Talk:Draft Privacy Policy June 2008/Collaboration

I have made several suggestions to FT2 regarding areas that are unclear, or potential land mines. In general, I support this draft over the excessively wordy/essayish main version. One thing that I think needs to be addressed is the following scenario. "User A uses Wikipedia's Email This User function to email User B. User B responds to User A's email. User A now has all the information that would come with an email conversation:

A) Email Address (Squid@example.com for example)

B) Name associated with E-Mail Account (John Doe)

C) IP Addresses (Buried in the headers)

D) General Location (Through the IP address/ISP)

E) Personal or Work information (Through e-mail signatures, etcetera)

FT2 has submitted a Bugzilla request [1] to put a reminder that while the subject might say "Wikipedia e-mail", by replying to it, you are giving the recipient information about you (information not covered by the Privacy Policy)

This disclaimer could read, for example "If you reply to this email, the sender of this email will get all information normally associated with an email conversation, such as your email address, and possibly the "IP address", and possibly the name or other details associated with that email account. You do not have to reply to this user. If you wish to reply without giving these details, please use "Email this user" from the Wikimedia website to do so <LINK TO Special:Emailuser/Sender>." SirFozzie 13:34, 16 June 2008 (UTC)[reply]

It is still too wordy IMHO. If you want users to actually read this, you should keep it under two pages. For example, the two paragraphs about the subpoena could be replaced with one sentence saying that WMF will give out personal information when required by law, and in such cases the affected users will be notified, if that is permitted by law and they have an email address set. All the stuff about how you can oppose can be written in the notification email.

Also, it should be made clear, that all information regarding your edits is public and by editing you permit all sorts of collecting and aggregation. AFAIK the lack of such a declaration was the reason parts of the editcounter had to be made opt-in. --Tgr 06:36, 20 June 2008 (UTC)[reply]