On Fri, Apr 15, 2016 at 2:42 PM, Trillium Corsage <[hidden email]>
wrote: > > Jimbo responded to arbitrator GorillaWarfare on this list, basically, > "yes, I supported with sadness the decision to dismiss Lila." Wait -- seriously?? I missed this piece until today. But if this is true, it is huge. Lila's departure was publicly communicated as a resignation -- not as a "decision [by the board] to dismiss." Jimmy Wales has been quite vocal about wanting to defer to the board on what should and should not be communicated. In this instance, did he seriously acknowledge a vote that was kept private? So...Jimmy Wales can share confidential information when it seems personally convenient to him, but can withhold it when it seems personally convenient to him -- is that the standard? -Pete [[User:Peteforsyth]] _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
In reply to this post by Anthony Cole
The Signpost has just published the October 2015 email exchange between
James and Jimmy - the exchange that Jimmy wouldn't release. https://en.wikipedia.org/wiki/Wikipedia:Wikipedia_Signpost/2016-04-24/Op-ed Thank you Signpost. Anthony Cole On Tue, Apr 26, 2016 at 8:19 AM, Anthony Cole <[hidden email]> wrote: > This is getting ridiculous. > > Jimmy, you quoted from an email exchange with James. James claims this > selective quoting distorted the nature of the exchange. You have been asked > to publish the entire exchange. The only other party to that exchange > (James) wants it published. As Fae and others have repeatedly pointed out, > you may simply redact any confidential board information. Your explanations > for not releasing the whole exchange are an insult to our intelligence and > your refusal to do so is a display of contempt. > > James is a genuine leader and spokesperson, elected by the community. > > What are you? > > You happened to be there when your failed encyclopaedia, thanks to Larry's > idea to use a wiki and thanks to the energy and determination of the > community, exploded before your eyes into this amazing thing. > > Now, you pretend to be the genius behind Wikipedia. Now, you pose as the > humanitarian who gave away the encyclopaedia because "it was the right > thing to do" (when, in reality, you relinquished it because the community > wouldn't allow you to monetise it). Now, you make a nice living off this > charade. > > You can take that story with you and, I'm sure, for a while at least, > you'll still be able to dine out on it. But you're in the way here. It's > time to move on from the board and from your self-appointed role as > "spokesperson for the community". > > We need honest, hard working people who genuinely represent us in a > public-facing role, not a deceitful, self-aggrandising, opportunistic > squatter. > > > Anthony Cole > > > On Sat, Apr 23, 2016 at 8:49 PM, Oliver Keyes <[hidden email]> wrote: > >> On Saturday, 23 April 2016, Gerard Meijssen <[hidden email]> >> wrote: >> >> > Hoi, >> > Governance worth a damn... <grin> Did you know that I introduced Jan >> Bart >> > to Jimmy </grin> the rest is also history. >> >> >> Yes Gerard, you're very very important. Much more so than me. Well done. >> >> > >> > But honestly. In the final analysis the more importance is given to the >> > board, the more it shows a dysfunctional movement. When governance is so >> > relevant, the first thing to do is not to micro-manage. That is what the >> > board is not supposed to do and when something did not go right, >> remember >> > that they are people. Ask yourself how we as a movement suffer instead >> or >> > when you find that a certain behaviour did not win the beauty contest. >> > >> > >> I know the board are people. I also know the people their actions affect >> are people. I am agreed that the board is too prominent - see also the >> spinoff thread - and given too much importance. But when the board sets >> direction on almost everything that costs money, it's function or >> dysfunction is absolutely an 'important thing' >> >> I'm going to drop this thread because it is relatively clear we are not >> making any progress, in either direction, on convincing the other one >> we're >> right. But hey, at least neither of us demanded the other question their >> own sanity :p >> >> >> > This whole affair is backward. It does not help us forward, it does >> hinder >> > and it takes energy away from those things that really matter. >> > Thanks, >> > GerardM >> > >> > On 17 April 2016 at 22:13, Oliver Keyes <[hidden email] >> > <javascript:;>> wrote: >> > >> > > On Sun, Apr 17, 2016 at 3:55 PM, Gerard Meijssen >> > > <[hidden email] <javascript:;>> wrote: >> > > > Hoi, >> > > > So when as a result of your yihad the worst of what you imagine >> comes >> > > out, >> > > > the most you have achieved is that you can say "this is why I think >> he >> > is >> > > > an asshole". Then what. It does not change a thing. We are still >> intend >> > > on >> > > > sharing the sum of all knowledge. You still have to do a lot of >> > > convincing >> > > > before most other people would agree with you. >> > > > >> > > > The problem with your single issue approach is achieves more turmoil >> > than >> > > > anything else. I fail to understand people like you. It is no longer >> > > about >> > > > what we hope to achieve. I have tried to engage you in meaningful >> talk >> > > but >> > > > for me it failed. >> > > >> > > From what I can see, "what we hope to achieve" is governance worth a >> > > damn. It's people in key positions not using those positions as >> > > weapons. It's people taking empathy and consideration and fiduciary >> > > duties seriously. Now, if the absence of these doesn't affect you, I'm >> > > profoundly jealous, but the fact that you do not understand why >> > > Jimmy's behaviour makes it difficult to claim he's a suitable >> > > participant in Wikimedia's governance does not change that a lot of >> > > other people do have concerns - not just me, not just Andreas. >> > > >> > > > >> > > > The one question that I have. In all your hiha I have not understood >> > that >> > > > you understand what it is what Jimmy uniquely brings to our >> community. >> > He >> > > > is really effective as an ambassador for what we do. In this there >> is >> > > noone >> > > > who can replace him. How do you want to replace him. Arguably the >> > latest >> > > > crop of board members have shown how hard it is in the first place >> to >> > > make >> > > > a meaningful contribution. >> > > >> > > Who said anything about replacing him as an ambassador? When Jimmy is >> > > mentioned in the media it's in the context of being Wikipedia's >> > > founder, not one of a dozen-odd board members, and unless there's an >> > > IEG for the invention of a TARDIS I don't think anyone is removing his >> > > founder status. The question is simply whether he is a suitable person >> > > to indefinitely sit on the Board of Trustees, making governance >> > > decisions, given the behaviour he has shown. >> > > >> > > > Thanks, >> > > > GerardM >> > > > >> > > > On 17 April 2016 at 20:20, Andreas Kolbe <[hidden email] >> > <javascript:;>> wrote: >> > > > >> > > >> On March 21, Jimmy posted excerpts from an email conversation he'd >> had >> > > with >> > > >> James Heilman on his Wikipedia user talk page, making further >> > > allegations >> > > >> against James.[1] >> > > >> >> > > >> James replied twice: >> > > >> >> > > >> <quote> >> > > >> >> > > >> Jimmy Wales' summary above of our email correspondence is far from >> > > >> complete, and is not an accurate representation of the overall >> > > discussion. >> > > >> Doc James (talk · contribs · email) 01:22, 24 March 2016 (UTC) >> > > >> >> > > >> Jimbo, you quoted some passages of our mails above. Would you have >> any >> > > >> objection to my posting the complete exchange, so that the parts >> you >> > > quoted >> > > >> can be seen in context? Doc James (talk · contribs · email) 01:09, >> 31 >> > > March >> > > >> 2016 (UTC) >> > > >> >> > > >> <end of quote> >> > > >> >> > > >> Jimmy Wales ignored the latter question until the thread was >> archived. >> > > >> >> > > >> So – will the community get to see the complete exchange or not, so >> > that >> > > >> everyone can judge for themselves how it was misrepresented by >> Jimmy's >> > > >> selective quoting? >> > > >> >> > > >> >> > > >> [1] >> > > >> >> > > >> >> > > >> > >> https://en.wikipedia.org/wiki/User_talk:Jimbo_Wales/Archive_206#What_James_said_publicly_.282.29 >> > > >> >> > > >> On Mon, Apr 11, 2016 at 12:37 PM, Fæ <[hidden email] >> <javascript:;>> >> > wrote: >> > > >> >> > > >> > If we are going to have more elections, can we please hold Jimmy >> to >> > > >> > account this year rather than waiting for him to leave the board >> > under >> > > >> > his own steam? >> > > >> > >> > > >> > His use of "utter fucking bullshit", then using these distraction >> > > >> > politics to avoid answering basic questions intended to deal with >> > his >> > > >> > repeated public allegations of lying against a respected >> community >> > > >> > member, is not what the Wikimedia movement needs or wants from a >> > > >> > Trustee, or someone who represents the movement to the press. >> > > >> > >> > > >> > If Jimmy were a WMF employee, he'd be gone by now. >> > > >> > >> > > >> > P.S. We are still waiting for Jimmy to publish his interviews >> with >> > WMF >> > > >> > employees resulting from his trip to SF, when he was claiming to >> act >> > > >> > for the WMF board, I can't be bothered to work out how many weeks >> > ago >> > > >> > that was. Is this sort of promise that Jimmy would call >> "bullshit" >> > if >> > > >> > it was yet another person he had an ongoing feud with? >> > > >> > >> > > >> > Fae >> > > >> > >> > > >> > On 11 April 2016 at 12:24, Andy Mabbett < >> [hidden email] >> > <javascript:;>> >> > > >> wrote: >> > > >> > > On 23 March 2016 at 11:48, Andy Mabbett < >> > [hidden email] <javascript:;>> >> > > >> > wrote: >> > > >> > >> On 23 March 2016 at 10:01, Jimmy Wales < >> [hidden email] >> > <javascript:;>> >> > > >> > wrote: >> > > >> > >> >> > > >> > >>> But I did publish something on my user talk page that is >> > relevant. >> > > >> > >> >> > > >> > >> Diff, please. >> > > >> > > >> > > >> > > Answer came there none... >> > > >> > >> > > >> > _______________________________________________ >> > > >> > Wikimedia-l mailing list, guidelines at: >> > > >> > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines >> > > >> > New messages to: [hidden email] <javascript:;> >> > > >> > Unsubscribe: >> > https://lists.wikimedia.org/mailman/listinfo/wikimedia-l >> > > , >> > > >> > <mailto:[hidden email] <javascript:;> >> > ?subject=unsubscribe> >> > > >> > >> > > >> _______________________________________________ >> > > >> Wikimedia-l mailing list, guidelines at: >> > > >> https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines >> > > >> New messages to: [hidden email] <javascript:;> >> > > >> Unsubscribe: >> https://lists.wikimedia.org/mailman/listinfo/wikimedia-l >> > , >> > > >> <mailto:[hidden email] <javascript:;> >> > ?subject=unsubscribe> >> > > >> >> > > > _______________________________________________ >> > > > Wikimedia-l mailing list, guidelines at: >> > > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines >> > > > New messages to: [hidden email] <javascript:;> >> > > > Unsubscribe: >> https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, >> > > <mailto:[hidden email] <javascript:;> >> > ?subject=unsubscribe> >> > > >> > > _______________________________________________ >> > > Wikimedia-l mailing list, guidelines at: >> > > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines >> > > New messages to: [hidden email] <javascript:;> >> > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l >> , >> > > <mailto:[hidden email] <javascript:;> >> > ?subject=unsubscribe> >> > > >> > _______________________________________________ >> > Wikimedia-l mailing list, guidelines at: >> > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines >> > New messages to: [hidden email] <javascript:;> >> > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, >> > <mailto:[hidden email] <javascript:;> >> > ?subject=unsubscribe> >> _______________________________________________ >> Wikimedia-l mailing list, guidelines at: >> https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines >> New messages to: [hidden email] >> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, >> <mailto:[hidden email]?subject=unsubscribe> >> > > Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
In reply to this post by Pete Forsyth-2
I imagine that this is the email that Trillium is referring to, for those
who are just joining us: https://lists.wikimedia.org/pipermail/wikimedia-l/2016-February/082566.html Whether he means that he supported her "dismissal" or supported her "resignation" is left to the reader. Cheers, Craig On 26 April 2016 at 10:49, Pete Forsyth <[hidden email]> wrote: > On Fri, Apr 15, 2016 at 2:42 PM, Trillium Corsage <[hidden email] > > > wrote: > > > > Jimbo responded to arbitrator GorillaWarfare on this list, basically, > > "yes, I supported with sadness the decision to dismiss Lila." > > > Wait -- seriously?? > > I missed this piece until today. But if this is true, it is huge. > > Lila's departure was publicly communicated as a resignation -- not as a > "decision [by the board] to dismiss." > > Jimmy Wales has been quite vocal about wanting to defer to the board on > what should and should not be communicated. > > In this instance, did he seriously acknowledge a vote that was kept > private? > > So...Jimmy Wales can share confidential information when it seems > personally convenient to him, but can withhold it when it seems personally > convenient to him -- is that the standard? > > -Pete > [[User:Peteforsyth]] > _______________________________________________ > Wikimedia-l mailing list, guidelines at: > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > New messages to: [hidden email] > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > <mailto:[hidden email]?subject=unsubscribe> > Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
On 26 Apr 2016 09:25, "Craig Franklin" <[hidden email]> wrote:
> > I imagine that this is the email that Trillium is referring to, for those > who are just joining us: > > https://lists.wikimedia.org/pipermail/wikimedia-l/2016-February/082566.html > > Whether he means that he supported her "dismissal" or supported her > "resignation" is left to the reader. My reading of that is Jimmy supported her "departure" with sadness. i.e. he avoids indicating how the departure occurred; neither dismissal nor resignation. No doubt that type of phrasing is in the HR handbook for situations like this, to avoid pain or legal disputes after the fact. Thank you Craig for nipping this one in the bud. -- John _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
26.04.2016, 03:25, "John Mark Vandenberg" <[hidden email]>:
> My reading of that is Jimmy supported her "departure" with sadness. > i.e. he avoids indicating how the departure occurred; neither dismissal nor > resignation. > > No doubt that type of phrasing is in the HR handbook for situations like > this, to avoid pain or legal disputes after the fact. > > Thank you Craig for nipping this one in the bud. Craig gave the right link. Here's the exact exchange. Gorillawarfare: I would love to know whether you supported Lila Tretikov's departure. It is clear that she did not up and resign on her own, and I would like to know if you were one of the folks who thought her departure would be beneficial, or if you preferred she "weather the storm," so to speak. Jimbo Wales: I supported it with sadness. The whole thing is a sad train wreck. Yeah, it's accurate no-one says the word "dismissal." That was my interpretation of it based on recollection, I wasn't trying to introduce a new concept to anything. I don't understand why we're walking on eggshells really. Jimbo "supported her departure with sadness." It seems pretty clear he's not referring to getting misty-eyed over cake at Lila's farewell party. He did something. He's not quarreling with Gorillawarfare's take that "she did not up and resign on her own." As just an observer from afar, I liked Lila and thought she was doing a good job. She hired a child-protection person for one thing. However I've heard about the employee poll that said she really was failing to get support from the ranks, and I'm in no position to second-guess that. And then a couple months ago, she's getting bashed right and left on this very list, with a person going so far as to say she should "choke on shame" and "just go away." With no objection from the list moderators.Jimbo is going bonkers on James Heilman regarding his characterization of "Knowledge Engine." And of course Lila was a proponent of that. All the same, her resignation came quickly and as a surprise to me. If the board had no discussion on her future and did NOT ask for or otherwise overtly encourage her resignation, it would be easy enough for any one of them to say that. If they on the other hand actually did meet or tele-conference and vote on it, that's the meeting I wanted minutes for. And obviously (thank Risker!) this doesn't mean I want to gawk at gossipy details of trustees criticizing her, I just would like to know which trustees gave the thumbs down, which didn't, and which introduced the motion. Is this secret HR stuff that would embarrass Lila? It doesn't seem that way to me. There've been a dozen news stories on her leaving, and none have reported it was on wonderful terms all around. So what's the big deal? Publish the minutes or say "there was no meeting, there are no minutes." Trillium Corsage _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
In reply to this post by Pete Forsyth-2
On Mon, Apr 25, 2016 at 8:49 PM, Pete Forsyth <[hidden email]> wrote:
> On Fri, Apr 15, 2016 at 2:42 PM, Trillium Corsage <[hidden email] > > > wrote: > > > > Jimbo responded to arbitrator GorillaWarfare on this list, basically, > > "yes, I supported with sadness the decision to dismiss Lila." > > > Wait -- seriously?? > No, it's a false quote. I don't know if Trillium falsified the quote or if he/she picked it up from a different source. Asked if he supported her departure, he wrote "I supported it with sadness. The whole thing is a sad train wreck." https://lists.wikimedia.org/pipermail/wikimedia-l/2016-February/082566.html _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
Trillium Corsage apparently tried to address this issue, but their message
has not gotten through email list moderation. I've included it below. My reaction: I should paid more heed to Trillium's qualifier "basically." Jimmy Wales didn't commit the egregious error I thought was being reported. Still, I do feel that Wales' choices about what to say and what not to say have been erratic (from the perspective of what's best for the movement and the WMF) and self-serving. I can't think of other examples of an organization's board members publicly commenting on whether or not they supported an employee's departure. It seems to me there are very good reasons not to get into that. -Pete [[User:Peteforsyth]] ---------- Forwarded message ---------- From: Trillium Corsage <[hidden email]> Date: Tue, Apr 26, 2016 at 7:02 AM Subject: Re: [Wikimedia-l] Open and recorded WMF Board meetings To: [hidden email], [hidden email] 26.04.2016, 14:32, "Nathan" <[hidden email]>: > On Mon, Apr 25, 2016 at 8:49 PM, Pete Forsyth <[hidden email]> wrote: > >> On Fri, Apr 15, 2016 at 2:42 PM, Trillium Corsage < [hidden email] >> > >> wrote: >> > >> > Jimbo responded to arbitrator GorillaWarfare on this list, basically, >> > "yes, I supported with sadness the decision to dismiss Lila." >> >> Wait -- seriously?? > > No, it's a false quote. I don't know if Trillium falsified the quote or if > he/she picked it up from a different source. Asked if he supported her > departure, he wrote "I supported it with sadness. The whole thing is a sad > train wreck." Whoa whoa whoa. I answered this yesterday, but my emails have to be approved by a moderator and none has done so. Here's the relevant part of the email: <begin excerpt> Craig gave the right link. Here's the exact exchange. Gorillawarfare: I would love to know whether you supported Lila Tretikov's departure. It is clear that she did not up and resign on her own, and I would like to know if you were one of the folks who thought her departure would be beneficial, or if you preferred she "weather the storm," so to speak. Jimbo Wales: I supported it with sadness. The whole thing is a sad train wreck. Yeah, it's accurate no-one says the word "dismissal." That was my interpretation of it based on recollection, I wasn't trying to introduce a new concept to anything. <end excerpt> That was my good-faith memory-based paraphrase of it, not any "false quote." I'd also argue that the contextual part where Gorilla says "she did not up and resign on her own" --which is not disputed by Wales-- should figure into any interpretation of the exchange. I also said "basically," which clues the reader in that it was paraphrase, not quote. I didn't do this for any polemic reason either, I just genuinely didn't have the exchange in front of me. Pete, I'd appreciate if you'd convey my position on this matter to the list if my own email doesn't appear by a few hours. Trillium Corsage _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
In reply to this post by Trillium Corsage
I noticed Michelle Paulson editing the "Cookie Statement" page, and it seemed kind of strange to me because I thought it more a technical and IT thing to edit. But Michelle is WMF Legal, right?
Is WMF doing something new (or newish, maybe I'm a little late in picking up on this) with cookies? Can someone describe to me what that is, in layman's terms? Is it about third-party marketing and working up personal profiles of editors and readers? What sort of new information is the WMF gathering, if it is, on editors and readers? Are there privacy concerns we should be worried about? Will the information gathered by the cookies be made available to the anonymous administrative "volunteers" the WMF grants access to the non-public information of editors? The so-called "sockpuppet investigators" and so forth? Here: https://wikimediafoundation.org/w/index.php?title=Cookie_statement&action=historysubmit&type=revision&diff=105722&oldid=104960. Trillium Corsage _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
On Sun, May 1, 2016 at 2:40 PM, Trillium Corsage <[hidden email]>
wrote: > I noticed Michelle Paulson editing the "Cookie Statement" page, and it > seemed kind of strange to me because I thought it more a technical and IT > thing to edit. But Michelle is WMF Legal, right > I won't/can't comment on the rest of your questions but I'm confused about why you would be surprised here... the cookie statement is, essentially, a legal statement/privacy policy "type" document (obviously different but similar) and just like the privacy policy (or access to non public information or document retention policy or terms of use or other policy docs along those lines) the cookie statement has been owned by Legal for as long as it's existed (I can attest to that fact since the CA team was asked to help put it up for them). It's certainly possible that this is only 'obvious' to me because of my knowledge of outside organizations or law but it doesn't surprise me. Cookie statements are part of the law in some countries (not necessarily ones we have to follow given our position in the US but Europe has laws about it for example) and so would usually be within the legal department for many organizations. Cookies are also closely tied with privacy and the privacy policy and so compliance and ensuring that the org stays within their promises would, also, often fall within the legal department (though everyone should/does have a hand in ensuring they follow the promises the org as a whole made). James Alexander Manager Trust & Safety Wikimedia Foundation _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
In reply to this post by Trillium Corsage
Honestly this is kind of a bewildering set of hypotheticals to me.
You worry wikimedia is gathering new data and maybe selling it to marketers and maybe releasing it to the community, or not, or some of them, or all of them, based on: An edit titled 'fixed two errors in cookie names' which...well, fixed two errors in cookie names.[0] that's all the revision appears to contain. Legal editing the cookie statement seems pretty usual to me, and the edit (self-evidently) had nothing to do with changes to what is gathered. It was copyediting. There are a lot of things the Foundation does it could communicate better, but legal tends to do a pretty good job: this edit is really evidence of that since it's senior counsel taking time to make very very sure they are reporting to our users precisely what is going on. If the WMF were to start selling a reading list to Facebook, I'm pretty sure there'd be an announcement, and I'm absolutely certain the policy change would need to consist of a bit more than two typo corrections. [0] https://wikimediafoundation.org/w/index.php?title=Cookie_statement&type=revision&diff=105722&oldid=104960 On Sunday, 1 May 2016, Trillium Corsage <[hidden email]> wrote: > I noticed Michelle Paulson editing the "Cookie Statement" page, and it > seemed kind of strange to me because I thought it more a technical and IT > thing to edit. But Michelle is WMF Legal, right? > > Is WMF doing something new (or newish, maybe I'm a little late in picking > up on this) with cookies? Can someone describe to me what that is, in > layman's terms? > > Is it about third-party marketing and working up personal profiles of > editors and readers? What sort of new information is the WMF gathering, if > it is, on editors and readers? > > Are there privacy concerns we should be worried about? > > Will the information gathered by the cookies be made available to the > anonymous administrative "volunteers" the WMF grants access to the > non-public information of editors? The so-called "sockpuppet investigators" > and so forth? > > Here: > https://wikimediafoundation.org/w/index.php?title=Cookie_statement&action=historysubmit&type=revision&diff=105722&oldid=104960 > . > > Trillium Corsage > > _______________________________________________ > Wikimedia-l mailing list, guidelines at: > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > New messages to: [hidden email] <javascript:;> > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > <mailto:[hidden email] <javascript:;> > ?subject=unsubscribe> Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
In reply to this post by Trillium Corsage
Edits didn't affect the content of the policy actually. Also a cookie
policy is essentially a legal stuff, I'd be surprised to *don't *see the legal team editing it. As a "sockpuppet investigator" I never rely upon cookies, I prefer fingerprints and social security numbers. Vito 2016-05-01 23:40 GMT+02:00 Trillium Corsage <[hidden email]>: > I noticed Michelle Paulson editing the "Cookie Statement" page, and it > seemed kind of strange to me because I thought it more a technical and IT > thing to edit. But Michelle is WMF Legal, right? > > Is WMF doing something new (or newish, maybe I'm a little late in picking > up on this) with cookies? Can someone describe to me what that is, in > layman's terms? > > Is it about third-party marketing and working up personal profiles of > editors and readers? What sort of new information is the WMF gathering, if > it is, on editors and readers? > > Are there privacy concerns we should be worried about? > > Will the information gathered by the cookies be made available to the > anonymous administrative "volunteers" the WMF grants access to the > non-public information of editors? The so-called "sockpuppet investigators" > and so forth? > > Here: > https://wikimediafoundation.org/w/index.php?title=Cookie_statement&action=historysubmit&type=revision&diff=105722&oldid=104960 > . > > Trillium Corsage > > _______________________________________________ > Wikimedia-l mailing list, guidelines at: > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > New messages to: [hidden email] > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > <mailto:[hidden email]?subject=unsubscribe> Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
In reply to this post by James Alexander-4
> It's certainly possible that this is only 'obvious' to me because of my
> knowledge of outside organizations or law but it doesn't surprise me. Your reply is not obvious to me. I understand that your employment is exclusively with WMF and you do not appear to be particularly qualified (or experienced) in law. Treating the cookie statement as an explanation / extension of WMF's privacy policy and noting the poster's concern that the WMF legal team have amended certain descriptors for locally stored objects (not cookies) of indeterminate (theoretically infinite) persistence, would you clarify the following technical /legal aspects relating to cookies and their usage on Wikimedia. 1. Whether, or not, editors of Wikimedia websites", say "en.wikipedia.org" or "commons.wikimedia.org", can edit if cookies (broadly construed) are disabled and not stored on client devices. 2. Whether, or not, the locally stored objects referenced in the cookie policy include (i) Javascript code, or (ii) Flash objects 3. Whether, or not, the locally stored objects inserted by the WMF, on client computers and stored there, have the capability of collecting extensive personal information of editors, the degree of which not being explicitly disclosed in advance to users. 4. Whether, or not, the WMF is aware that a certain "toxic and juvenile .. problem" [reff#1] WMF sysop (now banned) with extensive knowledge of WMF's checkuser process, the cookie policy and its internals has achieved remarkable technical capability to closely impersonate other editors and get them blocked by a network (aka "porn crew") of surviving cooperative "community appointed" sysops favorably still disposed to him/her. That this problem person (who has also threatened legal action against WMF) extensively uses mobile Wikipedia via "millions of IPs" [ref#2] in multiple languages, including several some fairly obscure ones, for abusive purposes which are 'obviously' related to WMF_legal's recent subject edit. Toby [ref#1] "I should be clear - the problem is not the abuse of me, but the toxic and juvenile environment at Commons. I have never failed in 30 seconds of looking to find a horrifying BLP violation at commons of a photo of an identifiable woman engaged in sexual activity with highly questionable provenance (for example a deleted flickr account). Every time (including tonight) that I go there hoping to see improvement, I am disappointed. And I think that as long as we tolerate it and don't bounce some very bad admins, we will not solve the problem.--Jimbo Wales (talk) 23:04, 14 October 2014 (UTC)" [ref#2] https://commons.wikimedia.org/w/index.php?title=User_talk%3AOdder&action=historysubmit&type=revision&diff=194440022&oldid=194439438 On 5/2/16, James Alexander <[hidden email]> wrote: > On Sun, May 1, 2016 at 2:40 PM, Trillium Corsage <[hidden email]> > wrote: > >> I noticed Michelle Paulson editing the "Cookie Statement" page, and it >> seemed kind of strange to me because I thought it more a technical and IT >> thing to edit. But Michelle is WMF Legal, right >> > > I won't/can't comment on the rest of your questions but I'm confused about > why you would be surprised here... the cookie statement is, essentially, a > legal statement/privacy policy "type" document (obviously different but > similar) and just like the privacy policy (or access to non public > information or document retention policy or terms of use or other policy > docs along those lines) the cookie statement has been owned by Legal for as > long as it's existed (I can attest to that fact since the CA team was asked > to help put it up for them). > > It's certainly possible that this is only 'obvious' to me because of my > knowledge of outside organizations or law but it doesn't surprise me. > Cookie statements are part of the law in some countries (not necessarily > ones we have to follow given our position in the US but Europe has laws > about it for example) and so would usually be within the legal department > for many organizations. Cookies are also closely tied with privacy and the > privacy policy and so compliance and ensuring that the org stays within > their promises would, also, often fall within the legal department (though > everyone should/does have a hand in ensuring they follow the promises the > org as a whole made). > > James Alexander > Manager > Trust & Safety > Wikimedia Foundation > _______________________________________________ > Wikimedia-l mailing list, guidelines at: > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > New messages to: [hidden email] > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > <mailto:[hidden email]?subject=unsubscribe> _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
It seems like you can either deny James's knowledge of the technical/legal
overlap or ask him questions, but probably not both :p. One element I can answer: no, it does not contain flash objects, flash is not a technology included in the Wikimedia stack on account of it barely being classifiable as a technology. On Sunday, 1 May 2016, Toby Dollmann <[hidden email]> wrote: > > It's certainly possible that this is only 'obvious' to me because of my > > knowledge of outside organizations or law but it doesn't surprise me. > > Your reply is not obvious to me. I understand that your employment is > exclusively with WMF and you do not appear to be particularly > qualified (or experienced) in law. > > Treating the cookie statement as an explanation / extension of WMF's > privacy policy and noting the poster's concern that the WMF legal team > have amended certain descriptors for locally stored objects (not > cookies) of indeterminate (theoretically infinite) persistence, would > you clarify the following technical /legal aspects relating to cookies > and their usage on Wikimedia. > > 1. Whether, or not, editors of Wikimedia websites", say > "en.wikipedia.org" or "commons.wikimedia.org", can edit if cookies > (broadly construed) are disabled and not stored on client devices. > > 2. Whether, or not, the locally stored objects referenced in the > cookie policy include > (i) Javascript code, or > (ii) Flash objects > > 3. Whether, or not, the locally stored objects inserted by the WMF, on > client computers and stored there, have the capability of collecting > extensive personal information of editors, the degree of which not > being explicitly disclosed in advance to users. > > 4. Whether, or not, the WMF is aware that a certain "toxic and > juvenile .. problem" [reff#1] WMF sysop (now banned) with extensive > knowledge of WMF's checkuser process, the cookie policy and its > internals has achieved remarkable technical capability to closely > impersonate other editors and get them blocked by a network (aka "porn > crew") of surviving cooperative "community appointed" sysops favorably > still disposed to him/her. That this problem person (who has also > threatened legal action against WMF) extensively uses mobile Wikipedia > via "millions of IPs" [ref#2] in multiple languages, including several > some fairly obscure ones, for abusive purposes which are 'obviously' > related to WMF_legal's recent subject edit. > > Toby > > [ref#1] "I should be clear - the problem is not the abuse of me, but > the toxic and juvenile environment at Commons. I have never failed in > 30 seconds of looking to find a horrifying BLP violation at commons of > a photo of an identifiable woman engaged in sexual activity with > highly questionable provenance (for example a deleted flickr account). > Every time (including tonight) that I go there hoping to see > improvement, I am disappointed. And I think that as long as we > tolerate it and don't bounce some very bad admins, we will not solve > the problem.--Jimbo Wales (talk) 23:04, 14 October 2014 (UTC)" > > [ref#2] > https://commons.wikimedia.org/w/index.php?title=User_talk%3AOdder&action=historysubmit&type=revision&diff=194440022&oldid=194439438 > > On 5/2/16, James Alexander <[hidden email] <javascript:;>> > wrote: > > On Sun, May 1, 2016 at 2:40 PM, Trillium Corsage < > [hidden email] <javascript:;>> > > wrote: > > > >> I noticed Michelle Paulson editing the "Cookie Statement" page, and it > >> seemed kind of strange to me because I thought it more a technical and > IT > >> thing to edit. But Michelle is WMF Legal, right > >> > > > > I won't/can't comment on the rest of your questions but I'm confused > about > > why you would be surprised here... the cookie statement is, essentially, > a > > legal statement/privacy policy "type" document (obviously different but > > similar) and just like the privacy policy (or access to non public > > information or document retention policy or terms of use or other policy > > docs along those lines) the cookie statement has been owned by Legal for > as > > long as it's existed (I can attest to that fact since the CA team was > asked > > to help put it up for them). > > > > It's certainly possible that this is only 'obvious' to me because of my > > knowledge of outside organizations or law but it doesn't surprise me. > > Cookie statements are part of the law in some countries (not necessarily > > ones we have to follow given our position in the US but Europe has laws > > about it for example) and so would usually be within the legal department > > for many organizations. Cookies are also closely tied with privacy and > the > > privacy policy and so compliance and ensuring that the org stays within > > their promises would, also, often fall within the legal department > (though > > everyone should/does have a hand in ensuring they follow the promises the > > org as a whole made). > > > > James Alexander > > Manager > > Trust & Safety > > Wikimedia Foundation > > _______________________________________________ > > Wikimedia-l mailing list, guidelines at: > > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > > New messages to: [hidden email] <javascript:;> > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > > <mailto:[hidden email] <javascript:;> > ?subject=unsubscribe> > > _______________________________________________ > Wikimedia-l mailing list, guidelines at: > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > New messages to: [hidden email] <javascript:;> > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > <mailto:[hidden email] <javascript:;> > ?subject=unsubscribe> Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
Hi Trillium,
These are great questions to ask, thank you for keeping the privacy conversation on track! As a technical employee of the Wikimedia Foundation who would have been involved if we were planning significant changes to expand or limit tracking, I can confirm that nothing rotten is in the wings. In fact, the situation is better now than ever before (in my 4 years here). There are internal accountability reforms under way to help us make strong guarantees about our users' privacy. A brief investigation into assigning readers long-term unique identifiers--in lay person terms the gateway to dystopian tracking--opened and was immediately shut again.[1] Data retention (what user data we collect and for how long) policy work is being tightened up, and done in public.[2] In Fundraising, we've found a way to measure aggregate data about our banner delivery without collecting information which lets us correlate anything else about readers.[3] While I feel good about what's happening now, it would be nice to have longer-term assurances that we won't go collectively nuts in the unforeseeable future. I'm not sure what that assurance might look like, though... Democratic stewardship of our shared resources? Anyway, please do keep a critical eye on cookies and their brethren, and if you find anything out of joint I'm sure there will be plenty of allies left within the Foundation to help set it right. Regards, Adam Wight [[mw:User:Adamw] [1] Sorry, there was an all-staff internal discussion but I don't think this was published. The idea at the time was to get our house in order and decide whether to start a public conversation about unique IDs. There turned out to be many strong critics of the plan and no real supporters as far I could tell, and the initiative was abandoned, to my knowledge. The motivation for the project was to get a better estimate of our unique visitor counts (a count of their devices, to be precise). We've settled on the less accurate "last visited" measurement instead, which is described here: http://blog.wikimedia.org/2016/03/30/unique-devices-dataset/ [2] https://meta.wikimedia.org/wiki/Data_retention_guidelines [3] https://commons.wikimedia.org/wiki/File:Lightening_banner_history.pdf On Sun, May 1, 2016 at 9:21 PM, Oliver Keyes <[hidden email]> wrote: > It seems like you can either deny James's knowledge of the technical/legal > overlap or ask him questions, but probably not both :p. > > One element I can answer: no, it does not contain flash objects, flash is > not a technology included in the Wikimedia stack on account of it barely > being classifiable as a technology. > > On Sunday, 1 May 2016, Toby Dollmann <[hidden email]> wrote: > > > > It's certainly possible that this is only 'obvious' to me because of my > > > knowledge of outside organizations or law but it doesn't surprise me. > > > > Your reply is not obvious to me. I understand that your employment is > > exclusively with WMF and you do not appear to be particularly > > qualified (or experienced) in law. > > > > Treating the cookie statement as an explanation / extension of WMF's > > privacy policy and noting the poster's concern that the WMF legal team > > have amended certain descriptors for locally stored objects (not > > cookies) of indeterminate (theoretically infinite) persistence, would > > you clarify the following technical /legal aspects relating to cookies > > and their usage on Wikimedia. > > > > 1. Whether, or not, editors of Wikimedia websites", say > > "en.wikipedia.org" or "commons.wikimedia.org", can edit if cookies > > (broadly construed) are disabled and not stored on client devices. > > > > 2. Whether, or not, the locally stored objects referenced in the > > cookie policy include > > (i) Javascript code, or > > (ii) Flash objects > > > > 3. Whether, or not, the locally stored objects inserted by the WMF, on > > client computers and stored there, have the capability of collecting > > extensive personal information of editors, the degree of which not > > being explicitly disclosed in advance to users. > > > > 4. Whether, or not, the WMF is aware that a certain "toxic and > > juvenile .. problem" [reff#1] WMF sysop (now banned) with extensive > > knowledge of WMF's checkuser process, the cookie policy and its > > internals has achieved remarkable technical capability to closely > > impersonate other editors and get them blocked by a network (aka "porn > > crew") of surviving cooperative "community appointed" sysops favorably > > still disposed to him/her. That this problem person (who has also > > threatened legal action against WMF) extensively uses mobile Wikipedia > > via "millions of IPs" [ref#2] in multiple languages, including several > > some fairly obscure ones, for abusive purposes which are 'obviously' > > related to WMF_legal's recent subject edit. > > > > Toby > > > > [ref#1] "I should be clear - the problem is not the abuse of me, but > > the toxic and juvenile environment at Commons. I have never failed in > > 30 seconds of looking to find a horrifying BLP violation at commons of > > a photo of an identifiable woman engaged in sexual activity with > > highly questionable provenance (for example a deleted flickr account). > > Every time (including tonight) that I go there hoping to see > > improvement, I am disappointed. And I think that as long as we > > tolerate it and don't bounce some very bad admins, we will not solve > > the problem.--Jimbo Wales (talk) 23:04, 14 October 2014 (UTC)" > > > > [ref#2] > > > https://commons.wikimedia.org/w/index.php?title=User_talk%3AOdder&action=historysubmit&type=revision&diff=194440022&oldid=194439438 > > > > On 5/2/16, James Alexander <[hidden email] <javascript:;>> > > wrote: > > > On Sun, May 1, 2016 at 2:40 PM, Trillium Corsage < > > [hidden email] <javascript:;>> > > > wrote: > > > > > >> I noticed Michelle Paulson editing the "Cookie Statement" page, and it > > >> seemed kind of strange to me because I thought it more a technical and > > IT > > >> thing to edit. But Michelle is WMF Legal, right > > >> > > > > > > I won't/can't comment on the rest of your questions but I'm confused > > about > > > why you would be surprised here... the cookie statement is, > essentially, > > a > > > legal statement/privacy policy "type" document (obviously different but > > > similar) and just like the privacy policy (or access to non public > > > information or document retention policy or terms of use or other > policy > > > docs along those lines) the cookie statement has been owned by Legal > for > > as > > > long as it's existed (I can attest to that fact since the CA team was > > asked > > > to help put it up for them). > > > > > > It's certainly possible that this is only 'obvious' to me because of my > > > knowledge of outside organizations or law but it doesn't surprise me. > > > Cookie statements are part of the law in some countries (not > necessarily > > > ones we have to follow given our position in the US but Europe has laws > > > about it for example) and so would usually be within the legal > department > > > for many organizations. Cookies are also closely tied with privacy and > > the > > > privacy policy and so compliance and ensuring that the org stays within > > > their promises would, also, often fall within the legal department > > (though > > > everyone should/does have a hand in ensuring they follow the promises > the > > > org as a whole made). > > > > > > James Alexander > > > Manager > > > Trust & Safety > > > Wikimedia Foundation > > > _______________________________________________ > > > Wikimedia-l mailing list, guidelines at: > > > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > > > New messages to: [hidden email] <javascript:;> > > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > > > <mailto:[hidden email] <javascript:;> > > ?subject=unsubscribe> > > > > _______________________________________________ > > Wikimedia-l mailing list, guidelines at: > > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > > New messages to: [hidden email] <javascript:;> > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > > <mailto:[hidden email] <javascript:;> > > ?subject=unsubscribe> > _______________________________________________ > Wikimedia-l mailing list, guidelines at: > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > New messages to: [hidden email] > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > <mailto:[hidden email]?subject=unsubscribe> > Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
Adam,
Thank you for providing an informative and accessible answer to Trillium's relevant questions. It's truly heartening to see the organization improving in its ability to communicate its intentions, etc. I hope that when broad consensus among staff is reached (as you express in footnote [1]), it will become an increasingly high priority to clearly communicate that in public fora. It really helps when we can understand what others are trying to do, and how it aligns with our own ambitions. Good stuff. I think this discussion got off to a rough start, but you have gotten it back on track, and maybe to resolution. -Pete [[User:Peteforsyth]] On Mon, May 2, 2016 at 12:21 AM, Adam Wight <[hidden email]> wrote: > Hi Trillium, > > These are great questions to ask, thank you for keeping the privacy > conversation on track! > > As a technical employee of the Wikimedia Foundation who would have been > involved if we were planning significant changes to expand or limit > tracking, I can confirm that nothing rotten is in the wings. In fact, the > situation is better now than ever before (in my 4 years here). There are > internal accountability reforms under way to help us make strong guarantees > about our users' privacy. A brief investigation into assigning readers > long-term unique identifiers--in lay person terms the gateway to dystopian > tracking--opened and was immediately shut again.[1] Data retention (what > user data we collect and for how long) policy work is being tightened up, > and done in public.[2] In Fundraising, we've found a way to measure > aggregate data about our banner delivery without collecting information > which lets us correlate anything else about readers.[3] > > While I feel good about what's happening now, it would be nice to have > longer-term assurances that we won't go collectively nuts in the > unforeseeable future. I'm not sure what that assurance might look like, > though... Democratic stewardship of our shared resources? Anyway, please > do keep a critical eye on cookies and their brethren, and if you find > anything out of joint I'm sure there will be plenty of allies left within > the Foundation to help set it right. > > Regards, > Adam Wight > [[mw:User:Adamw] > > > [1] Sorry, there was an all-staff internal discussion but I don't think > this was published. The idea at the time was to get our house in order and > decide whether to start a public conversation about unique IDs. There > turned out to be many strong critics of the plan and no real supporters as > far I could tell, and the initiative was abandoned, to my knowledge. The > motivation for the project was to get a better estimate of our unique > visitor counts (a count of their devices, to be precise). We've settled on > the less accurate "last visited" measurement instead, which is described > here: http://blog.wikimedia.org/2016/03/30/unique-devices-dataset/ > [2] https://meta.wikimedia.org/wiki/Data_retention_guidelines > [3] https://commons.wikimedia.org/wiki/File:Lightening_banner_history.pdf > > On Sun, May 1, 2016 at 9:21 PM, Oliver Keyes <[hidden email]> wrote: > > > It seems like you can either deny James's knowledge of the > technical/legal > > overlap or ask him questions, but probably not both :p. > > > > One element I can answer: no, it does not contain flash objects, flash is > > not a technology included in the Wikimedia stack on account of it barely > > being classifiable as a technology. > > > > On Sunday, 1 May 2016, Toby Dollmann <[hidden email]> wrote: > > > > > > It's certainly possible that this is only 'obvious' to me because of > my > > > > knowledge of outside organizations or law but it doesn't surprise me. > > > > > > Your reply is not obvious to me. I understand that your employment is > > > exclusively with WMF and you do not appear to be particularly > > > qualified (or experienced) in law. > > > > > > Treating the cookie statement as an explanation / extension of WMF's > > > privacy policy and noting the poster's concern that the WMF legal team > > > have amended certain descriptors for locally stored objects (not > > > cookies) of indeterminate (theoretically infinite) persistence, would > > > you clarify the following technical /legal aspects relating to cookies > > > and their usage on Wikimedia. > > > > > > 1. Whether, or not, editors of Wikimedia websites", say > > > "en.wikipedia.org" or "commons.wikimedia.org", can edit if cookies > > > (broadly construed) are disabled and not stored on client devices. > > > > > > 2. Whether, or not, the locally stored objects referenced in the > > > cookie policy include > > > (i) Javascript code, or > > > (ii) Flash objects > > > > > > 3. Whether, or not, the locally stored objects inserted by the WMF, on > > > client computers and stored there, have the capability of collecting > > > extensive personal information of editors, the degree of which not > > > being explicitly disclosed in advance to users. > > > > > > 4. Whether, or not, the WMF is aware that a certain "toxic and > > > juvenile .. problem" [reff#1] WMF sysop (now banned) with extensive > > > knowledge of WMF's checkuser process, the cookie policy and its > > > internals has achieved remarkable technical capability to closely > > > impersonate other editors and get them blocked by a network (aka "porn > > > crew") of surviving cooperative "community appointed" sysops favorably > > > still disposed to him/her. That this problem person (who has also > > > threatened legal action against WMF) extensively uses mobile Wikipedia > > > via "millions of IPs" [ref#2] in multiple languages, including several > > > some fairly obscure ones, for abusive purposes which are 'obviously' > > > related to WMF_legal's recent subject edit. > > > > > > Toby > > > > > > [ref#1] "I should be clear - the problem is not the abuse of me, but > > > the toxic and juvenile environment at Commons. I have never failed in > > > 30 seconds of looking to find a horrifying BLP violation at commons of > > > a photo of an identifiable woman engaged in sexual activity with > > > highly questionable provenance (for example a deleted flickr account). > > > Every time (including tonight) that I go there hoping to see > > > improvement, I am disappointed. And I think that as long as we > > > tolerate it and don't bounce some very bad admins, we will not solve > > > the problem.--Jimbo Wales (talk) 23:04, 14 October 2014 (UTC)" > > > > > > [ref#2] > > > > > > https://commons.wikimedia.org/w/index.php?title=User_talk%3AOdder&action=historysubmit&type=revision&diff=194440022&oldid=194439438 > > > > > > On 5/2/16, James Alexander <[hidden email] <javascript:;>> > > > wrote: > > > > On Sun, May 1, 2016 at 2:40 PM, Trillium Corsage < > > > [hidden email] <javascript:;>> > > > > wrote: > > > > > > > >> I noticed Michelle Paulson editing the "Cookie Statement" page, and > it > > > >> seemed kind of strange to me because I thought it more a technical > and > > > IT > > > >> thing to edit. But Michelle is WMF Legal, right > > > >> > > > > > > > > I won't/can't comment on the rest of your questions but I'm confused > > > about > > > > why you would be surprised here... the cookie statement is, > > essentially, > > > a > > > > legal statement/privacy policy "type" document (obviously different > but > > > > similar) and just like the privacy policy (or access to non public > > > > information or document retention policy or terms of use or other > > policy > > > > docs along those lines) the cookie statement has been owned by Legal > > for > > > as > > > > long as it's existed (I can attest to that fact since the CA team was > > > asked > > > > to help put it up for them). > > > > > > > > It's certainly possible that this is only 'obvious' to me because of > my > > > > knowledge of outside organizations or law but it doesn't surprise me. > > > > Cookie statements are part of the law in some countries (not > > necessarily > > > > ones we have to follow given our position in the US but Europe has > laws > > > > about it for example) and so would usually be within the legal > > department > > > > for many organizations. Cookies are also closely tied with privacy > and > > > the > > > > privacy policy and so compliance and ensuring that the org stays > within > > > > their promises would, also, often fall within the legal department > > > (though > > > > everyone should/does have a hand in ensuring they follow the promises > > the > > > > org as a whole made). > > > > > > > > James Alexander > > > > Manager > > > > Trust & Safety > > > > Wikimedia Foundation > > > > _______________________________________________ > > > > Wikimedia-l mailing list, guidelines at: > > > > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > > > > New messages to: [hidden email] <javascript:;> > > > > Unsubscribe: > https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > > > > <mailto:[hidden email] <javascript:;> > > > ?subject=unsubscribe> > > > > > > _______________________________________________ > > > Wikimedia-l mailing list, guidelines at: > > > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > > > New messages to: [hidden email] <javascript:;> > > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > > > <mailto:[hidden email] <javascript:;> > > > ?subject=unsubscribe> > > _______________________________________________ > > Wikimedia-l mailing list, guidelines at: > > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > > New messages to: [hidden email] > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > > <mailto:[hidden email]?subject=unsubscribe> > > > _______________________________________________ > Wikimedia-l mailing list, guidelines at: > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > New messages to: [hidden email] > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > <mailto:[hidden email]?subject=unsubscribe> > Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
In reply to this post by Oliver Keyes-5
On Sun, May 1, 2016 at 9:21 PM, Oliver Keyes <[hidden email]> wrote:
> One element I can answer: no, it does not contain flash objects, flash is > not a technology included in the Wikimedia stack on account of it barely > being classifiable as a technology. > There is one use of Flash in our tech stack: audio output for media playback on Internet Explorer when using our JavaScript Ogg playback compatibility library. This is a small shim which does not use cookies or any other type of local storage, which is why it is not listed on a page about cookies. Here's the source code of the Flash component; feel free to review it for security: https://github.com/brion/audio-feeder/blob/master/src/dynamicaudio.as On Sunday, 1 May 2016, Toby Dollmann <[hidden email]> wrote: > > 1. Whether, or not, editors of Wikimedia websites", say > > "en.wikipedia.org" or "commons.wikimedia.org", can edit if cookies > > (broadly construed) are disabled and not stored on client devices. > Like every other site on the world wide web, MediaWiki uses cookies to maintain login state. If you disable cookies, login will not work and your edits will not be attributed to your account. Editing "anonymously" without cookies works, but reveals your IP address in a permanent public way. > > 2. Whether, or not, the locally stored objects referenced in the > > cookie policy include > > (i) Javascript code, or > MediaWiki's ResourceLoader can and does cache JavaScript module code in localStorage. This code has no special privileges or abilities because of that; it just takes up a tiny bit of space on your disk. > > (ii) Flash objects > No, no Flash code is stored in cookies or localStorage. > > > > 3. Whether, or not, the locally stored objects inserted by the WMF, on > > client computers and stored there, have the capability of collecting > > extensive personal information of editors, the degree of which not > > being explicitly disclosed in advance to users. > No, they are just data until they are executed, at which point they are just code, same as code loaded straight from the server. That code can do nothing special that it could not already do. -- brion _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
On Monday, 2 May 2016, Brion Vibber <[hidden email]> wrote:
> On Sun, May 1, 2016 at 9:21 PM, Oliver Keyes <[hidden email] > <javascript:;>> wrote: > > > One element I can answer: no, it does not contain flash objects, flash is > > not a technology included in the Wikimedia stack on account of it barely > > being classifiable as a technology. > > > > There is one use of Flash in our tech stack: audio output for media > playback on Internet Explorer when using our JavaScript Ogg playback > compatibility library. I'm so sorry :(. 'Ogg' is onomatopoeic then ;) > > This is a small shim which does not use cookies or any other type of local > storage, which is why it is not listed on a page about cookies. > > Here's the source code of the Flash component; feel free to review it for > security: > > https://github.com/brion/audio-feeder/blob/master/src/dynamicaudio.as > > > On Sunday, 1 May 2016, Toby Dollmann <[hidden email] > <javascript:;>> wrote: > > > 1. Whether, or not, editors of Wikimedia websites", say > > > "en.wikipedia.org" or "commons.wikimedia.org", can edit if cookies > > > (broadly construed) are disabled and not stored on client devices. > > > > Like every other site on the world wide web, MediaWiki uses cookies to > maintain login state. If you disable cookies, login will not work and your > edits will not be attributed to your account. > > Editing "anonymously" without cookies works, but reveals your IP address in > a permanent public way. > > > > > 2. Whether, or not, the locally stored objects referenced in the > > > cookie policy include > > > (i) Javascript code, or > > > > MediaWiki's ResourceLoader can and does cache JavaScript module code in > localStorage. This code has no special privileges or abilities because of > that; it just takes up a tiny bit of space on your disk. > > > > > (ii) Flash objects > > > > No, no Flash code is stored in cookies or localStorage. > > > > > > > > 3. Whether, or not, the locally stored objects inserted by the WMF, on > > > client computers and stored there, have the capability of collecting > > > extensive personal information of editors, the degree of which not > > > being explicitly disclosed in advance to users. > > > > No, they are just data until they are executed, at which point they are > just code, same as code loaded straight from the server. That code can do > nothing special that it could not already do. > > -- brion > _______________________________________________ > Wikimedia-l mailing list, guidelines at: > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > New messages to: [hidden email] <javascript:;> > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > <mailto:[hidden email] <javascript:;> > ?subject=unsubscribe> Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
In reply to this post by Pete Forsyth-2
On Mon, May 2, 2016 at 4:09 PM, Pete Forsyth <[hidden email]> wrote:
> Adam, > > Thank you for providing an informative and accessible answer to Trillium's > relevant questions. It's truly heartening to see the organization improving > in its ability to communicate its intentions, etc. I hope that when broad > consensus among staff is reached (as you express in footnote [1]), it will > become an increasingly high priority to clearly communicate that in public > fora. It really helps when we can understand what others are trying to do, > and how it aligns with our own ambitions. > > Good stuff. I think this discussion got off to a rough start, but you have > gotten it back on track, and maybe to resolution. One of the problems here is that much of the information about how the Wikimedia sites collect information is so spread out, because different parts of the WMF have different solutions for different problems (e.g. Analytics or Fundraising). The mentioned https://wikimediafoundation.org/wiki/Cookie_statement is a good way to collect all information about cookies, but I've found myself looking for good ways to make small updates (e.g. "we were thinking about doing this thing and were going to ask the communities before we started working on it, but then we started working on something else instead, but here's the thing that didn't happen"), so there's less risk things don't get communicated just because there's no big announcement of new changes to make. I hope <https://phabricator.wikimedia.org/T132405> to find a better solution whenever I get a couple of days when I have nothing that needs my immediate attention, so that there's a good, natural way to make them. For anyone who wants to keep track of what's happening with how the WMF looks at traffic over the last few months, a few links: https://meta.wikimedia.org/wiki/ComScore/Announcement https://meta.wikimedia.org/wiki/Talk:ComScore/Announcement https://lists.wikimedia.org/pipermail/wiki-research-l/2016-March/005094.html http://blog.wikimedia.org/2016/03/30/unique-devices-dataset/ (I also try to include changes in how we measure traffic in Tech News <https://meta.wikimedia.org/wiki/Tech/News>, from which most of the stuff above have been linked.) //Johan Jönsson -- _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
On Mon, May 2, 2016 at 6:43 PM, Johan Jönsson <[hidden email]>
wrote: > One of the problems here is that much of the information about how the > Wikimedia sites collect information is so spread out, because different > parts of the WMF have different solutions for different problems (e.g. > Analytics or Fundraising). The mentioned > https://wikimediafoundation.org/wiki/Cookie_statement is a good way to > collect all information about cookies It really isn't. A policy document with very limited edit rights would be a maintenance nightmare and never up to date. Indeed that document omits most of the cookies used on the sites. And it never claims to list them all - while that could be made more clear, the table is actually presented as a list of examples . _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines New messages to: [hidden email] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[hidden email]?subject=unsubscribe> |
Free forum by Nabble | Edit this page |