Resolution:Access to nonpublic data

From Wikimedia Foundation Governance Wiki
Resolutions Access to nonpublic data Feedback?
This resolution approving the Access to nonpublic data policy was approved by vote (6 supports, 1 abstention) on 11 April 2007.
Please see Resolution:Access to nonpublic data policy update for the updated policy.

Motion to vote: --Jan-Bart 20:59, 11 April 2007 (UTC)

Motion Seconded: Kat Walsh 21:03, 11 April 2007 (UTC)


Whereas the Board has considered the need for more careful oversight of sensitive information, it is hereby resolved that:

1. Only persons whose identity is known to the Wikimedia Foundation shall be permitted to have access to any nonpublic data or other nonpublic information produced, collected, or otherwise held by the Wikimedia Foundation, where that data or other information is restricted from public disclosure by the Wikimedia Privacy Policy.

2. Any volunteer who is chosen by any community process to be granted access rights to restricted data shall not be granted that access until that volunteer has satisfactorily identified himself or herself to the Foundation, including proof that such user is at least 18 and explicitly over the age at which they are capable to act without the consent of their parent in the jurisdiction in which they reside.

3. Any volunteer who holds such access rights at the time of the adoption of this resolution must satisfactorily identify himself or herself to the Foundation within 60 days of the adoption of this resolution, or have any and all such access rights revoked. Volunteers otherwise in good standing whose access is revoked for failure to identify may have those access rights restored after providing identification, at the discretion of the Foundation.

4. Volunteer positions covered by this resolution include, without limitation, all stewards, all holders of the "checkuser" and "oversight" rights, all OTRS volunteers, and all developers with access to any electronic records which contains nonpublic information (such as the IP addresses of readers or contributors).

5. Access to deleted revisions on a publicly editable project, such as that held by administrators, is not sufficient to require identification under this policy.

6. Identifying information disclosed to the Foundation by a volunteer in compliance with this policy shall be treated as confidential, nonpublic information and shall not be released except consistent with the Wikimedia Privacy Policy.

7. Exceptions to this policy may be made only by the resolution of the Board of Trustees.


Passed with 6 support votes and 1 abstention, 11 April 2007.