Jump to content

Policy talk:Wikimedia Foundation Access to Nonpublic Personal Data Policy

From Wikimedia Foundation Governance Wiki

Archives
I, II, III, IV, V, VI, VII, VIII, IX, X

Question

Why does the policy have an age restrictions and give consequences. ToadetteEdit (talk) 10:23, 31 August 2023 (UTC)Reply

Edit request

Could "Allow translation of page display title" please be turned off in the translation settings? Since the actual display title has its own tunit it's redundant and wasteful. Thanks. Pppery (talk) 16:47, 2 February 2024 (UTC)Reply

@Pppery: I had been leaving it on as I had been told (but have not had a chance to verify) that it has an impact on search results. I can look into this more, but do you happen to know? --Gregory Varnum (Wikimedia Foundation) [he/him] (talk) 20:12, 20 March 2024 (UTC)Reply
Not aware of any such phenomenon. Pppery (talk) 20:12, 20 March 2024 (UTC)Reply
Okay - I am looking into this and will report back. I have no problem removing them from translation if Languages team verifies it does not impact search for non-English readers. --Gregory Varnum (Wikimedia Foundation) [he/him] (talk) 20:22, 20 March 2024 (UTC)Reply
@Pppery: I have confirmed that these are not really used for translated pages at this time. As such, I have disabled translation of page titles on pages with a displaytitle set. Thank you for the initial ping! --Gregory Varnum (Wikimedia Foundation) [he/him] (talk) 23:19, 10 April 2024 (UTC)Reply

Policy adjustment

Introduction

The Foundation is initiating policy adjustments to: (1) clarify the existing text, (2) add information about the relationship between this policy and other policies and processes, and (3) provide exceptions to the policy.

(1) Clarifications to existing text

Text highlighted in green has been added. To focus on the changed text, items (i)-(iv) have been omitted only below.

(b) Disclosure of nonpublic information.

In the course of keeping the Sites and its users safe, Designated Community Members must sometimes disclose Nonpublic Personal Data to third parties. Disclosures of Nonpublic Personal Data are limited to:

(v) the public, when it is a necessary and incidental consequence of a Designated Community Member blocking a sockpuppet or other abusive account.

The highlighted text was added to clarify that this permitted disclosure arises when a Designated Community Member performs the blocking action. The disclosure of Nonpublic Personal Data publicly to facilitate other users performing blocks is not permitted, as such disclosures are not necessary and incidental consequences of those blocks.

(2) Relationship between this policy and other policies and processes

While information about user age and known domicile exemptions was previously published, that information was not incorporated directly into the text of this policy. These exemptions are now noted within the policy text to clarify their relationship to the policy.

Similarly, the policy's relationship with the Office Actions Policy has now also been added to the text in a new section on violations. Because the Office Actions Policy also includes the potential for rights removals in circumstances where community trust is breached, this information has also been added to the policy to clarify the policy's place within this ecosystem of trust. This section also notes the pre-existing role of the Ombuds Commission in investigating complaints about infringements of the policy.

(3) Exceptions to the policy

In reviewing concerns from various Wikimedia community functionaries over the past couple of years, the Foundation's Legal Department concluded some limited cases required more permissive disclosures. Information about permissible exceptions is now included in the policy. The new exceptions list draws inspiration from the exceptions list in the Data retention guidelines to provide greater flexibility than standard policy terms when necessary while still maintaining transparency.

Consistent with our Privacy Policy, such policy exceptions focus on instances when Nonpublic Personal Data is used and shared when reasonably believed to be necessary to enforce or investigate potential violations of our Terms of Use, Privacy Policy, or any Wikimedia Foundation or user community-based policies.

Future policy changes

This policy was initially approved by the Board of Trustees in 2014, went into effect in 2015, and was revised in 2018 (for the 2007 policy, see the archived version). A similar overhaul of the current policy and its accompanying confidentiality agreement is needed in the future. That work will be coordinated in tandem with the planned update to the Privacy policy. Community consultations will be part of that work. The present policy adjustments were made to keep the current policy workable in the meantime. MMoss (WMF) (talk) 00:29, 23 August 2024 (UTC)Reply

@MMoss (WMF): Hello, Complaints about inappropriate actions taken under an exception to this Policy [link new page] should be evaluated by the appropriate community governance mechanisms [link new page] is Policy:Access to nonpublic personal data policy/Exceptions, right? Thanks. SCP-2000 (talk) 01:54, 23 August 2024 (UTC)Reply
You are so unbelievably kind, thank you for catching this so quickly! Fixed. MMoss (WMF) (talk) 16:37, 23 August 2024 (UTC)Reply
Changes look good! It might be useful to have the exemptions sub-page linked on Template:Privacy policy navigation 2 - took a couple scrolls for me to find the link on the page. Ajraddatz (talk) 16:35, 25 August 2024 (UTC)Reply
Thank you for reviewing the changes and for the recommendation! Exceptions are now added to the template and the template is now added to the sub-page. MMoss (WMF) (talk) 15:49, 26 August 2024 (UTC)Reply