Varia
← Older revision
Revision as of 21:18, 30 June 2013
Line 192:
Line 192:
Tangentially related to the privacy policy, there may have been calls to follow the lead of other large Web services and provide an individual with his or her ''own'' stored private information: [[bugzilla:27242]]. --[[User:MZMcBride|MZMcBride]] ([[User talk:MZMcBride|talk]]) 16:11, 23 June 2013 (UTC)
Tangentially related to the privacy policy, there may have been calls to follow the lead of other large Web services and provide an individual with his or her ''own'' stored private information: [[bugzilla:27242]]. --[[User:MZMcBride|MZMcBride]] ([[User talk:MZMcBride|talk]]) 16:11, 23 June 2013 (UTC)
: Thank you for your suggestion, MZ! We will take that into consideration. [[User:Mpaulson (WMF)|Mpaulson (WMF)]] ([[User talk:Mpaulson (WMF)|talk]]) 00:50, 26 June 2013 (UTC)
: Thank you for your suggestion, MZ! We will take that into consideration. [[User:Mpaulson (WMF)|Mpaulson (WMF)]] ([[User talk:Mpaulson (WMF)|talk]]) 00:50, 26 June 2013 (UTC)
+
+
==Varia==
+
Thanks for this call, an excellent initiative which addresses a real issue. At the same time, it would - in my opinion - defeat the purpose of this constructive move to take for granted some assumptions, particularly the ideas that the only applicable law is the US law and IP addresses do no relate to privacy concerns. I am not an expert in the legal aspects of transborder data flows, but my layman understanding is many national laws are intended to protect their residents in these matters. I also believe our community wishes to establish strongly high standards of privacy and not to benefit from the shelter of an American law that would not offer to the users the level of protection they are entitled to expect from the reasonable application of their national law. I understand this matter has been addressed in the United States by the [[wikipedia:International Safe Harbor Privacy Principles|Safe harbor Policy]] and therefore suggest we could inspire ourselves at least from its principles. Concerning IP addresses, I wish to point out two things : (1) a majority of European countries consider IP addresses as private, either by law or by jurisprudence (see [http://www.justice.gouv.fr/europe-et-international-10045/la-protection-des-donnees-personnelles-en-europe-25433.html this map]) ; (2) the foundation itself, in its privacy policy, recognizes [[foundation:Privacy policy#Access to and release of personally identifiable information|here]] IP addresses are "personally identifiable information" which may be used to identify contributors in order to "protect the rights, property or safety of the Wikimedia Foundation, its users or the public". For these reasons, I think (a) the [[foundation:Data retention policy|Data retention policy]] should clarify what datas are kept, for how long and for what purpose (see (d) below) ; (b) the privacy policy should clarify how contributors can access data concerning them and correct them if need be ; (c) an entity should be identified whom the user can contact in case of problems ; (d) the "catch-all" character of the notion of "safety" in the 6th point of the privacy policy should be worded in a more specific manner. Finally, I suggest (e) the right to vanish should be given to each user, with reasonable implications in terms of data retention. Cheers, <span style="padding-left: 5pt; font-size: 0.9em; letter-spacing: 0.1em">— '''[[User:Racconish|Racconish]]'''[[User talk:Racconish|<sup> Tk </sup>]]</span> 21:18, 30 June 2013 (UTC)