Talk:Terms of use/Archives/2012-1-03

From Meta, a Wikimedia project coordination wiki

Refraining from Certain Activities

Banned activities:

Infringing the privacy rights of others under the laws of the United States or other applicable laws (which may include the laws where you live or where you view or edit content)

Why must we try to enforce the laws of other countries or locations? Look at the recent fiasco with the Italian Wikipedia. Why should the Wikimedia Foundation try to enforce the (sometimes ridiculous) laws of other countries? Our own laws are often bad enough as they are.

Michaeldsuarez, thanks for all your excellent comments, which I will work through one-by-one if that makes sense to you. I have read the below comments (as of the date of my time stamp).
With respect to your above feedback, actually, the operative term is "applicable law." This is not much different from our present practice. See http://en.wikipedia.org/wiki/Wikipedia:General_disclaimer . Now, it raises an interesting point. We believe that only U.S. law is applicable, but Italian authorities may think differently. I suggest that we do not try to resolve this in the TOS (which often raises difficult conflict of law provisions and theories); otherwise the safe course would be to insist on compliance with all laws. That said, we do want to put people on fair warning that local authorities may find local law as applicable. We may argue about that, but a court will make the final decision. One approach - which we adopt here - is to suggest implicitly that editors comply with their local laws as well. That said, WMF may not recognize local laws as applicable when contesting the issue with authorities. Geoffbrigham 23:52, 19 December 2011 (UTC)
Did you mean me (you said Michaeldsuarez)?
Apologies Danhash. Geoffbrigham 18:33, 24 December 2011 (UTC)
I agree that editors should be aware of their local laws and the effect they have on them contributing to WMF projects, but the current wording is not a suggestion—it is an outright ban. I feel this is very inappropriate. —danhash (talk) 20:20, 21 December 2011 (UTC)
I think the issue that we are struggling to resolve is caused by the arguable ambiguity surrounding conflict of law issues in the cyber-space world. That is why we say - albeit not precisely - that you need to comply with "applicable law." Over time, that term will be defined by the courts. For now, we suggest that such applicable law "may include the laws where you live or where you view or edit content." See Section 1. It is a nod to users that they should be careful about the laws where they live or edit. Now, as a matter of practice, WMF believes that U.S. law applies, and we will likely weigh that heavily before taking any action against a user. For example, we will not ban a user for violating Chinese censorship laws. On the other hand, a French man seeking to stalk an Italian user may invoke non-U.S. laws. Thus, I think it will be impossible to say that only U.S. law applies all the time, and I don't want to mislead users by so stating. That said, I hear your point, but I don't have an simple solution that can be easily summarized in the TOS.
For what it is worth, we are using similar language as other TOSs from like-minded organizations. See, e.g., Mozilla's agreement(Section 4) (your Post does not otherwise violate, or link to material that violates, any provision of this Agreement or any applicable law or regulation)(bold added); Creative Commons(Section 7 on User Conduct)(e.g., "Post, use or transmit Content that you do not have the right to post or use, for example, under intellectual property, confidentiality, privacy or other applicable laws"); Internet Archives ("You agree to abide by all applicable laws and regulations, including intellectual property laws, in connection with your use of the Archive."); Open Source Initiative ("upload, post, email, transmit or otherwise make available any Content that you do not have a right to make available under any law . . ."); OpenOffice ("do not violate any law, ordinance, or regulation of any country, state or locality"); Reditt ("You may not provide to or post on or through the Website any graphics, text, photographs, images, video, audio or other material that invades anyone's privacy, or facilitates or encourages conduct that would constitute a criminal offense, give rise to civil liability, or that otherwise violates any local, state, federal, national or international law or regulation (e.g., drug use, underage drinking)"). Geoffbrigham 18:33, 24 December 2011 (UTC)

Infringing copyrights, trademarks, patents, or other proprietary rights.

There are always more and more proprietary "rights" being conjured up, as well as extensions on already existing rights. There are already very specific procedures in place for dealing with copyrighted material (at least on enwiki and Commons); why do we need to make global policy encompassing all "proprietary rights"? The term "other proprietary rights" does not even have a definition, as everyone has a different idea of what their own proprietary rights are. Does this *only* include rights as defined under US law? There is no explanation, and this is a blanket statement.

We believe that U.S. law is applicable, so the phrase would apply to U.S. law normally. This is a pretty traditional legal formulation (though I understand that you don't like it). Some projects, like Wikimedia Commons have provisions that require the local law to be observed as well. We could add the term "under applicable law" to narrow its application (which I will do under the proposed TOS). I saw your suggestion about "[p]osting copyrighted, trademarked, or other legally protected propiretary material without either permission from the rightsholder or under the fair use exemption." I think this is an interesting idea, but I do note that since Section 4 uses the term "infringing," it necessarily excludes cases where there is permission from the rightsholder or where there is fair use: such uses are not infringing. Geoffbrigham 23:52, 19 December 2011 (UTC)
The problem is that what infringes and what doesn't is not set in stone. Are you familiar with illegal numbers, illegal primes, etc.? Many people have claimed that others have infringed on their legally-protected rights. I have said a lot about this issue, but what it comes down to is that I think it's very important that the types of rights the WMF respects be articulated: we do not accept copyrighted material without permission or fair use, we respect trademarks recognized by the US government, and we use trademarks in a manner consistent with applicable US law. I don't see how patents really comes into the picture, except for maybe the posting of source code which someone claims to have a patent over. We should be specific about how patents are protected on WMF websites if patents are going to be mentioned in the Terms of Use. —danhash (talk) 20:20, 21 December 2011 (UTC)
Again I think it would be extremely difficult to articulate all intellectual property rights that we recognize and don't in a TOS. Also the law is not static, and the community policies on such issues are not set in stone. I'm concerned about too many specifics, because that requires a Board resolution every time there is a perceived change in the law. Community policies can better fill the gap here. (Patents are relevant, for example, with MediaWiki.)
Again, for whatever comfort this provides, other organizations have similar type of provisions. See, e.g., Reddit ("You are responsible for ensuring that any graphics, text, photographs, images, video, audio or other material you provide to or post on the Website, including without limitation in bulletin boards, forums, personal ads, chats or elsewhere, does not violate the copyright, trademark, trade secret or any other personal or proprietary rights of any third party or is provided or posted with the permission of the owner(s) of such rights."), Firefox ("the downloading, copying and use of the materials you make available will not infringe the proprietary rights, including but not limited to intellectual property rights, of any third party"); Internet Archives("not to infringe any copyright, trademark, patent, or other proprietary rights of any person"), Open Source Initiative ("upload, post, email, transmit or otherwise make available any Content that infringes any patent, trademark, trade secret, copyright or other proprietary rights of any party"); Linux Foundation ("Don't violate anyone's intellectual property and post anyone else's copyrighted or confidential material you don't have permission to use."); OpenOffice ("do not infringe, misappropriate or violate the intellectual property rights or privacy interests of others"). Geoffbrigham 20:33, 24 December 2011 (UTC)


Posting or trafficking in unlawful obscene material

There is no concrete definition (AFAIK) of what is and is not unlawfully obscene. This also varies with location. Take the cover of the Virgin Killer album. It is (to most people) quite obscene. But is it unlawfully obscene? I would think not, since it is still displayed prominently on the Wikipedia article about the album. I personally find that very offensive. And I am sure it is also illegal in some places. But Wikipedia already deals with these issues.

I could see rewording this provision as Posting or trafficking in obsence material that is unlawful under applicable law. I have made this change. That said, I don't want to try to resolve all the potential conflict of law provisions in the TOS. The vast majority of the time (if not all the time), we will apply only U.S. law since we see it as the only applicable law. Geoffbrigham 23:52, 19 December 2011 (UTC)
Thank you. Can we have at least a basic explanation, in the Terms of Use itself, of what term "applicable law" applies to? —danhash (talk) 20:20, 21 December 2011 (UTC)


Using the services in a manner that is inconsistent with applicable law.

This is about the broadest and vaguest statement I've ever heard. Wikipedia (and maybe other Wikimedia projects too) specifically aids users behind government firewalls break the law in their editing, and is committed to the privacy of such users. Users in parts of China for example are likely "using the services in a manner that is inconsistent with applicable law", depending on how the phrase "applicable law" is interpreted. Most of us are not lawyers, and most of us who are not lawyers do not wish to be lawyers, and even lawyers argue about these types of things, so how are average users supposed to interpret this type of statement?

This only applies to applicable laws, which pratically means U.S. law most of the time. It is frankly difficult to enumerate all possible applicable laws without understanding the facts of each situation. That is one reason we do not enter into too many specifics here. This provision makes clear that we have the right to take actions if there are legal violations. Geoffbrigham 23:52, 19 December 2011 (UTC)
What is an example of a time when a law other than U.S. law would be applicable? —danhash (talk) 20:20, 21 December 2011 (UTC)
See above example about a French user stalking an Italian user. Another example: A user employs code patented in France on WikiMedia, and patent holder sues in U.S. court, which then applies French law in reaching its decision and compels Wikimedia to comply. Another example: An Italian user seeks recognition and enforcement of an Italian defamation order in U.S. court (and the U.S. court honors that request under the Speech Act of 2010). My point is that we cannot envision all possibilities with specific language. Geoffbrigham 20:44, 24 December 2011 (UTC)

Posting or distributing content that contains any viruses, malware, worms, Trojan horses, malicious code, or other harmful content

Articles about viruses often contain sample virus code. The phrase "other harmful content" can be construed to mean almost anything.

Good point. How about if we say "or other device that could harm our technical system or that of our users" I have made this change. Geoffbrigham 23:52, 19 December 2011 (UTC)
There is also the first point about articles about viruses often containing source code. This sentence could easily be construed to ban such source code from articles. —danhash (talk) 20:20, 21 December 2011 (UTC)
No, it can't. Posting the plain text of a code cannot "harm our technical system or that of our users". Plain old ASCII text does not harm anybody's computer system. WhatamIdoing 22:17, 21 December 2011 (UTC)

Disrupting the services by placing an undue burden on a Project website or the networks or servers connected with a Project website

I'm sure this has happened before accidentally. My understanding is that this is dealt with at the developer/admin level, unless it is intentional (in which case it is already obviously not acceptable).

I think we should include this provision in the TOS for some of the reasons that I set out at the very beginning ("Reasons for the New Terms of Use"). If nothing else it provides clarity that this activity is unacceptable and people should think of ways to avoid it. Geoffbrigham 23:52, 19 December 2011 (UTC)
How about "Intentionally or carelessly disrupting the services by placing an undue burden on a Project website or the networks or servers connected with a Project website"? —danhash (talk) 20:20, 21 December 2011 (UTC)
Can you give an example of a disruption that is neither intentional nor unintentional ("careless")? I can't think of one.
More pointfully, disruption must be stopped, no matter what your reason is for it. This isn't a felony: a mens rea is not required. If you drive your car through an intersection in violation of the traffic signal, you're guilty of a traffic code violation. We don't need to bother figuring out whether your action was "intentional" or "careless" or "negligent" or anything else: Running a red light earns you a punishment. Disrupting WMF services earns you a punishment. It's your actions, not your alleged intentions, that matter here. WhatamIdoing 22:24, 21 December 2011 (UTC)

Probing, scanning, or testing the vulnerability of any of our technical systems or networks without authorization

People do this all the time, with every (major) website. Even something like this could be considered breaking this rule.

I believe there is a discussion ongoing below on this provision. I suggest that my thoughts on this be confined to that discussion. Geoffbrigham 23:52, 19 December 2011 (UTC)
Did you mean this section? —danhash (talk) 20:20, 21 December 2011 (UTC)
Yes. Apologies Geoffbrigham 20:48, 24 December 2011 (UTC)


I know my comments might not represent a global view of the subject, but I am envisioning how these terms could affect the projects I contribute to (primarily the English Wikipedia and Commons). Each project has its own rules, regulations, and procedures, and the statements in these new global terms of use are much, much too broad and vague. —Danhash 14:57, 6 December 2011 (UTC)

Many thanks Danhash for your thoughtful comments. I'm not sure if my proposed edits to address your points will be completely satisfactory, but hopefully they get us a bit closer together. Again I greatly appreciate all the time you put into this.
I appreciate you taking me seriously and listening to what I have to say. —danhash (talk) 20:20, 21 December 2011 (UTC)


The issue concerning "Probing, scanning, or testing the vulnerability of any of our technical systems or networks without authorization" has been brought up previously, but the issue has never been addressed. I had to test a possible blacklist exploit on a non-Wikimedia website because asking for "authorization" from the WMF would've been a pain in the ass. I believe that the "Probing, scanning, or testing the vulnerability" statement will hinder bug testing. Wikimedia should allow for vulnerability testing without having to ask for permission while encouraging responsible disclosure. --Michaeldsuarez 15:38, 6 December 2011 (UTC)
Why? Why should the WMF be the one major website in the world that says it's just fine for script kiddies and politically motivated hackers to see if they can take it down? Even if you're testing Mediawiki software for a directly WMF-related purpose, why should that be done on a production system? Risking a major production system for initial bug testing is what professionals call stupid. Giving you a safe place to test such things is why places like testwiki.org exist. WhatamIdoing 16:13, 6 December 2011 (UTC)
testwiki.org is for testing sysop bits and such, not uncovering vulnerabilities. --Michaeldsuarez 16:27, 6 December 2011 (UTC)
Many tests do NOT risk "a major production system". I've tested a few things myself here and there to see if anything needs fixing; this is appropriate and in the spirit of Wikipedia: be bold in trying to fix things. There are plenty of sandboxes and other ways to test things on Wikipedia itself without malicious intent, and I would content that most or at least much of this is done by people who are *not* script kiddies. I guess in your world no good deed goes unpunished (unless you receive "authorization"). —danhash (talk) 17:08, 6 December 2011 (UTC)
Even if any specific instance doesn't produce any harm (beyond a truly negligible blip in traffic), why should the WMF be the only major website in the world that gives permission for people to try to take it down? What makes you think that the WMF should permit inappropriate uses of its website, and especially that it should permit efforts by anyone and everyone (not merely the technically competent or good-faith) to do this? WhatamIdoing 00:30, 8 December 2011 (UTC)
The current wording prohibits everyone who does not have "authorization" from every specific instance which does not product harm. If well-intentioned, helpful users would have to risk being banned for testing something without going through a draconian "authorization" process, they may end up just not testing anything at all. If nobody tests anything in good faith, then only people with harmful intentions will test the system. This "authorization" process also brings up many unanswered questions:
  • How does one get authorization?
  • What kind of authorization?
  • Who must we get authorization from?
  • What are the criteria for granting, denying, or revoking authorization?
  • Will there be a way for any users' authorization status to be known by the community?
  • Must authorization be granted for each and every test?
  • Will the authorization application process be made public?
  • If so, what if posting the details of the requested test of the "technical system" would constitute "posting or distributing...malicious code, or other harmful content"?
  • Or what if it would be "disrupting the services by placing an undue burden on a Project website or the networks or servers connected with a Project website" for the details of the test to be made public, since others will have access to information about a possible vulnerability or software bug?
How other websites are run is not relevant to this particular discussion. Many of the "major websites" are run with policies and governing ideas that either make them unique (making them *OMFG* the only major website IN THE WORLD!!!!!!!!! run that way) or were the first major website to do so. The WMF running websites in a way that other people don't has, and I stress this, literally no weight in the argument for the policy change you are proposing. What is the current major problem that needs fixing by this swooping blanket policy proposal? At Wikipedia at least, people test things all the time, and why shouldn't they? It's a community built website. Yes, the WMF takes care of the legal aspects etc., but if the website goes down it affects everyone. Have you stopped to think that maybe part of the reason Wikipedia is as stable as it is is because of people taking an active role in fixing things (which means they have to test them first)? Wikipedia policy is be bold, and this policy proposal is a direct attack on the idea of being bold to fix things. —danhash (talk) 14:08, 8 December 2011 (UTC)
Dan, your specific questions about how to get authorization are outside the scope of this particular page. Details about procedures (especially details that are likely to change over time) belong in policies, not the terms of use.
But you're making an assumption that I believe is wholly unwarranted: you are assuming that every single person who wants to test something has sufficient technical skills to know, in advance and without the smallest chance of error, whether that test will cause any harm. Now perhaps you've personally never had a test blow up in your face, but, as the delete-the-Main-Page example proves, it's simply not reasonable for the WMF to assume that 100% of people who want to test the systems are as lucky as you. Given that we cannot rely on 100% of self-selected testers to correctly identify whether their test will cause harm, the WMF really cannot responsibly permit 100% of wannabes to test, probe, or exploit the website with zero oversight. WhatamIdoing 17:13, 8 December 2011 (UTC)
......

you are assuming that every single person who wants to test something has sufficient technical skills to know, in advance and without the smallest chance of error, whether that test will cause any harm.

No I'm not. It is not true that everything that you are worried about or that could theoretically cause a problem should be banned on a global level. You are making some very big assumptions.


it's simply not reasonable for the WMF to assume that 100% of people who want to test the systems are as lucky as you.

No, it isn't.


Given that we cannot rely on 100% of self-selected testers to correctly identify whether their test will cause harm, the WMF really cannot responsibly permit 100% of wannabes to test, probe, or exploit the website with zero oversight.

And it doesn't. Not prohibiting something in the global terms of service is different than giving everyone free reign to do whatever they want. Your logical fallacies are getting hard to keep track of.
You have made no point. —danhash (talk) 18:57, 8 December 2011 (UTC)
Also I am not sure you are seeing the point. I am not saying that inappropriate use of WMF websites should be tolerated. I am saying that the wording of the proposed terms of use (at the time I quoted it at least) is a blanket prohibition when it shouldn't be. Additionally, my objection to this proposal is not the same thing as saying the WMF should permit inappropriate use of its websites. —danhash (talk) 14:46, 8 December 2011 (UTC)
About "Infringing copyrights, trademarks, patents, or other proprietary rights":
"Other proprietary rights" covers trade secrets, personality rights, and the moral right not to have your work plagiarized (i.e., you come up with an idea, and I unfairly pretend that it's mine). In practice, I don't think that anyone will actually have any trouble identifying serious violations of this item.
It's worth remembering that we're not writing major laws here. It's not like the precise definition means the difference between someone going to prison or not. WhatamIdoing 16:23, 6 December 2011 (UTC)
What about issues like the 09F9 fiasco? What specific implications does this overarching and indiscriminate blanket prohibition have for illegal numbers and the like? This *is* legalese after all: if we are going to prohibit something, we damn well better be exact and specific about what is and is not ok. If this will be global policy for all Wikimedia projects, it needs to be much more explicit. —danhash (talk) 17:15, 6 December 2011 (UTC)
Does someone own those numbers? That's a serious question: "proprietary" means "owned as property". If nobody owns the number (and I can't imagine how anyone could realistically claim to own a number: can I go buy my 'lucky number' at a store somewhere?), then it cannot be a proprietary right. WhatamIdoing 00:30, 8 December 2011 (UTC)
People claim to own numbers and/or the rights to them. There are major lawsuits over this. If you are pushing for this policy, you should know that. —danhash (talk) 14:11, 8 December 2011 (UTC)
So what? People claim to own the Brooklyn Bridge. What I asked is whether they actually own those numbers. I think it's pretty obvious that they don't. They might own a particular method of using a number (i.e., as an encryption key), but that's not the same thing as owning the number itself. WhatamIdoing 17:18, 8 December 2011 (UTC)
It's obvious to you and me and anyone with a quarter of a brain that nobody actually owns numbers, but the question is whether they are legally considered owned or not, which is a pretty nebulous thing, at least in the United States under current law. We should not have language in the terms of service that could be construed to prohibit a number from being posted—obviously nobody has a proprietary right to a number, but many people think and/or claim they do. There is already a process in place for dealing with such things on Wikipedia (see WP:Keyspam); we do not need this phrase in the terms of service. —danhash (talk) 18:36, 8 December 2011 (UTC)
So it's obvious to you, me, and the only people who have any right or power to enforce this agreement (the WMF) that such claims are idiotic and should be disregarded. As a result, nobody here is going to construe this clause as prohibiting you or anyone else from posting any number at all. Consequently, the harm you envision simply will not happen.
Furthermore, removing this clause would not protect against the invalid claim. They could just as easily make that invalid claim about owning the number right now, and they could make it next year, regardless of whether the WMF prohibits users from violating real proprietary rights or not. WhatamIdoing 23:10, 8 December 2011 (UTC)
Then wording should be added to explain which specific proprietary rights are recognized. What I consider a proprietary right, what you consider a proprietary right, what any particular government considers a proprietary right, what is considered a proprietary right under international law, and what corporations and content creators consider proprietary rights are often wildly different from each other. It is not clear from the quoted language what is and is not considered a proprietary right. You are right in that removing the clause doesn't protect against invalid claims, but including it is confusing, and whatever your opinion is of the current intended use of this clause, it could interpreted more broadly in the future. Any restriction in the global terms of use should be specifically and unambiguously articulated. —danhash (talk) 15:36, 12 December 2011 (UTC)
Why? I get the fact that you don't like general concepts, but I don't see the practical value to the average user. Shall we also specify exactly which copyright-related laws and treaties we're demanding compliance with? After all, "copyright" is an abstract concept, and the specifics vary significantly from place to place and year to year. Shall we specify exactly which country's patent laws matter, and what our position on the treatment of disputed trademarks is? "Don't violate trademarks" doesn't tell you whether it's okay to talk about ugg boots, or if people outside of Australia's sphere of influence need to find another name for sheepskin boots made by someone other than Deckers Corporation.
There's no way to make this absolutely specific and unambiguous, and I see little practical value in even attempting it. By leaving it vague, we're giving the WMF plenty of room to do the Right Thing in every instance. If, by contrast, we specify that we will follow the decisions of ____ agency or ____ law on proprietary rights (no matter how much those laws may change in the future or how stupid a decision the agency might make), then we're stuck. WhatamIdoing 22:29, 12 December 2011 (UTC)
At least "copyright" is a globally recognized term. Different countries have different copyright laws (different countries have different murder laws too), but copyright is copyright. The term "other proprietary rights" tacked on adds NO benefit—it could only be used for suppression and censorship. New "rights" are being conjured up all the time (for example Plant breeders' rights) and existing "rights" are extended again and again, encroaching on our freedoms and our speech. The WMF should not in any way be associated with the movement to censor everything that somebody does not want published—we get enough of that everywhere else (especially places like Youtube). Including "other proprietary rights" gives *NO* definition of what it means. If the specific rights that the WMF is concerned with are not explicitly stated in the terms of use itself and must be explained elsewhere in a non-binding way, then the definition can change at any time. Also—and this is a very big issue—we do not want to give the impression that if some greedy corporation fights for a new "right" they want, that as soon as it gets legal recognition of any kind all of WMF's websites will be whitewashed of whatever information the corporation feels it has the rights to control disclosure of. It should be clear from official WMF policy that it, and we (the community), will NOT bow to bullying tactics and fancy legal footwork. It's pretty clear as it is now that Wikipedia will not remove legitimate, sourced content just because someone dislikes it, but this wording brings questions about WMF's motives for including it.
What specific incidents that have already happened on a WMF website do you think will be protected against in the future by adding this language to the terms of use? —danhash (talk) 15:21, 13 December 2011 (UTC)

┌─────────────────────────────────┘
The WMF is required to respect whatever proprietary rights exist under US and California law, including any proprietary rights that are not enumerated here and any proprietary rights that are created in the future (so, yes, they can, and probably will, "change at any time"; the WMF has no control over that). Adding the catch-all phrase prevents them from having to update the TOS every time a mandatory-to-the-WMF law is created in the future—even if that new right benefits "some greedy corporation".

Adding the catch-all phrase also saves them the trouble of enumerating all of the existing minor ones. For example, there's some sort of Hollywood-oriented proprietary rights in California law that deals with personality rights (the right of a celebrity to control his personal image/publicity). Again, complying with California law is not optional for the WMF. They don't have any realistic alternative. But IMO there is also no need for the WMF to advertise this law's existence by specifically naming it in the TOS.

As far as the TOS is concerned, there are only two kinds of proprietary rights:

  1. Proprietary rights that the WMF is 100% required, by law, to respect, even if the WMF hates the law, and
  2. Proprietary rights that the WMF voluntarily chooses to respect.

As an example of #2, I don't believe that either California or US law prohibits plagiarism of public domain sources, but the WMF (and definitely the communities) would prefer that you gave credit where it was due, even if that were only a moral obligation rather than a legal one. Honestly, I can't really imagine any proprietary rights that fall into #2 and would be the sorts of thing you'd want anyone to disrespect. So all of your worries are about #1, and the WMF simply has no choice about those. WhatamIdoing 21:27, 13 December 2011 (UTC)

Why do they need to be specifically mentioned in the first place? On enwiki for example there are notices about complying with U.S. Federal and Florida state law. That obviously includes copyright. As far as plagiarism, enwiki has very specific rules and guidelines that are enforced by the community and by admins. I ask again, why add all this to the global terms of use? Each project has it's own enumerated rules. If and when those rules are not specific or detailed enough, more guidelines are put in place. Even with these additions, each project would still have to maintain their own guidelines. For example, image use policy on enwiki and commons is very different, and both projects have their own very specific rules. This new terms of use language does not at all lessen the need for those guidelines local to each project. —danhash (talk) 22:20, 13 December 2011 (UTC)
I agree with you that proprietary rights that are being voluntarily respected (like plagiarism) do not need to be mentioned, and I hope that community enforcement will be sufficient that the WMF never has to waste staff time dealing with it. Apparently the WMF's counsel agrees, too, because plagiarism is not mentioned.
But there are non-voluntary proprietary rights that the WMF has absolutely no choice about respecting, e.g., the California celebrity rights law. Including those non-voluntary items is presumably why the general concept of "other proprietary rights" is mentioned. The choices appear to be three:
  1. we ask the WMF to waste a lot of time and money identifying each and every proprietary right that they're legally bound to respect, and to update the TOS continuously as the laws change, or
  2. we omit all reference to the existence of these other rights, but enforce them anyway (remember: the WMF has no choice on that point), leading to users upset that they had no notice that any other proprietary rights might be exist or be enforced, or
  3. we add a simple catch-all phrase, like "other proprietary rights".
Between wasted money, blindsided users, and a simple catch-all statement, I think the catch-all statement is the best choice. Which do you prefer? WhatamIdoing 20:50, 14 December 2011 (UTC)
You options present a false dilemma. #1 is not necessary, since there are already notices everywhere about abiding by appropriate laws. It is not necessary to list every single individual law which may affect any aspect of any site that the WMF runs. As I have continued to say, each local project has their own policies and enforces them themselves; the WMF can step in when it is necessary. Wikipedia is run very well in this aspect. #3 is not acceptable at all. Of the options you presented, that leaves #2. We don't need to leave out all references to the existence of other rights, since there are already other legal notices. There is no reason to include a "simple catch-all phrase" that could potentially have very bad future side effects. The possibility of this phrase being applied more broadly in the future may seem unlikely to you, but that doesn't matter, because there is no need for it, and it should not be in the terms of use anyway. —danhash (talk) 21:43, 14 December 2011 (UTC)
After calling my list of options a "false dilemma", I see that you provided no other options and chose #2. That suggests that it's not actually a false dilemma, i.e., that there are no other options.
I do not think that it is helpful to have any users blindsided by the fact that other currently mandatory proprietary rights exist and must be enforced by the WMF. You think that would be just fine and preferable to having an option that could theoretically be voluntarily interpreted by the WMF in ways that you dislike. We'll just have to agree to disagree. WhatamIdoing 22:28, 15 December 2011 (UTC)
My point was that specifically mentioning every aspect of law the pertains to every WMF site isn't necessary, since there are already plenty of notices about abiding by applicable laws. Your second point included the assumption that users would be upset that no notice of other proprietary rights was in the terms of use. My point is that this will not be a problem, at least not for enwiki and commons. If you had a narrower second point then perhaps your set of choices would not have presented a false dilemma. But your 3 points as presented are an incomplete and narrow view of our options for the terms of use.
The biggest risk of users being blindsided is by leaving it ambiguous as to what is forbidden. You may not like that the current situation in the U.S. is very much ambiguous, but the fact of the matter is that it is. Perhaps the wording "Posting copyrighted, trademarked, or other legally protected proprietary material without either permission from the rights-holder or under the fair use exemption" could work. That is much more specific and much less ambiguous. Any phrase even close to being as ambiguous as the phrase "or other proprietary rights" has no place in the global terms of use.
It is not only theoretically possible that starting to add more restrictive wording to the terms of use could lead to problems in the future. It starts a precedent. The next time somebody wants to add something more restrictive, it will be just a little easier. BUT my objection is not only that it sets a bad precedent; my main objection is that this wording is bad, and that it has no place in the global terms of use.
You are simply trying to take the easy way out here, and that is not acceptable. —danhash (talk) 18:08, 16 December 2011 (UTC)
I'm not trying to "take the easy way out". I'm trying to maintain a useful level of flexibility so that we don't have to revise this document very often ("ever" being my preferred timeline).
The problem with your insistence on solely "legally protected proprietary rights" is that it doesn't include voluntarily supported rights, such as plagiarism, and it invites wikilawyering over whether any given right being discussed in the courts is "legally protected" at the moment.
I agree that your wording is more specific (about other proprietary rights, although it omits patents, and the potential for infringing on a software patent is a problem for MediaWiki that should be called out by name; furthermore, the WMF is going to object to infringement even if you can figure out a way to infringe without technically "posting" it). I do not, however, agree that specificity is actually better for the WMF or for the community.
Again: I do not expect us to agree, no matter how long we talk about this. Our goals are incompatible. You want the smallest reasonable level of flexibility, because the WMF might hurt you someday if they are left to use their best judgment. I want the largest reasonable level of flexibility so that we can avoid having legalistic discussions about applying the terms and so we can reduce the number of future revisions to the terms. It is not possible to simultaneously have both less and more flexibility. Geoff will ultimately have to pick one or the other as his recommendation to the Board. WhatamIdoing 18:50, 16 December 2011 (UTC)
You are trying to have plagiarism covered as part of the term "other proprietary rights". To me, "proprietary rights" generally refers to legal proprietary rights (such as copyrights/patents/trademarks). This is exactly what I was talking about. Without specifically listing what you are talking about, the possibility for confusion and needless arguing becomes endless. Your goal seems to be trying to avoid argument by being all-inclusive, however by being so inclusive as to be ambiguous, you are actually promoting more argument. I agree that plagiarism in Wikipedia is a bad thing, but this current wording does not unambiguously prohibit it. The truth is that terms of use documents for websites need to be updated sometimes. It is not reasonable to assume that one revision of the terms will be valid for all of eternity. Technology changes, society changes, the law changes, language changes, and terms of use documents sometimes need to change. Don't use laziness as an excuse to be more restrictive. I am not insisting on legally protected proprietary rights to the exclusion of issues like plagiarism (what you call moral rights). The issue of plagiarism is very different from the issue of copyright. You may be able to plagiarize without infringing copyright, and you can certainly infringe copyright without plagiarizing. If you want plagiarism or "moral rights" in general to be included, they should be specified. What scenario do you have in mind where a user would infringe a patent on a site like Wikipedia? I came up with that wording quickly. It was not intended to be perfect but merely an example. The wording you are trying so hard to defend will likely invite more "wikilawyering" than being specific. And there is no good reason not to be specific. The convenience of a few over the good of the community seems to be what you are fighting for, along with laziness. —danhash (talk) 15:10, 19 December 2011 (UTC)
I think that the existing language allows "other proprietary rights" to be defined by and applied by the WMF as needed. As a result, "The WMF says that ____ falls (or doesn't fall) under 'other proprietary rights'" will form an argument-ending response. Being flexible does not necessarily mean being more restrictive; it could result in the WMF being less restrictive in any given situation (e.g., declaring the plagiarism, while evil, is not something they want to spend staff time on).
As for your question about patents, I remind you again that this is not the TOS just for the encyclopedia projects. It is the TOS for 100% of WMF websites, which includes a website for which software patent infringement is as serious a worry as copyvio is for the encyclopedia projects.
I'm concerned that you are misapprehending the situation, so I'm going to try to make this as plain as possible: you will not convince me that greater restrictions on the WMF's ability to manage their websites is for "the good of the community". I don't mind if you want to keep talking, but I don't want you to retain any hope that your continued assertions are going to change my mind. I know that you believe in freedom. I know that you want the WMF websites to be as free as a public street corner. But I do not and will not agree that the WMF needs to volunteer for additional self-restrictions on their private website. WhatamIdoing 00:22, 20 December 2011 (UTC)
I have no more desire to debate this with you, you obviously have your mind made up and refuse to think about any alternatives to your pet phrasing no matter what damage it has the potential to cause. I ask that you please stop misrepresenting my position: I do NOT want the WMF websites to be as free as a public street corner, and you completely fabricated that position out of your own mind. Nowhere have I made any statement coming even close to such a viewpoint, and I honestly consider that accusation to be a personal attack (I am not so naive as to think that is a good idea, and by characterizing my viewpoints as that naive you attack my credibility). You are not at all helpful in this discussion other than to waste my time—I did not come here to argue with you, but to discuss my concerns with the community. You are but one closed-minded member, and there are other members who agree with me, or who disagree but are willing to consider other people's reasonable viewpoints. Geoff has now responded to this section and he seems willing to at least give a reasonable consideration to what I have to say. —danhash (talk) 16:59, 21 December 2011 (UTC)

I have included my comments to the above discussion at the beginning. Thanks for thoughts on this. Geoffbrigham 23:52, 19 December 2011 (UTC)

Thank you for your response. I have read your comments and will reply after I have considered them further. —danhash (talk) 17:00, 21 December 2011 (UTC)
Replied. —danhash (talk) 20:20, 21 December 2011 (UTC)
Geoff, thank you for your detailed replies; I very much appreciate your attention to my concerns. I simply do not have the time to continue this discussion much further, but your answers provided a bit more insight into some of these issues, and I appreciate the changes you've made. I feel we may have some fundamental differences in opinion on some of these issues, but you have paid a lot of attention to my viewpoints, and I respect what you have to say. Thank you. —danhash (talk) 15:43, 30 December 2011 (UTC)

Proposal

I am a little bit uneasy about the "Probing, scanning, or testing the vulnerability of any of our technical systems or networks without authorization" bit as well and tried to figure out how to improve it.

The main aspect of this that is sticky for me is that we shouldn't write the terms of use to forbid something that is actually permitted and even encouraged. Since we are an open project and users are also our software developers--if someone sees a feature, says "I bet this part is broken", probes at it to try to find vulnerabilities, finds them, and then reports it, what we usually tell them is "thank you". And that's how several of them are in fact found.

So I banged my head against this section with Greg (who is no stranger to trying to break things) to try to figure out where the distinction is and we came up with a few points-- which is basically that such testing should be permitted, under a few conditions:

No unduly abusing system resources. Someone who says "guess what, when I try to make a million connections per second, your site goes down" should really know better.

No exploiting vulnerabilities for personal gain, aside from credit for your work. Someone who breaks something and gets access to something they shouldn't, and then uses it to personal benefit--or who sells their knowledge to someone who will exploit it--is abusing our openness.

You must report any vulnerabilities you find to MediaWiki developers (or fix it yourself). The reason to allow this kind of thing is so that everyone can participate in improving the site, and people don't fear being punished for doing so innocently. If you don't report or fix the problems you find, you're not helping.

You must not engage in these activities with malicious or destructive intent. In some of the comments on this section earlier on the page, there was mention that we can't really tell what someone is thinking when they do something, and so we can't forbid action with malice where we can't tell. I think this is the wrong way to look at it. The Terms of Use are guidance to users. We can't always tell what they're thinking--but we can tell them what they shouldn't be thinking; it should be fine as an instruction. And in the cases where it actually is apparent that someone was up to no good it would be nice to be able to clearly say it was prohibited.

I think this may be more workable and more true to the spirit of what we are actually doing and trying to do than requiring authorization beforehand, but I am interested in how others may choose to tear holes in it. Kat Walsh (spill your mind?) 22:22, 28 December 2011 (UTC)

I think it would make more sense to handle this as a separate policy, whose main goal is to explain what kind of probing is likely to be granted authorization, and what kinds of violations are serious (or stupid) enough to merit WMF-level enforcement if they occur. WhatamIdoing 01:54, 29 December 2011 (UTC)
For discussion purposes, I see two possible approaches (with wordsmithing):
Approach 1 (refer to policy)
Probing, scanning, or testing the vulnerability of any of our technical systems or networks inconsistent with WMF or community policy.
Approach 2 (incorporate above requirements)
Probing, scanning, or testing the vulnerability of any of our technical systems or networks unless all the following conditions are met:
  • such actions do not unduly abuse or disrupt our technical systems or networks;
  • such actions are not for personal gain (except for credit for your work);
  • you report any vulnerabilities to MidiaWiki developers (or fix it yourself); and
  • you do not undertake such actions with malicious or destructive intent.''

Geoffbrigham 23:06, 29 December 2011 (UTC)

Thank you, Kat, for your insight on this issue. Geoff, thanks for your reply. I am a bit more inclined to endorse approach 2, though either approach is light-years better than the former wording. —danhash (talk) 15:34, 30 December 2011 (UTC)
OK, given the significance of the discussion on this topic as well as Kat's and Danhash's feedback, I prefer Approach 2. I will now make that change in the TOU. Geoffbrigham 19:57, 30 December 2011 (UTC)

Refraining from certain activities

Should this section be clearer in terms of explaining what law applies to the user. "Unlawful obscene material", for example, could mean different things in different places. I am guessing that I am not allowed to post obscene material that would be illegal in San Francisco County. But this is not explicit anywhere in the draft. Am I allowed to post obscene material that is not illegal there? Do I have a right to cite the agreement when complaining about a user who has broken obscenity laws in some other jurisdiction? --FormerIP 00:21, 9 December 2011 (UTC)

The same rules of jurisdiction apply to every single word in the entire document. The two relevant concepts are not difficult, and they have been repeated several times now:
  1. You're stuck with whatever laws apply to you. You are personally stuck with those laws no matter what the WMF does, says, or thinks about those laws, or if it even knows that those laws exist. The WMF cannot give any user an exemption from the laws that apply to that individual user.
  2. The WMF is stuck with whatever laws apply to it, which it already specifies under ==13. Disputes and Jurisdiction== are California and US federal laws (not San Francisco city ordinances).
In the example you give, if you post something that is "unlawful obscene material" for you, then you can get in trouble with your government. If the WMF does something that is illegal for them (e.g., refusing to delete child porn), then the WMF can get in trouble with their government.
If you complained to the WMF that someone in a repressive country posted material that is "unlawfully obscene" according to local law, but totally fine under California and US laws, I expect that they'd ignore your complaint: as far as they're concerned, the action is legal, and they have no obligation to do anything about the legal-for-them action. So you could cite the agreement, but nobody would care.
If you complained to that repressive country, then I expect that government would take the complaint more seriously—and also not care (not even one little bit) whether the alleged crime perpetrated by one of their citizens was either encouraged or prohibited by the WMF's private contract with the user. So again, you could cite the agreement, but nobody would care.
(Bonus explanation: So if nobody cares, why do TOUs say things like this? First, we say this because there are circumstances in which people very much care, e.g., material that is unlawfully obscene for the WMF to host. Second, we say this because it puts users on notice that this behavior isn't wanted. The WMF is not your free webhost, and it definitely isn't your free child porn webhost.) WhatamIdoing 02:25, 9 December 2011 (UTC)
I've always felt that such notices were to remind users that "Wikipedia made me do it" is unlikely to be a valid defense for their violations of local law. The fact that Wikimedia's servers are in the US is unlikely to make your local authorities indifferent to what you download or upload using a computer in their jurisdiction. Governments are funny that way. Eluchil404 20:10, 9 December 2011 (UTC)
"Wikipedia made me do it" is a lovely way of putting it. WhatamIdoing 18:04, 10 December 2011 (UTC)
WAID, you have given what is possibly a good explanation of the law, but that's not really what I was asking for.
To give an example, let's say it is illegal in Saudi Arabia to distribute a picture of two men French kissing. Apologies to Saudi Arabia if this is not the case. I log on in Saudi Arabia and upload such a picture. Clearly, I have broken the law in Saudi Arabia. But have I broken Wikipedia's Terms of Use? This does not seem to me to be clear from the draft text. --FormerIP 23:48, 10 December 2011 (UTC)
Agreed. It needs to be made clear that the draft text is only talking about actions illegal under the law that governs the WMF. 68.84.107.199 21:16, 11 December 2011 (UTC)
Oops - forgot to log in... Allens 21:26, 11 December 2011 (UTC)
FormerIP, What the Terms of Use are trying to say, as I understand it, is that if you upload the picture and the religious police come after you, then you are on your own. It is your job to check on the law in whatever country you are in and the WMF cannot protect you. You were warned (by the TOS) so don't come whining to us later. If you think the current wording doesn't convey this message then you should suggest changes to the wording. Filceolaire 20:41, 16 December 2011 (UTC)
The wording used is "you may not" rather than "it is your responsibility to check...", and it also seems worded so that local law applies. Maybe this is correct and service users are prohibited from breaking local laws. But I think it needs clarifying. --FormerIP 17:23, 18 December 2011 (UTC)
The wording is actually "for your own protection....you may not". I think that covers it unless you can come up with a better wording. Filceolaire 20:30, 18 December 2011 (UTC)
It depends what that part of the document is intended to mean. Whatever it means, it should say that. If the guideline is merely advisory, it should not use the wording "you may not". If it is meant to ensure that WM content is legal in California, that should be made clear. It it is meant to ensure that users don't break laws applicable to them, then that should be made clear. --FormerIP 01:44, 19 December 2011 (UTC)
This is a tough issue (previously raised in other contexts in this TOS discussion). Some of our thinking at WMF is set out here. And we have said more or less the same thing in our disclaimer on Wikipedia (see sub-heading: Jurisdiction and legality of conduct) and Wikimedia Commons. As a general rule, we believe that U.S. law is applicable, but there may be circumstances in the future where other laws are applicable. (For example, if we chose to put our main servers in Norway.) WMF strongly opposes laws that constitute censorship, and we offer to help editors in limited circumstances if they find themselves in trouble. So I prefer to avoid jettisoning the term "applicable laws" because, as we make clear in the TOS, those laws - as construed by local governments - may include the laws of the country where an editor lives or is located. That said, I like the above idea about providing a "warning." Just playing with the idea, we could, for example, include a provision that says:
WMF believes that, depending on the circumstances, applicable law usually includes the laws of the United States, but, despite our position to the contrary in a number of countries, we warn editors and contributors that local authorities may seek to apply local laws to you where you live or where you view or edit content.
Does the above help us get closer to agreement? It is really not a legal contractual term, but I can see its use in our context. Thanks. Geoffbrigham 00:44, 20 December 2011 (UTC)
Geoff, I may be misunderstanding slightly but, apart from the situation where the servers get moved to Norway (surely in that eventuality we will need new ToS in any case) I have a dual responsibility - one to follow the law in San Francisco and one to follow the law where I am. Except the latter is my lookout. It's therefore fine for WMF to warn me about the latter, but it should only require me to pay attention to the former.
So, my question is, what happens when a user is on holiday in Riyadh and I report them to WMF for uploading the boy-on-boy snog picture? Does WMF feel obliged to withdraw their editing privileges? I would say the current wording suggests that this would be the case.
Maybe their could be a clear statement that US law governs the conduct of users as far as action by WMF is concerned, but that there is no indemnity, protection (or whatever the correct legal term is) in respect of laws that may apply to users because of where they are. --FormerIP 02:16, 20 December 2011 (UTC)
@FormerIP. You are raising excellent points. I believe I address some of them in the parallel discussion taking place here. I give some other examples where foreign law may apply. Any enforcement of the TOS will require discretion. The boy-on-boy snog picture would result in no action by WMF because that constitutes censorship and will do not see that law as "applicable." All that said, and taking into account your feedback, we could try a provision like this:
WMF believes that, depending on the circumstances, applicable law usually includes the laws of the United States, but, despite our position to the contrary in a number of countries, we warn editors and contributors that local authorities may seek to apply local laws to you where you live or where you view or edit content. In such cases, WMF cannot offer any protection, guarantee, immunity or indemnification.
Geoffbrigham 21:17, 24 December 2011 (UTC)
OK, I played around with this in Section 1(b). I'm still not sure if I like it completely, but here it is:
You are responsible for your own actions: You are legally responsible for your edits and contributions on Wikimedia Projects, so for your own protection you should exercise caution and avoid contributing any content that may result in criminal or civil liability under any applicable laws. For clarity, applicable law includes at least the laws of the United States of America. Although we may not agree with such actions, we warn editors and contributors that authorities may seek to apply other country laws to you, including local laws where you live or where you view or edit content. Unfortunately, WMF generally cannot offer any protection, guarantee, immunity or indemnification.
Many thanks for the suggestion. Geoffbrigham 15:40, 27 December 2011 (UTC)
"Unfortunately" is an opinion, and not one that is appropriate to every situation. I don't consider it the least bit unfortunate that people posting child porn are subject to their local laws. WhatamIdoing 01:50, 29 December 2011 (UTC)
OK ... without "unfortunately." Shall I cut and paste this into the proposed terms of use?
You are responsible for your own actions: You are legally responsible for your edits and contributions on Wikimedia Projects, so for your own protection you should exercise caution and avoid contributing any content that may result in criminal or civil liability under any applicable laws. For clarity, applicable law includes at least the laws of the United States of America. Although we may not agree with such actions, we warn editors and contributors that authorities may seek to apply other country laws to you, including local laws where you live or where you view or edit content. WMF generally cannot offer any protection, guarantee, immunity or indemnification.
Geoffbrigham 23:31, 29 December 2011 (UTC)
Edit made. Geoffbrigham 19:56, 30 December 2011 (UTC)


Civility and related minefields

Civility is a minefield: it is not only difficult to encourage; it is even hard to define. Headlining it at the top of a legal document is a hostage to fortune, especially as the legal text itself only mentions civility in one sentence: "We expect you to be civil and polite in your interactions with others in the community, to act in good faith, and to make edits and contributions aimed at furthering the mission of the shared Project."

What does "we expect" mean, legally? How are civility and politeness judged? How can we tell whether someone is acting in good faith? Isn't it assuming bad faith to suppose they are not? What does it mean to "further the mission of the shared Project" and how do we determine which edits do this? Does criticism of a project further its mission, or is it unwelcome?

How can we ever truly know what another editor's intentions are? Geometry guy 23:13, 9 December 2011 (UTC)

Agreed, this was what jumped out at me too. Understood that the Foundation can exclude anyone at any time for (almost) any reason, it's a private site ... but not a single highly active user has been "civil" at all times to everyone's way of thinking. Would it do any harm to remove this sentence? You have a number of quite reasonable examples after that that are probably sufficient for your purposes ... if not, feel free to add more. Dank 02:07, 11 December 2011 (UTC)
Talk:Terms_of_use/Archives/2011-11-08#Politeness_and_civility – I've brought this up issue previously, and I was fortunate to see "require" transformed to "expect". As evident from how this topic keeps being brought up, perhaps that change isn't enough. Perhaps it would be better not to mention civility in the TOU. --Michaeldsuarez 02:25, 11 December 2011 (UTC)
The problem is that a TOU is not a statement of community norms (even if the community participates in the drafting), it's a legal document intended to list violations that merit expulsion by the Foundation. "We expect this, or else" is the same as "We require this, or else". Of course we should all work for a civil environment; that doesn't mean we should leave incivility undefined, but make it a wiki-felony. Dank 03:09, 11 December 2011 (UTC) Standard disclaimers apply: this isn't a criticism of Geoff's fine work, or of anyone else involved in the drafting, and I realize the community likes to bring up civility at every possible moment ... but please don't use such vague terms in a legal document. If there are behaviors that invariably merit expulsion, say what the behaviors are. Dank 14:39, 11 December 2011 (UTC)
I would object to removing this sentence. Civility is one of the core policies of the project and one of the 5 pillars Wikipedia is based on. Civility is defined on-wiki and is a straightforward concept. Also, nothing in the Terms of Use supposes that people are acting in bad faith. It says that we expect people to act in good faith. The policy of assuming good faith is based on this expectation. Granting that is it possible for people to act in bad faith is not the same as supposing that they are. This isn't a logical argument. Kaldari 19:53, 12 December 2011 (UTC)
I agree that civility is important, but I'm not sure it belongs in the Terms of Use. I'm sure you're aware, but it's worth pointing out again that the ToU is not specific to the English Wikipedia, and shouldn't be written using an en.wp term of art whose definition is subject to considerable debate and evolution. Nathan T 21:54, 12 December 2011 (UTC)
I'll add that it's a little odd to say that "Wikipedia is based on" something that was created nearly five years after Wikipedia was. en:WP:Five pillars is a popular essay that was written originally as a simple summary for new users. It's not a founding document. WhatamIdoing 22:40, 12 December 2011 (UTC)
As I have said before, the term expect concerns me a little, and its multiple meanings appear to be confusing some of the translations. Want might be a less ambiguous term. However, I'm not convinced that it will have any practical effect, so I'm not really worried about the outcome either way. WhatamIdoing 22:40, 12 December 2011 (UTC)
Why not be specific about forbidden activities like clear and repeated patterns of insults, harassment, etc. Carolmooredc 06:21, 13 December 2011 (UTC)
Carol, §10 is fairly specific insofar as it asserts the community's responsibility for setting and enforcing policy on individual projects, and outlining the kinds of situations that would invoke WMF intervention. To me, that seems like the appropriate kind of language for this document. If we want it to get into specific kinds of behavior, it seems to me that the TOU should report stuff that has been enacted elsewhere -- through community consensus or through Board resolution -- rather than taking on a rule-making role in itself. Perhaps seeking a board resolution would be an alternative? -Pete F 22:52, 13 December 2011 (UTC)
Standards of civility also vary significantly from project to project. Even after a couple of contributions, I've noticed that a much greater effort is made here to appreciate the work and good faith of others than on enwiki, and I apologize if my initial comment seemed "off" by comparison, especially as I am an enwiki editor who favors and supports relatively high standards of civility. However, this is all part of the issue I am raising here. Different communities have different norms, and contributing to enwiki often involves engaging in very controversial topics, where there can be vandals, trolls, POV pushers, and so on, and it is not always straightforward to identify which is which. Good faith contributors can become very frustrated, while a cool-headed troll can appear to be rising above the fray. To those who have not experienced the front line, I urge caution in discussing standards of behavior in the abstract. The character of an editor is only truly revealed when they find themselves in the heat of the argument, and there are very few who come out of such a baptism by fire looking good. Geometry guy 23:14, 13 December 2011 (UTC)
Hi Pete. I don't see how §10 applies to the current discussion, since it doesn't mention "civility"to be defamatory or discloses information that the user has no legal right to disclose, or is otherwise illegal;

to be (or contains anything which is) racist, vulgar, hateful, obscene, profane, threatening, insulting or offensive; or related terms. If I understand you correctly, how is a user to know that the civility language in §4 is only a suggestion with no actual penalties envisioned, that is, that the WMF won't enforce this provision of the ToU because they expect it to be enforced by the projects per §10? Do I have the wrong end of the stick? Dank 00:08, 14 December 2011 (UTC)

It relates in the sense that those of us in this discussion know that civility is something that is covered by project policies (like w:en:WP:CIVIL). My position is basically that I think the current text is fine; the mention of civility in §4 is part of general language that introduces all the specific bullet points, which seems fine to me; if there were a Board resolution about civility, it might be worth calling out (along with other specific board resolutions) in §11; but in the absence of one, I'm not sure what sort of change would be an improvement here. What Geometry Guy said above resonates strongly for me. I agree that civility is one of the most important things to our mission; but I don't see any unmet opportunity in the TOU to address it. -Pete F 00:27, 14 December 2011 (UTC)

┌─────────────────────────────────┘
Being a minefield should not be a justification for inaction. ToC should clearly state the following "All users agree not to post any content that is defamatory, discloses information that the user has no legal right to disclose, or is otherwise illegal or that contains anything which is) racist, vulgar, hateful, obscene, profane, threatening, insulting or offensive". Every new registered user should sign up to it and every existing registered user should have to sign-up through a specific, civility ToC acceptance screen. The foundation needs to get a grip on this [1] sort of behaviour because the en-community clearly cannot. This behaviour is increasing - and is increasingly unacceptable. Leaky caldron 22:44, 17 December 2011 (UTC)

This is definitely a recurring theme, so we should reopen and discuss (as we have). The present version states: We expect you to be civil and polite in your interactions with others in the community, to act in good faith, and to make edits and contributions aimed at furthering the mission of the shared Project. There are reasons to keep this concept in. We at the Foundation would like it: Our research shows that the lack of civility and politeness plays a role in scaring off newbies and hurts editor recruitment. Others in this thread and elsewhere have told us that they want us to give a nod to civility and politeness in the TOS. On the other hand, people are concerned (as here) about the ambiguity of the provision and the appropriateness to includes such a provision in a legal document. In response to some of this feedback, we changed "require" to "expect." I'm not concerned about having a non-binding term in a contract; it is not uncommon to articulate expectations without legal mandates in contracts: It helps establish the expectations on both sides (those that are legal and those that are not). The ambiguity issue is understandable, but, if the provision is not mandatory, I'm less concerned about a lack of specificity (and differences in civility): Those discussion are best left to the talk pages.
In light of the above, I would like to suggest that we consider this compromise language: "We encourage you to be civil and polite ...." This ensures that it won't be interpreted as a legal mandate, but it does set expectations, especially for people who are not familiar with our culture. I don't think we will find the perfect solution, but I wonder if this is an acceptable compromise. Thanks again for the discussion, which is most useful. Geoffbrigham 01:23, 20 December 2011 (UTC)
I've thought about this a few days and I think saying "We encourage you to be civil and polite" implies this is an aspiration which we accept may not be achieved and that there are no consequences if you don't meet that standard. In practice there should be and are consequences. The fact that these are enforced through project policies rather than WMF action is no different from any other item in the TOU. I believe "We expect you to be civil and polite" more accurately reflects our consensus.--Filceolaire 18:13, 24 December 2011 (UTC)
I agree with Filceolaire, but "encourage" is a compromise that I'm willing to accept (given the previous feedback) with the understanding that local communities can implement stricter policies. Geoffbrigham 21:04, 24 December 2011 (UTC)
What about "We want you to be civil and polite". I prefer "expect" but I think "want" would be better than "encourage". Filceolaire 19:41, 26 December 2011 (UTC)
I hear you, but I think "encourage" is the best compromise given our long discussions about this topic. If others disagree, let me know. (I personally prefer "require," so my role now is to find a compromise that works for the general consensus). Geoffbrigham 15:15, 27 December 2011 (UTC)

The Giano sanction

A little while ago, a user (who is well-known for his criticism of 'authority') discovered a flaw in the way that ex-members of ArbCom were removed from access to the ArbCom Wiki. He accomplished this by observing that the login procedure gave different results for usernames that were ex-members from the results for usernames that had never been members. Most of us thought that exposing such a flaw was a good thing. Yet I see the new ToU will contain the following provisions:

Engaging in Disruptive and Illegal Misuse of Facilities
  • [snip]
  • Probing, scanning, or testing the vulnerability of any of our technical systems or networks without authorization;
  • Knowingly accessing, tampering with, or using any of our non-public areas in our computer systems without authorization.

I'm pretty certain that the user's actions would violate the letter of those two actions specified, although I would strongly argue that they could not be construed as disruptive, illegal, or a misuse, other than in the minds of a very authoritarian few. As it it turned out, a minority were incensed that an unauthorised user might have spotted such a flaw; while the vast majority rightly considered that exposing such flaws was valuable. Consequently, these ToU would put weapons into the hands of the outraged minority to take action against such users, against both the wishes of the community and common sense. I believe that section 4 needs a re-think, unless you are positively committed to finding novel ways of ridding the projects of inconvenient critics. --RexxS 13:40, 11 December 2011 (UTC)

This is third time "Probing, scanning, or testing the vulnerability of any of our technical systems or networks without authorization" statement has been brought up and questioned. The other two times being this and this. Can someone please look into these concerns? --Michaeldsuarez 14:46, 11 December 2011 (UTC)
I believe we had an even longer discussion about this point, but, for the life of me, I can't find it. I'm definitely open to discussing this further, and I will be interested in the views of other members of the community. Just for brainstorming purposes, one possible qualification could be "maliciously and without authorization." I still need to think about it, but it may address your point. Would that work for you? What do other people think? Thanks for providing the Giano example, which I found interesting. Geoffbrigham 17:42, 11 December 2011 (UTC)
Thank you for your offer, Geoff. I expect that some further discussion may yield a form of words that meets the original purpose, while not jeopardising genuinely well-intentioned editors who sometimes ignore all rules. I do think the 'maliciously' qualification would go a long way towards allaying my fears, but – if I may play Devil's Advocate – I suspect that having to make a value judgement about an editor's intentions will prove a stumbling block, and may provide a defence for dishonest vandals ("Prove I had malicious intent"). Nevertheless I'd certainly welcome input from others on the viability of taking the line you suggest. Cheers --RexxS 18:34, 11 December 2011 (UTC)
Intent can simply be inferred. In any case, we don't want to go too far in the other direction and give license for people to do whatever they want. "Probing, scanning or testing the vulnerability" is generally not a good thing, and the ToS shouldn't encourage or permit it. The WMF can tailor its response on a case by case basis to account for the intent and outcome of different violations. Nathan T 20:24, 12 December 2011 (UTC)
I'm inclined to keep this as-is. For one thing, RexxS seems to be assuming a level of competence and intentionality that is not warranted. If we actually require maliciousness, then destruction or disruption accidentally wreaked out of technical incompetence or a natural delight in playing with shiny toys is not covered.
I agree with Nathan: the WMF is not required to punish people for violations. I expect them to use their Best Judgment and to consider all the facts and circumstances when deciding whether and how to respond to violations—just like I hope users like Giano will use their Best Judgment, and consequently get in touch with the WMF before undertaking such activities. WhatamIdoing 22:55, 12 December 2011 (UTC)
Giacomo is unsure whether he has a login here, so I am passing on these remarks on his behalf:
  • "before undertaking such activities"!!! When I told the arbitration committee about it and the attendant risk, there was the most evil and pernicious persecution of me that it's possible to imagine - had I not, at the time been a very high profile editor, they would have buried me alive; they did not care a stuff about the security risk, their only concern was not looking stupid themselves and having my discoveries made public. Such was my disgust at the emails and threats I received from one Knight Largo acting as the Arbcom's chief inquisitor and various arbs, I have never trusted any of them again and have largely withdrawn from the project. They are not fit to be in charge of private information and anyone who has voted this year for certain Arbs to be retained wants their bloody heads testing. Giacomo Returned
Rather than engaging in a to-and-fro about the sentiments expressed at this point, I'd ask contributors here to consider the issue raised that Giano fears that others who made the same test would probably have been sanctioned. It is not enough to assure us that WMF will not use these ToU to persecute editors, because the danger exists that our enforcers at en-wiki are quite capable of (mis)using ToU framed in the current manner as justification for suppressing potentially embarrassing revelations. --RexxS 23:30, 18 December 2011 (UTC)

Adding a "maliciously" would not have protected Giano because there were (or are?) some members of en:ArbCom who consider anything Giano does outside article space as malicious per se. While to any reasonable and objective observer Giano's actions were neither harmful nor malicious, and while ensuring that the security flaw was addressed was a net benefit to the project, this did not prevent a substantial over-reaction accompanied by vitriol directed at Giano. Terms of use that are open to interpretation by the powerful can always be used as a weapon against whatever target they choose. I would like to believe that such events would not occur but having seen such things happen (and this Giano incident is not an isolated example) I implore you to all make sure that there is independent review available for cases of alleged ToU violations by long-standing contributors. EdChem 01:01, 19 December 2011 (UTC)

On the other hand, if Giano had actually gotten authorization from the WMF to test the WMF's system, then I believe it would have been much harder for any volunteer to complain about it. It's too bad that he (apparently) didn't even attempt to do this. I hope that the new TOU will make it clearer to people like him that talking to the WMF (not to a couple of volunteers chosen for their social, rather than technical, skills) is the correct action.
I'm less concerned about whether independent review exists (sounds good, but how much will it cost?) because I seriously doubt that local disputes (like this one) will bother referring to the TOU. WhatamIdoing 00:46, 20 December 2011 (UTC)
  • Philosophically, isn't the Wiki software open source? Wouldn't that give people the right or even the encouragement to probe various aspects of it? Otherwise, what is the point of toolserver and the rest? I'm surprised the copyleft crowd didn't jump on this aspect. Giano may have done something for an intent beyond figuring out the system, but his actions were exactly the same and are part of the whole open aspect of the system. Ottava Rima (talk) 03:51, 19 December 2011 (UTC)
I don't think there's any doubt, Ottava, about Giano's intent. He suspected that certain ex-arbs might still have access to the ArbCom wiki, despite assurances to the contrary. As it turned out, he found that the login reacted differently to those names from how it reacted to a username that had never had access, thus establishing prima facie evidence that there was a flaw in the system. I'm pretty sure he has no interest in the technical aspects, but was bothered by the possibility that ex-arbs might still have had access. I believe it's fixed now. --RexxS 14:34, 19 December 2011 (UTC)
You missed my point. I was saying that it doesn't matter what a person's intent is, you can't ban the action as it would go 100% opposite of what the software is about. The WMF doesn't own the software, it is open source. Making an action a violation could really be damaging to the people who rely on the software for their own projects. Ottava Rima (talk) 17:31, 19 December 2011 (UTC)
First the WMF does own most of the copyrights in media wiki. The fact that they license it under an open source, copy left license doesn't change that.
Second the open source / free software philosophy means you can download the software, install it on your own server and experiment on it as much as you like. It does not mean you can mess with my installation of the software on my server. Filceolaire 23:38, 19 December 2011 (UTC)
Ottava, I know a for-profit software company that's using Mediawiki software. Doesn't that give me "the right or even the encouragement to probe various aspects of it" on their system? I might even learn some cool stuff about their products if I find a hole.
The important distinction here is "on their system". You have the right to probe the software, so long as you do it either on your own computer hardware or on the system of a person who agrees that you can probe the software on his system (e.g., any of the various test installations). The point of this item is for the WMF to say that their websites, which including some of the busiest websites in the entire world, are not okay places to be probing software (unless you get permission in advance). WhatamIdoing 00:37, 20 December 2011 (UTC)
I believe Filceolaire and WhatamIdoing are correct. I would ask for example how we are violating the GPL v.2 license by asking that those who modify our code not to insert malware or to undertake malicious probes. (I'm legitimately asking, not being snarky.  :) ) In any case, we specifically say in Section 17: Notwithstanding any provision to the contrary in this Agreement, we (the Wikimedia Foundation) and you do not intend to modify the applicable terms and requirements of any free license that is employed on the Projects when such free license is authorized by this Agreement. We may need to modify some of the language (as proposed earlier) in Section 4, but I presently don't see the conflict with the philosophy or legality of free licenses. Definitely open to being corrected. Geoffbrigham 02:01, 20 December 2011 (UTC)
As I understand it you have no rights over what people do with their copy of the MediaWiki source code but you do have a right to ask that they do not try to get malware inserted into the WMF copy of the code and you have the right to ask that the leave your server alone or that they confine their attacks to the designated test server. Filceolaire 07:57, 20 December 2011 (UTC)
"does own most of the copyrights in media wiki" Nope. Wikis were around before Wikipedia. It is also developed separately from Wikimedia. Groups like Toolserver show that what we use is owned by Wikimedia. The WMF owns the names and very little else. Even aspects designed by them would mostly fall under derivative works and there would be very little originality for them to claim ownership of the material. The mere notion of them licensing it as copyleft is silly because they have absolutely no alternative. It would be like them trying to claim they own the copyright to the content in, say, Wikipedia and by their grace license it out as copyleft. The TOU can't change that, and telling people they can't use the software by, say, entering in a user name where they lack access is really inappropriate, not standard in any TOS or user policy, and goes against the whole premise of this system. One can even argue that if the TOU did not outwardly ban private areas that kept people out or secret pages that such actions would go against the mission of Wikimedia and defy its standards that allow it to claim charitable status, especially when charity records are supposed to be under public access and operate for the public good, at least in the US. What Giano did can never be legally prohibited when it comes down to it, and even if Geoff tried to put in such language to prevent it it wouldn't stand up in court. The ethical ramifications in addition to how it would affect Wikimedia when scrutinized by, say, a judge, would really roll back quite a lot and it would allow someone suing to claim there was an unfair termination of access to subpoena records that would reveal far more information than the test would. Seeing how Giano is (and many like him), I don't think he would mind pushing forward and having a lot of stuff rolled back. After all, Wikimedia is both a charity and copyleft. That makes a lot of what people want impossible to have. Why else do you think Jimbo mostly focused on Wikia? You are pushing for a major can of worms that not only makes no sense, but would ultimately do more harm to Wikimedia than anything someone like Giano could do. Ottava Rima (talk) 03:07, 20 December 2011 (UTC)
WMF may "own the trademarks and very little else" but that little else includes operating the servers so they get the right to say how the servers are used (i.e. these Terms of use). Whether the software on the servers is open source or does not change that. Read the GPL. You have a right to get a copy of the source code. You have a right to change the copy of the source you got. You have a right to distribute the source code you changed. You have no rights over WMF's copy of the source code.Filceolaire 07:57, 20 December 2011 (UTC)
"includes operating the servers so they get the right to say how the servers are used " Not in the US. Anti-discrimination laws and many things that come with having a charity status gives them very little "rights" when it comes down to it. The US isn't a free market society. You don't get to do whatever you want. Prohibiting logging in like Giano would do would be impossible to ban and enforce a ban, and if they tried the ramifications would do a lot of damage. A lawyer would have to be absolutely crazy to advise the WMF as that being the right way to go. Ottava Rima (talk) 13:20, 20 December 2011 (UTC)
Wrong again. To keep their charitable status the WMF have to provide information to people for free. They could lock the database tomorrow and not make another edit ever and they wouldn't lose their charitable status provided people could still access the info online. Allowing people to edit is not a charitable purpose. Stopping them from editting is not a breach of their charitable status. Allowing people to try to hack into your servers may or may not be a charitable purpose but it is not the WMF's charitable purpose and banning people from doing so is not a breach of their charitable status. Filceolaire 13:59, 20 December 2011 (UTC)

┌─────────────────────────────────┘
Ottava, the wiki concept (first released in 1995) and the specific MediaWiki software (first released in 2002) are separate things. The WMF doesn't own the concept. But the WMF has paid for a substantial proportion of the coding done for the MediaWiki software, and if the WMF's employment contracts and handbook don't have a work-for-hire provision in them (to make the WMF own the copyright of all work produced on the job), then someone has seriously screwed up.

Your claims about a charitable organization's lack of right to control its computer systems is simply wrong. The WMF has the same rights as any other corporation in this respect. There are some minor limitations: for example, neither a non-profit corporation nor a for-profit corporation may refuse access solely based on a person's national origin. But the rules are the same for all corporations and all non-corporation businesses.

The only "charity records" that are legally supposed to be made public are some fairly brief annual summaries of financial statements. Everything that the IRS requires a US charity to disclose to the public is posted at guidestar.org. If it's not posted at GuideStar, then the charity is not legally required to provide public access to it. Charitable organizations are also allowed to maintain private areas, to own patents and copyrights, and to keep what you call "secret pages". I assure you, for example, that non-profit hospitals do not permit the public to inspect any medical records, and that no non-profit organization permits the public to inspect its employee records.

Filceolaire, it's not even technically necessary for the WMF to continue to provide free (either gratis or libre) access to the databases. As they're approved under the "educational" item in the 501(c)(3) code, to maintain their tax-exempt status, they have to do something that counts as "education". They could start charging for access (think about it: universities charge, and they're still non-profits), or they could dump this method of educating people and pick a new one. But they seem to be sensible people, so I don't think they're going to make any radical changes like that. WhatamIdoing 18:33, 20 December 2011 (UTC)

I don't think you understand how computer software copyright law works and operates. Furthermore, no one said that they lacked rights to "control their computer systems". However, you can't terminate someone's access for trying to login when they don't have an user name. Such would result in a court challenge that would allow the defendant to claim discrimination and have the right to demand server information. This would release far, far more data. You really don't understand US discrimination laws either, and neither does Filceolaire. This is a major problem. Ottava Rima (talk) 14:31, 22 December 2011 (UTC)
You most certainly can terminate access under those circumstances. Think about it: Who doesn't have a username for a system that requires a username? That would be "people who have zero authorization to be using that system", right? You are perfectly entitled to terminate access to unauthorized people.
Even non-profits can do this. There is no illegal discrimination going on when you refuse to let unauthorized people try to guess usernames and passwords. Illegal discrimination has to be based on a protected class, which in most of the US is race, color, religion, sex, national origin, and disability. Lack of authorization to login to a given computer system is not a protected class. A non-profit is no more required to tolerate hackers than a bank is. They can even call the police and report it as a potential crime if they want. WhatamIdoing 16:11, 22 December 2011 (UTC)
Ottava, Copyright law forbids you from copying stuff without the permission of the copyright owner. That is how copyright law works and operates. Computer software copyright law is no different. You are right that I do not understand US discrimination law but I don't believe it is covered by copyright laws. Filceolaire 20:13, 23 December 2011 (UTC)

This discussion started with some suggestions from Rexxs about changes to the language in Section 4. If anybody has concrete proposals, I would like to consider them since we have less than a week to finalize the document. Above discussion is quite interesting, but, as I understand, there is no action point for me. Correct me if I'm wrong, please. Cheers. Geoffbrigham 15:18, 27 December 2011 (UTC)

It was suggested to me to include something like the following provision, which I'm now putting at the end of Section 4: We reserve the right to exercise our enforcement discretion with respect to the above terms to allow for, among other things, normal usage that does not disrupt the safety, stability, and security of the site. This suggests that WMF may not enforce these provisions if they do not disrupt the safety, stability and security of the site (though the decision stays in our discretion). Maybe this addresses your concerns? It suggests that a benign attempt to probe without authorization may not result in an enforcement action (but it is not a guarantee) Geoffbrigham 14:39, 28 December 2011 (UTC)
This wording seems a bit lawyery. Can we make it simpler? "If a breach of these terms does not disrupt the safety, stability, and security of the site then we may choose to take no action" Filceolaire 17:27, 28 December 2011 (UTC)
I like your language better.  :) Might say: "the terms set out in this section." Let's see what others say. If no strong objection, I will make the change. Geoffbrigham 20:48, 28 December 2011 (UTC)
I'd prefer to be more vague. Filceolaire's language will probably be misinterpreted as meaning "if you (rightly or wrongly) believe your action—say, posting libel or harassing users—will not 'disrupt the safety, stability, and security of the site', then you can expect us to ignore your violation of these terms".
Geoff's is better, but still suggests that compliance with non-safety/stability/security terms is not important to the WMF. "We reserve the right to exercise our enforcement discretion with respect to the above terms", full stop, is probably adequate. Actually, saying nothing at all on this point is adequate, because there's no guarantee that every single violation will be noticed, much less "punished". WhatamIdoing 01:47, 29 December 2011 (UTC)
OK. Given Kat's proposal on "probing," I will go with WhatamIdoing's rewrite. With Kat's proposal, I think Filceolaire's chief concerns are addressed (though he should feel free to correct me). Geoffbrigham 23:37, 29 December 2011 (UTC)
Or take this right out and just say we may take appropriate action against someone who breaches these restrictions. If the breach is trivial then the sanction can be trivial too - a polite request to stop it on your talk page. Filceolaire 09:32, 30 December 2011 (UTC)


Section 11

First, Project are not defined previously and could be seen to be something like a WikiProject or a Wikipedia as a whole. In addition, this section seems to imply to me that policies that are sent down are not mandatory unless specified. "Some of these policies may be mandatory for a particular Project..." sounds like the policies are only ever mandatory for specific projects if at all.Jinnai 17:12, 13 December 2011 (UTC)

Policies vary dramatically between Projects. NPOV is mandatory on the English Wikipedia. NPOV was rejected at Commons, and would be silly here at Meta. So, yes: they are only ever mandatory for specific projects. There are a few (e.g., copyvio) that happen to be mandatory for all projects, but even then the details change between projects. WhatamIdoing 18:13, 13 December 2011 (UTC)
"Project" is actually defined, via a link, in this section: Terms of use#Our Terms of Use. However, I agree that a somewhat more explicit definition might be worthwhile. -Pete F 18:18, 13 December 2011 (UTC)
My point is that the text seems to imply that policies could be completely optional for every Project unless it specifically says otherwise for specific projects. FE: NFCC applies to the project as a whole, but the text does not mention Wiki-media wide mandatory policies, just Project specific policies. This should be clarrified to state that policies can apply to every Project or only to specific ones, but that in either case they are manditory where they do apply.Jinnai 00:00, 14 December 2011 (UTC)
Jinnai, I think this point is covered. The policy you reference above (w:en:WP:NFCC) is universal precisely because of a Board resolution, which is the entire point of section 11. Is there a specific edit that you think would make this more clear? As I read it, local/community policy is generally covered by §10, while universal/Board policy is covered in §11. Maybe what you want is a bit of text somewhere (maybe in the intro paragraph) that explains the relationship between the two..? I'm not sure I fully understand what change(s) you would like to see. -Pete F 00:10, 14 December 2011 (UTC)
Perhaps it would be feasible and useful to more carefully differentiate between "community policies" and "Foundation policies" (or "Board resolutions").
Certainly some Board resolutions apply only to specific projects, e.g., foundation:Resolution:Danish Wikipedia and DR. Many other official policies don't apply to any projects at all, e.g., the foundation:Travel approval policy. So I think it's accurate to say that only "some" foundation policies are mandatory for projects. Offhand, I'd guess that at least half of them are irrelevant to the projects' users. WhatamIdoing 21:05, 14 December 2011 (UTC)
Something like that would be helpful, yes.Jinnai 23:35, 14 December 2011 (UTC)
I think I may be missing the point. We deal with Foundation policy in Section 11, which makes clear that not all those policies are applicable to projects. That section reads:
The Wikimedia Foundation Board of Trustees releases official policies from time to time. Some of these policies may be mandatory for a particular Project, and, when they are, you agree to abide by them as applicable.
In Section 10, for example, we are pretty careful in labeling community policies as community policies:
Authorized members of the Wikimedia community may also take action according to the community policies of individual Projects, including but not limited to investigating, blocking, or banning users who violate those policies. You also agree to comply with the final decisions of dispute resolution bodies that are established by the community on specific projects (such as arbitration committees); these decisions may include sanctions as set out by the local policy of each Project. Especially problematic Users who have had accounts blocked on multiple Projects may be subject to a ban from all of the Projects, in accordance with the Global Ban Policy. In contrast to Board resolutions or this Agreement, policies established by the community, which may cover a single Project or multiple Projects (like the Global Ban Policy), may be modified by the relevant community according to its own procedures.
Concretely, what other language changes would you propose? Thanks much! Geoffbrigham 18:38, 20 December 2011 (UTC)

This section has been reviewed. If there are new issues or outstanding concerns related to this, please start a new conversation. Maggie Dennis (WMF) 12:55, 30 December 2011 (UTC)

Please add "No advertising, non-educational commercial material"

I'd add to

3. Content We Host

...

C. We do not host advertisements or non-educational commercial material.

Smallbones 05:12, 14 December 2011 (UTC)

But we do host advertisements. Commons has hundreds, and possibly thousands, of advertisements. WhatamIdoing 22:30, 15 December 2011 (UTC)
Smallbones, to generalize on the point Whatamidoing makes: I think that as Wikimedians, we all have strong opinions about what kinds of material we should be hosting. Those opinions are generally codified in documents like w:en:WP:GNG and commons:COM:SCOPE. They vary to some degree from one project and one language to the next, but are strongly aligned.
But the TOU is a document meant to broadly define the limits of user behavior, and explain things for which WMF is not liable. The "Content we host" broadly describes things that might invite lawsuits: "I am offended by what I found" or "the factual inaccuracy of what I found caused me harm." If it were plausible that somebody might find an ad and say, "I think I will sue WMF, I was assured that I wouldn't find any here, and this one that I found caused me harm due to the fact that it's an ad" -- that would be a reason to add an item like you suggest. But I don't think that's plausible.
In other words: I agree that Wikimedia sites are not places where ads should be placed as ads (though certainly the ads in books transcribed on Wikisource, or reproduced for their historical interest on Commons, have value in other respects). But I believe the community-determined project policies, in alignment of course with Board resolutions, are the place where that should be (and is) codified, not the TOU. -Pete F 01:11, 16 December 2011 (UTC)
Although I fully understand where Smallbones is coming from (I feel strongly against advertisements), I agree with Pete. Today we envision no advertisements, but the community opinion is not uniform. I prefer to handle this outside the TOS, especially since we have no intent to employ advertisements today and have established a firm position against commercial advertisments in the foreseeable future. Geoffbrigham 02:14, 20 December 2011 (UTC)
I'll add that the English Wikipedia gets at least one public complaint every year about the WMF "advertising" themselves by running fundraising banners after "promising" an ad-free experience. I really wouldn't want to deal with these complaints if the TOU "promises" an ad-free environment. WhatamIdoing 01:38, 29 December 2011 (UTC)

This section has been reviewed. If there are new issues or outstanding concerns related to this, please start a new conversation. Maggie Dennis (WMF) 12:54, 30 December 2011 (UTC)

Legalistic and unhelpful

"The user agreement helps new users see comprehensively the most important policies governing our site."

  1. We want new users to have a go without having to read anything - en:Wikipedia:Be bold
  2. Irrespective of what we want, people will have a go anyway. The only way to stop that would be to fundamentally change Wikimedia projects for the worst.
  3. When people are ready to learn more about policies etc., there are some good summaries out there like The Five Pillars. I think we do an OK job at directing people towards such summaries. If people can think of a better way to do that... great... but creating separate terms of use is legalistic and unhelpful.

Yaris678 15:42, 15 December 2011 (UTC)

You may be interested in the section #Reasons for the New Terms of Use above. -Pete F 21:41, 15 December 2011 (UTC)
I have read them. I found them wanting. The quote "The user agreement helps new users see comprehensively the most important policies governing our site." is taken directly from them. I have given several reasons why the position indicated by the quote is mistaken.
Have I missed something?
Yaris678 22:10, 15 December 2011 (UTC)
I understand your point, but I need to respectfully disagree, Yaris678. With respect to the point that you raised above, for example, we are not explicit about the legal consequences of editing: an editor is responsible for his or her edits. A new editor needs to know that. Transparency is an important value of our site. Also people need to understand the minimum requirements relating to behavior from the start, so, for example, new editors need to know that they cannot harass people. I think there are some core principles where the TOS helps. Geoffbrigham 00:19, 16 December 2011 (UTC)

OK. I've had another look. The important point is not contained in #Reasons for the New Terms of Use. It is where it says "You can find the current version of our terms of use here: http://wikimediafoundation.org/wiki/Terms_of_use". I think that should be stressed at the top of the page with some kind of message that says what this is all about. Something like.

That bit of context makes it obvious to me what it is about and why it is a good idea. Without that, I have horrible visions of the "Tick this box to say you have read this impenetrable text" type stuff you get on other websites. I also see that "most important policies governing our site" means important from a legal point of view. I don't know if there is a way to rephrase that... because for most people it is not important at all. They realise that have no claim on the copyright and wouldn't dream of infringing someone else's copyright.

Yaris678 09:28, 16 December 2011 (UTC)

I would prefer it if there were a box to tick. In fact, I proposed it previous. --Michaeldsuarez 14:09, 16 December 2011 (UTC)
Hi Yaris, I understand what you're saying -- and I probably should have linked you further up to the top of this page, rather than the subsection of specific goals. I like your proposed banner; however, I'm not sure if replacing the more generic box on the main page would be good, because it would affect all the translated versions of the more generic {{draft}} box. -Pete F 17:08, 16 December 2011 (UTC)
I don't know how you guys do translation, but I would have thought that the relevant translation of {{draft}} would do until someone translated the more helpful message box. If you don't provide that information than you can only expect more people to misunderstand what this is all about. I also suggest that you split #Reasons for the New Terms of Use into two: "Reasons why terms of use are useful" and "Reasons why we are currently drafting new terms of use". You currently have general reasons for having terms of use in the #Reasons for the New Terms of Use section... falsely implying that there are not already terms of use in effect. Yaris678 18:04, 16 December 2011 (UTC)
I'm no expert in the translation tools either. I've left User:Siebrand a note to take a look at this discussion; as far as I know, he's the expert on how this works. -Pete F 18:53, 16 December 2011 (UTC)
Hi Pete. Responding to your request for help with the translation setup, but it is not clear to me what needs to be done based on the above discussion. The contents of the ToS or the contents of the summary and whatever warning templates would go on Terms of Use are also something I'd like to not get caught up in... --Siebrand 01:32, 19 December 2011 (UTC)
Hi Siebrand, We want to put a message box at the top of the page saying:
This will make it clear what we are doing here. Specifically, that we are not adding an extra layer of bureaucracy, we a just redrafting the terms of service that are already used. Pete thought this might cause a problem with translation and said that you should know.
Will is cause a problem in translation? Is there a good reason not to put the explanatory message box at the top of the page?
Yaris678 11:44, 19 December 2011 (UTC)

Siebrand, I think the main thing is actually a meta-question. The translate tools were recently introduced here on Meta, and clearly add a great deal of value to the places where they are properly set up; however, it seems there are few people with the knowledge to properly set them up, or to modify them where they are implemented. Could you point me toward others who may be able to help with desired changes relating to the translate tools? Or resources for learning how they work? I'm not sure what the best solution is here; while the desired result is quite simple, I don't know enough about how the underlying tools work to accomplish it. This is an unusual problem to have for an experienced wiki editor, and I'm hoping you can help bring some clarity to how these tools work. -Pete F 19:25, 19 December 2011 (UTC)

We can do a workshop if there's enough interest. I trained a few people from the fundraising team when the feature was added; I had hoped they'd used it, but they seem to have not. Using Skype group video chat (with screen sharing) or WebEx are probably the best tools. For Skype participants would require version 5 (Linux desktop doesn't have that). So let's just do that 30-40 minute training and see what comes of it? Who'll do a sign-up page? You'd have to be a meta admin at least for this to make sense, because for example Terms of use is a protected page, and you couldn't even mess with the mark-up. See translatewiki:Page Translation for some introductory documentation. The Wikimedia Localisation team is working on setting up a multi-lingual and localised structure for feature documentation and feedback, so I expect that this will get a boost within the next 4-6 weeks, too. --Siebrand 23:09, 19 December 2011 (UTC)
An instructional workshop would be very helpful, thank you! Let's start planning one here: Translation tools workshop, 2012 -Pete F 23:36, 19 December 2011 (UTC)
Thanks for setting that up, Pete. I've done my best to update the page a bit. --Siebrand 00:26, 20 December 2011 (UTC)
I like Yaris' idea re the banner (and wished I had thought of it earlier). If we want to do this, Maggie can help implement. I do note that, as the initial message on this talk page, we linked to the present user agreement and proposed this new TOS. But I agree that the banner could be clearer on this point. Geoffbrigham 18:46, 20 December 2011 (UTC)

This section has been reviewed. If there are new issues or outstanding concerns related to this, please start a new conversation. Maggie Dennis (WMF) 12:52, 30 December 2011 (UTC)