Staying safe on Wikimedia as a young person

Anyone can edit Wikimedia websites, including Wikipedia, but people need to be aware of what is and is not appropriate for the website. You are strongly encouraged to educate yourself on these safety best practices and are strongly encouraged not to take actions on the platform that put yourself at risk. This is especially important for young people using the websites, as they might be at additional risk.

To start with, familiarize yourself with fundamental account security and equip your account with a strong password. In case you lose this password, sign up with a recovery email address. You can learn more about good digital security practices on learn.wiki.

Do not share personally identifiable information about yourself anywhere on Wikimedia sites. This includes on your user page. Some examples of material you should never share openly on the internet:

• Your date of birth
• Locations you frequent (e.g., city/town or school/workplace)
• Your hometown, especially if it's small or otherwise unique
• Your name
• Your phone number, email address, or other contact details

Sharing things about your personality is fine. You just want to be careful to avoid sharing information that could help others identify and locate you.

Think twice before uploading or sharing photos of yourself on the Wikimedia projects. Wikimedia projects can feel to some users like social media websites since there is direct interaction with other people, but uploading pictures to the websites can put you at unnecessary risk. While adults may decide this risk is worth it, minors should never do this. This includes photographs uploaded to use on user pages. It can be very difficult to have these photos removed later.

Where to be careful[edit]

Communicating with others through the "EmailUser" function, particularly if such communication is used to keep it "private" or off-wiki. This extends to Wikimedia-related messaging on other discussion platforms allowing private communication such as Discord, Telegram, or Whatsapp.

If you accidentally posted or uploaded something that might reveal your personal information publicly, you can request that it be deleted. You can contact "Oversighters" on the appropriate project to have this information removed and "suppressed" so that not even administrators can see it.

The most important thing to do if you feel uncomfortable on the Wikimedia projects is to seek help. You may contact local administrators. If you don't want to do this publicly, some projects also have local community mechanisms to report misbehavior privately.

You can always contact the Trust and Safety team at the Wikimedia Foundation with the email cawikimediaorg. If you want to report something, please include as much detail as you can (in particular, links to revisions or diffs of misbehavior, or usernames of those you wish to report to us).

In cases where someone has posted something that may put them at risk, the Foundation may take any of the following actions or all of them as an escalation path, if needed, and subject to the details of the issue reported to us.

• Issue a cautionary note with best practices and advice. This would be issued when the behavior is not in breach of the Terms of Use (ToU) or any other aspects of this policy, but otherwise compromises the user's safety.
  • This could contain requests to remove and/or suppress certain content posted by the user, accompanied by a deadline.
• Issue a warning reminding the user of the cautionary note (and checking in on any deadline communicated), especially in cases where we have asked the user to remove content about themselves from the website.
• Report or remove content posted by the user if they do not remove it themselves.
  • This will include personally identifying information (PII), including photographs or images, where such information poses a safety risk to the user. (See the Risk Matrix for examples.)
  • This will ideally be done through a report to local members of the Oversight team or to the Stewards to preserve community autonomy and avoid the Streisand effect, but may be done by the Trust and Safety team directly if considered an urgent case in accordance with the office action policy.
• Initiate a conduct investigation if the above steps do not prevent the users from putting themselves at risk whereupon additional actions may occur under the Foundation’s office action policy.