Digital Safety Considerations for Wikimedians

From Meta, a Wikimedia project coordination wiki

Your Wikimedia username

Usernames on Wikimedia projects have pretty much infinite possibilities, and are by their nature publicly visible. This in combination with open editing, which logs every article one edits, means that identifying users can be relatively straightforward. As such,

  • Don't use your real name, or a username that might give clues to your real-life identity (such your birthdate, birth year, and hometown)
  • Use a username that's different from your other usernames on the internet
  • Try to avoid exclusively editing topics that are directly connected to you in a personal way - e.g. current or former schools, your hometown, the building you live in, the place where you practice your religion.

Avoid IP Editing

The IP address is a critical part of personal information on the internet enabled digital world, akin to your home address in the physical. It is a unique address that identifies your device and your device’s general geographic location. As such, much like the caution one practices before sharing one's home address for privacy and safety reasons, avoid IP editing. See this essay for more information.

Ensure Login notifications are on

Login notifications are a valuable digital security feature as it alerts you of (attempted) unauthorized access to your Wikimedia account. Although login notifications are activated for both web and email by default on Wikimedia projects, make sure this important feature was not somehow deactivated by following the instructions at Help:Login notifications

Images on Wikimedia projects

Images are worth a thousand words - be mindful about the images you upload on Commons and the ‘invisible’ information in the form of EXIF-data you might be sharing. EXIF-data typically contains detailed information such as the time, date, and location of image creation, and details about the device used. Wikimedia Commons maintains all EXIF-data associated with an image when uploaded to the platform. Altering or removing this data afterwards is very difficult; make sure you only add information that is needed and relevant (see Commons:Exif). Furthermore, images uploaded to Commons are freely usable, this includes any photos of you and your colleagues uploaded from Wikievents to photos documenting protests in a certain area, see Commons' page on Reusing content outside Wikimedia for more information on licensing.

Remember, Wikipedia is permanent

Wikipedia is a permanent record. This means that the moment you press that “publish” button, the information published will be permanently visible and publicly associated with that username. Sure you can revert an edit and thereby hide it from the published version, but the information remains in the version history and is not really difficult to find for people who know how the Wikimedia projects work. As such, give it a thought before publishing and make sure you are not sharing any personal information. See Wikipedia:Wikipedia is in the real world for more context.

Is there any personal information you need suppressed on Wikimedia projects?

Did you upload an image of yourself? Or share your phone number on your userpage? Or upload a document whose distribution carries legal consequences in your jurisdiction? Under very strict limits you can ask for the “suppression (formerly oversight)” of certain information on the platform. Have a look at the suppression policy here and see here to learn how to request suppression.

Passwords are important, on Wikimedia projects even more so

Passwords are important because they protect you against unauthorized access to your accounts. Hence, the stronger your password is the more protected you are. While most platforms now offer two/multi-factor authentication as a second line of defense, on Wikimedia projects this is a limited feature. Good password hygiene, as such, is all the more important when engaging with Wikimedia projects. See Wikipedia:User account security for more information.


The Wikimail service, though a convenient feature to communicate with fellow Wikimedians somewhat privately, be sure to know the risks. Sending an email is akin to sending a postcard, so be aware of the information you are sharing as it is not a secure channel of communication. See Wikipedia:Emailing users for more information regarding this service.

Wikimedia Foundation’s transparency report

Governments and people of influence around the globe are keen to control and or influence the flow of information online, including content on Wikimedia projects. The Foundation frequently receives requests to alter or remove content from the projects, and to provide nonpublic information about users. While the Foundation carefully vets each request, it is a good practice to see how your jurisdiction fares with such requests to be able to better assess your threat landscape. The Foundation releases a transparency report twice a year. Check it out.