Policy talk:Privacy policy

Policy talk:Privacy policy/Header User:MiszaBot/config PrivacyPolicy-Invitation

There are obviously a lot of things to talk about and if you aren't interested in this piece of it please feel free to start a new section with your discussion point/question/concern/etc. As you can probably see both here and on some of the other policies and draft pages we rolled out we're trying the idea of having illustrations and light humor in the text. These are not in anyway 'set' and may not appear in the final version if they're not appreciated. Legal documents tend to be lengthy, weighty and difficult to read (and rarely read at that) especially when you consider how many sites the average user visits. We want to make these documents as accessible as possible to as many people as possible. We hope to keep everyone's attention with the illustrations and a bit of levity. This is especially the case in the privacy policy but we've seeded them in a couple other locations as well. Do you like them? Hate them? Any specific ones work well or not work well? Should we think about another scene for a specific area? Jalexander (talk) 01:50, 4 September 2013 (UTC)[reply]

I think the illustrations are a waste of screen space and the web page would be physically easier to read without them - eg I wouldn't need to scroll horizontally when reading in a narrow window.

The levity and humour in the text is unnecessary and possibly counter-productive. It's hard to take a policy seriously when it compares itself to "eating your greens". "Plain English" (instead of "legalese") is a very good thing, but making it too informal or "chatty":

• may create a perception that you don't really care at all - because you're joking about it.
• may create ambiguity or uncertainty because the less formal the language, the less precise it risks becoming.

The policy needs to be easy to read and factual; it does not need to be entertaining. Mitch Ames (talk) 06:55, 4 September 2013 (UTC)[reply]

Yes, something like http://creativecommons.org/licenses/by-sa/2.0/ is perfect, but "funny" images are IMHO a poor idea.

Sorry but this "Hi, I'm Rory! I'm here to help explain this privacy policy. Welcome!" is terrible. It is straight from stupid commercial and/or something for a small children. Bulwersator (talk) 07:03, 4 September 2013 (UTC)[reply]

Agrre with all of the above. Wikipedia (& Wikimedia) is not a children's book. -Nabla (talk) 09:06, 4 September 2013 (UTC)[reply]

Gotta agree with Bulwesator & Nabla. Now if Rory were something with roots in the community (like Wikipe-Tan), I wouldn't be bothered hy this illustration half as much, however Rory is just some plush toy at the Foundation offices, giving the impression this is an initiative from the Foundation & foistering an us-vs.-them feeling to this proposed policy. (Yes, that is an issue that has been hammered ad nauseum, but presently there is a fair amount of distrust from the community about anything the Foundation does. Unforutnately clumsy stuff like this only aggrivates this distrust.) -- Llywrch (talk) 15:43, 4 September 2013 (UTC)[reply]

I personally enjoyed the illustrations and the style of speech as well. In my eyes this is a good way to encourage readers to study the whole document and not stop reading after the first paragraph. Besides that, horizontal scrolling should be prevented through better html. --trm 10:07, 4 September 2013 (UTC)[reply]

I also like the illustration too. Given that some of our contributors and readers are kids, we want them to know how it affects them. Plus, nobody (adults and kids alike) likes to read a text block of quasi-legal stuff. The illustration helps retain some of their attention while they read through the page. OhanaUnited^{Talk page} 18:36, 4 September 2013 (UTC)[reply]

To my definition of a kid is someone who is under the age of teenager. I'm fairly sure that very very few contributors on this site fit my definition of a kid. I'm sure no kid would ever read the policy, consider that most them wouldn't able to understand that much. Even for readers, kids would only made up a very small portion of the total wikipedia readers (I barely can come up with any reasons why any kid would come to read Wikipedia's articles rather than watching TV or doing something fun). I expect this site to be a grown-up one not a website for kids.184.97.201.174 02:06, 5 September 2013 (UTC)[reply]

Look at the 2 things separately - Illustrations are fine, talking down like we're in kindergarten and we're being read a bedtime story, is probably not. I seriously doubt a lot of kids will be reading this quasi-legal, rather lengthy policy with things about metadata, subpoenas and access to nonpublic information policy etc.. With that said, It's actually a good idea to inject some levity in the mix with illustrations (I loved the kittens that used to be in other project and small cutesy things added here and there - but a mascot talking down might not be right for this audience). A little consideration for the audience would go a long way - I would suggest 'In a nutshell' blurbs accompanying the illustration would be more helpful - something like tl;dr version in 2-3 bullet-points. Hope that helps. Theo10011 (talk) 21:09, 4 September 2013 (UTC)[reply]

It says at the beginning that Rory is "here to help explain this privacy policy", but that never really happens. Some fuzzy drawings of something that looks like a cross between ET and a fluffy toy doing indistinct actions is not much of a help to me, at least. 86.169.185.183 01:26, 5 September 2013 (UTC)[reply]

I think we could explain more but for now I've removed that piece and he just says "Hi, I'm Rory". You're right, that for now he isn't really explaining anything. Jalexander (talk) 02:44, 5 September 2013 (UTC)[reply]

Hi everyone - I really appreciate the feedback on the use of images (namely, Rory, the tiger) in the privacy policy. He does represent something novel in our thinking about how to communicate a policy to a wide audience of readers and users. We like the concept, but, recognizing this is a bit of an experiment, we are definitely listening closely to your views - both pro and con.

Just to share a perspective for your consideration:

Our chief concern is to find a way to encourage everyone to read the privacy policy, given its importance to our readers and contributors. We are told that privacy policies are hard to read, that people read them infrequently, and that, when they do read them, people misunderstand them often. We are looking for ways not to fall into that norm. For example, we have included a user-friendly summary at the beginning of the policy - which was a great idea suggested by the community when we were consulting on the terms of use. We believe that, in addition to avoiding legalese, our use of visuals might also improve interest and readability in longer documents like our privacy policy.

Most Wikimedians hardly need a visual to read through a complicated document, but, of course, this policy is for everyone, including readers who may not be as familiar with our sites and projects. In the ideal world, we want to attract as many people as possible to read the privacy policy since it does govern their use of our projects and the expectations of the community and WMF.^[1]

Now our present use of the visuals is only illustrative. We are looking at ways to leverage the pictures to better explain aspects of the policy. The text box under the Rory image in the “Welcome” section is meant to help inspire ideas on how to use such images to facilitate readability and understanding. Based on some comments here, we are going to change the present text to avoid confusion, but we would be interested in your ideas on how to best use images (if you think that would be a good idea). For example, we could use other text boxes in the margins to help link to relevant FAQs on the topic or to highlight critical parts of the policy, if you thought that was useful.

Anyhow, we are really interested in your views on this idea and how we could leverage it. Also, if you have other ideas on how to improve readability through visuals, that would be helpful as well.

Thanks again for your time, comments, and insights. I greatly appreciate it. Geoffbrigham (talk) 03:31, 5 September 2013 (UTC)[reply]

Commenting on the "reference": there seems a world of difference between using a cheerful character to encourage editors to visit the draft and offer feedback, and having that same character featuring in a serious document. I hope that any success with Rory on the banner will be interpreted as "it might be a good thing to have Rory on a banner encouraging user interaction" and not as "it is a good thing to have Rory in a serious policy document". PamD (talk) 10:11, 5 September 2013 (UTC)[reply]

Hey Geoff, thanks for giving a background on this. It helps to understand what the intention was. I do believe something like illustrations accompanying the large body of text would be very helpful and break the monotony. It is a good idea, but this attempt misses the mark in my opinion. It just means another attempt might be needed here. Twitter fail whale, firefox fox, Google's android - mascots are actually quite common and using them in internal documents is also not unheard of. We just need to do better with this.

The difference, you guys might know Rory, most of us don't. Wikipe-tan is about as close to a mascot as we can get, and that might not be really suitable for this. My suggestion again would be using illustrations to make some sort of a "In a nutshell" or "tl;dr" version with bullet points. It can consolidate a large amount of text into a few salient points accompanied by some cute illustration - something like a tl;drabbit or nutshell kitten.

Also, if you would allow me to go on a brief rant here about something trivial - the senior staff should exercise more judgement. A/B testing is/has become carte blanche for backing anything lately, it was bordering on our own internal meme. We are slowly becoming a private start up, hellbent on maximizing click-through with banners. Unfortunately, porn websites and scammers have been doing this for years and doing it better. I suppose the final step would be learning everything from them and copying them to maximize click-throughs. I'm sure a nude or a semi-nude in the banner would also give a much higher click-through than what might have been seen - but someone has to exercise good judgement. I personally have nothing but disdain for A/B testing, especially when its used blindly without any common sense, judgement or editorial control. I hope the senior staff members can see the point here, and show a little bit more wisdom when it comes to blind numbers and testing. Thanks. Theo10011 (talk) 10:08, 5 September 2013 (UTC)[reply]

Thanks Theo for your thoughts. I appreciate your view and those of others on this topic. I do like the nutshell idea. Hear you on A/B testing. Geoffbrigham (talk) 12:17, 5 September 2013 (UTC)[reply]

Thanks Geoff. Your reply is much appreciated. Theo10011 (talk) 17:08, 5 September 2013 (UTC)[reply]

I am not totally anti the use of images; my main problem with "Rory" is that, with no offence intended to the artist, it simply isn't very well drawn. 86.167.19.217 17:49, 5 September 2013 (UTC)[reply]

Re Theo10011: I think we shouldn't be using Wikipe-tan because the character itself only represents one project (Wikipedia) out of many other WMF projects. Even the name "Wikipe-tan" implies it is for Wikipedia. On the other hand, Rory does not have this issue. Since the privacy policy affects not just Wikipedia but all projects, it's inappropriate to use a character with a very narrow scope. OhanaUnited^{Talk page} 20:33, 5 September 2013 (UTC)[reply]

I agree about Wikipe-tan, and there is a list of reasons why its usage here might be a bad idea. Apart from that, my point was - no one knows "Rory" it might as well be Tony or Leo. Someone mentioned Rory is a stuff-toy at the office and it's supposedly an in-reference to that- I don't know if that is true or not, but there is no familiarity there to go off of. Someone mentioned that they thought they saw either Tony the tiger from Kellogg or Tigger from Winnie the pooh on Wikipedia. Theo10011 (talk) 21:05, 5 September 2013 (UTC)[reply]

I think the images are frankly playful, inviting, engaging, and ultimatey appropriate. The purpose of illustration here is to invite the reader into a conversation about privacy. Legal documents tend towards the dry, boring, and off-putting. Anything that furthers people actually wading into the details of complex policy should be lauded. There's a misconception that anything cute or playful is at odds with serious pursuits; it's quite the opposite, though. Playful design, when it's done well, invites a larger audience and welcomes them into serious discussion. The illustrations do not detract from the meaning of the policy, they just make it more likely that more people will read it. Yes, our hard-core contributors may feel slightly insulted or belittled by this display of creativity, but they're going to read the policy anyway, and so the illustrations serve to attract a different, broader audience. I think particular jokes may need tweaking, and clear and bold summaries of policy impact are top-priority for emphasis, but images do not take away from that. Ocaasi (talk) 18:07, 5 September 2013 (UTC)[reply]

I love the images. I think they inject the right amount of whimsy into a subject which is decided Super Serious and boring. I found that I actually read the privacy policy text because of them - if only so that I could scroll forward and see the next image. That was actually very clever, I think. I feel that if we can't make room for some fun, we've failed at what we do - it means we're not confident in what we're producing. --Jorm (WMF) (talk) 21:17, 5 September 2013 (UTC)[reply]

At first I borked at the images and playful text, but then I reconsidered. I imagined a teacher using the illustrations in colouring activities (or like) and trying to start a lesson, as simple as it would have to be, on data, privacy and security... to this end, the text needs to have simple one liners at the start, that sum up the sections. Maybe rename the section headings so when read alone, they make some sort of meaningful narrative. Then the first line of each section is for the next level of readership, limited to 140 characters for example, then the next paragraph is the next level (100 words), and so on until you have a paragraph that an expert can read. That way, like the language versions, you'll be reaching as wider range of audience as possible. Regarding the light humour, be careful not to use colloquial or culturally centric humour. Leighblackall (talk) 23:52, 5 September 2013 (UTC)[reply]

Re colloquial or culturally centric humour: we tried hard to stick to things that we thought could be translated (most of us on the legal team have at least one second native-level language), but if we failed in that, we'd definitely love to hear about it so we can fix it or help the translators find good alternatives. - LVilla (WMF) (talk) 00:51, 6 September 2013 (UTC)[reply]

Template:Resolved

Template:Resolved

Maybe hide it as default or move to the bottom? There is nothing here that would be surprising or interesting for normal person and on encountering it half people will stop reading this document Bulwersator (talk) 07:10, 4 September 2013 (UTC)[reply]

Hi Bulwersator! Thank you for your suggestion! Hiding this section as a default is certainly an option if it seems that the majority of people already know this information, but moving it to the bottom probably wouldn't make organizational sense. What do other people think? Did the "A Little Background" section provide you with information you didn't already know? Should it remain as is or be changed to default hidden? Mpaulson (WMF) (talk) 18:42, 4 September 2013 (UTC)[reply]

Found on second paragraph in Privacy policy#Account Information & Registration. Is there any reason to have a link to a user page on policy page? – Kwj2772 (msg) 07:14, 4 September 2013 (UTC)[reply]

Just as a note the specific account is a created 'example' (you can see a little comment/note in the edit window ). Jalexander (talk) 07:30, 4 September 2013 (UTC)[reply]

I think the joke still works if you put a disclaimer right on the user page. Steven Walling (WMF) • talk 17:05, 4 September 2013 (UTC)[reply]

Hi Steven and Kwj2772! We are contemplating possible changes based on this input, but want to wait to see what other comments we receive on this joke prior to making any changes. Mpaulson (WMF) (talk) 19:06, 4 September 2013 (UTC)[reply]

I don't think this joke translates well. PiRSquared17 (talk) 19:10, 4 September 2013 (UTC)[reply]

I removed this sentence. It's a bad joke and isn't appropriate for this document. --MZMcBride (talk) 12:28, 5 September 2013 (UTC)[reply]

• I expected Rory to actually say more stuff as the page went on. As it is, he is pretty useless.

Thanks, This, that and the other. I appreciate your taking the time to read and post. I hear you re Rory. I did a posting on this, which you can find here. I agree that, if we do decide to use visuals, we will need to find ways of doing so in a helpful way. Geoffbrigham (talk) 13:02, 5 September 2013 (UTC)[reply]

• Under "More On What This Privacy Policy Doesn't Cover", the use of the phrase "are supposed to" implies that some stewards or checkusers might be able to get away without agreeing to follow the other policies. I suggest that you use "must" here instead.

Thanks. I have been going back and forth on this since community members don't work for the Wikimedia Foundation. How about we say "are required to"? This would refer to the requirements of the new draft of the Access to nonpublic information policy. Would that work? Geoffbrigham (talk) 13:06, 5 September 2013 (UTC)[reply]

Thanks This, that and the other! We have changed the policy to "are required to" as Geoff suggested. Mpaulson (WMF) (talk) 22:59, 5 September 2013 (UTC)[reply]

• Under "Your Public Contributions", we have "Your contribution (even if you just removed something) will show when it was made and your username (if you are signed in) or your IP address (if you are not signed in)." While I think I get what this means, it still comes across as a bit ambiguous. Please recast this sentence so it is better structured and pronouns are used in a clearer way.

I see what you mean. If you have time, could you give us some proposed language. If not, don't worry. We will think about it a bit ourselves. Geoffbrigham (talk) 13:14, 5 September 2013 (UTC)[reply]

We have redrafted so that it reads: "The page history will show when your contribution or deletion was made, as well as your user name (if you are signed in) or your IP address (if you are not signed in)." I hope this helps with the clarity issue. Mpaulson (WMF) (talk) 22:59, 5 September 2013 (UTC)[reply]

• Humor is fine, but a lot of this humor is quite bad humor :( Some examples:
  • "... the picture of you in that terrible outfit your mom forced you to wear when you were eight." It's just not funny.
  • Get rid of "ericsgrl4evah". The link is funny, but inappropriate and confusing. Or at the very least, go and full-protect her user and user talk pages on enwiki.
  • Under "Information We Collect", "While removing or disabling our locally stored data does not cause lasers to shoot out of your device" is silly, and could conceivably be taken literally.

We have actually gotten different types of feedback on this, sometimes quite positive. I tend to think humor is fine if it encourages the reader to read the document and actually enjoy that experience. We have seen other policies do this successfully. Indeed, I don't believe legal documents should be stuffy or overly formal. It does not affect the legal effect of the document. That said, we are definitely listening to this type of feedback. After we hear from others, we may want to revisit how we are approaching it. (P.S. Will get to your other comments shortly.) Geoffbrigham (talk) 13:19, 5 September 2013 (UTC)[reply]

• "the website you exited the Wikimedia Sites from". What is this? Surely you exit the Wikimedia Sites from the Wikimedia Sites themselves?

This was phrased improperly. Thank you for catching that. It has been changed to "the website you exited to when you left the Wikimedia Sites". Hope that is a little clearer now. Mpaulson (WMF) (talk) 22:59, 5 September 2013 (UTC)[reply]

• JavaScript, please.

I believe MZMcBride already changed this. Thanks for pointing that out! Mpaulson (WMF) (talk) 22:59, 5 September 2013 (UTC)[reply]

• Under "How Long Do We Keep Your Data?" the bit "such as your IP address if you edit while not logged in and any public contributions to the Wikimedia Sites." needs to be recast. Suggesting "such as your IP address (if you edit while not logged in) and any public contributions you make to the Wikimedia Sites."

Thanks! I have revised according to your suggestion. Mpaulson (WMF) (talk) 22:59, 5 September 2013 (UTC)[reply]

• Link WikimediaAnnounce-L every time.

Thanks! This is been revised according to your suggestion. Mpaulson (WMF) (talk) 22:59, 5 September 2013 (UTC)[reply]

Nice work, though. This, that and the other (talk) 07:43, 4 September 2013 (UTC)[reply]

I too concur on the point that Rory is an absolutely stupid and redundant idea. It should be removed. Privacy policies aren't comedic, they're serious business. Having some chump character introduce itself then serve absolutely no purpose just gives me the vibe that someone doodled something, thought it was gods gift to art, then pushed an agenda to have it incorporated. It's redundant, superfluous, and should be removed to minimize distraction of future readers. BaSH PR0MPT (talk) 02:57, 5 September 2013 (UTC)[reply]

I think this is a valid view, BaSH PROMPT, but I think the use of visuals could be helpful. I did post something on that above. I am also seeing some interesting alternative ideas. Thanks. Geoffbrigham (talk) 13:23, 5 September 2013 (UTC)[reply]

Hi This, that and the other. You should be able to edit the page yourself. :-) I removed the "Ericsgrl4evah" sentence and corrected the spelling of JavaScript just now. --MZMcBride (talk) 12:46, 5 September 2013 (UTC)[reply]

I've responded in-line above. We really appreciate your comments, This, that and the other. They have already made the draft better. Mpaulson (WMF) (talk) 22:59, 5 September 2013 (UTC)[reply]

Template:Answered

What is changing in the new Policy relative to the current one? Can anyone knowledgeable, probably those proposing it, make a diff please? - 09:08, 4 September 2013 (UTC)

+1

I have no big problem with this policy but knowing what's diferent helps to decide if it is 1 step forward or not. --Madlozoz (talk) 14:23, 4 September 2013 (UTC)[reply]

Also agree that it would be useful to know the actual changes in the policy - it could be done as a chart in a subpage since I can't see how one could give a "diff". Risker (talk) 14:28, 4 September 2013 (UTC)[reply]

See also #So, what is the purpose of all this?. --Nemo 05:44, 5 September 2013 (UTC)[reply]

Footer is linking to clearly superior http://wikimediafoundation.org/wiki/Privacy_policy 89.74.119.184 15:30, 5 September 2013 (UTC)[reply]

Second the motion PauAmma (talk) 15:50, 5 September 2013 (UTC)[reply]

Agreed, it's a nice looking document and quite readable, but I don't understand what and how it has changed. Ocaasi (talk) 16:39, 5 September 2013 (UTC)[reply]

+1 78.251.243.204 22:17, 5 September 2013 (UTC)[reply]

Thanks for asking about this. As Risker noted, it would be impossible to show the changes in a diff given that this is a completely new policy. Instead, I would like to outline some important changes here.

As a general matter, because the current privacy policy was written in 2008, it did not anticipate many technologies that we are using today. Where the current policy is silent, the new draft spells out to users how their data is collected and used. Here are some specific examples:

1. Cookies: The current policy mentions the use of temporary session cookies and broadly states some differences in the use of cookies between mere reading and logged-in reading or editing. The FAQ in the new draft lists specific cookies that we use and specifies what they are used for and when they expire. The draft policy further clarifies that we will never use third-party cookies without permission from users. It also outlines other technologies that we may consider using to collect data like tracking pixels or local storage.
2. Location data: Whereas the current policy does not address collection and use of location data, the draft policy spells out how you may be communicating the location of your device through GPS and similar technologies, meta data from uploaded images, and IP addresses. It also explains how we may use that data.
3. Information we receive automatically: The current policy does not clearly explain that we can receive certain data automatically. The new draft explains that when you make requests to our servers you submit certain information automatically. It also specifies how we use this information to administer the sites, provide greater security, fight vandalism, optimize mobile applications, and otherwise make it easier for you to use the sites.
4. Limited data sharing: The current policy narrowly states that user passwords and cookies shouldn’t be disclosed except as required by law, but doesn’t specify how other data may be shared. The new draft expressly lists how all data may be shared, not just passwords and cookies. This includes discussing how we share some data with volunteer developers, whose work is essential for our open source projects. It also includes providing non-personal data to researchers who can share their findings with our community so that we can understand the projects and make them better.
5. Never selling user data: The current policy doesn’t mention this. While long-term editors and community members understand that selling data is against our ethos, newcomers have no way of knowing how our projects are different from most other websites unless we expressly tell them. The new draft spells out that we would never sell or rent their data or use it to sell them anything.
6. Notifications: We introduced notifications after the current policy was drafted. So, unsurprisingly, it doesn’t mention them. The new draft explains how notifications are used, that they can sometimes collect data through tracking pixels, and how you can opt out.
7. Scope of the policy: The current policy states its scope in general terms, and we want to be clearer about when the policy applies. The new draft includes a section explaining what the policy does and doesn’t cover in more detail.
8. Surveys and feedback: The current policy doesn’t specifically address surveys and feedback forms. The new draft explains when we may use surveys and how we will notify you what information we collect.
9. Procedures for updating the policy: The new draft includes specific instructions on how we will notify you if the policy needs to be changed. This is consistent with our current practice, but we want to make our commitment clear: we will provide advance notice for substantial changes to the privacy policy, allow community comment, and provide those changes in multiple languages.

The purpose of a privacy policy is to inform users about what information is collected, how it is used, and whom it is shared with. The current policy did this well back when it was written, but it is simply outdated. We hope that with your help the new policy will address all the relevant information about use of personal data on the projects. YWelinder (WMF) (talk) 01:07, 6 September 2013 (UTC)[reply]

ça veux dire quoi en français ? Rinaldum (talk) 11:50, 4 September 2013 (UTC)[reply]

Salut Rinaldum - Nous demandons la réaction des gens à la politique de protection des données proposée. Dans ce contexte, le mot «feedback» signifie "vos commentaires." Geoffbrigham (talk) 14:00, 4 September 2013 (UTC)[reply]

Le ne connais pas de traduction parfaite de l'idiôme; en général, "commentaires en réaction" est une bonne approximation. MPelletier (WMF) (talk) 14:02, 4 September 2013 (UTC)[reply]

The WMF and many people with access to nonpublic information (like (for users with accounts) their IP addresses and possibly their email addresses) are subject to the contradictory laws of the USA. The WMF and many people with access to nonpublic information may be required to make such information available to unaccountable agencies while being legally restrained from telling them that the information was shared. Admitting new information sharing mechanisms, or even just the requests may result in imprisonment without trails, without access to the laws leading to imprisonment, or even transcripts of the decisions, evidence, or who their accusers were.

Until the WMF and people with access to nonpublic information remove themselves from such jurisdictions, the guarantees in the WMF's privacy policy, the access to nonpublic information policy, the data retention guidelines, the transparency report, and the requests for user information procedure, are untrue.

To service campaign contributors, your information may be given to third parties for marketing purposes.

Your data may be secretly retained by the WMF for as long as required by US agencies, and/or by those agencies themselves for as long as they want.

The WMF may be prevented from revealing their actual policies but forced to claim that they protect users' privacy per their public policies. -- Jeandré, 2013-09-04t12:47z

See also Talk:Privacy policy/Call for input (2013)#Technical and legal coercion aspects.

Hi Jeandré, while I'm someone who knows for a fact that we would strongly rebel against secret requests and unreasonable demands from the government (any government) I'm certainly sympathetic to these concerns (I think much of what the US government has done is illegal and immoral). That said I have yet to see where we could 'go' to remove everyone from jurisdictions where this (or other equally bad issues) would be a problem. Europe, for example, is generally not better, it has significant issues as well. Jalexander (talk) 20:07, 4 September 2013 (UTC)[reply]

As far as I know, the voters in New Zealand and Iceland care about doing the right thing, and don't have the same kinds of laws as the USA and UK. -- Jeandré, 2013-09-05t09:27z

Les lois européennes sont infiniment plus protectrices que les lois américaines. Pourquoi croyez-vous que les grosses sociétés informatique (Google, Micro$oft, Apple, etc.) essaient d'imposer, heureusement sans trop de succès (voir les quelques affaires récentes, par exemple entre Google et les CNIL européennes) , que ce soit le droit américain qui s'applique au détriment du droit européen ? 78.251.243.204 20:18, 5 September 2013 (UTC)[reply]

Et de toutes façons ce n'est pas seulement une question de quelle loi est plus protectrice ou pas, c'est une question de que les lois des différents pays doivent être respectées. Chaque pays est souverain et établit ses lois de manière démocratique, on n'a pas à lui imposer des lois qui n'ont aucune légitimité. Seuls les Américains votent pour élire leur congrès. Les lois américaines ne s'appliquent donc qu'à eux 78.251.243.204 20:21, 5 September 2013 (UTC)[reply]

PRISM etc

Not sure if this is completely on topic, please point me towards the discussion if not, this is not my area of knowledge.

1. Is the Wikimedia Foundation subject to the same FISA laws that Microsoft, Google etc have had to comply with and give over information?
2. If so does the Wikimedia Foundation record anything they may want?
3. If so this privacy policy will need to reflect this.

--Mrjohncummings (talk) 16:06, 4 September 2013 (UTC)[reply]

• Note that it may illegal for Foundation to admit that they give over information to USA government. 89.74.119.184 19:18, 4 September 2013 (UTC)[reply]

The WMF has been very clear that we have not been contacted in relation to that. General Counsel Geoff Brigham said in a blog post that "The Wikimedia Foundation has not received requests or legal orders to participate in PRISM, to comply with the Foreign Intelligence Surveillance Act (FISA), or to participate in or facilitate any secret intelligence surveillance program. We also have not “changed” our systems to make government surveillance easier, as the New York Times has claimed is the case for some service providers." Philippe (WMF) (talk) 20:58, 4 September 2013 (UTC)[reply]

Just to add to what Philippe has said, it is our understanding of the law that we can not be forced to 'Lie' (though they can force us to not comment/confirm including while we fight for it to be released), while I can certainly understand people's concerns about "them not even being able to tell us if it's true" I really do stress that we haven't received anything and would fight like crazy if we did. Also, we're really really bad liars, we are an incredibly leaky organization. Jalexander (talk) 08:03, 5 September 2013 (UTC)[reply]

Given the choice between believing Microsoft/Google/Facebook/US.gov or Snowden, I'd go with Snowden every time. I think the current evidence shows that the people at Google are lying by commision because they're being forced to. While I have orders of maginitude more trust in the people at the WMF than those at Google, I think Ladar Levison's decision to shut down Lavabit and his strong recommendation against trusting organizations "with physical ties to the United States" indicates that he didn't want to lie by commision. -- Jeandré, 2013-09-05t09:27z

Is it possible for anyone to verify exactly what software the WMF's servers are running and how the software is configured? It is trivial to download Mediawiki and various extensions, but is it possible for anyone to verify that the version of Mediawiki as run by the WMF isn't modified to provide information to the NSA? --Stefan2 (talk) 12:57, 5 September 2013 (UTC)[reply]

Subject to US law

I think we should expand the section on the data being kept in the USA, and therefore subject to American laws. The PATRIOT Act comes to mind, where they can and will use any data you store in the US at any point in time against you at a later date. Doesn't matter where you live. So you might not want to post that nasty anti-American rant on a talk page, it might come back to bite you in the choo-choo later... Or the DMCA. I think of a certain Russian computer scientist who could have been arrested had he came to the US to give a speach as he posted information on anti-circumvention measures (Dmitry Sklyarov) ... Oaktree b (talk) 22:09, 4 September 2013 (UTC)[reply]

While some of this may be true (though there are lots of laws in Europe and other countries which can be problematic with what you post too and the US allows) I'm not sure I understand your example. There is very little (if any) added risk to posting your anti-american rant on the talk page on an American server. There are certainly risks, but the PATRIOT act does not necessarily make it more risky (especially given the legal system and our desire to fight against demands) then many other location options. Jalexander (talk) 00:29, 5 September 2013 (UTC)[reply]

This section concerns me as well as worries me. "to comply with the law, or to protect you and others" I think most of us are aware that our freedom in all areas is slowly but steadily eroding. In many countries, there is not even a pretense at giving freedom priority over other values, while in many others it is only a pretense. I wonder if there is a country left in the world that has not put that value at the bottom of a list of many other values like security and equality. Politicians and lawyers can and will find a way to abuse that which they can abuse for their own purposes. Laws were made to facilitate the sending of millions of people into concentration camps, why should they stop at keeping knowledge sacred? "to comply with the law, or to protect you and others" That is a mightily large back door.

Legal response

Thanks for raising this question. I’ll tackle it in two parts:

First, generally: as we say in more detail in the policy’s section on our legal obligations, we must comply with applicable law, but we will fight government requests when that is possible and appropriate. For example, unlike some websites, we already are pretty aggressive about not complying with subpoenas that are not legally enforceable. (We’ll have precise numbers on that in a transparency report soon.) We’d love to hear specific feedback on how we can improve that section, such as additional grounds that we should consider when fighting subpoenas.

In addition, we are currently working on a document that will explain our policy and procedure for subpoenas and other court orders concerning private data. We will publish the document publicly, follow it when responding to requests, and also provide it to law enforcement so that they know about our unusually strict policy on protecting user data.

Second, with regards to surveillance programs like PRISM and FISA court orders: We are subject to US law, including FISA. However, as we have previously publicly stated, we have not received any FISA orders, and we have not participated in or facilitated any government surveillance programs. In the unlikely instance that we ever receive an order, we are making plans to oppose it.

Beyond the legal realm, we continue to evaluate and pursue appropriate public advocacy options to oppose government surveillance when it is inconsistent with our mission. For example, the Wikimedia Foundation signed a letter with the Center for Democracy and Technology requesting transparency and accountability for PRISM. If you are interested in proposing or engaging in advocacy on this issue, please consider joining the advocacy advisory group. We also continue to implement technical measures that improve user privacy and make surveillance more difficult. For example, we enabled HTTPS on Wikimedia sites by default for logged in users. For more information, see our HTTPS roadmap.

As always, we greatly appreciate your input on this complex issue. Please note that if you have questions that are specific to surveillance, and not tied to the privacy policy itself, the best place to discuss those is on the Meta page on the PRISM talk page, not here.

Best, Stephen LaPorte (WMF) (talk) 00:03, 6 September 2013 (UTC)[reply]

It would be nice if the account can be removed. Thank You! --78.49.38.54 13:03, 4 September 2013 (UTC)[reply]

Sadly deleting an account is essentially impossible, if we delete an account then every edit made by that account isn't attributed to anyone and we can't allow that. Many wikis have a policy similar to English Wikipedia's Right to Vanish where you can be renamed to some obscure numbered name and your user page deleted but that's essentially the closest that we can get :(. Jalexander (talk) 20:11, 4 September 2013 (UTC)[reply]

Content page invites one to comment but seemingly fails to tell one where to comment. Here? On this talk page? Somewhere else?

Presentation is rather "cutsie" reminds me of the annoying paper clip helper mess of Microsoft.--64.134.41.87 13:51, 4 September 2013 (UTC)[reply]

Yes, please comment here for the privacy policy. We are definitely listening to feedback on the use of Rory (the tiger image). Veteran Wikimedians most likely need nothing like that. On the other hand, we want to facilitate reading the policy for everyone (including readers and new editors), so we are experimenting with the idea during this consultation period. Your feedback is greatly appreciated. Geoffbrigham (talk) 14:04, 4 September 2013 (UTC)[reply]

I just wanted to say that I love Rory's drawings, anyway :) --Elitre (WMF) (talk) 15:09, 4 September 2013 (UTC) PS - can I get a quick link to the colored version in the banner? I don't think I can find it on Commons, but I searched very quickly.[reply]

@Elitre (WMF) and Elitre: wmf:File:Rory intro colored 02 banner transparent.png. See MediaWiki:Centralnotice-template-PrivacyPolicyDiscussion Rory1, Special:CentralNoticeBanners/edit/PrivacyPolicyDiscussion_Rory1 for more info on this banner. PiRSquared17 (talk) 19:03, 4 September 2013 (UTC)[reply]

Thanks PiRSquared17. Good thing I did not spend too much time looking for it on Commons then... --Elitre (talk) 13:53, 5 September 2013 (UTC)[reply]

This is in the first sentence of the nutshell of the draft, and is mentioned in several other places. However, if one tries to edit without logging in on English Wikipedia, at the top of the screen appears this editnotice: "You are not logged in. Your IP address will be publicly visible if you make any edits. Please log in or create an account to have your edits associated with a user name, among other benefits. "

The last sentence really pushes people to register accounts, and is written to sound as though it is pretty much required. It's something of a mixed message. If the last sentence started with "If you log in or create an account, your edits will be asociated...." it would more accurately reflect this policy, and to stay on the same message. Risker (talk) 14:36, 4 September 2013 (UTC)[reply]

Hey Risker. I actually wrote that copy. :) I think the reword for the last sentence you suggested is good. Let's do it! Steven Walling (WMF) • talk 17:03, 4 September 2013 (UTC)[reply]

Template:Resolved

This Privacy Policy does not cover some situations where we may gather or process information. Some may be covered by separate privacy policies (like the Wikimedia Shop) or sites or services run by third parties (like third-party developer projects on Wikimedia Labs). Learn more about other situations that are not covered by this Privacy Policy.

Either the parenthetical "(like the Wikimedia Shop)" was closed too early, or there's something significantly wrong with the adjacent clause "or sites or services...", because the situations won't be covered by sites or services - I think you mean to say something like ", or they may be sites or services run by third parties (...), which may not be subject to our policies."

Hope that helps! --MarkTraceur (talk) 16:47, 4 September 2013 (UTC)[reply]

Yes I just came across that too when translating to Esperanto. Could somebody please fix the sentence to whatever was actually meant, because I don't really understand it? Thanks. darkweasel94 (talk) 10:24, 5 September 2013 (UTC)[reply]

Yep. How about:

"This Privacy Policy does not cover some situations where we may gather or process information. For example, some uses may be covered by separate privacy policies (like those of the Wikimedia Shop or sites or services run by third parties, such as third-party developer projects on Wikimedia Labs)."

Does that work? Or is it still too cryptic? Great catch and thanks! Geoffbrigham (talk) 13:42, 5 September 2013 (UTC)[reply]

That at least makes sense grammatically, so yeah, that works well enough for translation. darkweasel94 (talk) 13:56, 5 September 2013 (UTC)[reply]

german User:Seewolf is mainly responsible Worked the non-accessible
to the public and private processing filters.
He worked he at Wikimedia Germany eV -
See more at: http://shtoink.de/category/machtstrukturen-wikipedia/page/3

This public "abusefilter" at german WP is today a real current violation of german law, 
because this filter produce "Personenbezogene Information" which is recorded 
and this is against the german law...

Template:Resolved

Really! Truly! I know you don't mean to sound like you are talking down to us, but gosh, I feel like everyone at the Foundation just wants to give us happy smiles & hugs & wishes us all unicorn farts. Not only does it sounds creepy, yo ulose all credibility.

First, I want to know if this warm-&-fuzzy language accurately reflects what the policy is. And some passages don't give me a warm & fuzzy feeling that it does.

Second, it is possible to explain things in plain English without sounding like a demented variant of a Cub Scout Den Leader. Take, for example the section "Account Information & registration". (Was the person who wrote that high on antidepressants?) Everything in that section could be explained quite simply & maturely as follows:

You are not required to create an account to read or contribute to a Wikimedia Site. However, if you contribute without signing in, your contribution will be publicly attributed to the IP address associated with your device. If you want to create a standard account, we do not require you to submit any personal information to do so. All that is required is a username and a password. We do not ask for a legal name or date of birth, nor an email address, and definitely not for credit card information; we consider that information unnecessary to contribute to Wikipedia. There are rules and considerations regarding a username, so please think carefully before you use your real name as your username. Your password is only used to verify that the account is yours.

Notice how more mature this paragraph reads? Yet most of the language is what currently appears on the front page; all I did was take out the fluff. And there is a lot more fluff in this policy statement that needs to come out before the final draft. -- Llywrch (talk) 18:34, 4 September 2013 (UTC)[reply]

A bit painful

With due respect, some of the phrasing is pretty cringe-worthy.

"Some features we offer are way cooler to use if we know what area you are in."

"If you choose to help us make the Wikimedia Sites better by participating in an optional survey or providing feedback, we think you are awesome."

"We also recognize that some of you know the ins and outs of tracking pixels while others associate the term “cookie” exclusively with the chocolate variety."

Such attempts to be chatty have no place in such a document, in my opinion. 86.169.185.183 21:02, 4 September 2013 (UTC)[reply]

Mostly, I'd be interested in tasting a cookie which is a chocolate variety (in Italian, saying that "cioccolato" is "biscotto" is a lexical and etymological absurd). Do such things really exist in USA? We may need a food culture table conversion for such weirdnesses in the text. --Nemo 21:47, 4 September 2013 (UTC)[reply]

You will be assimilated. Resistance is futile... We are Wikiborg.Oaktree b (talk) 22:23, 4 September 2013 (UTC)[reply]

Informal tone

I'm wondering why the WMF has decided to use a very informal tone in this new draft. Is it intended to make the policy appeal to a younger audience? I have nothing against the occasional use of "cool", "awesome", or similar words, but I don't understand why they should be in what is essentially a legal document. @Jalexander: any comment? PiRSquared17 (talk) 21:59, 4 September 2013 (UTC)[reply]

I also think it's okay to have a bit of fun and have some in-jokes in internal Wikimedia pages, but it might hurt the WMF's reputation if added to such an important, highly visible document. However, I trust the authors of the document. PiRSquared17 (talk) 22:01, 4 September 2013 (UTC)[reply]

Also informal text can have official character. ;) The intention was obviously to make the text comprehensible also for non-Legalese native speakers. ^^ --თოგო ^(D) 22:36, 4 September 2013 (UTC)[reply]

I'm happy that it is more comprehensible and written in Simple/Plain English, but that does not mean we should have text like "[...]we think you are awesome". I'm not explicitly against this kind of informal tone, but I'm afraid that readers may get a bad impression of Wikimedia. It might make WP seem like a website run by "cool kids". ;) PiRSquared17 (talk) 22:41, 4 September 2013 (UTC)[reply]

I obviously appreciate your feedback on this and will make sure the lawyers know too (we're keeping track of what people say on both a spreadsheet and I sit very close to Michelle who is the main one in charge of coordinating it) and I think it's something to hear about from others as well to gauge how it comes across. From a personal opinion side though I disagree, I think simple/plain english is one thing (and for legal document incredibly tough) it can't be the only piece. The formal 'voice' and tone are one of the big things that turns people away from reading long documents like this and absorbing the information given. I think the informal tone keeps it flowing and makes it much easier to completely read. In the end I would prefer for people to think we're a bit of a 'silly bunch of people' (which, let's be fair, they already think since we write an online encyclopedia for fun) then for them not to read what is quite a lot of text but is very important in this internet day and age when they give up large amounts of information without even knowing it. Jalexander (talk) 23:46, 4 September 2013 (UTC)[reply]

I disagree with this, as I mentioned above. The insertion of inappropriate words such as "cool" and "awesome" does not make the document more readable, it just makes it look self-conscious and a bit ridiculous. 86.169.185.183 00:16, 5 September 2013 (UTC)[reply]

Sigh. Did you bother to read my revision of one paragraph of this document? It is informal but dignified. No one will respect a document that is written by a bunch of airhead PR flacks who sound as if they are giggling as they writing--which is the voice this document currently has. And I hope & assume no one working at the Foundation wants to be thought of as an airhead PR flack.--Llywrch (talk) 02:57, 5 September 2013 (UTC)[reply]

Honestly, at the time not yet, but I did later and have it on a list for people to look at. I was answering here because @PiRSquared17: specifically pinged me and I wanted to respond to him directly. I actually think I misread initially though and came across as harsher then I felt (too many things at once I guess). I want to find the right balance, and am not completely sure where it is yet. I didn't write the policy and I have my own thoughts but I'm not yet sure exactly what is best. I just wanted to characterize the thought process and some of my own thoughts (about trying to find ways to keep them reading and help them understand). Jalexander (talk) 08:14, 5 September 2013 (UTC)[reply]

I thought the exact same thing as PirSquared17 and I disagree with "The formal 'voice' and tone are one of the big things that turns people away from reading long documents like this and absorbing the information given. I think the informal tone keeps it flowing and makes it much easier to completely read." In fact the informal tone distracts from the information given and let the reader thinks that the information is not important since it's presented in a "funny" way, we "unconsciously" think that it mustbe a joke or something alike. I don't mean the text should be full of legalese stuff and I agree that it should be written in plain/simple English, but the "informal tone" does the same as the "legalese and complicated tone" for non-Native English speakers, it makes the text harder to understand (and let be honest such text won't be translated in all languages so, yes, a lot of non-Native English speakers will have to read it in English). Amqui (talk) 02:48, 5 September 2013 (UTC)[reply]

The informal tone doesn't bother me much. The document is still pure egregious legalese (i.e. designed to give headaches), see all the instances of "A, BUT! X, Y, W, Z, ..." so that in the end you read three times as much and don't remember what you are agreeing to, being more exceptions than rules, and the WMF is fully protected from users.

You make a good point, however, that the draft text is three times as long as the current wmf:Privacy policy (49 KB vs. 16 KB counting only the text included in the page directly) and it's full of long digressions. Perhaps, per TTO in #Some notes, the digressions and other accessory text may be moved to speech bubbles coming out of Rory, so that both translators and readers can more easily prioritise how they consume the document. --Nemo 06:03, 5 September 2013 (UTC)[reply]

Oatmeal vs. Dora the explorer

I saw feedback to the whole illustration and mascot theme is solicited above. I wanted to point out the subtle difference being lost here. Illustrations don't necessarily have to be dumbed down, or be intended for an immature audience. The whole mascot theme, terminology and tone being employed doesn't fit well together. I'm not commenting on the quality of the artwork or the character work for the record, both of which seem fine and probably took a lot of time and effort. It's really hard to cater to an adult audience through this medium but it's not new either - twitter fail whale, firefox fox, google's android etc. all have used their mascots and used them well - I think this could be done better (if this route is going to be taken). But to do that - start by aiming for oatmeal, not Dora or Disney. Regards. Theo10011 (talk) 22:33, 4 September 2013 (UTC)[reply]

Why a tiger?

Why does the banner for the new privacy policy include a drawing of a tiger? We're not children. --Cryptic C62 (talk) 02:52, 5 September 2013 (UTC)[reply]

I don't work for the WMF, so I can't explain why they chose to use the tiger, but here's some sort of explanation: The WMF has a stuffed animal tiger in their offices called wmf:Rory. The usage of Rory illustrations has been discussed above, in other sections. PiRSquared17 (talk) 02:55, 5 September 2013 (UTC)[reply]

Offputting for adult readers

The policy reads as if aimed at schoolchildren, with the cuddly tiger, "way cooler", "eat your greens", "evil wizard", "You're still awesome" (or "... brilliant" in GB english version). It is possible to write clear English in a neutral, adult, way: see The Plain English Campaign and its guides if you need help. The Privacy Policy is an important document and should be written in a clear and serious tone, not as if it's written by teenagers for children. We are trying to recruit new subject-expert editors, with the introduction of Visual Editor: if a high-power professor reads this proposed text, offered as the Privacy Policy, they are unlikely to take Wikipedia seriously enough to want to contribute their time and expertise. PamD (talk) 07:55, 5 September 2013 (UTC)[reply]

Thanks for the link, I'm adding it to Writing clearly. --Nemo 11:42, 5 September 2013 (UTC)[reply]

Thanks for all the above comments. To be honest, from my personal viewpoint, I'm actually OK with this, and I'm known as a pretty stuffy and formal lawyer.  :) Our challenge is to explain a complicated topic to everyone, including casual readers of our projects. As I note above, we are repeatedly told that few ever read privacy policies, those who start often don't finish, and when they do, they often misunderstand them. For that reason, we have tried a few ideas, like the user-friendly summary at the beginning of the policy, plainer English (with no doubt a few exceptions), more transparent and hopefully easier-to-understand explanations in the text, and, yes, humor. In my humble opinion, I like it. To my ear, it is not condescending but is respectful, underscoring that we expect the reader to read the policy and we are making efforts to help them enjoy it. For me, humor helps get through dry material. My take on the proposed rewrite above it that it is fine, but I honestly like the version in the draft privacy policy better: it helps explain better in plain terms where we are going, and it may actually help people remember themes in the document. We did have non lawyers read through various drafts. Their ongoing feedback pointed us in this direction. I definitely respect the opinion of those who disagree with me, and, of course, during the 4-month consultation period, we will be listening closely on this issue. In any case, I really appreciate all of you reading and responding ... quite helpful in thinking through this topic. Many thanks. Geoffbrigham (talk) 14:14, 5 September 2013 (UTC)[reply]

"We are repeatedly told that few ever read privacy policies, those who start often don't finish, and when they do, they often misunderstand them. For that reason, we have tried a few ideas, like the user-friendly summary at the beginning of the policy, plainer English (with no doubt a few exceptions), more transparent and hopefully easier-to-understand explanations in the text, and, yes, humor.": +1 Ocaasi (talk) 18:19, 5 September 2013 (UTC)[reply]

That's not humor, that's an embarrassment. You should target the common average of users(german: Schnittmenge), and not only a specific group. But I'm used to such nonesense in wikipedia. Most of the editors suffer from brain damage or mental retardation I think, so no suprise. Whatever, good luck. Greets--82.113.121.77 22:14, 5 September 2013 (UTC)[reply]

I think some clarification on the data retention policy would be helpful : in the section of the draft on "How Long Do We Keep Your Data", there is a link ("(Check out our list of examples") to what can be "retained indefinitely". The link sends to a page with the following statement : "You can learn more about how long we keep different types of data in our data retention guidelines and procedures [LINK]", where the link is void. Also, today's post on the Foundation's blog says : "In the coming months, we will also be releasing Data Retention Guidelines ... which [will] address many of the most prominent concerns we heard during the initial consultation period [and] explain our data collection and retention practices under the new Privacy Policy in greater detail". Does this mean the data retention policy is to be clarified here and now or later ? Is the current data retention policy to be replaced by another document ? Is there a difference made between "guidelines" and "policy" ? Will a draft on these matters be submitted later to the community ? Thanks, — Racconish^Tk 18:51, 4 September 2013 (UTC)[reply]

The German Wiki has also the internal Data retention ;(((

• Aye, sorry about the [link]. My understanding is that the Data Retention Guidelines will be put out soon (most likely in the next couple weeks), but definitely out before this discussion is over. The last date I heard was in 2-3 weeks but I may be wrong on that. Will see if I can get a more specific answer on the guidelines vs policy question (I think I know but don't want to be wrong on that). Jalexander (talk) 07:51, 5 September 2013 (UTC)[reply]

Thanks. — Racconish^Tk 08:59, 5 September 2013 (UTC)[reply]

Hi Racconish! LCA is working closely with Tech to draft some basic Data Retention Guidelines in the coming weeks. We will be able to release them for community feedback in 1-2 months. I'm sorry that I can't give you an exact date yet as the release date heavily depends on how the internal conversations go (availability, consensus, etc.) The guidelines will differ from a traditional "policy" in a few ways. First, we envision the guidelines being updated as needed so we can address how we handle new types of data or new uses of data on an ongoing basis. A policy, such as the privacy policy, is meant to be finalized and static for hopefully the next 5 years or so (assuming no major change in practice occurs in that time). The guidelines are meant to provide practical, specific, everyday guidance for WMF staff on how we handle data. And while guidelines will be public (both to be transparent and to help the community understand some of our practices better), the application of the guidelines are more internal. Policies, on the other hand, tend to be broader and outward-facing and outline principles we wish to uphold and promote. I hope that answers your question. If you have more questions or would like further clarification, we are happy to provide it. Mpaulson (WMF) (talk) 21:53, 5 September 2013 (UTC)[reply]

blog.wikimedia.org runs the WordPress software, but I'm pretty sure it actually isn't hosted by WordPress. I just spoke with Brion in #wikimedia-tech who said that he's pretty sure the blog is hosted on one of the WMF's servers. Legoktm (talk) 19:19, 4 September 2013 (UTC)[reply]

So I checked with the ops folks in private chat; apparently there's some talk about switching the blog to WordPress's hosted servers, but it hasn't been done yet. (Main reason to move it is that it's a pain for the ops people to keep one extra web service up, running, up to date, and tuned for occasional high-traffic spikes, while WordPress.com does that for a living.) But yeah, the text should be .... current with actual practice I suppose! --brion (talk) 19:23, 4 September 2013 (UTC)[reply]

The blog is planned to move to third-party hosting pretty soon, probably this month, as part a general redesign of the blog. I understand the new privacy policy won't go live before 2014. Regards, Tbayer (WMF) (talk) 19:51, 4 September 2013 (UTC)[reply]

Yeah, as Tilman says this is planned well in advance of this becoming practice and so was written in as a known example. Jalexander (talk) 07:48, 5 September 2013 (UTC)[reply]

The blog is being moved to third-party hosting? Does WordPress.com follow our privacy policy? --MZMcBride (talk) 12:12, 5 September 2013 (UTC)[reply]

I know that legal is currently in discussion with their General Counsel/Legal staff about changes to their privacy policy for us. I know that while we were currently expect to use wordpress.com if that falls through they have been looking at other hosting options to make sure we're comfortable. Jalexander (talk) 22:31, 5 September 2013 (UTC)[reply]

Template:Resolved

MOVED FROM WIKIPEDIA VILLAGE PUMP

Hi, at http://meta.wikimedia.org/wiki/Privacy_policy/BannerTestA, it says:

Because of how browsers work and similar to other major websites, we receive some information automatically when you visit the Wikimedia Sites. This information includes the type of device you are using (possibly including unique device identification numbers), the type and version of your browser, your browser’s language preference, the type and version of your device’s operating system, in some cases the name of your internet service provider or mobile carrier, the website that referred you to the Wikimedia Sites and the website you exited the Wikimedia Sites from, which pages you request and visit, and the date and time of each request you make to the Wikimedia Sites.

What sort of "unique device identification numbers" is it referring to? I thought browsers didn't provide that information. 86.169.185.183 (talk) 17:40, 4 September 2013 (UTC)[reply]

Looking at similar privacy policies, it looks like this may refer to mobile devices: "AFID, Android ID, IMEI, UDID". --  Gadget850 ^talk 17:45, 4 September 2013 (UTC)[reply]

You mean that when you access a website through a browser on an Android device the website can collect a unique device ID? Is that really correct? (I can believe it for general apps, where, presumably the app can do "anything" within permissions, but I didn't think there was any such browser-website mechanism). 86.169.185.183 (talk) 18:58, 4 September 2013 (UTC)[reply]

I think this question is more appropriate for the Talk page discussion on the privacy policy draft. Steven Walling (WMF) • talk 20:31, 4 September 2013 (UTC)[reply]

I see that this information is "receive[d] [...] automatically". That doesn't necessarily mean this information needs to be collected and stored. Personally I am fine with this information being temporarily handled in a volatile location in order to cater to the display needs of each individual device. I do not however, believe that this information should be stored or used for any other means. Participation in this data-mining should be off by default. WMF would of course be free to nag users into opting in. Because this is a _free_ encyclopedia, users should be _free_ to at least view it in the way they want, without having all their habits and device details harvested non-consensually. Contributions? Edits? Sure, take all you want. There's an implicit agreement to such data-mining when a user submits an edit. But there isn't one from just viewing a page. --129.107.225.212 16:59, 5 September 2013 (UTC)[reply]

Thanks, but that is not really relevant to my question (not sure if it was supposed to be), My question is whether it is technically possible for a website to obtain "unique device identification numbers" from a web browser. The text implies that it is; previously I believed it wasn't. I am hoping that someone will be able to answer the question. 86.167.19.217 17:27, 5 September 2013 (UTC)[reply]

Euh... Ca veut dire quoi, feedback ? Si vous traduisez, s'il vous plaît, essayez de le faire correctement ! 78.251.246.17 20:52, 4 September 2013 (UTC)[reply]

Bonjour ! Le mot "feedback" veut dire "commentaires en réaction". Voir aussi : #Feedback, wikt:fr:feedback#Anglais. Cdlt, PiRSquared17 (talk) 20:56, 4 September 2013 (UTC)[reply]

Merci :-) 78.251.246.17 22:42, 4 September 2013 (UTC)[reply]

"This information includes [...] the website that referred you to the Wikimedia Sites and the website you exited the Wikimedia Sites from"

"the website you exited the Wikimedia Sites from" is hard to understand. Does it mean that when you click an external link the identity of the referring page is sent to the external website? 86.169.185.183 20:53, 4 September 2013 (UTC)[reply]

It seems trivial but does sound clumsy. It can be rephrased. Theo10011 (talk) 21:21, 4 September 2013 (UTC)[reply]

How about "the website from which you exited the Wikimedia Sites"... Chase me ladies, I'm the Cavalry (talk) 13:12, 5 September 2013 (UTC)[reply]

That may help in a cosmetic way, but it doesn't fix the main problem which is that the statement fundamentally does not make sense. I think the text has got muddled or garbled or the intent got misunderstood somewhere along the way. It may have been intended to say what I described above, but it definitely does not succeed in that. 86.167.19.217 17:41, 5 September 2013 (UTC)[reply]

That's definitely clear wording, Chase me. But unfortunately, it doesn't convey what I'm trying to say (which indicates that we need to keep trying with the phrasing). What I'm trying to describe is the next website that you go to when you exit a Wikimedia Site. For example, if I am reading a WP article and then click through to an external source link, the data automatically received by us includes what the external source website was. Any ideas as to how to better phrase that? Mpaulson (WMF) (talk) 00:54, 6 September 2013 (UTC)[reply]

The policy states that "This Privacy Policy does not apply to all of the Wikimedia Sites, such as Wikimedia Sites that have their own privacy policy (like the Wikimedia Shop) or third-party actions and sites (like third-party developer projects on Wikimedia Labs)." What happens when we include code from Labs or Toolserver into standard pages (for example GeoHack; there is no indication that it might be under a different policy) -- how do we ensure compliance to the policy for those included snippets? Or how do we clearly mark on our projects that a tool is external? Mwalker (WMF) (talk) 20:58, 4 September 2013 (UTC)[reply]

Hi, Matt; thanks for taking the time to read the policy at this level of careful detail - much appreciated.

Our intent is that if something from a third party is actually included into a standard page on one of the covered sites (like GeoHack on Wikipedia pages) then it must comply with the privacy policy. This language is intended to cover cases where the Labs tool is standalone, or accessed by people making affirmative choices to go to Labs (like clicking on a link). If that's not clear, we could perhaps work to clarify this; suggestions welcome.

It might be useful to note that, to make this easy, legal has worked with the Labs team so that Labs projects embedded in covered sites should be compliant by default. This involved two steps: first, technologically, we filtered the information passed to a Labs tool (i.e., IP addresses and user agent information) so that it would be technically difficult for Labs tools to get at information that might violate the policy. Second, legally, the Labs terms of use should be more restrictive about data collection than this main policy, so that Labs projects shouldn’t be sneaking around the Labs technical restrictions in order to grab PII, and so that we can immediately kill any projects that do that.

For the case where people are clicking a link that will take them off-site to Labs, we could conceivably add a requirement that there be some sort of notification (like an icon next to the link, or an interstitial), but we’re not currently planning that. - LVilla (WMF) (talk) 00:37, 6 September 2013 (UTC)[reply]

"Wikimedia Sites"

Why this terminology? I'd appreciate consistency. Terms of use talks of Projects and Wikimedia Projects. --Nemo 21:08, 4 September 2013 (UTC)[reply]

+1. Theo10011 (talk) 21:22, 4 September 2013 (UTC)[reply]

Isn't is the case that WMF runs sites that are subject to the privacy policy but aren't projects? If so (the blog springs to mind), the current broader language seems me the better fit, best regards --Jan (WMF) (talk) 08:28, 5 September 2013 (UTC)[reply]

Actually that might be a distinction worth noting. Does this policy cover things like the blog or labs? I seem to recall the blog using third party software, instead of mediawiki, and labs having similar issues with deployed analytic, and users having access to other user's info. I assumed those 2 things meant this privacy policy probably won't cover those and only the projects. Anyway, it just sounds clunky, a better terminology must exist for this. Theo10011 (talk) 10:15, 5 September 2013 (UTC)[reply]

I appreciate this discussion. The definition of "Wikimedia Sites" is probably a bit broader than the projects. Specifically in the Introduction of the policy we have a list of definitions. "Wikimedia Sites" is defined as:

Wikimedia Sites and services (regardless of language), including our main projects, such as Wikipedia and Wikimedia Commons, as well as mobile applications, APIs, emails, and notifications; excluding, however, sites and services listed in the “What This Privacy Policy Doesn’t Cover” section below.

My thinking is that a casual reader of Wikipedia - to whom this privacy policy applies - may not understand what a "project" is naturally, but will understand what a "site" is. I can see good arguments either way, however, on correct wording. Geoffbrigham (talk) 14:37, 5 September 2013 (UTC)[reply]

“the Wikimedia Foundation” / “the Foundation” / “WMF” / “we” / “us” / “our”

Instead of providing glossaries, can't you just use a single term? --Nemo 21:10, 4 September 2013 (UTC)[reply]

Hi Nemo! There are different reasons for using these various terms to describe the Wikimedia Foundation. We say "the Wikimedia Foundation" because it's our official name and depending on the sentence, formality or use of the full name is appropriate. However, we recognize that it's a rather long name and something that we frequently have to reference. Saying "the Wikimedia Foundation" every time we refer to the Wikimedia Foundation would have made the policy even longer...something we wanted to avoid, so we sometimes used "WMF" or simply "the Foundation" instead. As for "we", "us", and "our", we believed that informal terms would help improve readability and flow. For the avoidance of doubt, we added it to the Glossary to make it clear that these terms all refer to the Wikimedia Foundation. Hope that helps explain why we drafted as we did. Mpaulson (WMF) (talk) 00:08, 6 September 2013 (UTC)[reply]

"update your account profile", "information in your user profile"

What is this thing or things the text talks about? Never heard of profiles on our wikis. --Nemo 21:19, 4 September 2013 (UTC)[reply]

Hi Nemo! This refers to information on your user page. We used the terms like "user profile" to be more accessible to casual users who may not be as familiar with the term "user page". However, I do believe that this phrase should be consistent within this document. Thank you for pointing out that it's called "account profile" in one place. We will get that changed. Mpaulson (WMF) (talk) 23:25, 5 September 2013 (UTC)[reply]

Actually, +1 on all 3. Consistency is very important in vetted documents like these that will be around for a long while. Theo10011 (talk) 21:25, 4 September 2013 (UTC)[reply]

Can someone explain what purpose it serves to have a two-tiers privacy protection in which WMF doesn't guarantee much, or anything, about what in the end might happen with private data on the wikis? In particular the exclusion of "data-collecting tools that are placed on Wikimedia Sites by users, volunteer administrators, or other third parties" means that we (WMF and community) could no longer just remove any tracking script from the wikis on sight as being against the privacy policy. --Nemo 21:15, 4 September 2013 (UTC)[reply]

Hi Nemo! I am a little confused by your question, to be honest. The policy draft does not change rules regarding the removal of tracking scripts from wikis that contravene the privacy policy. Community members are still free to remove tracking scripts from the wikis on sight if they believe they violate the privacy policy. However, if you are not sure whether a particular tracking script is in violation of the privacy policy or you happen to be a casual user who doesn't know how to or doesn't want to remove the script themselves, they can report it directly to the Foundation and we will look into the matter. Does that help address your concerns or did I misunderstand your question? Mpaulson (WMF) (talk) 23:10, 5 September 2013 (UTC)[reply]

Makes no sense, please kill. --Nemo 21:21, 4 September 2013 (UTC)[reply]

What about that makes no sense? It seems straightforward to me. Registration data, and demographic data about yourself. Philippe (WMF) (talk) 21:26, 4 September 2013 (UTC)[reply]

So you're saying that the users can delete registration data? Please tell me how. Is it a new feature that will be developed? --Nemo 21:32, 4 September 2013 (UTC)[reply]

I'm actually curious what demographic data is and where it is extracted from. There is no demographic data as far as I know besides gender info in the preference options, and even that isn't disclosed half the times. Also, did we add an option to disclose age at some point or is there more analytic data being extracted from elsewhere besides the preference option? Maybe I missed something. Theo10011 (talk) 21:34, 4 September 2013 (UTC)[reply]

Gender preference is not demographic data, it's grammatical information. --Nemo 21:44, 4 September 2013 (UTC)[reply]

I thought so too. But "we may ask you for more demographic information about yourself, such as gender or age." - seems to imply not. What exactly is the demographic data here then? Theo10011 (talk) 21:46, 4 September 2013 (UTC)[reply]

Gender preference certainly is grammatical information as well but there is no getting away from the fact that it is also demographic data (and that people don't always like it being known for varied reasons). Jalexander (talk) 21:56, 4 September 2013 (UTC)[reply]

James, is that all the demographic data is that is being referred to? I actually would like a clearer explanation if that kind of info is only pulled from the preference options or somewhere else and what other kind of info is there? Thanks. Theo10011 (talk) 22:00, 4 September 2013 (UTC)[reply]

Thanks Theo, I'll find someone who can give a more through answer. Jalexander (talk) 07:02, 5 September 2013 (UTC)[reply]

I've read the draft from beginning to end, and I have no idea what you wanted me as a user to get from it. What's the purpose, what does it improve compared to the much shorter and more concise current policy which provides very clear and straightforward protections such as the four (4) magic words «Sampled raw log data» (see also #Data retention above)? Is the purpose just adding tracking pixels and cookies for everyone, handwashing (see section above) and generally reducing privacy commitments for whatever reason? --Nemo 21:31, 4 September 2013 (UTC)[reply]

Hi Nemo, Thanks for your comment. I outlined some specific reasons for why we needed an update above. YWelinder (WMF) (talk) 01:12, 6 September 2013 (UTC)[reply]

You know, I'm all in favour of revisiting the Privacy policy. But we do have an existing privacy policy, and there isn't even a link to it on the page titled "Privacy policy". I am quite certain this is an oversight, and that a Meta administrator can fix this. (Yes, I know the links at the bottom of the page go to the current version on wmf wiki. But if I search for "Privacy policy" here on Meta, I'm being taken to the draft.) Risker (talk) 21:36, 4 September 2013 (UTC)[reply]

That's a very good point. I'm fixing. Philippe (WMF) (talk) 21:45, 4 September 2013 (UTC)[reply]

Done with this edit. Philippe (WMF) (talk) 21:49, 4 September 2013 (UTC)[reply]

Umm, not good enough. It should be a separate bolded line that says the same thing you just posted in the box, and should not be in the box itself. It took me four tries to find it without clicking your link here. Suggested wording: CLICK HERE to read the current Privacy policy (with the link at "click here"). Risker (talk) 21:54, 4 September 2013 (UTC)[reply]

"Click here" is language that's not recommended to be used anywhere, for usability reasons. Steven Walling (WMF) • talk 23:41, 4 September 2013 (UTC)[reply]

Steven, I don't really care what language is used as long as the link to the current policy is easily visible, large and really obvious. Call it whatever you want. Just don't bury it, as it is buried right now. Having looked at the link you've provided, I'll simply say that the type of links they're recommending are pretty much the kind of links that I avoid like the plague on a website I don't know, and I'd say that as knowledgeable about the web as some of their reference sources may be, they actually don't know much about usability, which is ensuring that the site acts in the way that users expect and intend. If this is the kind of stuff that the WMF is using as its usability standards, then it explains an awful lot about the usability problems that have been introduced over the last several years. Risker (talk) 01:14, 5 September 2013 (UTC)[reply]

• I've moved it out of the template and centered it up on top, how does that look? Jalexander (talk) 07:43, 5 September 2013 (UTC)[reply]

Les explications indiquent que les serveurs sont situés aux Etats-Unis et que nous devons accepter que ce soit la loi américaine de protection des données personnelles qui s'applique, même si elle est moins protectrice que la nôtre, et que dans le cas contraire nous ne devons pas utiliser Wikipédia. Ca veut dire que nous devons nous barrer tout de suite ? De toutes façons, je ne crois pas que ce soit légal. La Wikipédia francophone concernant en grande partie des Français (ainsi que des Québécois, Belges, Africains, Suisses, etc.), je pense que les juridictions des publics concernés ont leur mot à dire, et que leurs lois doivent d'appliquer. La jurisprudence n'est pas encore bien établie, mais d'ores et déjà certains décisions judiciaires sont allées dans ce sens. En tous cas, personnellement, je ne suis pas du tout d'accord pour donner mon consentement à ce que ce soit la loi américaine qui s'applique. Bien trop dangereux ! La loi américaine n'est pas assez protectrice ! Sans parler de toutes ces lois liberticides prises à la suite des attentats du 11 septembre, sans grand contre-pouvoir pour contrôler leur mise en oeuvre ! 78.251.246.17 22:55, 4 September 2013 (UTC)[reply]

Pourquoi parles-tu uniquement de la Wikipédia francophone ? Il existe plusieurs centaines de projets dans plein de langues, dont les pays pourraient également avoir leur mot à dire. En clair, la fondation ne peut pas suivre toutes les lois du monde et s'arrête donc à celle de son pays. Elfix 07:47, 5 September 2013 (UTC)[reply]

Le problème est qu'on a plusieurs centaines de projets dans plein de langues, mais aussi plusieurs centaines de pays qui, que vous le vouliez ou non, sont souverains, ont leurs propres lois, et ont le droit d'avoir leurs propres lois. C'est un fait. Qu'on le veuille ou non. Et la question n'est pas de savoir si la fondation peut suivre toutes les lois du monde, la question est qu'elle DOIT suivre les lois du monde, car ses activités ne s'arrêtent pas aux frontières de son pays mais s'étendent dans le monde entier. Non seulement elle DOIT suivre les lois des pays auxquels ses activités s'étendent, mais pour un pays comme la France ou n'importe quel pays européen, dont les lois sont beaucoup plus protectrices vis-à-vis de la vie privée des citoyens que la loi américaine, c'est même hautement souhaitable. C'est la raison pour laquelle cette clause est mauvaise. Si l'excuse pour laquelle la Fondation explique qu'il faut adopter la loi américaine, même si elle est moins protectrice que celle de notre pays, est que les serveurs sont aux Etats-Unis, dans ce cas rapatrions les serveurs en Europe. Dans tous les cas ce sont les lois les plus protectrices que nous devons respecter, car si nous respectons les lois les plus protectrices, alors nous respectons toutes les lois, y compris les lois américaines ou de tous les pays 78.251.243.204 18:26, 5 September 2013 (UTC)[reply]

Would it be relevant to add something along the lines of "From time to time, we may release non-personally-identifying information in the aggregate, e.g., by publishing analytical data..."

Do you think that's covered by the Experimentation section? "Similarly, we may share non-personal or aggregated information with researchers, scholars, academics, and other interested third parties who wish to study the Wikimedia Sites." or is there somewhere else you think it needs to be spelled out more? Jalexander (talk) 02:42, 5 September 2013 (UTC)[reply]

Je ne me suis jamais créé de compte. On ne m'a jamais obligé à le faire. Mais je dois dire que la pression pour le faire est assez importante (je le déplore). Méfiance exacerbée envers les contributeurs sous IP. Protections non justifiées de trop nombreux articles. Questions fréquentes (pas forcément méchantes, mais parfois si) demandant pourquoi on ne se crée pas de compte. Certains contributeurs refusent de discuter avec des IP. Etc.
Je suis très favorable à la possibilité de contribuer sous IP. Je trouve même que cela pourrait avec profit être rendu obligatoire dans la plupart des cas. D'après ce que j'ai lu des Règles de confidentialité, Wikimédia semble avoir compris l'importance de cette possibilité de contribuer sous IP. Mais il faudrait que cette compréhension ne soit pas restreinte à ces Règles, mais se répande dans la communauté. Dire et répéter que les simples IP sont bienvenus, pas forcément sanctionner (pas besoin de diviser la communauté) mais contredire ceux qui critiquent les Wikipédiens contribuant sous IP qui ne désirent pas s'inscrire, combattre les discriminations dont nous sommes fréquemment victimes (semi-protections de page parfois abusives, absence d'outils de suivi pour les IP, interdiction de participer à certaines discussions (pour les votes, je comprends, mais pour les discussions je ne comprends pas), etc.). Parce que d'un côté on a de beaux discours, mais dans les faits ça ne suit pas toujours :-) 78.251.248.20 01:42, 5 September 2013 (UTC)[reply]

I agree this point. --194.79.157.242 07:25, 5 September 2013 (UTC)[reply]

Translation pages especially in Turkish need protection. Nazif İlbek 05:26, 5 September 2013 (UTC)[reply]

Why? Speaking of which, do the banners automatically link the correct language? --Nemo 05:44, 5 September 2013 (UTC)[reply]

The "user-friendly summary" is not readable on my mobile because it is in a fixed width box; I can read the rest of the draft policy OK. PamD (talk) 06:53, 5 September 2013 (UTC)[reply]

Thanks Pam, we noticed the same thing yesterday (and while you can read the rest it isn't great on many phones as well) we're talking to some of our mobile team on some good ways to make it work better. Jalexander (talk) 07:42, 5 September 2013 (UTC)[reply]

I think this draft is a great example of how it should be done: Extensive discussions lead to a draft that is written in language that people whithout a law degree can understand, followed by a feedback period. Well done, Legal Team. Thank you for that!--Pavel Richter (WMDE) (talk) 09:08, 5 September 2013 (UTC)[reply]

Thank you Pavel! Our aim is to draft policies that adhere to the community's values and which are, at the same time, accessible to the community at large. We greatly appreciate your support! Mpaulson (WMF) (talk) 23:15, 5 September 2013 (UTC)[reply]

I have to say I am not in favor of this. Wikimedia needs to be able to be a reputable site for information. If anyone can change anything at any time, it can loose that credibility.

Comment on above statement - I don't know who wrote the above, but I tend to agree with it. I read the whole privacy policy and think it was thoroughly thought out and like it. However, once in the past I wrote on one forum that I had reservations about allowing edits when the writer was not logged on. My argument was poorly received but I will say it again. Several times I have run into persons who wanted to make inappropriate edits or deletions of valid material. Many of these were done without the person having logging on, which can make it immensely difficult to track down the responsible individual (they can use any public or office computer to remain anonymous). I must note that most persons who edit outside of accounts make productive edits, while persons who work from registered accounts can make disruptive or vandalizing edits. In the latter case, however, there is always the possibility of using sanctions against the registered user.Wpollard (talk) 12:19, 5 September 2013 (UTC)[reply]

What you are asking for is something that just entirely goes outside of the wiki philosophy. The goal of the foundation isn't to be a reputable site for information. That's what peer-reviewed, formally published content in the academia is for. -129.107.225.212 17:12, 5 September 2013 (UTC)[reply]

Il y a aussi des possibilités de sanction pour les IPs : il suffit de la bloquer ! Et je ferais remarquer que les plus gros problèmes relationnels entre Wikipédiens ne sont pas le fait d'IPs mais d'utilisateurs inscrits. Certains utilisateurs inscrits croient avoir une réputation à défendre, font preuve d'arrogance, d'impolitesse, d'indélicatesse, d'acharnement contre d'autres utilisateurs, etc. C'est beaucoup moins voire pas du tout le cas avec les IPs, qui eux n'ont pas de stupide réputation à défendre 78.251.243.204 18:41, 5 September 2013 (UTC)[reply]

In the end I don't think this is a very good place to have this particular discussion. While it's in the privacy policy ( because the policy needs to be descriptive of what is actually happening) but this is an incredibly long standing and core piece of the projects. If it wants to change it's going to need to be a very large (and likely controversial) discussion of it's own. Jalexander (talk) 01:12, 6 September 2013 (UTC)[reply]

What is this about? Never ask?

And there have been recent talks about being more aggressive in collecting an e-mail address during account registration. I'm not sure whose principle this is. --MZMcBride (talk) 12:23, 5 September 2013 (UTC)[reply]

I don't see any reason why an email address shouldn't be asked for. Although it is easy to make one(gmail etc) it will provide some degree of contact if contact was required to verify something?

Peut-être parce que certaines personnes n'ont tout simplement pas d'adresse e-mail, et pas envie d'en avoir ? Est-ce si extraordinaire ? Et peut-être que certaines personnes ont une adresse e-mail mais refusent de la communiquer à quelque site que ce soit, parce qu'on ne sait pas ce qui peut en être fait ? Si vous communiquez votre adresse e-mail à tout le monde, ne vous étonnez pas que vos boîtes aux lettres électronique croulent sous la pub ! 78.251.243.204 18:46, 5 September 2013 (UTC)[reply]

@MZMcBride: There's no current plan to be more aggressive about requesting email addresses. I proposed it as a topic of discussion when we were A/B testing new signup forms, but it's not really a priority. Plenty of people who want to are already opting in to email notifications without use being more aggressive, so just keeping it as a very much optional thing is fine. Steven Walling (WMF) • talk 22:45, 5 September 2013 (UTC)[reply]

Template:Resolved

Je demande le retrait du paragraphe Où se trouve la Fondation et qu’est-ce que ceci implique pour moi ? 78.251.243.204 19:05, 5 September 2013 (UTC)[reply]

My apologies for the response in English. If someone would be so kind as to translate this into French, I would be much obliged. Are there any particular reasons that you are requesting removal of that section? Is there any specific language that concerns you? If so, please specify. Mpaulson (WMF) (talk) 22:23, 5 September 2013 (UTC)[reply]

Traduction / translation : « Excusez-moi de répondre en anglais. Si quelqu'un avait la gentillesse de tranduire mon message en français, je lui en serai reconnaissant. Y a-t-il des raisons particulières pour que vous demandiez le retrait de cette section ? Y a-t-il une langue spécifique qui vous concerne ? Si tel est le cas, veuillez le préciser. » Jules78120 (talk) 22:37, 5 September 2013 (UTC)[reply]

Merci Mpaulson de votre réponse (et merci à Jules78120 pour sa sympathique traduction :-) ). Les raisons particulières qui me poussent à demander le retrait de cette section sont les mêmes que celle déjà développées plus haut dans la section Localisation des serveurs aux Etats-Unis et loi applicable et dans plusieurs autres sections telles par exemple que NSA, FISC, NSL, FISAAA, PRISM... Je me permets juste d'être un peu plus insistant dans ma demande, avec votre permission :-) 78.251.243.204 00:54, 6 September 2013 (UTC)[reply]

So, while we as an organization and I personally have some sizable objections to PRISM and many of the actions taken by the US government recently with regards to privacy, removing this section will not actually change the applicability of US law. The Foundation is located in the US, meaning that using our sites leads to the transfer of data to the US, and thus is subject to US law. Mpaulson (WMF) (talk) 01:09, 6 September 2013 (UTC)[reply]

Last time I wrote a program which gathered all the IP addresses of the "recent changes" page and fed them to nmap with one click, that was fun, but not cool. So what about that? Greets--82.113.121.77 21:56, 5 September 2013 (UTC)[reply]

Vous avez peut-être raison. Est-ce que l'affichage des IPs est vraiment utile ? Ne pourrait-on pas le remplacer par un autre système plus respectueux de nos données personnelles ? On peut de plus se poser la question de la légalité d'un tel affichage public 78.251.243.204 22:11, 5 September 2013 (UTC)[reply]

Attempt to translate 78.251.243.204 message : « You may be right. Is IP adresses' display really useful? Couldn't we replace it by an other system more respectful of our personal data? Moreover, we can ask the issue of the public display's legality. » Jules78120 (talk) 22:49, 5 September 2013 (UTC)[reply]

Was soll der Mist? Du kannst nicht erwarten das jeder französisch spricht. Schreib am besten auf englisch, dann ist wenigstens die change höher das jemand was zurück schreibt. Gruss--82.113.121.77 22:21, 5 September 2013 (UTC)[reply]

Na ja, ich schreibe einfach in meiner besten Sprache, Sie können aber auch nicht erwarten, dass jeder Englisch spricht (in der Schule habe ich Deutsch gelernt, kein Englisch, tut mir leid!)! Jeder kann vielleicht dennoch, so wie ich, ein Übersetzungsprogramm benutzen, es ist doch nicht so schwer zu finden, oder? Solch ein Programm können Sie einfach auf Internet kostenlos finden... Wir sind ja im ein-und-zwanzigsten Jahrhundert! Und ich lese lieber Ihr gutes Deutsch als Ihr schlechtes Englisch :-) 78.251.243.204 01:03, 6 September 2013 (UTC)[reply]

Hi All. Thank you for participating in this consultation period. We appreciate questions and comments in all languages. =) I just wanted to let you know that I have passed your questions along to members of our Tech team, who may be able to better address your questions. Mpaulson (WMF) (talk) 22:41, 5 September 2013 (UTC)[reply]

To understand and experiment needs some elaboration. I am annoyed by the fact that many websites do not really explain how third parties can take a "limited" amount of user data for "analysis." Where are requests to use aggregated data posted (to determine who is using this data), what is the application process, what is the format in which the data is transferred to the requesting organization, what is the maximum amount of data that the organization can receive, and how is the data limited (list types of user data that the requesting party can only choose)? Longbyte1 (talk) 23:24, 5 September 2013 (UTC)[reply]