This seems to be derailing rather fast. The background is that we are publishing a fair amount of meta data about our contributors that could at least be seen as not totally harmless from a privacy and data protection point of view.
This includes all the changeset meta data, user ids and display names in the data and last but not least timestamps, distributed in the data dumps and the website. It is currently rather simple to generate a profile for a specific editor and likely even finger print contributions over multiple accounts. Most of us, I would hope, are aware of the potential consequences and accept the risk that contributing out in the open implies, but this is definitely not universally true. It has been suggested that one possible approach to resolving this is to remove all the relevant meta data from places where it can be accessed without an OSM account (that would imply no changeset dumps, and no user-ids etc in the planet dumps, and re-working the website to only show such information to logged in users). This would have to be accompanied by a new set of ToS that would clearly lay down how such meta data can be used. Naturally the above will not stop the bad guys, but it would make it slightly less trivial to misuse OSM. Pascal, who has in the past been threatened with legal action wrt privacy issues, reacted very promptly to the discussion and implemented such a login-only access model, I don't really see how he can be faulted for that given that it doesn't limit community access at all, and he is fully responsible for what he is publishing. Now the other aspect is the upcoming (2018) changes in privacy regulations in the EU. They will undoubtedly impact any such discussion and future policy and the LWG has budgeted a fair bit of money exactly to investigate and potentially implement any such required changes, which could very well include all of above and more. Personally I'm not very happy with the concept of reducing the availability of contribution meta data as it will make lots of things harder (vandalism detection and fighting for example) and likely require many things to move to OSMF run tasks that are currently done by the community at large, but it may be something that we can't avoid. Simon
signature.asc
Description: OpenPGP digital signature
_______________________________________________ talk mailing list talk@openstreetmap.org https://lists.openstreetmap.org/listinfo/talk
