On 24 October 2013 08:10, Fæ <fae...@gmail.com> wrote: > ... > > Apparently, legals say that the current policy is too flexible for the > board > > to have really meant approving it, so of course the board will like to > > change his mind and make it much stricter, while if one wanted to keep > it as > > flexible as it is now one would need the board to change his mind. > Hmmmmmm. > > > > Nemo > > Without an explanation of why this was an issue or a priority legal > matter, it seems perfectly reasonable to fill in the gaps with wild > fantasy and speculation. I rather like the idea that someone in the > WMF legal team read something about privacy on their top of the range > internet tablet, while drinking freshly ground top of the range > coffee, and as it was an otherwise dull day on the subpoena front, > decided to give this policy a poke to see the ants scurry about. It > certainly seems to have kept many volunteers busy this week. > > Wow, Fae. Just....wow.
Now, how about we look at this from the perspective of the editor whose non-public personal information is available to checkusers, or who has to rely on an oversighter to address an accidental logged-out edit. If I am that editor, I really want the WMF, who has granted those individuals access to this personal (and in some cases private) information, to know exactly who has that access. I want them to know who those people are, I want them to know how to contact them directly, and I want them to make sure that those individuals have personally undertaken to keep any information confidential with very limited exceptions. This is actually a Privacy 101 situation: an organization that grants access to non-public personal information needs to know exactly who it is granting that access to, and the person who has access to that information needs to agree to keep it confidential. The majority of the discussion in the last period has been about the mechanics of collecting and retaining the identifying information of those who have access. There are some good points being raised by several people, and they do need to be addressed; however, the underlying principle is absolutely sound. I'm actually kind of shocked that there would be much debate about the core principle, and I find it concerning that there is the suggestion some individuals who have access to huge amounts of non-public personal information about others should be exempted from having their own identity known to the organization responsible for keeping this non-public information secure. Risker _______________________________________________ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe>