Talk:Privacy policy/Archives/2010

Please do not post any new comments on this page. This is a discussion archive first created in 2010, although the comments contained were likely posted before and after this date. See current discussion or the archives index.

The last edit to this page fixed a typo in the Cookies section (back in October), but this change was never implemented on the Foundation mirror of this site. Is there anyone with Foundation access that can fix this typo (visted -> visited). [1]16:22, 3 January 2010 (UTC)

This policy doesn't comply with the Children's Online Privacy Protection Act[2]. Shouldn't it say what the policy is towards children? --Aled D 15:26, 14 May 2010 (UTC)

Let me quote from the article you cite:

"The Act applies to websites and online services operated for commercial purposes that are either directed to children under 13 or have actual knowledge that children under 13 are providing information online. Most recognized non-profit organizations are exempt from most of the requirements of COPPA.[1] However, the Supreme Court ruled that non-profits operated for the benefit of their members' commercial activities are subject to FTC regulation and consequently also COPPA."

Wikimedia is not commercial and not operated for the benefit of their members' commercial activities. Therefore, it seems to me that COPPA does not apply to wikimedia's projects. --Tinz 12:23, 17 May 2010 (UTC)

I like your privacy policy, but I have two small issues:

"When a visitor requests or reads a page, or sends email to a Wikimedia server, no more information is collected than is typically collected by web sites."

That's not really informative, unfortunately. What is a typical website these days? And what do they (i.e. you) actually collect?

Also, I didn't see any mention of search history. What is your policy with that?

I would say that only technical staff of the wikimedia foundation can answer these questions and I am not sure whether they read this page. All I can say is that the community, including trusted users in special roles like checkusers or stewards, have no access to this kind of information. --Tinz 14:29, 27 September 2010 (UTC)

(This is just my personal opinion, and may not reflect reality). The average apache webserver log entry looks like:

127.0.0.1 - - [12/Nov/2010:02:25:24 -0400] "GET /w/phase3/index.php?title=Special%3ASearch&search=image%3AExample.jpg&go=Go HTTP/1.1" 200 146 "http://localhost/w/phase3/index.php/Main_Page" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.11) Gecko/2009061212 Iceweasel/3.0.6 (Debian-3.0.6-1)"

It contains the IP address, user name for HTTP authentication (mediawiki doesn't use HTTP authentication for accounts, so normally this is a - regardless of if you're logged in or not), date, the method (GET in 99% of the time), the url, HTTP protocol version (HTTP/1.1 99%) of the time, the HTTP status code (200 is the most common, meaning success. Other common codes are 404 for file not found, and 403 for forbidden), the number of bytes transferred (146 in my example), the referrer (the page where you came from to get to the page you are currently visiting), the user-agent (which web browser you're using. Usually also contains information on your operating system). This is just the "typical" example. Wikimedia servers could be configured differently (not to mention that a large portion of their logs would be squid logs not apache logs). Bawolff 22:18, 12 November 2010 (UTC)

What is the MediaWiki message which should be used?

The current text suggests MediaWiki:Privacy, which was deleted as "no long required". Besides, the pages in other languages (e.g. French, Portuguese,...) suggests MediaWiki:Copyright, which is also deleted in most projects (e.g. en.wiktionary) with the same reason. Helder 12:50, 21 November 2010 (UTC)