Politique en matière d’accès aux informations non publiques/ébauche sans id
Wikimedia Sites (the “Sites”) are the product of a global community of volunteer contributors and editors. This dedicated group of individuals not only writes and curates content on the Sites — they also help ensure the safety of the Sites and its users as well as compliance with applicable policies. To manage this immense task effectively, certain community members are entrusted with access to limited amounts of nonpublic information regarding other users. For example, a trusted community member who has “checkuser” rights could use those rights to investigate whether a single user is using multiple accounts in a manner inconsistent with Wikimedia policies. The purpose of this “Access to Nonpublic Information” policy (the “Policy”) is to:
- explain the minimum requirements that must be met by any community member who has access to nonpublic information;
- explain the rights and responsibilities of community members with access to nonpublic information;
- ensure that community members with access to nonpublic information understand and commit to maintaining the confidentiality of nonpublic information; and
- provide guidelines to community members with access to nonpublic information as to when they may access nonpublic information, how they may use such information, and when and to whom they may disclose such information.
Membres de la communauté concernés par cette Politique
Cette Politique s’applique à tout utilisateur ayant accès à des informations non publiques couvertes par la Politique de confidentialité, notamment :
- Community members with access to any tool that permits them to view nonpublic information about other users (such as the CheckUser tool) or members of the public (for example, through OTRS accounts);
- Community members with the ability to access content or user information which has been removed from administrator view (such as the Suppression tool); and
- Volunteer developers with access to nonpublic information.
For illustrative purposes only, some examples of groups of community members to which this Policy applies include: OTRS administrators, email response team members, and Stewards. This Policy does not apply to users whose rights only include the ability to view standard deleted revisions. This Policy also does not apply to Wikimedia Foundation employees or contractors who act in their professional capacity because they are already subject to other confidentiality agreements that are as or more protective than this Policy.
Exigences minimales pour les membres de la communauté demandant à bénéficier des droits d’accès aux informations non publiques
The following conditions are minimum requirements that all community members, including volunteer developers, who are granted access to nonpublic information rights ("access rights") must meet. These conditions should also be considered requirements to be a candidate for any community-run selection process for a role that would convey such access rights. The community may require candidates for access rights to meet additional community-specified criteria on a case-by-case or role-by-role basis.
(a) Minimum age. We value our community members, no matter what their age. However, access to nonpublic information requires maturity because of the significant responsibilities that come along with confidentiality obligations. For this reason, any community member who applies for access rights must:
- be at least eighteen (18) years of age, except email response team members who must be at least sixteen (16) years of age; and
- must certify to the Wikimedia Foundation that they meet the minimum age required for the rights they are applying for.
(b) Adresse électronique liée et valide. Afin de nous assurer d’être en mesure de contacter les personnes qui assument ces fonctions essentielles, tout membre de la communauté qui postule aux droits d’accès doit :
- submit to the Wikimedia Foundation a valid email address;
- have the account under which they are applying for rights linked to a valid email address;
- complete verification of the submitted and/or linked email address (such as responding to a confirmation email sent to their submitted email address), if requested to do so; and
- inform the Wikimedia Foundation of any change to their email address within a reasonable time following such change.
(c) Confidentiality. To ensure that community members with access rights understand and commit to keeping the nonpublic information confidential, they will be required to read and certify that they agree to a short Confidentiality Agreement that outlines:
- what community members should treat as confidential information;
- when they are allowed to access nonpublic information;
- how community members may use nonpublic information about other users;
- when and to whom they may disclose the nonpublic information and how they must otherwise refrain from disclosing nonpublic information to anyone, except as permitted under applicable policies;
- how they must safeguard their accounts from unauthorized access; and
- when they must report disclosure of nonpublic information to third parties or improper access, use, or disclosure of nonpublic information.
(d) Confidentialité. En rapport avec la confidentialité des membres de la communauté qui possèdent des droits d'accès, toute information personnelles qui est soumise à la fondation Wikipédia sous ces règles est sujette à la police de confidentialité et aux règles de non-diffusion des données de la fondation Wikimédia.
(e) Submission timeline. Any community member who has been granted access rights at the time this Policy becomes effective must meet the requirements of Sections (a) - (c) of this Policy within ninety (90) calendar days from either (i) the date that a request to comply with this Policy is sent to that community member from the Wikimedia Foundation or (ii) the date that such notice is posted prominently on Meta, whichever occurs first. The Wikimedia Foundation may, at its sole discretion, extend the compliance period for individual community members as needed.
Tout membre de la communauté qui ne satisferait pas aux exigences des Sections (a)–(c) de la présente Politique dans le délai indiqué ci-dessus devra s’attendre à avoir ses droits d’accès révoqués jusqu’à ce qu’il ait pu soumettre les informations requises.
Utilisation et divulgation d’informations non publiques
Community members with access rights provide valuable services to the Sites and its users -- they fight vandalism, respond to helpdesk emails, ensure that improperly disclosed private data is removed from public view, confirm license permissions, investigate sockpuppets, improve and debug software, and much more. But community members’ use of access rights is limited to certain circumstances and contexts. This section elucidates the situations in which access rights may be used and nonpublic information may be disclosed to third parties.
(a) Utilisation des droits d’accès et des informations non publiques.
All community members with access to nonpublic information may only use their access rights and the subsequent information they access in accordance with the policies that govern the tools they use to gain such access. For example, community members with access to the CheckUser tool must comply with the global CheckUser Policy, and, unless they are performing a cross-wiki check, they must also comply with the more restrictive local policies applicable to the relevant Site. Similarly, community members with access to the Suppression tool may only use the tool in accordance with the Suppression Policy. When a community member’s access to a certain tool is revoked, for any reason, that member must destroy all nonpublic information that they have as a result of that tool.
(b) Divulgation d’informations non publiques.
Dans le cadre de la protection des Sites et de leurs utilisateurs, les membres de la communauté disposant de droits d’accès doivent parfois communiquer des informations non publiques à des tierces parties. Les informations non publiques sont susceptibles d’être communiquées :
- (i) à d’autres membres de la communauté disposant des mêmes droits d’accès, ou qui sont autrement autorisés à accéder aux mêmes informations, afin d’exécuter les tâches prévues par la politique régissant l’outil d’accès utilisé ;
- (ii) aux fournisseurs de services, opérateurs réseau ou toutes autres tierces parties afin de permettre le blocage ciblé d’adresses IP ou de déposer une plainte auprès des fournisseurs de services Internet concernés ;
- (iii) aux forces de police au cas où la vie ou l’intégrité physique d’une personne est menacée de façon immédiate et plausible ;
- (iv) aux parties habilitées ayant reçu l’autorisation expresse de l’utilisateur dont les informations non publiques doivent être divulguées ;
- (v) aux forces de police, administrations ou autres organismes gouvernementaux en cas d’obligation légale, à condition que le membre de la communauté en avise la Fondation Wikimédia, sauf à en être légalement empêché ; ou
- (vi) au public, lorsque cela représente une conséquence nécessaire et consécutive suite au blocage d’un faux-nez ou autre compte abusif.
While community members with access rights may disclose nonpublic information to third parties under the circumstances described above, they are under no obligation by the Foundation to do so. Please note, however, if a community member with access rights chooses to disclose in a situation covered by (ii), (iii), (iv), or (v) above, they must notify the Wikimedia Foundation by emailing check-disclosurewikimedia.org an explanation of the disclosure within ten (10) business days of such disclosure.
All other formal and informal requests for user information (i.e. those not covered by one of the situations described above or those not acted upon by a community member with access rights), including subpoenas, from law enforcement, government agencies, attorneys, or other third parties should be directed to the Wikimedia Foundation’s legal department at legalwikimedia.org.