Policy talk:Privacy policy

How do I report someone adding something to my view ie. Chris Brown as if it's coming from me? —The preceding unsigned comment was added by 65.95.40.84 (talk • contribs) 05:32, 25 February 2009 (UTC).[reply]

The policy says that info on page visits are not exposed publically, but there is a bot which is publishing page after page of user's search terms along with their username and I think for non-users IP address: here are many such pages: [1] also failed search terms are logged: [2] (there are dozens of archives of the above page stretching back several months, with page names of the form ../archive26). Given the controversy over search engines retaining user data and in some cases publishing it, these pages seem a gross violation of user privacy. Do wikipedia visitors know that the search terms they use have become a matter of public record? I doubt it. Weeksinput 03:36, 27 February 2009 (UTC)[reply]

You're mistaken. The bot is posting its own search results. It searches new pages and posts a list of those it finds. The username you see next to each page is the page's creator. This is confirmed by looking at the history of the page. That bot is not publishing users' search results. -Kotra 17:14, 25 March 2009 (UTC)[reply]

Regarding Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues in the section 'Access to and release of personally identifiable information'. I have looked at the definition of page view on Wikipedia. But I am still not sure that I understand what 'page views generated by a spider or bot' are. Can anyone explain this in layman's terms? Lloffiwr 11:16, 26 April 2009 (UTC)[reply]

Bots and spiders, in this context, are computer programs set up to automatically visit webpages, without anyone actually sitting behind the screen. For example, search engines like Google have spiders that run around the web, reading webpage after webpage, to create an index of the web that you can search. Email spammers use bots too, to search the web for email addresses.

"Page views generated by a spider or bot", then, would occur whenever a bot visited a webpage. Wikimedia's software would detect the bot's visit as a page view, just like the page views of actual humans.

One reason I can think of why they would have this line is so administrators, checkusers, and other volunteer editors can take action against bots that are set up to add commercial links (linkspam) into articles. There are probably other reasons as well, or they may just be putting that out for unforeseen contingencies.

If you're really curious, though, you might try to track down User:UninvitedCompany, who originally added the text back in 2003. -Kotra 03:04, 14 May 2009 (UTC)[reply]

Thank you for the clear and detailed explanation - I now have a much better idea of how to translate this sentence. Lloffiwr 12:49, 20 May 2009 (UTC)[reply]

Regarding Interactions with the Projects not covered by this Policy include, but are not limited to, aspects of browsing and editing pages in the section Activities on Foundation projects.

The paragraph is mostly dealing with some ways that the user can voluntarily disclose her own private data. When the user is sending email or creating OTRS ticket, it is obvious that by the very nature of those communications some private data will be disclosed. It is clear, that anonymous editing is one of the the aspects of editing pages, since the IP address becomes public by the very nature of that interaction and becomes publicly available data and therefore not covered by this policy, although they may be covered by some other policies (like that one of the OTRS).

However, I do not to understand the which aspects of browsing may constitute publicly available information not covered by this policy. The policy deals extensively with Web server access logs as well as with privacy implications of certain HTTP features like cookies.

So, the question is, which aspects of browsing the Wikimedia sites are not covered by this privacy policy? I understand that this is just list of examples ("...not limited to...") but my understanding to date that all aspects of passive browsing were covered under this policy.

 « Saper // @talk »  02:04, 20 May 2009 (UTC)[reply]

I've always thought that the disclosure of the realname of a person behind a user account by another user on talkpages or in edit-commentaries, as it happens sometimes in edit-conflicts between users, is a no-no in all Wikimedia projects. However, when looking for written policy, I couldn't find anything about that. Any hint? --Túrelio 08:26, 14 September 2009 (UTC)[reply]

I don't think that a global "anonymity policy" exists for that. The current privacy policy certainly doesn't cover it. However, such edits are allowed to be deleted by Oversight policy (#1) from which I would deduce that they are not allowed in any project. --Tinz 01:26, 16 December 2009 (UTC)[reply]

Thanks. Better late than never ;-). --Túrelio 19:22, 1 January 2010 (UTC)[reply]

What if that information is available in the history of the user's page? Isn't all the material on the user's page history covered by the same content rules that apply to all Wikimedia material?

Sincerely,

Virgilio A. P. Machado

Vapmachado 03:37, 10 July 2010 (UTC)[reply]

I'm not sure if I understand your question correctly. It should not matter whether personal information of a user is disclosed in an article or on a user page. You can ask any Oversight (or Steward, if your project has no oversights) to remove that information. Or do you mean cases in which the user himself has made his own information public at some earlier point? I don't think that a global policy exists for this, but in the projects I know, the wish to become anonymous is respected. The old versions are deleted and other users are asked to respect his wish to "become" anonymous. --Tinz 17:47, 22 July 2010 (UTC)[reply]

Thank you so much for addressing my question. I'll take you and all other readers, particularly my very good friend and member of our mutual admiration society Sir Lestaty de Lioncourt, through a step by step example, to make it easier on everybody, and present a clear case, hopefully without violating anybody's privacy. You are welcome to post your answers right after each question.

Consider Alexanderps.

I would like to know if it is disclosure of private data of another user account without that user permission, to post on one of your own subpages the following:

1) The name Alexanderps uses in his signature, like on this example [3] ?

(You are welcome to post your answers right after each question on the space below.)

2) Space for next question

Sincerely,

Virgilio A. P. Machado

Vapmachado 18:27, 22 July 2010 (UTC)[reply]

Sorry, I don't really like this interview style, it makes me feel like a student about to get outwitted by Socrates :-)

As a former ombudsman, I visit this page from time to time to help in case of problems with the understanding of the privacy policy.

If you think that the privacy policy was broken then you should contact the current Ombudsman commission.

However, your problem doesn't really seem to be related to any violations of the privacy policy (which deals mostly with private information that checkusers have). It sounds more like a problem that you have with other users of pt Wikipedia or maybe with the anonymity policies of ptwiki (which I don't know). In any case, this talk page is the wrong place to resolve these problems. A better way would be to seek conflict resolution on pt-wiki itself. Alternatively, you could probably start a RFC here. Regards, --Tinz 13:57, 26 July 2010 (UTC)[reply]

Thank you so much for your suggestion, according to which this request for comment has been started and announced. As a former ombudsman you must surely know something that might help answer my question. It would be an honor if you were the first to post your comment there. Thanks for your compliment, but it is highly exaggerated. There's no comparison between Socrates and me. I believe that the Socrates you're referring to is dead :-)

Sincerely,

Virgilio A. P. Machado

Vapmachado 23:11, 26 July 2010 (UTC)[reply]

Two layers of privacy

Draft amendments to the rules
The case of privacy policy has at least two 'layers' both focusing upon certain civil rights of an individual seeking to defend his anonymity.

Encouraging everybody to post, edit and discuss articles, Wikimedia (as well as thousands of other interactive facilities in the Internet) offers an option to show his authorship:

1. as some IP which automatically appears as a 'singature' above/under/besides his message;
2. as some pseudonym which one may choose for that purpose

Since an IP is automatically generated upon some technical data which to a certain extent may show the way to the originating computer and through this to a specific individual — the formula for the first 'layer' is ”IP vs nick”.

Since the very first days of the Internet folks preferred to identify theirselves by pseudonyms (nicks). With the further development of Internet (especially since the namespace boundaries have been overcome) people found it possible to use their actual civilian names as 'nicks'. Although it's obvious that it was their personal will to disclose their anonymity in this way (below I'll make some reservations upon that), another disputable layer of privacy appeared in the Internet communities, that is ”real” vs fictitious nick.

In addition to the explicit writing of personal data I shall mention some indirect means, as URLs and other kind of external links to the sources where their personal data is written. The netiquette explicitly treats as a gross breach when a third person discloses somebody's private information in that way. Having occured within some community (e.g. Wikipedia registered users) and its common editable workspace — it is suppressed by its in-law. However this case is too flat to deserve a thourough investigation here. I suppose that to be sufficiently covered in the existing rules of behaviour in Wikimedia.

The yawning gap in our rulings here is in unsufficient clarity and unambiguity concerning the case when somebody claims that equating his «”real” name nick» to an apparently fictitious nick is a violation of his privacy. The most recent example:

• Arbiter 'A' creates a sockpuppet 'S' for his personal investigation purposes
• Checkuser 'C' founds that a sockpuppet 'S' = 'A'.
• Arbiter 'A' insists, that 'C' has infringed his privacy by revealing that 'S' = 'A', since he claims 'A' to be an abbreviation of his real name.

Let us leave aside all derivative issues that may arise in connection with the specific circumstances of this case. I shall rather insist that both this one and the series of similar disputes shall have their doubtful grounds until Wikimedia shall clearly define that

Note. Clause 2-a is necessary for the case when checkusers and stewards are required to establish compliance between nicks and IP's — for example, in investigation of abuses with open proxies.

Example (has a real basis, however not investigated yet). User 'X' (assume he is unknown) enters Wikipedia aiming to set an article for deletion (AfD). Since the article is outside his 'national' workspace, he

• sets his browser to work via a foreign open proxy server, so his AfD request is 'signed' with an IP of this proxy.
• having suddenly found an error in his edit, he urgently switches to another browser seeking for solution. For some reason (rush, carelessness) he corrects his error from another window which is not set to an open proxy. This edit is signed with an IP originally assigned by his ISP
• last, the AfD discussion page is 'signed' again with a faked IP (of an open proxy).

Now suppose that a checkuser establishes an identity: 'X'='Quasi Real Name'. But the underlying evidences of this output are IPs, so in the absence of ruling that the 'reality' of a nickname is a problem of an account owner, 'Quasi Real Name' shall have the grounds to counter-claim against the violation of his 'privacy'. Such lawlessness shall undermine all our further attempts to halt cross-wiki-vandalism!

I realize that a lack of knowledge of local regulations may weaken certain statements of my proposals. However the underlying problems in my examples are actual and they are awaiting their solution. Anyway I hope that the discussion of this subject shall contribute to the strengthening of the rules for all the projects of Wikimedia. Thank you in advance for the studying of this project. Cherurbino 06:48, 31 January 2011 (UTC)[reply]

The last edit to this page fixed a typo in the Cookies section (back in October), but this change was never implemented on the Foundation mirror of this site. Is there anyone with Foundation access that can fix this typo (visted -> visited). We received an OTRS e-mail about this (2010010210021971). Thanks. -Andrew c 15:38, 3 January 2010 (UTC)[reply]

 Fixed here. Thank you. - Rjd0060 16:22, 3 January 2010 (UTC)[reply]

This policy doesn't comply with the Children's Online Privacy Protection Act[4]. Shouldn't it say what the policy is towards children? --Aled D 15:26, 14 May 2010 (UTC)[reply]

Let me quote from the article you cite:

"The Act applies to websites and online services operated for commercial purposes that are either directed to children under 13 or have actual knowledge that children under 13 are providing information online. Most recognized non-profit organizations are exempt from most of the requirements of COPPA.[1] However, the Supreme Court ruled that non-profits operated for the benefit of their members' commercial activities are subject to FTC regulation and consequently also COPPA."

Wikimedia is not commercial and not operated for the benefit of their members' commercial activities. Therefore, it seems to me that COPPA does not apply to wikimedia's projects. --Tinz 12:23, 17 May 2010 (UTC)[reply]

I like your privacy policy, but I have two small issues:

"When a visitor requests or reads a page, or sends email to a Wikimedia server, no more information is collected than is typically collected by web sites."

That's not really informative, unfortunately. What is a typical website these days? And what do they (i.e. you) actually collect?

Also, I didn't see any mention of search history. What is your policy with that?

I would say that only technical staff of the wikimedia foundation can answer these questions and I am not sure whether they read this page. All I can say is that the community, including trusted users in special roles like checkusers or stewards, have no access to this kind of information. --Tinz 14:29, 27 September 2010 (UTC)[reply]

(This is just my personal opinion, and may not reflect reality). The average apache webserver log entry looks like:

127.0.0.1 - - [12/Nov/2010:02:25:24 -0400] "GET /w/phase3/index.php?title=Special%3ASearch&search=image%3AExample.jpg&go=Go HTTP/1.1" 200 146 "http://localhost/w/phase3/index.php/Main_Page" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.11) Gecko/2009061212 Iceweasel/3.0.6 (Debian-3.0.6-1)"

It contains the IP address, user name for HTTP authentication (mediawiki doesn't use HTTP authentication for accounts, so normally this is a - regardless of if you're logged in or not), date, the method (GET in 99% of the time), the url, HTTP protocol version (HTTP/1.1 99%) of the time, the HTTP status code (200 is the most common, meaning success. Other common codes are 404 for file not found, and 403 for forbidden), the number of bytes transferred (146 in my example), the referrer (the page where you came from to get to the page you are currently visiting), the user-agent (which web browser you're using. Usually also contains information on your operating system). This is just the "typical" example. Wikimedia servers could be configured differently (not to mention that a large portion of their logs would be squid logs not apache logs). Bawolff 22:18, 12 November 2010 (UTC)[reply]

What is the MediaWiki message which should be used?

The current text suggests MediaWiki:Privacy, which was deleted as "no long required". Besides, the pages in other languages (e.g. French, Portuguese,...) suggests MediaWiki:Copyright, which is also deleted in most projects (e.g. en.wiktionary) with the same reason. Helder 12:50, 21 November 2010 (UTC)

Is the policy sufficiently comprehensive. These seem like important questions as 200x dates start to feel like the relatively distant past. Technology continues to advance and how can we create a global environment in which a meaningful conversation is possible. 24.59.179.184 23:34, 12 January 2011 (UTC)[reply]

It seems to me that there is something wrong with the document structure and headings. "Reading projects", "Editing projects", "Discussions" are level 5 headings under one paragraph "User contributions". I guess they should be promoted to the same level as "General expectations" (level 3), since this makes little sense otherwise. I am not sure what was the original format presented to the board, however.  « Saper // @talk »  12:52, 17 January 2011 (UTC)[reply]

PHPSESSID is not anormal cookie, but asession, i will ask to agnolege the user about this,.

General scope

There's written there: «Consistent with its Data Retention Policy, the Foundation collects and retains the least amount of personally identifiable information needed to fulfill the Projects' operational needs.»

“Fulfill” is underlined red by my spell-checker.

LONGMAN Dictionary of English:

„ful-fil /.../ v -ll- (also fulfill AmE) ...“ (and so on).

What standard of spelling are we to keep to?

Lincoln Josh 13:14, 4 March 2011 (UTC)[reply]

A majority of ACC Tool users[5] are not checkusers and have not been formally identified by the Foundation. They have critical access and knowledge about the ip addresses and email addresses of users requesting new accounts at the English Wikipedia. Can we, therefore, include references to the ACC Tool in the privacy policy? (Note: We also have the Wikipedia:ACC tool users' pledge that attempts to voluntarily encourage ACC Tool users to adhere to our privacy policy).♪ ♫ Wifione ♫ ♪ 12:37, 23 March 2011 (UTC)[reply]

hm, I'm not sure if I understand this ACC tool completely: These users see only the data of users who tried to create an account on the english Wikipedia, had problems (e.g. failed to decipher the captcha), and then applied for an account manually. They don't see the data of users who register the usual way, right? It surprises me that a team of ~100 users is needed for this task, maybe our captcha needs to be improved?

But it seems to me that their role is somewhat comparable to the role of the OTRS volunteer response team, so did you think of mentioning ACC in the section on OTRS of the privacy policy? --Tinz 17:48, 24 March 2011 (UTC)[reply]

Hi Tinz. You are right. The ACC tool allows users to apply for an account when they're not able to decipher the captcha or when their name is perchance too similar to an existing name. The role of ACC tool users is somewhat similar to the OTRS volunteer response team, the difference being that the OTRS team is identified by the Foundation, while the ACC tool volunteers remain anonymous by choice. And yes, I wished to mention them in the OTRS section of the privacy policy. My intent is that any person reading our privacy policy gets informed that even on the ACC tool, the interface account handlers have access to ip addresses, email addresses of new account requesting users. Thanks.♪ ♫ Wifione ♫ ♪ 18:11, 24 March 2011 (UTC)[reply]