accompanying the illustration would be more helpful - something like tl;dr version in 2-3 bullet-points. Hope that helps. Theo10011 (talk) 21:09, 4 September 2013 (UTC)[reply]

It says at the beginning that Rory is "here to help explain this privacy policy", but that never really happens. Some fuzzy drawings of something that looks like a cross between ET and a fluffy toy doing indistinct actions is not much of a help to me, at least. 86.169.185.183 01:26, 5 September 2013 (UTC)[reply]

I think we could explain more but for now I've removed that piece and he just says "Hi, I'm Rory". You're right, that for now he isn't really explaining anything. Jalexander (talk) 02:44, 5 September 2013 (UTC)[reply]

Hi everyone - I really appreciate the feedback on the use of images (namely, Rory, the tiger) in the privacy policy. He does represent something novel in our thinking about how to communicate a policy to a wide audience of readers and users. We like the concept, but, recognizing this is a bit of an experiment, we are definitely listening closely to your views - both pro and con.

Just to share a perspective for your consideration:

Our chief concern is to find a way to encourage everyone to read the privacy policy, given its importance to our readers and contributors. We are told that privacy policies are hard to read, that people read them infrequently, and that, when they do read them, people misunderstand them often. We are looking for ways not to fall into that norm. For example, we have included a user-friendly summary at the beginning of the policy - which was a great idea suggested by the community when we were consulting on the terms of use. We believe that, in addition to avoiding legalese, our use of visuals might also improve interest and readability in longer documents like our privacy policy.

Most Wikimedians hardly need a visual to read through a complicated document, but, of course, this policy is for everyone, including readers who may not be as familiar with our sites and projects. In the ideal world, we want to attract as many people as possible to read the privacy policy since it does govern their use of our projects and the expectations of the community and WMF.^[1]

Now our present use of the visuals is only illustrative. We are looking at ways to leverage the pictures to better explain aspects of the policy. The text box under the Rory image in the “Welcome” section is meant to help inspire ideas on how to use such images to facilitate readability and understanding. Based on some comments here, we are going to change the present text to avoid confusion, but we would be interested in your ideas on how to best use images (if you think that would be a good idea). For example, we could use other text boxes in the margins to help link to relevant FAQs on the topic or to highlight critical parts of the policy, if you thought that was useful.

Anyhow, we are really interested in your views on this idea and how we could leverage it. Also, if you have other ideas on how to improve readability through visuals, that would be helpful as well.

Thanks again for your time, comments, and insights. I greatly appreciate it. Geoffbrigham (talk) 03:31, 5 September 2013 (UTC)[reply]

Commenting on the "reference": there seems a world of difference between using a cheerful character to encourage editors to visit the draft and offer feedback, and having that same character featuring in a serious document. I hope that any success with Rory on the banner will be interpreted as "it might be a good thing to have Rory on a banner encouraging user interaction" and not as "it is a good thing to have Rory in a serious policy document". PamD (talk) 10:11, 5 September 2013 (UTC)[reply]

Hey Geoff, thanks for giving a background on this. It helps to understand what the intention was. I do believe something like illustrations accompanying the large body of text would be very helpful and break the monotony. It is a good idea, but this attempt misses the mark in my opinion. It just means another attempt might be needed here. Twitter fail whale, firefox fox, Google's android - mascots are actually quite common and using them in internal documents is also not unheard of. We just need to do better with this.

The difference, you guys might know Rory, most of us don't. Wikipe-tan is about as close to a mascot as we can get, and that might not be really suitable for this. My suggestion again would be using illustrations to make some sort of a "In a nutshell" or "tl;dr" version with bullet points. It can consolidate a large amount of text into a few salient points accompanied by some cute illustration - something like a tl;drabbit or nutshell kitten.

Also, if you would allow me to go on a brief rant here about something trivial - the senior staff should exercise more judgement. A/B testing is/has become carte blanche for backing anything lately, it was bordering on our own internal meme. We are slowly becoming a private start up, hellbent on maximizing click-through with banners. Unfortunately, porn websites and scammers have been doing this for years and doing it better. I suppose the final step would be learning everything from them and copying them to maximize click-throughs. I'm sure a nude or a semi-nude in the banner would also give a much higher click-through than what might have been seen - but someone has to exercise good judgement. I personally have nothing but disdain for A/B testing, especially when its used blindly without any common sense, judgement or editorial control. I hope the senior staff members can see the point here, and show a little bit more wisdom when it comes to blind numbers and testing. Thanks. Theo10011 (talk) 10:08, 5 September 2013 (UTC)[reply]

Thanks Theo for your thoughts. I appreciate your view and those of others on this topic. I do like the nutshell idea. Hear you on A/B testing. Geoffbrigham (talk) 12:17, 5 September 2013 (UTC)[reply]

Thanks Geoff. Your reply is much appreciated. Theo10011 (talk) 17:08, 5 September 2013 (UTC)[reply]

I am not totally anti the use of images; my main problem with "Rory" is that, with no offence intended to the artist, it simply isn't very well drawn. 86.167.19.217 17:49, 5 September 2013 (UTC)[reply]

Re Theo10011: I think we shouldn't be using Wikipe-tan because the character itself only represents one project (Wikipedia) out of many other WMF projects. Even the name "Wikipe-tan" implies it is for Wikipedia. On the other hand, Rory does not have this issue. Since the privacy policy affects not just Wikipedia but all projects, it's inappropriate to use a character with a very narrow scope. OhanaUnited^{Talk page} 20:33, 5 September 2013 (UTC)[reply]

I agree about Wikipe-tan, and there is a list of reasons why its usage here might be a bad idea. Apart from that, my point was - no one knows "Rory" it might as well be Tony or Leo. Someone mentioned Rory is a stuff-toy at the office and it's supposedly an in-reference to that- I don't know if that is true or not, but there is no familiarity there to go off of. Someone mentioned that they thought they saw either Tony the tiger from Kellogg or Tigger from Winnie the pooh on Wikipedia. Theo10011 (talk) 21:05, 5 September 2013 (UTC)[reply]

I think the images are frankly playful, inviting, engaging, and ultimatey appropriate. The purpose of illustration here is to invite the reader into a conversation about privacy. Legal documents tend towards the dry, boring, and off-putting. Anything that furthers people actually wading into the details of complex policy should be lauded. There's a misconception that anything cute or playful is at odds with serious pursuits; it's quite the opposite, though. Playful design, when it's done well, invites a larger audience and welcomes them into serious discussion. The illustrations do not detract from the meaning of the policy, they just make it more likely that more people will read it. Yes, our hard-core contributors may feel slightly insulted or belittled by this display of creativity, but they're going to read the policy anyway, and so the illustrations serve to attract a different, broader audience. I think particular jokes may need tweaking, and clear and bold summaries of policy impact are top-priority for emphasis, but images do not take away from that. Ocaasi (talk) 18:07, 5 September 2013 (UTC)[reply]

I love the images. I think they inject the right amount of whimsy into a subject which is decided Super Serious and boring. I found that I actually read the privacy policy text because of them - if only so that I could scroll forward and see the next image. That was actually very clever, I think. I feel that if we can't make room for some fun, we've failed at what we do - it means we're not confident in what we're producing. --Jorm (WMF) (talk) 21:17, 5 September 2013 (UTC)[reply]

At first I borked at the images and playful text, but then I reconsidered. I imagined a teacher using the illustrations in colouring activities (or like) and trying to start a lesson, as simple as it would have to be, on data, privacy and security... to this end, the text needs to have simple one liners at the start, that sum up the sections. Maybe rename the section headings so when read alone, they make some sort of meaningful narrative. Then the first line of each section is for the next level of readership, limited to 140 characters for example, then the next paragraph is the next level (100 words), and so on until you have a paragraph that an expert can read. That way, like the language versions, you'll be reaching as wider range of audience as possible. Regarding the light humour, be careful not to use colloquial or culturally centric humour. Leighblackall (talk) 23:52, 5 September 2013 (UTC)[reply]

Re colloquial or culturally centric humour: we tried hard to stick to things that we thought could be translated (most of us on the legal team have at least one second native-level language), but if we failed in that, we'd definitely love to hear about it so we can fix it or help the translators find good alternatives. - LVilla (WMF) (talk) 00:51, 6 September 2013 (UTC)[reply]

Maybe hide it as default or move to the bottom? There is nothing here that would be surprising or interesting for normal person and on encountering it half people will stop reading this document Bulwersator (talk) 07:10, 4 September 2013 (UTC)[reply]

Hi Bulwersator! Thank you for your suggestion! Hiding this section as a default is certainly an option if it seems that the majority of people already know this information, but moving it to the bottom probably wouldn't make organizational sense. What do other people think? Did the "A Little Background" section provide you with information you didn't already know? Should it remain as is or be changed to default hidden? Mpaulson (WMF) (talk) 18:42, 4 September 2013 (UTC)[reply]

Found on second paragraph in Privacy policy#Account Information & Registration. Is there any reason to have a link to a user page on policy page? – Kwj2772 (msg) 07:14, 4 September 2013 (UTC)[reply]

Just as a note the specific account is a created 'example' (you can see a little comment/note in the edit window ). Jalexander (talk) 07:30, 4 September 2013 (UTC)[reply]

I think the joke still works if you put a disclaimer right on the user page. Steven Walling (WMF) • talk 17:05, 4 September 2013 (UTC)[reply]

Hi Steven and Kwj2772! We are contemplating possible changes based on this input, but want to wait to see what other comments we receive on this joke prior to making any changes. Mpaulson (WMF) (talk) 19:06, 4 September 2013 (UTC)[reply]

I don't think this joke translates well. PiRSquared17 (talk) 19:10, 4 September 2013 (UTC)[reply]

I removed this sentence. It's a bad joke and isn't appropriate for this document. --MZMcBride (talk) 12:28, 5 September 2013 (UTC)[reply]

• I expected Rory to actually say more stuff as the page went on. As it is, he is pretty useless.

Thanks, This, that and the other. I appreciate your taking the time to read and post. I hear you re Rory. I did a posting on this, which you can find here. I agree that, if we do decide to use visuals, we will need to find ways of doing so in a helpful way. Geoffbrigham (talk) 13:02, 5 September 2013 (UTC)[reply]

• Under "More On What This Privacy Policy Doesn't Cover", the use of the phrase "are supposed to" implies that some stewards or checkusers might be able to get away without agreeing to follow the other policies. I suggest that you use "must" here instead.

Thanks. I have been going back and forth on this since community members don't work for the Wikimedia Foundation. How about we say "are required to"? This would refer to the requirements of the new draft of the Access to nonpublic information policy. Would that work? Geoffbrigham (talk) 13:06, 5 September 2013 (UTC)[reply]

Thanks This, that and the other! We have changed the policy to "are required to" as Geoff suggested. Mpaulson (WMF) (talk) 22:59, 5 September 2013 (UTC)[reply]

• Under "Your Public Contributions", we have "Your contribution (even if you just removed something) will show when it was made and your username (if you are signed in) or your IP address (if you are not signed in)." While I think I get what this means, it still comes across as a bit ambiguous. Please recast this sentence so it is better structured and pronouns are used in a clearer way.

I see what you mean. If you have time, could you give us some proposed language. If not, don't worry. We will think about it a bit ourselves. Geoffbrigham (talk) 13:14, 5 September 2013 (UTC)[reply]

We have redrafted so that it reads: "The page history will show when your contribution or deletion was made, as well as your user name (if you are signed in) or your IP address (if you are not signed in)." I hope this helps with the clarity issue. Mpaulson (WMF) (talk) 22:59, 5 September 2013 (UTC)[reply]

• Humor is fine, but a lot of this humor is quite bad humor :( Some examples:
  • "... the picture of you in that terrible outfit your mom forced you to wear when you were eight." It's just not funny.
  • Get rid of "ericsgrl4evah". The link is funny, but inappropriate and confusing. Or at the very least, go and full-protect her user and user talk pages on enwiki.
  • Under "Information We Collect", "While removing or disabling our locally stored data does not cause lasers to shoot out of your device" is silly, and could conceivably be taken literally.

We have actually gotten different types of feedback on this, sometimes quite positive. I tend to think humor is fine if it encourages the reader to read the document and actually enjoy that experience. We have seen other policies do this successfully. Indeed, I don't believe legal documents should be stuffy or overly formal. It does not affect the legal effect of the document. That said, we are definitely listening to this type of feedback. After we hear from others, we may want to revisit how we are approaching it. (P.S. Will get to your other comments shortly.) Geoffbrigham (talk) 13:19, 5 September 2013 (UTC)[reply]

• "the website you exited the Wikimedia Sites from". What is this? Surely you exit the Wikimedia Sites from the Wikimedia Sites themselves?

This was phrased improperly. Thank you for catching that. It has been changed to "the website you exited to when you left the Wikimedia Sites". Hope that is a little clearer now. Mpaulson (WMF) (talk) 22:59, 5 September 2013 (UTC)[reply]

• JavaScript, please.

I believe MZMcBride already changed this. Thanks for pointing that out! Mpaulson (WMF) (talk) 22:59, 5 September 2013 (UTC)[reply]

• Under "How Long Do We Keep Your Data?" the bit "such as your IP address if you edit while not logged in and any public contributions to the Wikimedia Sites." needs to be recast. Suggesting "such as your IP address (if you edit while not logged in) and any public contributions you make to the Wikimedia Sites."

Thanks! I have revised according to your suggestion. Mpaulson (WMF) (talk) 22:59, 5 September 2013 (UTC)[reply]

• Link WikimediaAnnounce-L every time.

Thanks! This is been revised according to your suggestion. Mpaulson (WMF) (talk) 22:59, 5 September 2013 (UTC)[reply]

Nice work, though. This, that and the other (talk) 07:43, 4 September 2013 (UTC)[reply]

I too concur on the point that Rory is an absolutely stupid and redundant idea. It should be removed. Privacy policies aren't comedic, they're serious business. Having some chump character introduce itself then serve absolutely no purpose just gives me the vibe that someone doodled something, thought it was gods gift to art, then pushed an agenda to have it incorporated. It's redundant, superfluous, and should be removed to minimize distraction of future readers. BaSH PR0MPT (talk) 02:57, 5 September 2013 (UTC)[reply]

I think this is a valid view, BaSH PROMPT, but I think the use of visuals could be helpful. I did post something on that above. I am also seeing some interesting alternative ideas. Thanks. Geoffbrigham (talk) 13:23, 5 September 2013 (UTC)[reply]

Hi This, that and the other. You should be able to edit the page yourself. :-) I removed the "Ericsgrl4evah" sentence and corrected the spelling of JavaScript just now. --MZMcBride (talk) 12:46, 5 September 2013 (UTC)[reply]

I've responded in-line above. We really appreciate your comments, This, that and the other. They have already made the draft better. Mpaulson (WMF) (talk) 22:59, 5 September 2013 (UTC)[reply]

Template:Answered

Je vous remercie. Les versions allemande et française sont des traductions juridiques professionnels. Mon expérience est que nous avons besoin d'habitude de membres de la communauté de prendre les versions professionnelles à travers une révision ou deux. Pour cette raison, nous avons invité la communauté pour améliorer les traductions dans la mesure où cela est possible. Geoffbrigham (talk) 08:11, 6 September 2013 (UTC)[reply]

J'ai il y a quelques jours commencé à essayer d'apporter quelques améliorations à la traduction en français mais ce n'est pas facile car : je ne suis pas un excellent traducteur ; les textes sont trèèèès longs, on se fatigue vite ; je n'ai pas trouvé où se traduisaient certains morceaux du texte, par exemple Informations importantes 78.251.253.2 10:58, 6 September 2013 (UTC)[reply]

What is changing in the new Policy relative to the current one? Can anyone knowledgeable, probably those proposing it, make a diff please? - 09:08, 4 September 2013 (UTC)

+1

I have no big problem with this policy but knowing what's diferent helps to decide if it is 1 step forward or not. --Madlozoz (talk) 14:23, 4 September 2013 (UTC)[reply]

Also agree that it would be useful to know the actual changes in the policy - it could be done as a chart in a subpage since I can't see how one could give a "diff". Risker (talk) 14:28, 4 September 2013 (UTC)[reply]

See also #So, what is the purpose of all this?. --Nemo 05:44, 5 September 2013 (UTC)[reply]

Footer is linking to clearly superior http://wikimediafoundation.org/wiki/Privacy_policy 89.74.119.184 15:30, 5 September 2013 (UTC)[reply]

Second the motion PauAmma (talk) 15:50, 5 September 2013 (UTC)[reply]

Agreed, it's a nice looking document and quite readable, but I don't understand what and how it has changed. Ocaasi (talk) 16:39, 5 September 2013 (UTC)[reply]

+1 78.251.243.204 22:17, 5 September 2013 (UTC)[reply]

Thanks for asking about this. As Risker noted, it would be impossible to show the changes in a diff given that this is a completely new policy. Instead, I would like to outline some important changes here.

As a general matter, because the current privacy policy was written in 2008, it did not anticipate many technologies that we are using today. Where the current policy is silent, the new draft spells out to users how their data is collected and used. Here are some specific examples:

1. Cookies: The current policy mentions the use of temporary session cookies and broadly states some differences in the use of cookies between mere reading and logged-in reading or editing. The FAQ in the new draft lists specific cookies that we use and specifies what they are used for and when they expire. The draft policy further clarifies that we will never use third-party cookies without permission from users. It also outlines other technologies that we may consider using to collect data like tracking pixels or local storage.
2. Location data: Whereas the current policy does not address collection and use of location data, the draft policy spells out how you may be communicating the location of your device through GPS and similar technologies, meta data from uploaded images, and IP addresses. It also explains how we may use that data.
3. Information we receive automatically: The current policy does not clearly explain that we can receive certain data automatically. The new draft explains that when you make requests to our servers you submit certain information automatically. It also specifies how we use this information to administer the sites, provide greater security, fight vandalism, optimize mobile applications, and otherwise make it easier for you to use the sites.
4. Limited data sharing: The current policy narrowly states that user passwords and cookies shouldn’t be disclosed except as required by law, but doesn’t specify how other data may be shared. The new draft expressly lists how all data may be shared, not just passwords and cookies. This includes discussing how we share some data with volunteer developers, whose work is essential for our open source projects. It also includes providing non-personal data to researchers who can share their findings with our community so that we can understand the projects and make them better.
5. Never selling user data: The current policy doesn’t mention this. While long-term editors and community members understand that selling data is against our ethos, newcomers have no way of knowing how our projects are different from most other websites unless we expressly tell them. The new draft spells out that we would never sell or rent their data or use it to sell them anything.
6. Notifications: We introduced notifications after the current policy was drafted. So, unsurprisingly, it doesn’t mention them. The new draft explains how notifications are used, that they can sometimes collect data through tracking pixels, and how you can opt out.
7. Scope of the policy: The current policy states its scope in general terms, and we want to be clearer about when the policy applies. The new draft includes a section explaining what the policy does and doesn’t cover in more detail.
8. Surveys and feedback: The current policy doesn’t specifically address surveys and feedback forms. The new draft explains when we may use surveys and how we will notify you what information we collect.
9. Procedures for updating the policy: The new draft includes specific instructions on how we will notify you if the policy needs to be changed. This is consistent with our current practice, but we want to make our commitment clear: we will provide advance notice for substantial changes to the privacy policy, allow community comment, and provide those changes in multiple languages.

The purpose of a privacy policy is to inform users about what information is collected, how it is used, and whom it is shared with. The current policy did this well back when it was written, but it is simply outdated. We hope that with your help the new policy will address all the relevant information about use of personal data on the projects. YWelinder (WMF) (talk) 01:07, 6 September 2013 (UTC)[reply]

ça veux dire quoi en français ? Rinaldum (talk) 11:50, 4 September 2013 (UTC)[reply]

Salut Rinaldum - Nous demandons la réaction des gens à la politique de protection des données proposée. Dans ce contexte, le mot «feedback» signifie "vos commentaires." Geoffbrigham (talk) 14:00, 4 September 2013 (UTC)[reply]

Le ne connais pas de traduction parfaite de l'idiôme; en général, "commentaires en réaction" est une bonne approximation. MPelletier (WMF) (talk) 14:02, 4 September 2013 (UTC)[reply]

The WMF and many people with access to nonpublic information (like (for users with accounts) their IP addresses and possibly their email addresses) are subject to the contradictory laws of the USA. The WMF and many people with access to nonpublic information may be required to make such information available to unaccountable agencies while being legally restrained from telling them that the information was shared. Admitting new information sharing mechanisms, or even just the requests may result in imprisonment without trails, without access to the laws leading to imprisonment, or even transcripts of the decisions, evidence, or who their accusers were.

Until the WMF and people with access to nonpublic information remove themselves from such jurisdictions, the guarantees in the WMF's privacy policy, the access to nonpublic information policy, the data retention guidelines, the transparency report, and the requests for user information procedure, are untrue.

To service campaign contributors, your information may be given to third parties for marketing purposes.

Your data may be secretly retained by the WMF for as long as required by US agencies, and/or by those agencies themselves for as long as they want.

The WMF may be prevented from revealing their actual policies but forced to claim that they protect users' privacy per their public policies. -- Jeandré, 2013-09-04t12:47z

See also Talk:Privacy policy/Call for input (2013)#Technical and legal coercion aspects.

Hi Jeandré, while I'm someone who knows for a fact that we would strongly rebel against secret requests and unreasonable demands from the government (any government) I'm certainly sympathetic to these concerns (I think much of what the US government has done is illegal and immoral). That said I have yet to see where we could 'go' to remove everyone from jurisdictions where this (or other equally bad issues) would be a problem. Europe, for example, is generally not better, it has significant issues as well. Jalexander (talk) 20:07, 4 September 2013 (UTC)[reply]

As far as I know, the voters in New Zealand and Iceland care about doing the right thing, and don't have the same kinds of laws as the USA and UK. -- Jeandré, 2013-09-05t09:27z

Les lois européennes sont infiniment plus protectrices que les lois américaines. Pourquoi croyez-vous que les grosses sociétés informatique (Google, Micro$oft, Apple, etc.) essaient d'imposer, heureusement sans trop de succès (voir les quelques affaires récentes, par exemple entre Google et les CNIL européennes) , que ce soit le droit américain qui s'applique au détriment du droit européen ? 78.251.243.204 20:18, 5 September 2013 (UTC)[reply]

Et de toutes façons ce n'est pas seulement une question de quelle loi est plus protectrice ou pas, c'est une question de que les lois des différents pays doivent être respectées. Chaque pays est souverain et établit ses lois de manière démocratique, on n'a pas à lui imposer des lois qui n'ont aucune légitimité. Seuls les Américains votent pour élire leur congrès. Les lois américaines ne s'appliquent donc qu'à eux 78.251.243.204 20:21, 5 September 2013 (UTC)[reply]

PRISM etc

Not sure if this is completely on topic, please point me towards the discussion if not, this is not my area of knowledge.

1. Is the Wikimedia Foundation subject to the same FISA laws that Microsoft, Google etc have had to comply with and give over information?
2. If so does the Wikimedia Foundation record anything they may want?
3. If so this privacy policy will need to reflect this.

--Mrjohncummings (talk) 16:06, 4 September 2013 (UTC)[reply]

• Note that it may illegal for Foundation to admit that they give over information to USA government. 89.74.119.184 19:18, 4 September 2013 (UTC)[reply]

The WMF has been very clear that we have not been contacted in relation to that. General Counsel Geoff Brigham said in a blog post that "The Wikimedia Foundation has not received requests or legal orders to participate in PRISM, to comply with the Foreign Intelligence Surveillance Act (FISA), or to participate in or facilitate any secret intelligence surveillance program. We also have not “changed” our systems to make government surveillance easier, as the New York Times has claimed is the case for some service providers." Philippe (WMF) (talk) 20:58, 4 September 2013 (UTC)[reply]

Just to add to what Philippe has said, it is our understanding of the law that we can not be forced to 'Lie' (though they can force us to not comment/confirm including while we fight for it to be released), while I can certainly understand people's concerns about "them not even being able to tell us if it's true" I really do stress that we haven't received anything and would fight like crazy if we did. Also, we're really really bad liars, we are an incredibly leaky organization. Jalexander (talk) 08:03, 5 September 2013 (UTC)[reply]

This may be a crackpot idea, but given that you cannot be forced to lie, but can be forced to keep quiet, would it be possible for somebody - perhaps in the legal department - to report on a regular basis in a regular spot that "We haven't been contacted by the US Gov't this week to provide any information on users"? Smallbones (talk) 01:05, 7 September 2013 (UTC)[reply]

Given the choice between believing Microsoft/Google/Facebook/US.gov or Snowden, I'd go with Snowden every time. I think the current evidence shows that the people at Google are lying by commision because they're being forced to. While I have orders of maginitude more trust in the people at the WMF than those at Google, I think Ladar Levison's decision to shut down Lavabit and his strong recommendation against trusting organizations "with physical ties to the United States" indicates that he didn't want to lie by commision. -- Jeandré, 2013-09-05t09:27z

Is it possible for anyone to verify exactly what software the WMF's servers are running and how the software is configured? It is trivial to download Mediawiki and various extensions, but is it possible for anyone to verify that the version of Mediawiki as run by the WMF isn't modified to provide information to the NSA? --Stefan2 (talk) 12:57, 5 September 2013 (UTC)[reply]

We are very transparent about our servers, how they are configured, and what they run. For example, you can see our production code and deployment recipes on Gerrit and piles of additional information on Wikitech. So I don’t think we object to transparency like that in principle. But verification that source code matches specific binaries is an extremely difficult challenge, even under relatively small and controlled circumstances where you can control every part of the build, and where you’re simply asking about a binary at one point in time, rather than on a live, running system. To do the same thing for an entire network infrastructure (not just Mediawiki, but the web server, operating system, network switches, etc.) would be effectively impossible, both in terms of difficulty and in terms of making it secure (since it would require trusted access to the live system in order to perform monitoring). Even if it were achievable, it would also make management difficult in practice: for example, we sometimes have security patches deployed that are not yet public (for legitimate, genuine security reasons), and we also have to be able to change configurations quickly and fluidly in response to changes in traffic, performance, etc., and doing this would be difficult if configurations and binaries had to be checksummed, compared, verified, etc. - LVilla (WMF) (talk) 02:05, 6 September 2013 (UTC)[reply]

Given everything that's happened, I'm not so sure I trust anyone anymore about what is and isn't watched/kept. I now assume everything is being watched/recorded/analyzed online. You can only hide in the bushes for so long, eventually you'll want to come out and play (online), so I guess you suck it up and move on. Government never tells you about it, one guys leaks it, then they move to make it more transparent and do the about face. Makes you wonder what else they're hiding, and it's sad that they have to hide it from us... 99.251.24.168 02:35, 6 September 2013 (UTC)[reply]

I understand why you are finding it hard to trust anyone, and I am glad that Stefan2 was trying to be creative about ways to increase trust. I just don't think this particular idea solves the problem. If it helps, we're trying to work on this issue; most notably right now by pushing the US government to allow more transparency from targets of national security letters. Suggestions on how else we can do that are welcome. - LVilla (WMF) (talk) 17:09, 6 September 2013 (UTC)[reply]

Of course it would be a bad idea to give anyone unlimited read access to the live servers. For example, it would allow anyone to extract any information from any database table, including information normally only available to checkusers and oversighters. Thanks, your reply sounds reassuring. --Stefan2 (talk) 19:13, 6 September 2013 (UTC)[reply]

Subject to US law

I think we should expand the section on the data being kept in the USA, and therefore subject to American laws. The PATRIOT Act comes to mind, where they can and will use any data you store in the US at any point in time against you at a later date. Doesn't matter where you live. So you might not want to post that nasty anti-American rant on a talk page, it might come back to bite you in the choo-choo later... Or the DMCA. I think of a certain Russian computer scientist who could have been arrested had he came to the US to give a speach as he posted information on anti-circumvention measures (Dmitry Sklyarov) ... Oaktree b (talk) 22:09, 4 September 2013 (UTC)[reply]

While some of this may be true (though there are lots of laws in Europe and other countries which can be problematic with what you post too and the US allows) I'm not sure I understand your example. There is very little (if any) added risk to posting your anti-american rant on the talk page on an American server. There are certainly risks, but the PATRIOT act does not necessarily make it more risky (especially given the legal system and our desire to fight against demands) then many other location options. Jalexander (talk) 00:29, 5 September 2013 (UTC)[reply]

This section concerns me as well as worries me. "to comply with the law, or to protect you and others" I think most of us are aware that our freedom in all areas is slowly but steadily eroding. In many countries, there is not even a pretense at giving freedom priority over other values, while in many others it is only a pretense. I wonder if there is a country left in the world that has not put that value at the bottom of a list of many other values like security and equality. Politicians and lawyers can and will find a way to abuse that which they can abuse for their own purposes. Laws were made to facilitate the sending of millions of people into concentration camps, why should they stop at keeping knowledge sacred? "to comply with the law, or to protect you and others" That is a mightily large back door.

Well I live in Canada, and even if I do my edits in Canada, should I do something distasteful to the Americans, they can hold me at the border for some stupid reason. We also have data privacy laws here in Canada (PIPEDA), but those don't apply to Canadian data stored on American servers. My point is you're essentially at their mercy, whether you like it or not. Just so people are made to understand that. You live in country XYZ, but American law applies to your edits and any data you divulge, so beware. 99.251.24.168 02:09, 6 September 2013 (UTC)[reply]

C'est partiellement mais pas complètement vrai, je pense. Une légende court depuis longtemps qui voudrait que c'est la loi du pays où se trouve les serveurs qui s'applique. La jurisprudence n'est pas encore établie, mais pour l'instant c'est faux. Les serveurs étant situés aux EU, les lois américaines s'appliquent en partie. Mais les producteurs et les consommateurs de contenu étant dans d'autres pays, d'autres lois peuvent s'appliquer. Par exemple, pour la Wikipédia francophone, une grosse partie des producteurs et les consommateurs de contenu se trouvant dans d'autres pays comme la France, le Canada, la Belgique, etc., il est très probable que certaines des lois de ces pays s'appliquent. Par exemple, une société dont le siège et les serveurs sont localisés au Luxembourg ont été condamné à appliquer le droit français ; Twitter a été poursuivi pour ne pas appliquer les lois françaises relatives à la liberté d'expression, mais l'affaire n'est pas allée jusqu'au procès car Twitter a préféré passer un accord avec les parties civiles ; Google est attaquée par les différentes CNIL européennes pour non respect des lois européennes de protection des données personnelles, plus contraignantes que les lois américaines ; dans ces deux cas, Twitter et Google prétendent qu'ils ne doivent appliquer que les lois américaines, mais cela est fortement contesté, et on peut douter que la justice leur donne raison. Ce serait très commode pour les entreprises multinationnales, mais quelle perte de souveraineté pour les citoyens et les pays concernés ! Je n'y crois pas du tout 78.251.253.2 11:18, 6 September 2013 (UTC)[reply]

Thanks for your comment. Please see my response to a related discussion here. YWelinder (WMF) (talk) 19:42, 7 September 2013 (UTC)[reply]

Legal response

Thanks for raising this question. I’ll tackle it in two parts:

First, generally: as we say in more detail in the policy’s section on our legal obligations, we must comply with applicable law, but we will fight government requests when that is possible and appropriate. For example, unlike some websites, we already are pretty aggressive about not complying with subpoenas that are not legally enforceable. (We’ll have precise numbers on that in a transparency report soon.) We’d love to hear specific feedback on how we can improve that section, such as additional grounds that we should consider when fighting subpoenas.

In addition, we are currently working on a document that will explain our policy and procedure for subpoenas and other court orders concerning private data. We will publish the document publicly, follow it when responding to requests, and also provide it to law enforcement so that they know about our unusually strict policy on protecting user data.

Second, with regards to surveillance programs like PRISM and FISA court orders: We are subject to US law, including FISA. However, as we have previously publicly stated, we have not received any FISA orders, and we have not participated in or facilitated any government surveillance programs. In the unlikely instance that we ever receive an order, we are making plans to oppose it.

Beyond the legal realm, we continue to evaluate and pursue appropriate public advocacy options to oppose government surveillance when it is inconsistent with our mission. For example, the Wikimedia Foundation signed a letter with the Center for Democracy and Technology requesting transparency and accountability for PRISM. If you are interested in proposing or engaging in advocacy on this issue, please consider joining the advocacy advisory group. We also continue to implement technical measures that improve user privacy and make surveillance more difficult. For example, we enabled HTTPS on Wikimedia sites by default for logged in users. For more information, see our HTTPS roadmap.

As always, we greatly appreciate your input on this complex issue. Please note that if you have questions that are specific to surveillance, and not tied to the privacy policy itself, the best place to discuss those is on the Meta page on the PRISM talk page, not here.

Best, Stephen LaPorte (WMF) (talk) 00:03, 6 September 2013 (UTC)[reply]

La question n'est pas de résister du mieux possible à l'application de lois avec lesquelles nous ne sommes pas d'accord : les lois sont là, elles ont été votées démocratiquement, nous devons les appliquer, point barre. Nous ne devons pas faire de politique ! Occupons-nous plutôt d'écrire l'encyclopédie, et appliquons les lois quand elles s'appliquent, de quelque pays qu'elles soient 78.251.253.2 11:38, 6 September 2013 (UTC)[reply]

Localisation des serveurs aux Etats-Unis et loi applicable

Les explications indiquent que les serveurs sont situés aux Etats-Unis et que nous devons accepter que ce soit la loi américaine de protection des données personnelles qui s'applique, même si elle est moins protectrice que la nôtre, et que dans le cas contraire nous ne devons pas utiliser Wikipédia. Ca veut dire que nous devons nous barrer tout de suite ? De toutes façons, je ne crois pas que ce soit légal. La Wikipédia francophone concernant en grande partie des Français (ainsi que des Québécois, Belges, Africains, Suisses, etc.), je pense que les juridictions des publics concernés ont leur mot à dire, et que leurs lois doivent d'appliquer. La jurisprudence n'est pas encore bien établie, mais d'ores et déjà certains décisions judiciaires sont allées dans ce sens. En tous cas, personnellement, je ne suis pas du tout d'accord pour donner mon consentement à ce que ce soit la loi américaine qui s'applique. Bien trop dangereux ! La loi américaine n'est pas assez protectrice ! Sans parler de toutes ces lois liberticides prises à la suite des attentats du 11 septembre, sans grand contre-pouvoir pour contrôler leur mise en oeuvre ! 78.251.246.17 22:55, 4 September 2013 (UTC)[reply]

Pourquoi parles-tu uniquement de la Wikipédia francophone ? Il existe plusieurs centaines de projets dans plein de langues, dont les pays pourraient également avoir leur mot à dire. En clair, la fondation ne peut pas suivre toutes les lois du monde et s'arrête donc à celle de son pays. Elfix 07:47, 5 September 2013 (UTC)[reply]

Le problème est qu'on a plusieurs centaines de projets dans plein de langues, mais aussi plusieurs centaines de pays qui, que vous le vouliez ou non, sont souverains, ont leurs propres lois, et ont le droit d'avoir leurs propres lois. C'est un fait. Qu'on le veuille ou non. Et la question n'est pas de savoir si la fondation peut suivre toutes les lois du monde, la question est qu'elle DOIT suivre les lois du monde, car ses activités ne s'arrêtent pas aux frontières de son pays mais s'étendent dans le monde entier. Non seulement elle DOIT suivre les lois des pays auxquels ses activités s'étendent, mais pour un pays comme la France ou n'importe quel pays européen, dont les lois sont beaucoup plus protectrices vis-à-vis de la vie privée des citoyens que la loi américaine, c'est même hautement souhaitable. C'est la raison pour laquelle cette clause est mauvaise. Si l'excuse pour laquelle la Fondation explique qu'il faut adopter la loi américaine, même si elle est moins protectrice que celle de notre pays, est que les serveurs sont aux Etats-Unis, dans ce cas rapatrions les serveurs en Europe. Dans tous les cas ce sont les lois les plus protectrices que nous devons respecter, car si nous respectons les lois les plus protectrices, alors nous respectons toutes les lois, y compris les lois américaines ou de tous les pays 78.251.243.204 18:26, 5 September 2013 (UTC)[reply]

J'ai fait le point en anglais plus haut, mais c'est la même: toute information que vous soumettez au Wikipedia anglais/françcais/allemand etc. est gardée aux USA, donc votre loi locale ne s'applique probablement pas. Au Canada par exemple, nous avons LPRPDE (PIPEDA en anglais) pour la protection des données et des documents électroniques; toute information qui n'est pas sur un ordinateur canadien n'est pas protégée. Donc, si pour une raison ou un autre, Obama ou le gouvernement américain décide de fouiller dans votre information, tant pis! Toute protection locale s'arrête à la frontière. Vous n'avez qu'à regarder le cas d'Edward Snowden ou de Julien Assange; on peut très facilement vous rendre la vie très difficile s'ils décident que vous êtes l'ennemi des USA... Gare à vous. Caveat emptor. 99.251.24.168 02:24, 6 September 2013 (UTC)[reply]

Bonjour 99.251.24.168 et merci de votre réponse :-) J'ai moi aussi répondu plus haut. Je pense au contraire que les lois des pays souverains ont toute chance de s'appliquer. Mais dans le cas que vous décrivez de données canadiennes conservées sur des serveurs américains, les lois américaines s'appliquent AUSSI, et c'est bien normal, les EU sont un pays souverain, comme le Canada. Dans les affaires de ce type, qui concernent plusieurs pays, le droit applicable est toujours un compromis entre les différents droits concernés. Ne croyez pas que seules les lois du pays hébergeant les serveurs s'appliquent. Cave canem ! ;-) 78.251.253.2 11:47, 6 September 2013 (UTC)[reply]

Thank you for your comments and my apologies for responding in English. Jurisdiction is a complex issue that is determined based on a case-by-case analysis. Generally, we apply U.S. law, but we are sensitive to European data protection laws. For example, a version of this privacy policy was reviewed by a privacy counsel in Europe to ensure consistency with general principles of data protection.

The important issue for our users' data is our commitment to privacy rather than the general privacy law in the country where the Wikimedia Foundation is based. Our privacy policy generally limits the data collection and use to what is necessary to provide and improve the Wikimedia projects. For example, we commit to never selling user data or using it to sell them products. In other words, the commitments we make in this policy go beyond commitments made by many online sites, including those based in Europe. And we encourage users to focus on and provide feedback about those commitments because the commitments are ultimately what matters for their privacy on the Wikimedia sites.YWelinder (WMF) (talk) 19:36, 7 September 2013 (UTC)[reply]

Localisation des serveurs aux Etats-Unis et loi applicable bis

Je demande le retrait du paragraphe Où se trouve la Fondation et qu’est-ce que ceci implique pour moi ? 78.251.243.204 19:05, 5 September 2013 (UTC)[reply]

My apologies for the response in English. If someone would be so kind as to translate this into French, I would be much obliged. Are there any particular reasons that you are requesting removal of that section? Is there any specific language that concerns you? If so, please specify. Mpaulson (WMF) (talk) 22:23, 5 September 2013 (UTC)[reply]

Traduction / translation : « Excusez-moi de répondre en anglais. Si quelqu'un avait la gentillesse de tranduire mon message en français, je lui en serai reconnaissant. Y a-t-il des raisons particulières pour que vous demandiez le retrait de cette section ? Y a-t-il une langue spécifique qui vous concerne ? Si tel est le cas, veuillez le préciser. » Jules78120 (talk) 22:37, 5 September 2013 (UTC)[reply]

Merci Mpaulson de votre réponse (et merci à Jules78120 pour sa sympathique traduction :-) ). Les raisons particulières qui me poussent à demander le retrait de cette section sont les mêmes que celle déjà développées plus haut dans la section Localisation des serveurs aux Etats-Unis et loi applicable et dans plusieurs autres sections telles par exemple que NSA, FISC, NSL, FISAAA, PRISM... Je me permets juste d'être un peu plus insistant dans ma demande, avec votre permission :-) 78.251.243.204 00:54, 6 September 2013 (UTC)[reply]

So, while we as an organization and I personally have some sizable objections to PRISM and many of the actions taken by the US government recently with regards to privacy, removing this section will not actually change the applicability of US law. The Foundation is located in the US, meaning that using our sites leads to the transfer of data to the US, and thus is subject to US law. Mpaulson (WMF) (talk) 01:09, 6 September 2013 (UTC)[reply]

Bien sûr que les serveurs sont situés aux EU et que les lois américaines s'appliquent (à ce propos, on devrait peut-être songer à redéménager les serveurs en dehors des EU !). Par contre, je ne suis pas d'accord avec la phrase « Vous consentez également au transfert de vos informations par nous depuis les États-Unis vers d’autres pays qui sont susceptibles d’avoir des lois sur la protection des données différentes ou moins contraignantes que dans votre pays, en lien avec les services qui vous sont fournis. » Je ne suis pas d'accord pour que mes données soient transmises n'importe où, y compris à des entreprises situées dans des pays où les lois autoriseraient n'importe qui à faire n'importe quoi avec. Si nos données sont transmises, elles ne doivent l'être qu'avec la garantie que nos données seront protégées au moins autant que dans notre pays, ou en tous cas au moins autant qu'aux EU. Quelque soit l'entreprise ou le pays vers lesquels sont transmises nos données, on doit s'assurer que la Charte de confidentialité soit garantie. Sinon, on ne transmet pas. La Charte n'établit, je trouve, pas ce point assez clairement (par exemple les paragraphes Si l’organisation est cédée (très peu probable !) et À nos prestataires de services manquent à mon avis de précision) 78.251.253.2 12:36, 6 September 2013 (UTC)[reply]

P.S. : EU en français = Etats-Unis = United States = US en anglais ; je m'excuse, j'aurais dû écrire Etats-Unis en toutes lettres :-) 85.170.120.230 01:51, 7 September 2013 (UTC)[reply]

Unfortunately, US privacy law is still very much developing and the EU considers the US to have less stringent data protection laws than the US. So using a Wikimedia Site means that, if you are a resident of Europe, your data is being transferred to a country with less stringent data protection laws that your country. There isn't really a way for you to use the Wikimedia Sites without consenting to that kind of transfer unfortunately. But differences in privacy regimes aside, the Wikimedia Foundation seeks to put into place contractual and technological protections with third parties (no matter what country they may be located in) if they are to receive nonpublic user information, to help ensure that their practices meet the standards of the Wikimedia Foundation's privacy policy. Mpaulson (WMF) (talk) 18:59, 6 September 2013 (UTC)[reply]

This is not quite correct. If I visit google.com from Italy, I'm asked whether I want to accept a cookie or not, though in USA you are not. Moreover, Google managers were held criminally liable for privacy violation in a meritless case which however ruled that «the jurisdiction of the Italian Courts applies [...] regardless of where the Google servers with the uploaded content are located».[1] --Nemo 19:26, 6 September 2013 (UTC)[reply]

What does this mean: "the EU considers the US to have less stringent data protection laws than the US"? PiRSquared17 (talk) 19:27, 6 September 2013 (UTC)[reply]

«Special precautions need to be taken when personal data is transferred to countries outside the EEA that do not provide EU-standard data protection.»[2] «The Commission has so far recognized [...] the US Department of Commerce's Safe harbor Privacy Principles, and the transfer of Air Passenger Name Record to the United States' Bureau of Customs and Border Protection as providing adequate protection.»[3] «In many respects, the US is a data haven in comparison to international standards. Increasing globalization of US business, evidenced by the Safe Harbor agreement, is driving more thinking about data protection in other countries. Still, political and economic forces make a European style data protection law of general applicability highly unlikely in the near future».[4] WMF is also not in [5], FWIW. --Nemo 19:46, 6 September 2013 (UTC)[reply]

@Mpaulson : J'ai l'impression que vous avez mal compris mon abréviation EU, qui signifiait Etats-Unis (d'Amérique). Pardon. Ceci dit, même si les lois américaines sont en effet souvent considérées moins protectrices des données personnelles que les lois européennes, les Règles de protection des données personnelles (Privacy Policy) de Wikimédia peuvent tout à fait garantir un niveau de protection supérieur aux lois américaines. Garantir un niveau de protection inférieur aux lois américaines ne serait pas légal, mais garantir un niveau de protection supérieur aux lois américaines, et même supérieur aux lois européennes ou à d'autres lois, est tout à fait possible et compatible avec le droit américain. Il suffit d'adopter des Règles au moins aussi protectrices que les différentes législations nationales (un plus grand commun dénominateur des différentes législations, donc). Je ne vois pas ce qui nous en empêche. Et il faut bien entendu que tous les prestataires de services s'engagent ensuite à respecter ce niveau de protection (comme déjà stipulé dans le paragraphe À nos prestataires de services) 85.170.120.230 02:22, 7 September 2013 (UTC)[reply]

Dans un but de meilleure compréhension, serait-il possible que quelqu'un de compétent nous explique en quoi ces Règles de Confidentialités diffèrent du droit européen ? En quoi elles seraient moins protectrices que celui-ci ? Une explication du genre de celle donnée ci-dessus dans la section What is changing? serait très intéressante ! 85.170.120.230 02:32, 7 September 2013 (UTC)[reply]

It would be nice if the account can be removed. Thank You! --78.49.38.54 13:03, 4 September 2013 (UTC)[reply]

Sadly deleting an account is essentially impossible, if we delete an account then every edit made by that account isn't attributed to anyone and we can't allow that. Many wikis have a policy similar to English Wikipedia's Right to Vanish where you can be renamed to some obscure numbered name and your user page deleted but that's essentially the closest that we can get :(. Jalexander (talk) 20:11, 4 September 2013 (UTC)[reply]

A option to do that which ive seen done on other sites is to attribute all the things a person has written to account named "Deleted", which would solve this problem and allow the deletion of account from database. Of course there is the potential risk of people registering, vandalizing and deleting themselves not to trace them back. A possible solution could be that deletion ony gets confirmed after, say 24 hours, during which the vandalism gets noticed usually.

P.S. not sure if i did this formatting thing right

Content page invites one to comment but seemingly fails to tell one where to comment. Here? On this talk page? Somewhere else?

Presentation is rather "cutsie" reminds me of the annoying paper clip helper mess of Microsoft.--64.134.41.87 13:51, 4 September 2013 (UTC)[reply]

Yes, please comment here for the privacy policy. We are definitely listening to feedback on the use of Rory (the tiger image). Veteran Wikimedians most likely need nothing like that. On the other hand, we want to facilitate reading the policy for everyone (including readers and new editors), so we are experimenting with the idea during this consultation period. Your feedback is greatly appreciated. Geoffbrigham (talk) 14:04, 4 September 2013 (UTC)[reply]

I just wanted to say that I love Rory's drawings, anyway :) --Elitre (WMF) (talk) 15:09, 4 September 2013 (UTC) PS - can I get a quick link to the colored version in the banner? I don't think I can find it on Commons, but I searched very quickly.[reply]

@Elitre (WMF) and Elitre: wmf:File:Rory intro colored 02 banner transparent.png. See MediaWiki:Centralnotice-template-PrivacyPolicyDiscussion Rory1, Special:CentralNoticeBanners/edit/PrivacyPolicyDiscussion_Rory1 for more info on this banner. PiRSquared17 (talk) 19:03, 4 September 2013 (UTC)[reply]

Thanks PiRSquared17. Good thing I did not spend too much time looking for it on Commons then... --Elitre (talk) 13:53, 5 September 2013 (UTC)[reply]

I agree that there needs to be an improvement on this. It took me a while to figure out that i should comment in talk section, as it felt like they are asking for feedback but providing no way for us to give any. I also find the editing of talk pages a shifty way of commenting and would like a better system, but we have what we have.

It looks like you will get your wish for a new discussion system: Flow. PiRSquared17 (talk) 15:43, 7 September 2013 (UTC)[reply]

This is in the first sentence of the nutshell of the draft, and is mentioned in several other places. However, if one tries to edit without logging in on English Wikipedia, at the top of the screen appears this editnotice: "You are not logged in. Your IP address will be publicly visible if you make any edits. Please log in or create an account to have your edits associated with a user name, among other benefits. "

The last sentence really pushes people to register accounts, and is written to sound as though it is pretty much required. It's something of a mixed message. If the last sentence started with "If you log in or create an account, your edits will be asociated...." it would more accurately reflect this policy, and to stay on the same message. Risker (talk) 14:36, 4 September 2013 (UTC)[reply]

Hey Risker. I actually wrote that copy. :) I think the reword for the last sentence you suggested is good. Let's do it! Steven Walling (WMF) • talk 17:03, 4 September 2013 (UTC)[reply]

I agree needs to change- Anonymous

Template:Resolved

Really! Truly! I know you don't mean to sound like you are talking down to us, but gosh, I feel like everyone at the Foundation just wants to give us happy smiles & hugs & wishes us all unicorn farts. Not only does it sounds creepy, yo ulose all credibility.

First, I want to know if this warm-&-fuzzy language accurately reflects what the policy is. And some passages don't give me a warm & fuzzy feeling that it does.

Second, it is possible to explain things in plain English without sounding like a demented variant of a Cub Scout Den Leader. Take, for example the section "Account Information & registration". (Was the person who wrote that high on antidepressants?) Everything in that section could be explained quite simply & maturely as follows:

You are not required to create an account to read or contribute to a Wikimedia Site. However, if you contribute without signing in, your contribution will be publicly attributed to the IP address associated with your device. If you want to create a standard account, we do not require you to submit any personal information to do so. All that is required is a username and a password. We do not ask for a legal name or date of birth, nor an email address, and definitely not for credit card information; we consider that information unnecessary to contribute to Wikipedia. There are rules and considerations regarding a username, so please think carefully before you use your real name as your username. Your password is only used to verify that the account is yours.

Notice how more mature this paragraph reads? Yet most of the language is what currently appears on the front page; all I did was take out the fluff. And there is a lot more fluff in this policy statement that needs to come out before the final draft. -- Llywrch (talk) 18:34, 4 September 2013 (UTC)[reply]

A bit painful

With due respect, some of the phrasing is pretty cringe-worthy.

"Some features we offer are way cooler to use if we know what area you are in."

"If you choose to help us make the Wikimedia Sites better by participating in an optional survey or providing feedback, we think you are awesome."

"We also recognize that some of you know the ins and outs of tracking pixels while others associate the term “cookie” exclusively with the chocolate variety."

Such attempts to be chatty have no place in such a document, in my opinion. 86.169.185.183 21:02, 4 September 2013 (UTC)[reply]

Mostly, I'd be interested in tasting a cookie which is a chocolate variety (in Italian, saying that "cioccolato" is "biscotto" is a lexical and etymological absurd). Do such things really exist in USA? We may need a food culture table conversion for such weirdnesses in the text. --Nemo 21:47, 4 September 2013 (UTC)[reply]

You will be assimilated. Resistance is futile... We are Wikiborg.Oaktree b (talk) 22:23, 4 September 2013 (UTC)[reply]

Informal tone

I'm wondering why the WMF has decided to use a very informal tone in this new draft. Is it intended to make the policy appeal to a younger audience? I have nothing against the occasional use of "cool", "awesome", or similar words, but I don't understand why they should be in what is essentially a legal document. @Jalexander: any comment? PiRSquared17 (talk) 21:59, 4 September 2013 (UTC)[reply]

I also think it's okay to have a bit of fun and have some in-jokes in internal Wikimedia pages, but it might hurt the WMF's reputation if added to such an important, highly visible document. However, I trust the authors of the document. PiRSquared17 (talk) 22:01, 4 September 2013 (UTC)[reply]

Also informal text can have official character. ;) The intention was obviously to make the text comprehensible also for non-Legalese native speakers. ^^ --თოგო ^(D) 22:36, 4 September 2013 (UTC)[reply]

I'm happy that it is more comprehensible and written in Simple/Plain English, but that does not mean we should have text like "[...]we think you are awesome". I'm not explicitly against this kind of informal tone, but I'm afraid that readers may get a bad impression of Wikimedia. It might make WP seem like a website run by "cool kids". ;) PiRSquared17 (talk) 22:41, 4 September 2013 (UTC)[reply]

I obviously appreciate your feedback on this and will make sure the lawyers know too (we're keeping track of what people say on both a spreadsheet and I sit very close to Michelle who is the main one in charge of coordinating it) and I think it's something to hear about from others as well to gauge how it comes across. From a personal opinion side though I disagree, I think simple/plain english is one thing (and for legal document incredibly tough) it can't be the only piece. The formal 'voice' and tone are one of the big things that turns people away from reading long documents like this and absorbing the information given. I think the informal tone keeps it flowing and makes it much easier to completely read. In the end I would prefer for people to think we're a bit of a 'silly bunch of people' (which, let's be fair, they already think since we write an online encyclopedia for fun) then for them not to read what is quite a lot of text but is very important in this internet day and age when they give up large amounts of information without even knowing it. Jalexander (talk) 23:46, 4 September 2013 (UTC)[reply]

I disagree with this, as I mentioned above. The insertion of inappropriate words such as "cool" and "awesome" does not make the document more readable, it just makes it look self-conscious and a bit ridiculous. 86.169.185.183 00:16, 5 September 2013 (UTC)[reply]

Sigh. Did you bother to read my revision of one paragraph of this document? It is informal but dignified. No one will respect a document that is written by a bunch of airhead PR flacks who sound as if they are giggling as they writing--which is the voice this document currently has. And I hope & assume no one working at the Foundation wants to be thought of as an airhead PR flack.--Llywrch (talk) 02:57, 5 September 2013 (UTC)[reply]

Honestly, at the time not yet, but I did later and have it on a list for people to look at. I was answering here because @PiRSquared17: specifically pinged me and I wanted to respond to him directly. I actually think I misread initially though and came across as harsher then I felt (too many things at once I guess). I want to find the right balance, and am not completely sure where it is yet. I didn't write the policy and I have my own thoughts but I'm not yet sure exactly what is best. I just wanted to characterize the thought process and some of my own thoughts (about trying to find ways to keep them reading and help them understand). Jalexander (talk) 08:14, 5 September 2013 (UTC)[reply]

I thought the exact same thing as PirSquared17 and I disagree with "The formal 'voice' and tone are one of the big things that turns people away from reading long documents like this and absorbing the information given. I think the informal tone keeps it flowing and makes it much easier to completely read." In fact the informal tone distracts from the information given and let the reader thinks that the information is not important since it's presented in a "funny" way, we "unconsciously" think that it must be a joke or something alike. I don't mean the text should be full of legalese stuff and I agree that it should be written in plain/simple English, but the "informal tone" does the same as the "legalese and complicated tone" for non-Native English speakers, it makes the text harder to understand (and let be honest such text won't be translated in all languages so, yes, a lot of non-Native English speakers will have to read it in English). Amqui (talk) 02:48, 5 September 2013 (UTC)[reply]

The informal tone doesn't bother me much. The document is still pure egregious legalese (i.e. designed to give headaches), see all the instances of "A, BUT! X, Y, W, Z, ..." so that in the end you read three times as much and don't remember what you are agreeing to, being more exceptions than rules, and the WMF is fully protected from users.

You make a good point, however, that the draft text is three times as long as the current wmf:Privacy policy (49 KB vs. 16 KB counting only the text included in the page directly) and it's full of long digressions. Perhaps, per TTO in #Some notes, the digressions and other accessory text may be moved to speech bubbles coming out of Rory, so that both translators and readers can more easily prioritise how they consume the document. --Nemo 06:03, 5 September 2013 (UTC)[reply]

I've changed my mind about this. Maybe it is better for people to think we're silly than to avoid reading the policy, as James said. If it actually gets people to read through it, and it doesn't detract attention from the actual content, then it's fine. PiRSquared17 (talk) 01:15, 6 September 2013 (UTC)[reply]

Most people will still not read it just because of the length, no matter if you put smiling tigers beside each section or not. So why bother the actual people who will read it with fluff that they don't care about, because, let be honest, the vast majority of the people who will take the time to read the Privacy policy are not the casual readers. Amqui (talk) 03:51, 6 September 2013 (UTC)[reply]

Good point about the translator, informal tone like that is also harder to translate easily and directly than direct and plain formal English, and since we rely on volunteer translators, that's a point to keep in mind. Amqui (talk) 03:43, 6 September 2013 (UTC)[reply]

I do not understand what the informal child friendly tone of the policy is seeking. When I read the proposed policy I'm reading a tutorial of treatment of data, not really a policy. A privacy policy is a document that establishes clauses of what the web site will do or will not do with the data that can identify the user. Privacy terms are released not with the purpose to teach to the visitor what is the purpose of the Wikimedia Foundation, or what is a cookie or why the web site collects data (although, sometimes is necessary explain it), these terms are a declaration of the host about what it will do or not with your data, I mean, because the host decides treat the data as he want. If WMF establishes that will be public the IP and location of the visitor then, the IP and location will be public (for example). Each web site could treat the data in different ways, and it is the reason because each web site have to your own privacy policy. I see that is a tendency in websites to make the privacy policy more "friendly", but actually, a list of bullets about what the site will do or will not do is the easiest and simplest form to do that. For example "WMF will recollect cookies with the purpose…", "WMF will not give your data to third parties…" and so on. Moreover, privacy policy is the kind of document in that I do not want to expend much time to read, in that sense, proposed policy is a whole treaty. And, in addition, is not the kind of document that needs a mascot (seriously, what the policy writers were thinking when decided that to include Rory in the policy was a good idea?). In other hand, the policy terms should not treat you as if you were ignorant of everything. For example that line "Because everyone (not just lawyers) should be able to easily understand how and why their information is collected and used, we use common language instead of more formal terms" can be changed to this "Some terms that will be used in this policy must be understood with the following meanings". Finally, I expect a simple, short and formal text about privacy policy, if you want to keep the current text as a tutorial named WMF privacy policy for dummies, I agree with that, but I think an informal redaction should be an auxiliary, not the main document. --SirWalter (talk) 05:53, 6 September 2013 (UTC)[reply]

Oatmeal vs. Dora the explorer

I saw feedback to the whole illustration and mascot theme is solicited above. I wanted to point out the subtle difference being lost here. Illustrations don't necessarily have to be dumbed down, or be intended for an immature audience. The whole mascot theme, terminology and tone being employed doesn't fit well together. I'm not commenting on the quality of the artwork or the character work for the record, both of which seem fine and probably took a lot of time and effort. It's really hard to cater to an adult audience through this medium but it's not new either - twitter fail whale, firefox fox, google's android etc. all have used their mascots and used them well - I think this could be done better (if this route is going to be taken). But to do that - start by aiming for oatmeal, not Dora or Disney. Regards. Theo10011 (talk) 22:33, 4 September 2013 (UTC)[reply]

Why a tiger?

Why does the banner for the new privacy policy include a drawing of a tiger? We're not children. --Cryptic C62 (talk) 02:52, 5 September 2013 (UTC)[reply]

I don't work for the WMF, so I can't explain why they chose to use the tiger, but here's some sort of explanation: The WMF has a stuffed animal tiger in their offices called wmf:Rory. The usage of Rory illustrations has been discussed above, in other sections. PiRSquared17 (talk) 02:55, 5 September 2013 (UTC)[reply]

Offputting for adult readers

The policy reads as if aimed at schoolchildren, with the cuddly tiger, "way cooler", "eat your greens", "evil wizard", "You're still awesome" (or "... brilliant" in GB english version). It is possible to write clear English in a neutral, adult, way: see The Plain English Campaign and its guides if you need help. The Privacy Policy is an important document and should be written in a clear and serious tone, not as if it's written by teenagers for children. We are trying to recruit new subject-expert editors, with the introduction of Visual Editor: if a high-power professor reads this proposed text, offered as the Privacy Policy, they are unlikely to take Wikipedia seriously enough to want to contribute their time and expertise. PamD (talk) 07:55, 5 September 2013 (UTC)[reply]

Thanks for the link, I'm adding it to Writing clearly. --Nemo 11:42, 5 September 2013 (UTC)[reply]

Thanks for all the above comments. To be honest, from my personal viewpoint, I'm actually OK with this, and I'm known as a pretty stuffy and formal lawyer.  :) Our challenge is to explain a complicated topic to everyone, including casual readers of our projects. As I note above, we are repeatedly told that few ever read privacy policies, those who start often don't finish, and when they do, they often misunderstand them. For that reason, we have tried a few ideas, like the user-friendly summary at the beginning of the policy, plainer English (with no doubt a few exceptions), more transparent and hopefully easier-to-understand explanations in the text, and, yes, humor. In my humble opinion, I like it. To my ear, it is not condescending but is respectful, underscoring that we expect the reader to read the policy and we are making efforts to help them enjoy it. For me, humor helps get through dry material. My take on the proposed rewrite above it that it is fine, but I honestly like the version in the draft privacy policy better: it helps explain better in plain terms where we are going, and it may actually help people remember themes in the document. We did have non lawyers read through various drafts. Their ongoing feedback pointed us in this direction. I definitely respect the opinion of those who disagree with me, and, of course, during the 4-month consultation period, we will be listening closely on this issue. In any case, I really appreciate all of you reading and responding ... quite helpful in thinking through this topic. Many thanks. Geoffbrigham (talk) 14:14, 5 September 2013 (UTC)[reply]

"We are repeatedly told that few ever read privacy policies, those who start often don't finish, and when they do, they often misunderstand them. For that reason, we have tried a few ideas, like the user-friendly summary at the beginning of the policy, plainer English (with no doubt a few exceptions), more transparent and hopefully easier-to-understand explanations in the text, and, yes, humor.": +1 Ocaasi (talk) 18:19, 5 September 2013 (UTC)[reply]

That's not humor, that's an embarrassment. You should target the common average of users(german: Schnittmenge), and not only a specific group. But I'm used to such nonesense in wikipedia. Most of the editors suffer from brain damage or mental retardation I think, so no suprise. Whatever, good luck. Greets--82.113.121.77 22:14, 5 September 2013 (UTC)[reply]

Don't you guys just love it when someone pops in, offers no help, is a jerk, and then promptly leaves? Unfortunately, he forgot to create an account which means his IP address is open for everyone to see! ; ) As for this new policy, I actually like the cuddly tiger (though some of the words are a tad cringe-worthy) and seriously wonder why some people worry about wikipedia "not being taken seriously" when it is already leagues above everything else on the web. BallroomBlitzkriegBebop (talk) 17:38, 6 September 2013 (UTC)[reply]

Some thoughts for consideration from legal

Thanks to everyone for their comments (under this section and others). I really appreciate people taking the time to read the document and giving us your frank feedback.

Just above I shared some thoughts on this topic for consideration. To state it a little differently here, in the legal department, we have reflected quite a bit about tone as we took this draft through multiple versions, testing them out informally. What we heard was that non-lawyers (who were adults and well educated) preferred this less legalistic tone, including some limited insertions of humor. IMHO, this approach shows an effort to help the reader understand the document and demonstrates our expectation (and respect) that the reader will read it. As I say elsewhere, most Wikimedians are fine with formal language expressing complicated concepts. Indeed, I love the fact that our community is made up of wiki-lawyers who have a strong interest in legal issues and the formalities that naturally follow that interest. That said, many of our users to whom this policy applies are readers from different backgrounds. I feel we need to use tools to encourage all types of people to read the policy throughout and to the end – like the user-friendly summary; like plainer, less formal English; like icons and maybe other visuals; and like humor.

And, to be honest, it also works for me. I enjoy reading the draft privacy policy more because of the tone and humor. I also like what it says: we think it is unreasonable to put dense legal documents before readers without helping them understand the document and enjoy the experience. As I noted above, I think the above rewrite of one paragraph by Llywrch is fine, but, in my personal opinion, I frankly like the version in the draft privacy policy more: the first line of text helps the reader understand where the discussion is going in a simple non-legalistic way. I do appreciate Llywrch’s efforts in illustrating his point, however.

We talk about the use of illustrations elsewhere, but one idea I like out of this conversation is the concept of using bullet points, maybe in the margins to summarize certain critical themes. The community will decide on the mascot idea, but simplified bullet points - such as proposed by Theo above - may be another way of addressing this. I know that is not exactly what you are proposing SirWalter, but the idea is related. I think both of you have good arguments there.

Now I say all this with the understanding that we are in a 4-month consultation period, and we are listening to your views on this. So far, there are some who have commented positively on the language and approach, but I definitely respect the contrary point of view. I’m seeing some points more clearly based on our exchange. For example, it resonates with me when people say some humor doesn't translate well into other languages. And there are no doubt some sentences that we will want to rewrite based on community feedback. Overall, I’m fine with the tone; I even like it, and, personally, I would like to keep it. But, if some specific language really strikes the community as wrong, we will change it, obviously.

Thanks again for taking the time to read this draft and to share your comments. We know people are busy and have other priorities, so we really appreciate it. Geoffbrigham (talk) 07:45, 6 September 2013 (UTC)[reply]

I have three comments about this:

• Guys, fun is ok, but the Wikimedia projects are not the place to it. Wikimedia is a serious web site, not serious in the sense of an drill instructor, but in the meaning of trusty and accurate information. I think everybody, regardless of age, nationality or educational level can understand that the legal issues are serious issues. If you want to get fun, go to the Encyclopedia Dramatica, paradoxically, their privacy policy is better than the draft that you are proposing.
• Wikimedia projects are not the sort of websites that intensively recollect personal information or get profit with it. Most of the data recollected is result of the way in that internet servers work. I do not understand why a simple upgrade in the policy becomes in a complete senseless renovation.
• Privacy policy is a legal text with legal consequences. With your "cool" way to redact it, you are introducing ambiguity in the terms. And the ambiguity in a written contract will be construed against the drafter. If you want to fight in a trial in that somebody felt offended because thinks that he/she looks great in his eight year old picture or, because somebody interprets the "evil wizard" in an inconvenient sense, you are in the right way. By the way, I find, more than 40 paragraphs since the beginning of the policy text, the statement that "if you do not agree with this Privacy Policy, you may not use the Wikimedia Sites"; of course, is well known that you have to put the Important Info at the end of a legal text.

At the end, you are more involved in the project, and you will carry with the consequences of all this. --SirWalter (talk) 19:02, 6 September 2013 (UTC)[reply]

I take your point quick seriously, SirWalker. I thought about this lots before the rollout. I came to the Wikimedia Foundation from a for-profit major internet company. I think many saw me as quite formalistic as a lawyer.  :) So I get what you are saying. Yet, after seeing similar examples elsewhere, I have come around to the position that a less legalistic style and humor can be helpful in facilitating understanding, especially when you are addressing a diverse community. I don't think it would be appropriate for me to comment on the quality of others’ privacy policies, but I will say that our site has unusual and complicated issues in a collaborative community that need to be addressed in an understandable way in our privacy policy - a need that is not really satisfied with a policy made up of short bullet points. (That said, I do like the idea of using bullet points in the margins to summarize major themes, if the community wants that format.) Also I firmly believe in honest transparency with our community. This means we need to explain in plain English how we collect and employ user information, and I think this draft does a better job in that respect, though it takes words to do that. I think you are right to be concerned about ambiguity in any contract, but I would respectfully disagree that this causes any real legal risk; to be frank, if I thought it did, I would strike it. I hear your point about changing the placement of the highlighted sentence ("if you do not agree with this Privacy Policy, you may not use the Wikimedia Sites"); I have no objection moving it towards the front of the document (like the Introduction) or putting the concept in as a bullet point in the user-friendly summary if the community supports that view. Other detailed reasons for the rewrite are set out above under the opening template on this talk page, explaining the need for this new draft. I say we watch the community feedback. I’m seeing support for our approach, but I am also hearing the words of caution. During the course of the consultation, we may well make modifications that address some of your concerns. I know that we may disagree on some points, but I want to reemphasize how much I appreciate your reading the document and raising these points. It does help everyone as we work towards the right final draft for the community. Geoffbrigham (talk) 07:50, 7 September 2013 (UTC)[reply]

I think some clarification on the data retention policy would be helpful : in the section of the draft on "How Long Do We Keep Your Data", there is a link ("(Check out our list of examples") to what can be "retained indefinitely". The link sends to a page with the following statement : "You can learn more about how long we keep different types of data in our data retention guidelines and procedures [LINK]", where the link is void. Also, today's post on the Foundation's blog says : "In the coming months, we will also be releasing Data Retention Guidelines ... which [will] address many of the most prominent concerns we heard during the initial consultation period [and] explain our data collection and retention practices under the new Privacy Policy in greater detail". Does this mean the data retention policy is to be clarified here and now or later ? Is the current data retention policy to be replaced by another document ? Is there a difference made between "guidelines" and "policy" ? Will a draft on these matters be submitted later to the community ? Thanks, — Racconish^Tk 18:51, 4 September 2013 (UTC)[reply]

The German Wiki has also the internal Data retention ;(((

• Aye, sorry about the [link]. My understanding is that the Data Retention Guidelines will be put out soon (most likely in the next couple weeks), but definitely out before this discussion is over. The last date I heard was in 2-3 weeks but I may be wrong on that. Will see if I can get a more specific answer on the guidelines vs policy question (I think I know but don't want to be wrong on that). Jalexander (talk) 07:51, 5 September 2013 (UTC)[reply]

Thanks. — Racconish^Tk 08:59, 5 September 2013 (UTC)[reply]

Hi Racconish! LCA is working closely with Tech to draft some basic Data Retention Guidelines in the coming weeks. We will be able to release them for community feedback in 1-2 months. I'm sorry that I can't give you an exact date yet as the release date heavily depends on how the internal conversations go (availability, consensus, etc.) The guidelines will differ from a traditional "policy" in a few ways. First, we envision the guidelines being updated as needed so we can address how we handle new types of data or new uses of data on an ongoing basis. A policy, such as the privacy policy, is meant to be finalized and static for hopefully the next 5 years or so (assuming no major change in practice occurs in that time). The guidelines are meant to provide practical, specific, everyday guidance for WMF staff on how we handle data. And while guidelines will be public (both to be transparent and to help the community understand some of our practices better), the application of the guidelines are more internal. Policies, on the other hand, tend to be broader and outward-facing and outline principles we wish to uphold and promote. I hope that answers your question. If you have more questions or would like further clarification, we are happy to provide it. Mpaulson (WMF) (talk) 21:53, 5 September 2013 (UTC)[reply]

Continues at http://thread.gmane.org/gmane.org.wikimedia.foundation/68188

blog.wikimedia.org runs the WordPress software, but I'm pretty sure it actually isn't hosted by WordPress. I just spoke with Brion in #wikimedia-tech who said that he's pretty sure the blog is hosted on one of the WMF's servers. Legoktm (talk) 19:19, 4 September 2013 (UTC)[reply]

So I checked with the ops folks in private chat; apparently there's some talk about switching the blog to WordPress's hosted servers, but it hasn't been done yet. (Main reason to move it is that it's a pain for the ops people to keep one extra web service up, running, up to date, and tuned for occasional high-traffic spikes, while WordPress.com does that for a living.) But yeah, the text should be .... current with actual practice I suppose! --brion (talk) 19:23, 4 September 2013 (UTC)[reply]

The blog is planned to move to third-party hosting pretty soon, probably this month, as part a general redesign of the blog. I understand the new privacy policy won't go live before 2014. Regards, Tbayer (WMF) (talk) 19:51, 4 September 2013 (UTC)[reply]

Yeah, as Tilman says this is planned well in advance of this becoming practice and so was written in as a known example. Jalexander (talk) 07:48, 5 September 2013 (UTC)[reply]

The blog is being moved to third-party hosting? Does WordPress.com follow our privacy policy? --MZMcBride (talk) 12:12, 5 September 2013 (UTC)[reply]

I know that legal is currently in discussion with their General Counsel/Legal staff about changes to their privacy policy for us. I know that while we were currently expect to use wordpress.com if that falls through they have been looking at other hosting options to make sure we're comfortable. Jalexander (talk) 22:31, 5 September 2013 (UTC)[reply]

MOVED FROM WIKIPEDIA VILLAGE PUMP

Hi, at http://meta.wikimedia.org/wiki/Privacy_policy/BannerTestA, it says:

Because of how browsers work and similar to other major websites, we receive some information automatically when you visit the Wikimedia Sites. This information includes the type of device you are using (possibly including unique device identification numbers), the type and version of your browser, your browser’s language preference, the type and version of your device’s operating system, in some cases the name of your internet service provider or mobile carrier, the website that referred you to the Wikimedia Sites and the website you exited the Wikimedia Sites from, which pages you request and visit, and the date and time of each request you make to the Wikimedia Sites.

What sort of "unique device identification numbers" is it referring to? I thought browsers didn't provide that information. 86.169.185.183 (talk) 17:40, 4 September 2013 (UTC)[reply]

Looking at similar privacy policies, it looks like this may refer to mobile devices: "AFID, Android ID, IMEI, UDID". --  Gadget850 ^talk 17:45, 4 September 2013 (UTC)[reply]

You mean that when you access a website through a browser on an Android device the website can collect a unique device ID? Is that really correct? (I can believe it for general apps, where, presumably the app can do "anything" within permissions, but I didn't think there was any such browser-website mechanism). 86.169.185.183 (talk) 18:58, 4 September 2013 (UTC)[reply]

I think this question is more appropriate for the Talk page discussion on the privacy policy draft. Steven Walling (WMF) • talk 20:31, 4 September 2013 (UTC)[reply]

I see that this information is "receive[d] [...] automatically". That doesn't necessarily mean this information needs to be collected and stored. Personally I am fine with this information being temporarily handled in a volatile location in order to cater to the display needs of each individual device. I do not however, believe that this information should be stored or used for any other means. Participation in this data-mining should be off by default. WMF would of course be free to nag users into opting in. Because this is a _free_ encyclopedia, users should be _free_ to at least view it in the way they want, without having all their habits and device details harvested non-consensually. Contributions? Edits? Sure, take all you want. There's an implicit agreement to such data-mining when a user submits an edit. But there isn't one from just viewing a page. --129.107.225.212 16:59, 5 September 2013 (UTC)[reply]

Thanks, but that is not really relevant to my question (not sure if it was supposed to be), My question is whether it is technically possible for a website to obtain "unique device identification numbers" from a web browser. The text implies that it is; previously I believed it wasn't. I am hoping that someone will be able to answer the question. 86.167.19.217 17:27, 5 September 2013 (UTC)[reply]

You are correct in stating that browsers are sandboxed from retrieving this type of information. However, our mobile apps and our mobile app deployment infrastructure may utilize "unique device identification numbers" to identify mobile devices (such as a device tokens, device unique user agents, or potentially UDIDs). Our mobile apps may need this ID for certain functionality, such as sending push notifications or delivering test deployments. Thanks, Stephen LaPorte (WMF) (talk) 17:11, 6 September 2013 (UTC)[reply]

I think we have no intention of accessing or recording device UDID, IMEI number, or anything else like that. (It's also getting increasingly hard for apps to get access to those, as the OS vendors don't like creepy apps either.) In the cases where we do usage tracking and need identifiers, they'll be either based on something already in the system -- like your username/ID -- or a randomly-generated token. --brion (talk) 17:20, 6 September 2013 (UTC)[reply]

Template:Resolved

"This information includes [...] the website that referred you to the Wikimedia Sites and the website you exited the Wikimedia Sites from"

"the website you exited the Wikimedia Sites from" is hard to understand. Does it mean that when you click an external link the identity of the referring page is sent to the external website? 86.169.185.183 20:53, 4 September 2013 (UTC)[reply]

It seems trivial but does sound clumsy. It can be rephrased. Theo10011 (talk) 21:21, 4 September 2013 (UTC)[reply]

How about "the website from which you exited the Wikimedia Sites"... Chase me ladies, I'm the Cavalry (talk) 13:12, 5 September 2013 (UTC)[reply]

That may help in a cosmetic way, but it doesn't fix the main problem which is that the statement fundamentally does not make sense. I think the text has got muddled or garbled or the intent got misunderstood somewhere along the way. It may have been intended to say what I described above, but it definitely does not succeed in that. 86.167.19.217 17:41, 5 September 2013 (UTC)[reply]

That's definitely clear wording, Chase me. But unfortunately, it doesn't convey what I'm trying to say (which indicates that we need to keep trying with the phrasing). What I'm trying to describe is the next website that you go to when you exit a Wikimedia Site. For example, if I am reading a WP article and then click through to an external source link, the data automatically received by us includes what the external source website was. Any ideas as to how to better phrase that? Mpaulson (WMF) (talk) 00:54, 6 September 2013 (UTC)[reply]

I don't think that's actually the case, though. When you click an external link, WP doesn't automatically get any notification of that (there are ways to gather this information, but they're not automatic and I don't think WMF uses them). On the other hand, if someone is reading WP and follows an external link, then that external site will often be automatically informed that the visitor reached their site by following a link from the WP page. (For clarity: if the user is reading WP via https and clicks an http external link, the browser is supposed to not send that "referrer" information. But clicking an https external link or reading WP via http is fair game) In the same vein, it's also likely that the information automatically received would include not only that you loaded both "A" and "B", but that you reached "B" by following a link from "A"; I don't know that that's worth mentioning.

On the other hand, I note the section about information received automatically doesn't mention IP addresses (although they are mentioned elsewhere). Anomie (talk) 14:09, 6 September 2013 (UTC)[reply]

The policy states that "This Privacy Policy does not apply to all of the Wikimedia Sites, such as Wikimedia Sites that have their own privacy policy (like the Wikimedia Shop) or third-party actions and sites (like third-party developer projects on Wikimedia Labs)." What happens when we include code from Labs or Toolserver into standard pages (for example GeoHack; there is no indication that it might be under a different policy) -- how do we ensure compliance to the policy for those included snippets? Or how do we clearly mark on our projects that a tool is external? Mwalker (WMF) (talk) 20:58, 4 September 2013 (UTC)[reply]

Hi, Matt; thanks for taking the time to read the policy at this level of careful detail - much appreciated.

Our intent is that if something from a third party is actually included into a standard page on one of the covered sites (like GeoHack on Wikipedia pages) then it must comply with the privacy policy. This language is intended to cover cases where the Labs tool is standalone, or accessed by people making affirmative choices to go to Labs (like clicking on a link). If that's not clear, we could perhaps work to clarify this; suggestions welcome.

It might be useful to note that, to make this easy, legal has worked with the Labs team so that Labs projects embedded in covered sites should be compliant by default. This involved two steps: first, technologically, we filtered the information passed to a Labs tool (i.e., IP addresses and user agent information) so that it would be technically difficult for Labs tools to get at information that might violate the policy. Second, legally, the Labs terms of use should be more restrictive about data collection than this main policy, so that Labs projects shouldn’t be sneaking around the Labs technical restrictions in order to grab PII, and so that we can immediately kill any projects that do that.

For the case where people are clicking a link that will take them off-site to Labs, we could conceivably add a requirement that there be some sort of notification (like an icon next to the link, or an interstitial), but we’re not currently planning that. - LVilla (WMF) (talk) 00:37, 6 September 2013 (UTC)[reply]

"Wikimedia Sites"

Why this terminology? I'd appreciate consistency. Terms of use talks of Projects and Wikimedia Projects. --Nemo 21:08, 4 September 2013 (UTC)[reply]

+1. Theo10011 (talk) 21:22, 4 September 2013 (UTC)[reply]

Isn't is the case that WMF runs sites that are subject to the privacy policy but aren't projects? If so (the blog springs to mind), the current broader language seems me the better fit, best regards --Jan (WMF) (talk) 08:28, 5 September 2013 (UTC)[reply]

Actually that might be a distinction worth noting. Does this policy cover things like the blog or labs? I seem to recall the blog using third party software, instead of mediawiki, and labs having similar issues with deployed analytic, and users having access to other user's info. I assumed those 2 things meant this privacy policy probably won't cover those and only the projects. Anyway, it just sounds clunky, a better terminology must exist for this. Theo10011 (talk) 10:15, 5 September 2013 (UTC)[reply]

I appreciate this discussion. The definition of "Wikimedia Sites" is probably a bit broader than the projects. Specifically in the Introduction of the policy we have a list of definitions. "Wikimedia Sites" is defined as:

Wikimedia Sites and services (regardless of language), including our main projects, such as Wikipedia and Wikimedia Commons, as well as mobile applications, APIs, emails, and notifications; excluding, however, sites and services listed in the “What This Privacy Policy Doesn’t Cover” section below.

My thinking is that a casual reader of Wikipedia - to whom this privacy policy applies - may not understand what a "project" is naturally, but will understand what a "site" is. I can see good arguments either way, however, on correct wording. Geoffbrigham (talk) 14:37, 5 September 2013 (UTC)[reply]

I don't care much about the name you choose but I don't like inconsistency with the terms of use, so whatever choice you make please be consistent.

On the definition proposed and the casual reader, using common words doesn't necessarily make something more understandable, especially if you use them in uncommon ways. Applications are not sites. The WebAPI lives on the projects' domains. "Emails and notifications" is too broad and might mean anything; the important ones are those generated by MediaWiki i.e. included in the "Wikimedia projects" category. Finally, which of the hundreds of non-project domains (and this is only the wikimedia.org subdomains) fall under the definition of "Wikimedia Site" per the privacy policy? It's probably easier to use a specific, narrow term and definition to then add instances to it on a case by case basis, rather than use super-broad language and then be forced to endless lists of exceptions. --Nemo 10:44, 7 September 2013 (UTC)[reply]

“the Wikimedia Foundation” / “the Foundation” / “WMF” / “we” / “us” / “our”

Instead of providing glossaries, can't you just use a single term? --Nemo 21:10, 4 September 2013 (UTC)[reply]

Hi Nemo! There are different reasons for using these various terms to describe the Wikimedia Foundation. We say "the Wikimedia Foundation" because it's our official name and depending on the sentence, formality or use of the full name is appropriate. However, we recognize that it's a rather long name and something that we frequently have to reference. Saying "the Wikimedia Foundation" every time we refer to the Wikimedia Foundation would have made the policy even longer...something we wanted to avoid, so we sometimes used "WMF" or simply "the Foundation" instead. As for "we", "us", and "our", we believed that informal terms would help improve readability and flow. For the avoidance of doubt, we added it to the Glossary to make it clear that these terms all refer to the Wikimedia Foundation. Hope that helps explain why we drafted as we did. Mpaulson (WMF) (talk) 00:08, 6 September 2013 (UTC)[reply]

Hello. Thanks for caring about the length of the document! A nice aim would be to reduce it by about 66 %, to stay more or less at the same level as the current one.

As for the specific case, avoiding the use of "WMF" and "the Foundation" would increase the byte count of the document by 0.10 %, if my math is correct. On "we", "us" and "our", either the definition is wrong or there is something wrong in what you said at #Exclusion of on-wiki actions from privacy policy, because in your interpretation "we" seems to include something more than the incorporated entity called the Wikimedia Foundation, Inc. (If that's the case, you may want to distinguish between the normal English "we" and the "WE" referring to the definition in question. That's one of the rare occasions where capitals serve some useful purpose, unlike the Title Case invading the text. If used in stead of “the Wikimedia Foundation” / “the Foundation” / “WMF”, it would also reduce byte length by 0.73 %!) --Nemo 19:10, 6 September 2013 (UTC)[reply]

"update your account profile", "information in your user profile"

What is this thing or things the text talks about? Never heard of profiles on our wikis. --Nemo 21:19, 4 September 2013 (UTC)[reply]

Hi Nemo! This refers to information on your user page. We used the terms like "user profile" to be more accessible to casual users who may not be as familiar with the term "user page". However, I do believe that this phrase should be consistent within this document. Thank you for pointing out that it's called "account profile" in one place. We will get that changed. Mpaulson (WMF) (talk) 23:25, 5 September 2013 (UTC)[reply]

Actually, +1 on all 3. Consistency is very important in vetted documents like these that will be around for a long while. Theo10011 (talk) 21:25, 4 September 2013 (UTC)[reply]

Can someone explain what purpose it serves to have a two-tiers privacy protection in which WMF doesn't guarantee much, or anything, about what in the end might happen with private data on the wikis? In particular the exclusion of "data-collecting tools that are placed on Wikimedia Sites by users, volunteer administrators, or other third parties" means that we (WMF and community) could no longer just remove any tracking script from the wikis on sight as being against the privacy policy. --Nemo 21:15, 4 September 2013 (UTC)[reply]

Hi Nemo! I am a little confused by your question, to be honest. The policy draft does not change rules regarding the removal of tracking scripts from wikis that contravene the privacy policy. Community members are still free to remove tracking scripts from the wikis on sight if they believe they violate the privacy policy. However, if you are not sure whether a particular tracking script is in violation of the privacy policy or you happen to be a casual user who doesn't know how to or doesn't want to remove the script themselves, they can report it directly to the Foundation and we will look into the matter. Does that help address your concerns or did I misunderstand your question? Mpaulson (WMF) (talk) 23:10, 5 September 2013 (UTC)[reply]

Have you read the sentence I quoted? It's in the "More On What This Privacy Policy Doesn’t Cover" section, which by the way is so broad that I have no idea what the privacy policy actually is about (perhaps it would be easier to start with a narrower definition which requires less exceptions).

Let me quote more extensively: «This Privacy Policy only covers the way we collect and handle information [note: "we" means the Wikimedia Foundation, according to the definitions provided; as in its staff, but not its sites as a whole, apparently]. [...] With that in mind, the following are not covered by this Privacy Policy: [...] Third-party scripts, gadgets, cookies, tracking pixels, share buttons, or other data-collecting tools that are placed on Wikimedia Sites by users, volunteer administrators [...]».

Consequently, a script e.g. including Google Analytics on all pages of a wiki, added by a volunteer sysop, is not covered by the privacy policy as proposed, hence is obviously not against the privacy policy and can't just be removed straight away as such (e.g. by stewards as usual so far), though the WMF reserves the right to decide (at whim) that it's better to remove it, or more specifically to "investigate" it, whatever this means: «please report it to privacy[at]wikimedia.org so we can investigate further.» --Nemo 17:34, 6 September 2013 (UTC)[reply]

I think we may just be interpreting the language differently. When we say that third-party data-collecting tools are not covered by the privacy policy, we mean that they are not covered to the extent that they are third-party tools that we do not control and therefore cannot regulate how the information collected by those tools is used by the third parties who receive them. The placement of such tools on Wikimedia Sites, particularly if they do not get the users implied or express consent before collecting information, is not permitted under the privacy policy draft because such tools may not meet the privacy standards set out in the privacy policy draft. But we also understand that despite the prohibition, some placement may occur due to the open nature of the projects. It is in those situations that community members (or WMF if specific instances are reported to us) can remove them on-sight if the community member or WMF believes the tool violates the privacy policy. Does that make more sense? 216.38.130.164 18:30, 6 September 2013 (UTC)[reply]

That last response was me. Didn't realize that I had been logged out. Sorry about that! Mpaulson (WMF) (talk) 18:32, 6 September 2013 (UTC)[reply]

Thanks for the explanation but no, it doesn't make more sense. First, it's not what the draft says: it doesn't say that what happens outside our cluster is outside our control, it says that "data-collecting tools" without further specifications (hence including their being placed on our wikis) are not covered by this policy. Second, it makes no sense to state properties about the empty set (which must be empty). Third, if your aim was to state the obvious, this particular "More On What This Privacy Policy Doesn’t Cover" "clarification" makes more damage than benefit. --Nemo 18:50, 6 September 2013 (UTC)[reply]

Makes no sense, please kill. --Nemo 21:21, 4 September 2013 (UTC)[reply]

What about that makes no sense? It seems straightforward to me. Registration data, and demographic data about yourself. Philippe (WMF) (talk) 21:26, 4 September 2013 (UTC)[reply]

So you're saying that the users can delete registration data? Please tell me how. Is it a new feature that will be developed? --Nemo 21:32, 4 September 2013 (UTC)[reply]

I'm actually curious what demographic data is and where it is extracted from. There is no demographic data as far as I know besides gender info in the preference options, and even that isn't disclosed half the times. Also, did we add an option to disclose age at some point or is there more analytic data being extracted from elsewhere besides the preference option? Maybe I missed something. Theo10011 (talk) 21:34, 4 September 2013 (UTC)[reply]

Gender preference is not demographic data, it's grammatical information. --Nemo 21:44, 4 September 2013 (UTC)[reply]

I thought so too. But "we may ask you for more demographic information about yourself, such as gender or age." - seems to imply not. What exactly is the demographic data here then? Theo10011 (talk) 21:46, 4 September 2013 (UTC)[reply]

Gender preference certainly is grammatical information as well but there is no getting away from the fact that it is also demographic data (and that people don't always like it being known for varied reasons). Jalexander (talk) 21:56, 4 September 2013 (UTC)[reply]

James, is that all the demographic data is that is being referred to? I actually would like a clearer explanation if that kind of info is only pulled from the preference options or somewhere else and what other kind of info is there? Thanks. Theo10011 (talk) 22:00, 4 September 2013 (UTC)[reply]

Thanks Theo, I'll find someone who can give a more through answer. Jalexander (talk) 07:02, 5 September 2013 (UTC)[reply]

Currently, we collect information about gender in for grammatical purposes, but it is still demographic information, even if we don’t use it that way. Language is another example of something that we collect right now for technical purposes, but is sometimes considered demographic information.

Gender and language aside, we don’t generally collect demographic information (though see Jeremyb's comment below for an example of specific, non-general demographic information collection). But we’re trying to build a policy that can grow with us in the future and allows us to better understand who contributes to our community and our mission. That’s why we put this in - not to cover something we do now, but to cover things we might do in the future. - 216.38.130.164 02:18, 7 September 2013 (UTC)[reply]

Research:Gender micro-survey seems relevant, and is definitely demographic and not related to grammar. --Jeremyb (talk) 20:58, 6 September 2013 (UTC)[reply]

That's not about registration. --Nemo 00:30, 7 September 2013 (UTC)[reply]

I've read the draft from beginning to end, and I have no idea what you wanted me as a user to get from it. What's the purpose, what does it improve compared to the much shorter and more concise current policy which provides very clear and straightforward protections such as the four (4) magic words «Sampled raw log data» (see also #Data retention above)? Is the purpose just adding tracking pixels and cookies for everyone, handwashing (see section above) and generally reducing privacy commitments for whatever reason? --Nemo 21:31, 4 September 2013 (UTC)[reply]

Hi Nemo, Thanks for your comment. I outlined some specific reasons for why we needed an update above. YWelinder (WMF) (talk) 01:12, 6 September 2013 (UTC)[reply]

See here for Yana's summary. Geoffbrigham (talk) 02:12, 6 September 2013 (UTC)[reply]

The summary only says things I already knew, because I read the text. What's missing is the rationale for such changes, or why the changes are supposed to be an improvement. One hint: are there good things that we are not or will not be able to do due to the current policy and what changes are proposed in consequence?

Additionally, the summary doesn't even summarise that well IMHO, e.g. the language about cookies is not very clear and you didn't write anything about making request logs unsampled (which means having logs of all requests a user makes). --Nemo 06:47, 6 September 2013 (UTC)[reply]

You know, I'm all in favour of revisiting the Privacy policy. But we do have an existing privacy policy, and there isn't even a link to it on the page titled "Privacy policy". I am quite certain this is an oversight, and that a Meta administrator can fix this. (Yes, I know the links at the bottom of the page go to the current version on wmf wiki. But if I search for "Privacy policy" here on Meta, I'm being taken to the draft.) Risker (talk) 21:36, 4 September 2013 (UTC)[reply]

That's a very good point. I'm fixing. Philippe (WMF) (talk) 21:45, 4 September 2013 (UTC)[reply]

Done with this edit. Philippe (WMF) (talk) 21:49, 4 September 2013 (UTC)[reply]

Umm, not good enough. It should be a separate bolded line that says the same thing you just posted in the box, and should not be in the box itself. It took me four tries to find it without clicking your link here. Suggested wording: CLICK HERE to read the current Privacy policy (with the link at "click here"). Risker (talk) 21:54, 4 September 2013 (UTC)[reply]

"Click here" is language that's not recommended to be used anywhere, for usability reasons. Steven Walling (WMF) • talk 23:41, 4 September 2013 (UTC)[reply]

Steven, I don't really care what language is used as long as the link to the current policy is easily visible, large and really obvious. Call it whatever you want. Just don't bury it, as it is buried right now. Having looked at the link you've provided, I'll simply say that the type of links they're recommending are pretty much the kind of links that I avoid like the plague on a website I don't know, and I'd say that as knowledgeable about the web as some of their reference sources may be, they actually don't know much about usability, which is ensuring that the site acts in the way that users expect and intend. If this is the kind of stuff that the WMF is using as its usability standards, then it explains an awful lot about the usability problems that have been introduced over the last several years. Risker (talk) 01:14, 5 September 2013 (UTC)[reply]

• I've moved it out of the template and centered it up on top, how does that look? Jalexander (talk) 07:43, 5 September 2013 (UTC)[reply]

• Thanks, James, it is better. I might have left some white space between, but that would be my only quibble. Risker (talk) 03:27, 6 September 2013 (UTC)[reply]

Would it be relevant to add something along the lines of "From time to time, we may release non-personally-identifying information in the aggregate, e.g., by publishing analytical data..."

Do you think that's covered by the Experimentation section? "Similarly, we may share non-personal or aggregated information with researchers, scholars, academics, and other interested third parties who wish to study the Wikimedia Sites." or is there somewhere else you think it needs to be spelled out more? Jalexander (talk) 02:42, 5 September 2013 (UTC)[reply]

Je ne me suis jamais créé de compte. On ne m'a jamais obligé à le faire. Mais je dois dire que la pression pour le faire est assez importante (je le déplore). Méfiance exacerbée envers les contributeurs sous IP. Protections non justifiées de trop nombreux articles. Questions fréquentes (pas forcément méchantes, mais parfois si) demandant pourquoi on ne se crée pas de compte. Certains contributeurs refusent de discuter avec des IP. Etc.
Je suis très favorable à la possibilité de contribuer sous IP. Je trouve même que cela pourrait avec profit être rendu obligatoire dans la plupart des cas. D'après ce que j'ai lu des Règles de confidentialité, Wikimédia semble avoir compris l'importance de cette possibilité de contribuer sous IP. Mais il faudrait que cette compréhension ne soit pas restreinte à ces Règles, mais se répande dans la communauté. Dire et répéter que les simples IP sont bienvenus, pas forcément sanctionner (pas besoin de diviser la communauté) mais contredire ceux qui critiquent les Wikipédiens contribuant sous IP qui ne désirent pas s'inscrire, combattre les discriminations dont nous sommes fréquemment victimes (semi-protections de page parfois abusives, absence d'outils de suivi pour les IP, interdiction de participer à certaines discussions (pour les votes, je comprends, mais pour les discussions je ne comprends pas), etc.). Parce que d'un côté on a de beaux discours, mais dans les faits ça ne suit pas toujours :-) 78.251.248.20 01:42, 5 September 2013 (UTC)[reply]

I agree this point. --194.79.157.242 07:25, 5 September 2013 (UTC)[reply]

Pardonnez-moi, est-ce qu'il est votre proposition que il être rendu obligatoire qu'on peut contribuer seulement sous IP et pas du tout sous compte? Si c'est le cas, pouvez-vous expliquer pour quoi il est meilleur? DRenaud (WMF) (talk) 02:18, 6 September 2013 (UTC)[reply]

C'est mon avis, mais je n'en fais pas la proposition, car je ne crois pas qu'elle aurait beaucoup d'appui dans la communauté, et je ne veux pas ennuyer les Wikipédiens avec une idée qui n'est que personnelle :-)

Mais il est vrai que la contribution sous IP a beaucoup d'avantages. Je ne me suis jamais créé de compte sous Wikipédia car je n'en crée nulle part, où que ce soit : Facebook, Twitter, MSN. Pour Wikipédia, j'aurais certes un peu plus confiance, mais bon (n'oublions pas que, les serveurs étant situés aux EU, les lois françaises ou européennes ne s'appliquent pas complètement, et inversement, certaines lois américaines que je n'apprécie pas forcément s'appliquent). De plus, au fil des années, je me suis rendu compte que la contribution sous IP comportait beaucoup d'inconvénients (difficulté du suivi des pages, par exemple) mais aussi des avantages. Je trouve que la contribution sous IP est, par certains côtés, plus proche de l'esprit initial de Wikipédia : chez les IPs, pas de course au plus grand nombre de contributions, pas de clans ni de guéguerres de clans (d'où, certainement, moins de stress), parfois plus de respect entre contributeurs, pas de confiance ni de défiance a priori (parce que, il y a trois ans, nous étions d'accord ou opposés sur une question), etc. Bref, je crois que la contribution sous IP est souvent plus relax, plus sereine. Je la recommande à tous. Pour certaines tâches (travail d'administrateur, par exemple), il n'est peut-être pas possible de rester sous IP. Mais tous, et en premier lieu les administrateurs, devraient reprendre l'habitude de contribuer de temps en temps sous IP, pour vivre les situations du point de vue d'un IP. Parce que, quand la contribution en tant qu'utilisateur enregistré n'est pas nécessaire (travail d'administrateur, par exemple), quel est l'intérêt de se connecter à son compte ? 78.251.253.2 12:17, 6 September 2013 (UTC)[reply]

Thank you for taking the time to share your viewpoint. This issue is certainly one that warrants more discussion by the community at large. Mpaulson (WMF) (talk) 02:43, 6 September 2013 (UTC)[reply]

Edit privileges without logging in

I have to say I am not in favor of this. Wikimedia needs to be able to be a reputable site for information. If anyone can change anything at any time, it can loose that credibility.

Comment on above statement - I don't know who wrote the above, but I tend to agree with it. I read the whole privacy policy and think it was thoroughly thought out and like it. However, once in the past I wrote on one forum that I had reservations about allowing edits when the writer was not logged on. My argument was poorly received but I will say it again. Several times I have run into persons who wanted to make inappropriate edits or deletions of valid material. Many of these were done without the person having logging on, which can make it immensely difficult to track down the responsible individual (they can use any public or office computer to remain anonymous). I must note that most persons who edit outside of accounts make productive edits, while persons who work from registered accounts can make disruptive or vandalizing edits. In the latter case, however, there is always the possibility of using sanctions against the registered user.Wpollard (talk) 12:19, 5 September 2013 (UTC)[reply]

What you are asking for is something that just entirely goes outside of the wiki philosophy. The goal of the foundation isn't to be a reputable site for information. That's what peer-reviewed, formally published content in the academia is for. -129.107.225.212 17:12, 5 September 2013 (UTC)[reply]

Il y a aussi des possibilités de sanction pour les IPs : il suffit de la bloquer ! Et je ferais remarquer que les plus gros problèmes relationnels entre Wikipédiens ne sont pas le fait d'IPs mais d'utilisateurs inscrits. Certains utilisateurs inscrits croient avoir une réputation à défendre, font preuve d'arrogance, d'impolitesse, d'indélicatesse, d'acharnement contre d'autres utilisateurs, etc. C'est beaucoup moins voire pas du tout le cas avec les IPs, qui eux n'ont pas de stupide réputation à défendre 78.251.243.204 18:41, 5 September 2013 (UTC)[reply]

In the end I don't think this is a very good place to have this particular discussion. While it's in the privacy policy ( because the policy needs to be descriptive of what is actually happening) but this is an incredibly long standing and core piece of the projects. If it wants to change it's going to need to be a very large (and likely controversial) discussion of its own. Jalexander (talk) 01:12, 6 September 2013 (UTC)[reply]

Anonymous editors are the bane of the Wikipedia

And quite a lot of subject-experts think so. This isn't news to anybody though. Evertype (talk) 17:57, 6 September 2013 (UTC)[reply]

Hi. Which part of the privacy policy do you want to be changed? Do you want anonymous editing to be disabled? (See the perennial proposals page on enwiki.) Also, what subject-experts are you referring to? Can you cite some experiment, or journal, or something else saying so? Thank you! PiRSquared17 (talk) 19:24, 6 September 2013 (UTC)[reply]

Translation pages especially in Turkish need protection. Nazif İlbek 05:26, 5 September 2013 (UTC)[reply]

Why? Speaking of which, do the banners automatically link the correct language? --Nemo 05:44, 5 September 2013 (UTC)[reply]

Hi Nazif ILBEK! Would you might clarifying your reasons for thinking that the Turkish translations need protection? Mpaulson (WMF) (talk) 02:12, 6 September 2013 (UTC)[reply]

Nemo: They do as soon as I'm able to, it's a bit of a manual process atm, getting them to check for a translation has been a constant struggle and I've tried a couple different options. I may try another at some point for this but it's generally still a bit manual. I'm going to update them now for example and so in 15-20 minutes any page that is translated will be linked from the banner. 05:36, 6 September 2013 (UTC)

The "user-friendly summary" is not readable on my mobile because it is in a fixed width box; I can read the rest of the draft policy OK. PamD (talk) 06:53, 5 September 2013 (UTC)[reply]

Thanks Pam, we noticed the same thing yesterday (and while you can read the rest it isn't great on many phones as well) we're talking to some of our mobile team on some good ways to make it work better. Jalexander (talk) 07:42, 5 September 2013 (UTC)[reply]

I think this draft is a great example of how it should be done: Extensive discussions lead to a draft that is written in language that people whithout a law degree can understand, followed by a feedback period. Well done, Legal Team. Thank you for that!--Pavel Richter (WMDE) (talk) 09:08, 5 September 2013 (UTC)[reply]

Thank you Pavel! Our aim is to draft policies that adhere to the community's values and which are, at the same time, accessible to the community at large. We greatly appreciate your support! Mpaulson (WMF) (talk) 23:15, 5 September 2013 (UTC)[reply]

What is this about? Never ask?

And there have been recent talks about being more aggressive in collecting an e-mail address during account registration. I'm not sure whose principle this is. --MZMcBride (talk) 12:23, 5 September 2013 (UTC)[reply]

I don't see any reason why an email address shouldn't be asked for. Although it is easy to make one(gmail etc) it will provide some degree of contact if contact was required to verify something? —Preceding unsigned comment added by anon (talk • contribs)

Peut-être parce que certaines personnes n'ont tout simplement pas d'adresse e-mail, et pas envie d'en avoir ? Est-ce si extraordinaire ? Et peut-être que certaines personnes ont une adresse e-mail mais refusent de la communiquer à quelque site que ce soit, parce qu'on ne sait pas ce qui peut en être fait ? Si vous communiquez votre adresse e-mail à tout le monde, ne vous étonnez pas que vos boîtes aux lettres électronique croulent sous la pub ! 78.251.243.204 18:46, 5 September 2013 (UTC)[reply]

@MZMcBride: There's no current plan to be more aggressive about requesting email addresses. I proposed it as a topic of discussion when we were A/B testing new signup forms, but it's not really a priority. Plenty of people who want to are already opting in to email notifications without use being more aggressive, so just keeping it as a very much optional thing is fine. Steven Walling (WMF) • talk 22:45, 5 September 2013 (UTC)[reply]

S: The page currently reads:

This first draft was motivated by four principles: [...] Never ask for contact information.

We ask for contact information with every account creation, I think, don't we? We ask for an e-mail address and then attempt to verify it. I'm not sure it's a principle to say we never ask for contact information. --MZMcBride (talk) 01:39, 6 September 2013 (UTC)[reply]

We have a spot for one but clearly mark it optional, perhaps 'never require' ? Jalexander (talk) 05:33, 6 September 2013 (UTC)[reply]

I think "never require" is probably more accurate. Steven Walling (WMF) • talk 16:39, 6 September 2013 (UTC)[reply]

•  Done This has been changed in the template. Jalexander (talk) 23:10, 6 September 2013 (UTC)[reply]

Template:Resolved

Last time I wrote a program which gathered all the IP addresses of the "recent changes" page and fed them to nmap with one click, that was fun, but not cool. So what about that? Greets--82.113.121.77 21:56, 5 September 2013 (UTC)[reply]

Vous avez peut-être raison. Est-ce que l'affichage des IPs est vraiment utile ? Ne pourrait-on pas le remplacer par un autre système plus respectueux de nos données personnelles ? On peut de plus se poser la question de la légalité d'un tel affichage public 78.251.243.204 22:11, 5 September 2013 (UTC)[reply]

Attempt to translate 78.251.243.204 message : « You may be right. Is IP adresses' display really useful? Couldn't we replace it by an other system more respectful of our personal data? Moreover, we can ask the issue of the public display's legality. » Jules78120 (talk) 22:49, 5 September 2013 (UTC)[reply]

Was soll der Mist? Du kannst nicht erwarten das jeder französisch spricht. Schreib am besten auf englisch, dann ist wenigstens die change höher das jemand was zurück schreibt. Gruss--82.113.121.77 22:21, 5 September 2013 (UTC)[reply]

Na ja, ich schreibe einfach in meiner besten Sprache, Sie können aber auch nicht erwarten, dass jeder Englisch spricht (in der Schule habe ich Deutsch gelernt, kein Englisch, tut mir leid!)! Jeder kann vielleicht dennoch, so wie ich, ein Übersetzungsprogramm benutzen, es ist doch nicht so schwer zu finden, oder? Solch ein Programm können Sie einfach auf Internet kostenlos finden... Wir sind ja im ein-und-zwanzigsten Jahrhundert! Und ich lese lieber Ihr gutes Deutsch als Ihr schlechtes Englisch :-) Am besten schreibt jeder in seiner eigenen Sprache, und dann ist Ihr Liebingsübersetzungsprogramm auch Ihr Lieblingsfreund 78.251.243.204 01:03, 6 September 2013 (UTC)[reply]

Hi All. Thank you for participating in this consultation period. We appreciate questions and comments in all languages. =) I just wanted to let you know that I have passed your questions along to members of our Tech team, who may be able to better address your questions. Mpaulson (WMF) (talk) 22:41, 5 September 2013 (UTC)[reply]

To understand and experiment needs some elaboration. I am annoyed by the fact that many websites do not really explain how third parties can take a "limited" amount of user data for "analysis." Where are requests to use aggregated data posted (to determine who is using this data), what is the application process, what is the format in which the data is transferred to the requesting organization, what is the maximum amount of data that the organization can receive, and how is the data limited (list types of user data that the requesting party can only choose)? Longbyte1 (talk) 23:24, 5 September 2013 (UTC)[reply]

On this subject, I'd like to learn what does this mean for researchers of Wikipedia in practice. Will we get new data? Will we loose access to some? How can the data be obtained, in practice? --Piotrus (talk) 05:15, 6 September 2013 (UTC)[reply]

Excellent questions, in fact the Research Committee started to flesh out a process and a set of requirements for data requests for research purposes (cc Daniel Mietchen). That proposal was never fully executed, because of the lack of community and WMF policies that the RCom could use to enforce it. With a new privacy policy making it explicit under which conditions data can be shared, I would really like us to work on a policy mandating for researchers who get access to private data under an NDA that (1) they publicly document their requests, (2) share aggregate data within a predefined timeline and (3) make the research output of any work based on this data publicly available in an open access format. I don't think the privacy policy is the appropriate place to specify the process and the terms of this mandate, but I agree these should be captured in an official policy. --DarTar (talk) 19:48, 6 September 2013 (UTC)[reply]

This section is a lot too vague and opens the door for all kinds of intrusive techniques well known from commercial search engines and social networks. Consider item 3:

• Understand how you use the Wikimedia Sites, so that we know what works and what is useful. For example, we might use tracking pixels in our notifications to make sure that you don’t miss important information from us just because our notification accidentally end up in your spam folder; or we might use cookies to learn about the list of articles you are following on your watchlist so that we can recommend similar articles that you may be interested in.

If tracking pixels are used to track whether notifications have been viewed, this should be stated explicitely instead of suggesting Wikemedia is going to hijack the users' spam folders. The statement about learning "about the list of articles you are following" sounds like personal profiling.

In my opinion, usage information should only be stored if this is strictly necessary for a very specific purpose; and, in addition, all information stored should be transparently visible to the users at all times. Using locally stored data that "can be anything" to "make your experience with the Wikimedia Sites safer and better", or to "generally improve our services" is just the opposite. --109.45.180.100 04:36, 6 September 2013 (UTC)[reply]

Thank you for your comments. I have passed them along to some pertinent members of our tech team who work these tools and may better able to address your concerns. They should be responding shortly. Mpaulson (WMF) (talk) 20:56, 6 September 2013 (UTC)[reply]

Hi Anonymous!

Thank you for your thoughtful question. I believe you are asking why is the new Privacy Policy vague regarding the information that will be collected and the technologies used and does this vagueness open us up for abusive practices.

The reason for not giving an exhaustive list of technologies or types of information that we want to constrain ourselves by our principles rather than constraining ourselves a-priori either by the technology that we use or the information that we might need. Three out of the four the principles that guide us, as mentioned in the new Privacy Policy, relate directly to what type of data we collect and how long we store it.

Technology changes so fast and, even though we have an Analytics team, we cannot predict the future in terms of what technologies will be available 2, 3 or 5 years from now, nor do we know what features we will be rolling out by then. But on a high level, we do know that we need to be able to:

1. measure the impact of our new features, to help guide us in prioritizing what we should continue developing and what should be shelved (e.g., testing whether more users complete an edit using Visual Editor or wikitext)
2. refine existing features based on whether or not our users are successfully able to take full advantage of their functionality
3. minimize errors and bugs that may not get surfaced by users directly reporting them to us
4. ensure that our features are helping more new users become frequent, productive contributors to our projects

What you might not be aware of, is that we are already very transparent about the information we collect when assessing the efficacy of a new feature. We use EventLogging to instrument our features. For example, the mobile team created a schema to determine the number of upload attempts using the mobile Commons app, in order to measure whether new educational UI features were helping more people make their first upload. The schema will tell you exactly what information is collected and for what purpose and if you have a question you can interact with the developers through the talk page.

Regarding the abusive practices, I am not entirely sure which ones you had specific in mind, there are many :) A huge safeguard that we offer is that we do not allow third-parties to track our users nor do we sell your data, ever, period. Whatever we collect about you cannot be correlated to other sources, and we will keep your data for a limited time.

I like your idea regarding making it transparent what information we have stored about an individual user, it’s definitely something we, WMF & the community, should think about.

I hope this addresses your concerns.

Best regards,

(in my role as Product Manager Analytics @ WMF)

Drdee (talk) 22:10, 6 September 2013 (UTC)[reply]

In a regular context, it is considered to use "/" to mean "or" between two possibilities given.

Not quite sure if I understand your comment. Are you suggesting that we use "/" in lieu of "or." Thanks! Geoffbrigham (talk) 08:18, 6 September 2013 (UTC)[reply]

Just wanted to speak up for the possible majority of Wikipedia users and say "Meh, not a big deal, I don't care, I support whatever changes you guys think are best." 198.96.35.90 07:29, 6 September 2013 (UTC)[reply]

:) Thanks! Geoffbrigham (talk) 08:17, 6 September 2013 (UTC)[reply]

Agree Wholeheartedly. Thats why the silent Majority usually stays silent! Vague 12345 (talk) 12:14, 6 September 2013 (UTC)[reply]

But: who is "you"? The Wikimedia Foundation Board of Trustees? The staff in general? The ED specifically? Legal? The WMF as a whole? --Nemo 15:11, 6 September 2013 (UTC)[reply]

Good point. And also why you two can't represent it, as you've just been non-silent. ;) --Nemo 15:13, 6 September 2013 (UTC)[reply]

I have contributed something today for the simple purpose of saying that this poster is right. And he is right because every policy on every site has such majority. thats because vocal minority is always minority. Any case when majority became vocal, we named them revolutions. So while it is nice that they listen to suggestions, its worth remembering that this is after all a vocal minority.

The following view/questions/comments are based on revision 5788377 of the draft. I've used tags to differentiate my comments according to importance:

• FIXME : Very important. Should really be fixed/changed.
• SUGGESTION : May be technical/legal/humourous.
• QUESTION : Stuff that needs clarification (either here or in the draft)

Feel free to reply between this report (just maintain indentation for the replies, wrong indentation gives me headache in reading).--Siddhartha Ghai (talk) 12:23, 6 September 2013 (UTC)[reply]

Siddhartha - thank you for your comments. I look forward to reviewing with the legal team over the next couple of days and getting back to you. Have a good weekend. Geoffbrigham (talk) 08:58, 7 September 2013 (UTC)[reply]

Summary

Text: If you add content or make a change to a Wikimedia Site without logging in, that content or change will be publicly and permanently attributed to your IP address rather than a username.

SUGGESTION:

Many users may not have a permanent IP address and hence may find this slightly confusing. How about this:

If you add content or make a change to a Wikimedia Site without logging in, that content or change will be publicly and permanently attributed to the IP address you were using at the time, rather than a username.

or simply:

If you add content or make a change to a Wikimedia Site without logging in, that content or change will be publicly and permanently attributed to the IP address you were using at the time.

Welcome!

Text:

We do not sell or rent your information, nor do we use it to sell you anything.

QUESTION:

This sounds great, but can't this be construed to mean that "your information" (your username) won't be used on any CD/DVD versions of wikipedia. I don't know if the versions are brought out by the WMF itself, or if its through volunteers/chapters/other organisations, but if it's the WMF, the BY of CC-BY-SA would require use of the username (which would take place even if the user states on his/her userpage that he/she releases all contributions under PD.)

Perhaps clarify on this?

Account Information and Registration

Text:

However, if you contribute without signing in, your contribution will be publicly attributed to the IP address associated with your device.

SUGGESTION:

However, if you contribute without signing in, your contribution will be publicly attributed to the IP address which was associated with your device at the time the contribution was made.

or

However, if you contribute without signing in, your contribution will be publicly attributed to the IP address which was associated with your device at the time of making the contribution.

Information We Receive Automatically

Text:

This information includes the type of device you are using (possibly including unique device identification numbers), the type and version of your browser,

SUGGESTION:

Shouldn't this be clarified that information about versions of all browsers on the device are sent? I saw a http GET request sent to a wikipedia and its query urls seemed to contain names and version numbers of all the browsers on my computer.

QUESTION: Also, don't the requests specify the timezone? I'm wondering how the time-related magic words function on a per-user basis if they don't know which timezone the user is in. (Or do they treat all IPs as being UTC?)

Information We Collect

Text:

Similarly, tracking pixels and JavaScript can be used to help us understand whether a page has been visited, and may be associated with personal information like your IP address.

QUESTION:

What other personal information like IP address may be associated with visited pages? Are usernames associated with visited pages? If yes, how is this information utilized? Is this used only aggregately for a large number of users, or is it possible that individual cases may be analyzed for specific purposes of improving the site?

Text:

by using cookies, we can learn about the topics searched so that we can optimize the search results we deliver to you.

QUESTION:

Is this applicable for computers (laptop/desktop/ultrabook) or only for mobile devices (smartphones/feature phones/tablets/phablets). Basically what I want to know is whether search results for a logged in user are optimized on the basis of his/her past searches (I think google does something similar). If they are, how is the data for past searches stored, and how is it used?

Text:

we might use cookies to learn about the list of articles you are following on your watchlist so that we can recommend similar articles that you may be interested in.

FIXME

This seems to suggest (to me atleast) that there is going to be some backend program/software analysing people's watchlist and wikipedia category structure or something to find and recomment related articles. Though I haven't actually seen this feature on wp yet, it sorta gives me the creeps. Any internal program accessing user watchlists means that access to watchlists is more open than I anticipated. It also means that anyone who can find a loophole in the program which does the suggesting, can theoretically view users' watchlist. If what I'm saying about there being a software (current or future) is correct, I'd like to know the level of security surrounding it (what level of encryption is being used, etc). I know it may be difficult to explain the security measures in detail without the security risk of making technical details public (and hence availaible to potential hackers), but any information will be appreciated.

Text:

Understand how you use the Wikimedia Sites across different devices, so that we can make our varied Wikimedia Sites more efficient and effective for you.

QUESTION:

Again, is this data used in aggregated form or is it possible that it may be used per user for feature improvement?

Emails

Text:

so we can pursue the evil wizard who is impersonating us.

SUGGESTION: Sounds too much Harry Potter/Dungeons and Dragons. More Star Wars please :D

so we can pursue the Sith lord who is impersonating us.

IP Addresses

Text:

Finally, when you visit any of Wikimedia Sites, we automatically receive the IP address of your device (or your proxy server) you are using to access the Internet,

SUGGESTION:

Grammatically incorrect maybe? Possibly this:

Finally, when you visit any of Wikimedia Sites, we automatically receive the IP address of your device (or the proxy server) you are using to access the Internet,

Text:

If you are visiting Wikimedia Sites with your mobile device, we may use your IP address to provide anonymized or aggregated information to service providers regarding the volume of usage in certain areas.

FIXME Who are these "service providers"? The cellphone company whose network the user is using? Also, if the info is either anonymized or aggregated, in case anonymized info is given, how does that really help in determining volume? (This needs fixing.)

If the Organization is Transferred (Really Unlikely!) and Changes to This Privacy Policy

FIXME:

In case this apocalypse does happen, I would like that the WMF offer atleast a month's notice, and not only on the mailing list, but highly visibly, possibly using CentralNotice (the thingy used to announce this discussion), and notifications on village pumps (may be coordinated through meta). Also, since any transfer of information would mean the possibility of the data coming under a new privacy policy, I would like that the WMF offer the option of users not accepting the new policy and requesting deletion of their data (this may not be possible for IPs, but should definitely be there for logged in users). And I would like this to be specified in this version and all future versions of the privacy policy.

To Protect You, Ourselves, and Others

Text:

We may need to share your personal information if we reasonably believe it is necessary to enforce or investigate potential violations of our Terms of Use, this Privacy Policy, or any Foundation or user community-based policies.

FIXME:

If I remember correctly, there was some talk some time ago of a majority of users on a wikipedia belonging to a particular nation, with Muslim majority, thinking about implementing policies on wikipedia based on the Shar'ia. Although I really doubt I'll ever have anything to do with the wiki, it is not impossible that certain policies/guidelines on certain wikipedias are culture-specific, and someone from another wikipedia may accidentally end up offending the users and breaking those guidelines. In such cases, I won't like the WMF releasing such a users' information to the wikipedia users, only to have a fatwa issued against the said user. Possible complications in this would include users doing something which is illegal in their country, and other users (either good faith or on a vendetta spree) asking for user information from the WMF in order to file legal complaints against the user. Potential examples: The map of India used on WMF sites, for NPOV purposes, shows Pakistan-occupied Kashmir as part of Pakistan, and Askai Chin as part of China. Both these portions are claimed by India as part of the state of Jammu and Kashmir. So anyone using an infobox on an India article and adding coordinates to the infobox is basically adding a map to the article. And the distribution of that map is illegal in India. So such a user can theoretically be prosecuted for aiding/abetting a criminal offence. I wouldn't like the WMF to release users' data to other users on the basis of such a complaint.

How Do We Protect Your Data?

FIXME:

Possibly add what the WMF intends to do in case the security is breached. And possibly also add that once fixed, affected users will be notified of all security breaches. This may be done via email, or publicly, through the blog, CentralNotice/Meta, or something alike.

Template:Resolved

I don't think this Privacy Policy adequately provides information on how the Wikimedia Foundation collects information from children under the age of 13 (as required by the Children's Online Privacy Protection Act. How does the Foundation receive consent from someone who is not the age of majority (i.e. requiring parental permission before using the Sites)? Will the Foundation permit the usage of the Sites by those under 13 (i.e. some websitse on the Internet don't allow children under 13 using their site because of this law)? What will the Foundation do to ensure the safety of children on Wikimedia Sites (i.e. the disclosure of personal information of a minor or communication taking place on the Site between a child and an adult)? 184.146.126.95 22:20, 6 September 2013 (UTC)[reply]

I'd like to see a change of policy regarding anonymising VPNs. Currently these are blocked as 'open proxies', which they aren't. Though I also think open proxies should be allowed as well. I know that there have been instances of abuse by anonymous users but I think that blocking all anonymising services is a bridge too far. Perhaps a solution would be to allow users to edit via anonymising services if they register an account? Either way to just say anonymous users do too much damage is a cop out. The price of freedom is eternal vigilance. If the admins can't cope, get more admins. 58.6.101.181 23:32, 6 September 2013 (UTC)[reply]

In the end the foundation (and this privacy policy) does not stop VPNs (or open proxies) from being used. For reading nothing is blocked but for editing the issue is up to the community, both the local communities and the global stewards for global issues. All projects that I know of have a way for you to ask for and receive an 'exemption' flag that will let you edit from blocked IPs, each of them have different rules that the community has set. Jalexander (talk) 08:41, 7 September 2013 (UTC)[reply]

I find the argument that changes are needed with regards to the privacy policy unconvincing. The specific modifications that were suggested would deprive Wikipedia from what it is most renowned for: a free Internet. Let me make my case.

1. The Wikimedia Foundation argues that changes are needed to "update" the privacy policy of 2008. The Wikimedia Foundation is in my eyes the wrong actor to call for these changes to the privacy policy. Such an initiative can only be taken – if it is to be legitimate – by the users of Wikipedia. If those users are not interested in a discussion, or any change to the privacy policy, i.e. if they don't care about it or if only an insignificant number of them cares about it, any change incited by the Wikimedia Foundation is illegitimate for it breaches with the idea that Wikipedia is a user-generated, bottom-up, collaborative project. If changes to the privacy policy would occur, Wikipedia would lose its status as a bottom-up, user-driven project and become one of those same old leadership-projects where some rule over others.

2. Not only is the wrong actor suggesting these changes (cf 1.). What has been suggested makes little sense. The meaning of the modifications proposed by the Wikimedia Foundation lie in their increase of data-gathering capacity. Recent (NSA; GCHQ) as well as long-term developments (decrease of social and economic human rights since 2001) suggest that the more data is gathered, the more it is used by those in power to control, surveil and repress common people. This has become clear recently as the documents leaked by Ed Snowden are evidence that Orwellian mass-surveillance and control are excessively used against what are considered to be both foreign as well as domestic enemies. This is becoming increasingly clear if we look at developments that are more long-term. Since 2001, the U.S. lead the discourse on "The War on Terror" which has led to what political philosopher Giorgio Agamben calls "The State of Exception". What does he mean? He means that sovereign power is increasingly used in blatant contradiction to ethics, i.e. written and unwritten law. In the field of international conflict, we see that happening in Guantanamo. In the field of personal liberties, we witness a state of exception as well as governments justify the invasion of the private sphere, the exploitation of all sorts of data with "national security interests". It becomes evident that the major westerns states themselves pose a threat to the security of most people. The Wikimedia Foundation's proposal to change privacy policy in a way that requires its users to give more data has to be seen in this context: it aids those who want to surveil and control populations by creating data that is not necessary to collect. If Wikipedia is to remain a symbol of a free internet, where people are not tracked down, surveiled, controled or mapped constantly, the privacy policy cannot be accepted.

If Wikipedia is to continue to be a symbol for a free internet, for one that makes knowledge accessible and negotiable across the world, if Wikipedia is to embody the single most impressive collective effort of humanity to understand the world, it cannot chose a path that leads us towards an old principle of leadership that has caused too much trouble already, and it cannot lead us astray from humanity's everlasting task of emancipation:

that we become more fully human, more fully free, and less controlled, less surveilled and less mapped. —Preceding unsigned comment added by 78.53.120.152 (talk • contribs) 11:25, 7 September 2013

Why "should" we apply a heavily Schmittian basic design? Derrida, for example, developed a quite coherent alternative route, in The Beast and the Sovereign, in tackling the same issue and is heavily at odds with Agamben (granted: Derrida directly addresses Homo Sacer and not the later stages of camp logic developments spelled out by the Italian). Regards, --Jan eissfeldt (talk) 16:02, 7 September 2013 (UTC)[reply]

I believe that it has to be clear in the user-friendly summary that "Wikimedia will give any user-related data if it receives a sub-poena from the authorities" (or a slightly longer text giving a more accurate description). --FocalPoint (talk) 15:28, 7 September 2013 (UTC)[reply]

I see what you mean. How about something like this as a rough idea:

We may disclose information for different purposes, such as compliance with valid legal demands; protection of you, WMF, or others; or inclusion of service providers who help run or improve Wikimedia Sites.

I may want to wordsmith and reduce a bit more, but this is the basic idea. Interested in your thoughts. Thanks. Geoffbrigham (talk) 16:24, 7 September 2013 (UTC)[reply]

"We do not sell or rent your information, nor do we use it to sell you anything." Is not fully in accord with current practice. The most expensive things I've bought through this site have been registrations at Wikimania, but we should be careful to talk to merchandising as well. One of these years I'm hoping to be able to buy some Wikimedia calenders or flip flops that leave a trail of "citation needed" down the beach. It would be a shame if this privacy policy were to be seen as precluding this. WereSpielChequers (talk) 16:18, 7 September 2013 (UTC)[reply]

WereSpielChequers - I'm really happy to be hearing your voice here; your ideas are always so constructive. With respect to your present comment, I think I need a little more clarity here from you. Now, a separate privacy policy applies to our Wikimedia Store (as made clear in the draft policy), so merchandizing from the store is not at issue. We say this in the Introduction of the proposed draft: "This Privacy Policy does not cover some situations where we may gather or process information. For example, some uses may be covered by separate privacy policies (like those of the Wikimedia Shop or sites or services run by third parties, such as third-party developer projects on Wikimedia Labs)." We would happily sell you the calendars and flip-flops under the Store's privacy policy, but we would not use your registration information on Wikipedia to market it to you.  :) I don't know of any examples where we take user information obtained through registration on the projects to actively sell Wikimedia registrations or other products or services, but I may not have full knowledge here. If you or others have known examples, I would be interested in them. Geoffbrigham (talk) 16:50, 7 September 2013 (UTC)[reply]

The WMF run a CentralNotice campaign on en.wiki to promote the shop, IIRC targeted to registered users (possibly with some editing activity requirements), as well as some talk page promotion if I'm not mistaken. With some stretching, that could possibly be considered "targeted advertising" (even if at loss...). It's quite far fetched though! --Nemo 17:01, 7 September 2013 (UTC)[reply]

Hi Geoff and Nemo and thanks for the welcome, I don't think anyone would object at the "wikimedia" things that we try and sell on Wikimedia sites, so to some extent I am being pedantic. But I'm pretty sure that what we are considering would be technically breached by some current practices. Having a separate policy for the shop does reduce the practical issues - they need to process financial transactions. But I would suggest we drop the words "nor do we use it to sell you anything". WereSpielChequers (talk) 17:48, 7 September 2013 (UTC)[reply]

The section:

Information you provide us or information we collect from you that could be used to personally identify you. 
To be clear, while we do not necessarily collect all of the following types of information, we consider the 
following to be personal information if it can be used to identify you:

   your real name, date of birth, gender, sexual orientation, racial or ethnic origins, medical conditions or disabilities;
   address, phone number, email address, password, identification number on government-issued ID, IP address, credit card number;
   political affiliation, religion; and

Conflates two very different issues, data that could be used to identify people, and data that most people would consider should be kept private - "sensitive" data in European parlance. I suggest that this needs rethinking and separating out. We also need to differentiate between information disclosed, disclosed and redacted, imputed or alleged. The community has longstanding policies that impinge on this, and people have been banned for breaches of it. I would suggest that you need a section on information that could be used to identify, and that section needs to also include info on school or place of work. We also need to link to our child protection policies here, we allow adults to supply contact information but for obvious reasons oversight it when supplied by children. For example a University Professor is very welcome to link their userpage to the academic bio and vice versa, but we would not allow a minor to do that.

The section on "sensitive" data needs to say something along the lines of:

We understand that certain types of data can be more "personal" than others. We will only connect these types of data and store that 
with a link to identifiable people when we have a clear and pressing need, such as to supply appropriate food at an event. Where 
practical we will anonymise this data.

WereSpielChequers (talk) 17:39, 7 September 2013 (UTC)[reply]

"Never require for contact information, and collect little data otherwise;" I suspect would read better without "for", but again we have some examples where we do require contact information. Functionaries for example have to identify to the office. I think that the Principle which we follow is for minimal requirement, or that "for the vast majority of Wikimedians we don't require contact details". WereSpielChequers (talk) 17:59, 7 September 2013 (UTC)[reply]

by users

"The Wikimedia Sites are collaborative labors of love that were created, and by constantly maintained and updated, a global community of volunteer users." might read better as "The Wikimedia Sites are collaborative labors of love that were created, and constantly maintained and updated, by a global community of volunteers."

By was simply in the wrong place, users was redundant but also offensive to some. In my book our users are the people who use our site to look things up in a dictionary, image library or encyclopaedia. Our volunteers who contribute to the site are rather more than just users. WereSpielChequers (talk) 18:12, 7 September 2013 (UTC)[reply]