A Proposal for Wikimedia's New Privacy Policy and Data Retention Guidelines

Translate this post

Shields, circa 1870

Privacy policies play a vital role in protecting the privacy of users. At the Wikimedia Foundation, our Privacy Policy is particularly important to us, because it is a key way we protect our users and reflect their values. It also has a broad impact, because it protects and governs the information of over twenty million registered users and 490 million monthly unique visitors.
Our current Privacy Policy was approved by the Wikimedia Board of Trustees in October 2008 and has not been updated since. Given the growing concern over privacy, especially on the internet, it is important to have an updated policy which reflects both technological advances and the evolving legal issues surrounding new technology.
So, almost eight months ago, we started a conversation with the Wikimedia community about key privacy issues. Based on that conversation, we crafted a new draft Privacy Policy and introduced it to the community for feedback about five months ago. And, thanks to that feedback, we created and discussed Wikimedia’s first Data Retention Guidelines. Today, we are closing the community consultations on the new draft Privacy Policy and Data Retention Guidelines. [1]
The new proposed Privacy Policy will now be presented to the Wikimedia Board of Trustees for review before its next meeting in April 2014. If approved, it will replace the 2008 Privacy Policy.
We would like to thank the many community members who participated in the discussions. The new proposed Privacy Policy and Data Retention Guidelines would not be what they are today without your help. (You can actually see the changes to the drafts in the Policy’s and Guidelines’ wiki revision histories that happened as a result of your feedback!) We received hundreds of questions, comments, and suggestions. In fact, the discussion on the Privacy Policy, along with the related Data Retention Guidelines and Access to Nonpublic Information Policy (whose consultation is also closing today) totaled approximately 195,000 words, making it longer than the Fellowship of the Ring! Together, we have created a transparent Privacy Policy draft that reflects our community’s values.

We’d like to go over some of the ways that our new proposed Privacy Policy differs from our old Privacy Policy (the “2008 Policy”). One thing that has not changed is our goal of collecting as little information as possible, but we have made a wide variety of improvements to strengthen our commitment to users, including:

  • More detail and transparency. Our old Privacy Policy did not provide a great deal of specific information about what kind of data we collected or how we collected and used it. The new proposed Privacy Policy and Data Retention Guidelines explain these points in detail, so that users have a better understanding about their privacy on Wikimedia Projects.
  • The permitted use of different types of technologies. The 2008 Policy covered IP information and cookies. The new proposed Policy, on the other hand, explains how information is collected from mobile devices, tracking pixels, JavaScript, and “locally stored data” technologies, so that we can improve the Projects.
  • Never selling user data. The 2008 Policy doesn’t mention this. While long-term editors and community members understand that selling data is against our ethos, newcomers have no way of knowing how our Projects are different from most other websites unless we tell them. The new proposed Policy spells out that we would never sell or rent their data or use it to sell them anything.
  • New glossary and FAQ. The new proposed Policy includes a glossary that helps users familiarize themselves with wonky technical terms such as API and metadata. It also includes an FAQ to help users understand details about Wikimedia Sites, our privacy practices, and data collection technologies. For example, the FAQ provides examples of the types of technology we use to collect data, and explains to users how they can limit some of the information that is collected about them.
  • Inclusion of new activities. We started new projects and features (like notifications, surveys, and feedback tools) after the adoption of the old Policy, so unsurprisingly the old Policy doesn’t address them. The new proposed Policy explains how notifications are used and how you can opt out as well as how we may use information collected in surveys.
  • Limited data sharing. The old Policy narrowly states that user passwords and cookies shouldn’t be disclosed except as required by law, but doesn’t specify how other data may be shared. The new proposed Policy expressly lists the limited ways in which all data may shared, including with our essential volunteers. It permits providing non-personal data to researchers who can share their findings with our community so that we can understand the Projects and make them better. We have also added a Subpoena FAQ as a resource for users to learn about subpoenas generally and what they can do in the unlikely event their information is subject to a subpoena.
  • Scope of policy. The 2008 Policy states its scope in general terms, which could be confusing or ambiguous. The new proposed Policy explains in detail when the Policy does and doesn’t apply.
  • New Data Retention Guidelines. While not formally part of the new proposed Privacy Policy, for the first time, we have a formal document, drafted in close consultation with engineering, outlining what our data retention practices are and should be. In creating these Guidelines, we tried to be as thorough as possible in specifying how long particular types of personal information will be kept.

The proposed Privacy Policy and the Data Retention Guidelines are the result of an organization-wide effort — staff from many departments helped us create these documents, and we would like to thank everyone who participated. In particular, we would like to thank Erik Möller and the entire engineering team for their continued support and participation throughout this process.
Michelle Paulson, Legal Counsel
Geoff Brigham, General Counsel

  1. Although we are closing the formal community consultation on the Data Retention Guidelines, we welcome community members to continue the discussion. The Guidelines differ from policies in that they do not require approval from the Board to be implemented and can be continually updated and improved. We intend for these Guidelines to evolve and expand as time goes on.
    * So many people helped us on this project. Special thanks go to Toby Negrin, Luis Villa, Dario Taraborelli, Roshni Patel, Megumi Yukie, James Alexander, and Jorge Vargas, without whom these privacy documents and consultations would not have been possible.

    Archive notice: This is an archived post from blog.wikimedia.org, which operated under different editorial and content guidelines than Diff.

    Can you help us translate this article?

    In order for this article to reach as many people as possible we would like your help. Can you translate this article to get the message out?

Inline Feedbacks
View all comments

Thank-you for undertaking this work. It serves as an example of “Transparency” for others to follow. Detail like this allows an organization to show genuine respect towards customers. (“We value your privacy” may have once been genuine, but is now rhetoric.)

I hope this means that no one can change or alter the information provided by wiki.

Did the project team take account of the current case involving Google and it’s hosting of out of date information that might affect individuals?

“We value your privacy” should be read as “We have placed a value on your privacy, and we sold it at a profit.”

Muchas gracias por comunicarnos sus políticas de privacidad y seguir manteniéndolas, para que nosotros los usuarios somos los beneficiados. Son un ejemplo a seguir

Wow. Impressive. Wikimedia is leading by example. Never selling the little bit of info I share & you collect is a big one to me. It’s gotten to the point where I’m wondering if & how I should copyright & trademark my name & other personal info.

La trascendencia sin precedente de este proyecto es patente. Es como un sueño de la alfombra voladora, pero en el terreno de la ciencia y la técnica. El carácter multidisciplinario y plural, y al mismo tiempo objetivo en la construcción de contenidos no debe ser afectado, idealmente. Tampoco el carácter gratuito (No profit)aunque yo he colaborado modestamente (minúsculas cantidades de dinero) y estoy dispuesto a seguir colaborando, según mis posibilidades. Este proyecto ya es fundamental para la humanidad. Me gustaría colaborar con información de mi región y país, pero lo haría sólo en temas en los que pudiera aportar algo… Read more »

Entiendo que Wikimedia sea mejor que Wikipedia, si seria mas mejor que sea privado y no en publico. Servira un mejor ejemplo que tenga mejor información en Wikimedia que en Wikipedia y que tenga los mismos idiomas o mas mejores y nuevos idiomas que los idiomas anteriores. Puede que eso sirva como un mejor ejemplo de transparencia para que todos en los países del mundo en Sudamérica, Norteamérica, Europa, África, Asia y Oceanía (Australia). Puede que sea un mejor detalle como que este Wikimedia permita que la organización muestre el verdadero respecto hacia todos los clientes de todo el mundo… Read more »

The main reason I use wikimedia is for educating myself on different subjects ! I don’t use it very often,but when I do you seem to have the most useful facts on the ole inner web . Today I was searching for some army & navy info on my Uncle and Dad .I have a few unanswered questions and they’re both passed on,so it being Memorial Day I thought I would try and get a little information. But with everything going on in this world of ours this day and time you can’t be to careful!!! I understand completely. Thank… Read more »

I am not trusting of this site automatically showing my info as public just for signing in. Google makes you pretty much have too to get other apps free. Is there a way you can avoid this? I made all private but I know a lot of people that do not know about that site and handouts with invisible listeners on your calls sms beware to all these apps are spyware & sneaky!:-*

Let me explain myself. I am learning more & more about the web. Especially since after being hacked of all my personal info in Oct. 13 I don’t know who to.hold responsible? I was simply now making a comment about Google+ note allowing you to take your name off of all”public just profile.” When you have to sign up to get better apps. I would like all my info private…thank you. I will show my first name.. My kids Uuse your site for reports but now are banned to get any info. From you for reports. Why? I was wondering… Read more »

Mr. Crout,
What do you mean?

Why won’t school allow this site for reports?

Julie Krauel – the reason your school won’t allow Wikipedia or any other web source to to be used is that they are not original data. The thing that is great about Wikipedia is that the reputable articles have footnotes. Go to them for your sources.

if you want details to be safe use pen , paper and mechanical storage. people are too lazy to “spy” or forcefully record information in books and literal files. i personally dont trust any digital information to be truly “private”. im an industrialist who prefers mechanical contraptions more so than electronically functioning technology.
i guess metaphorically when referring to technology i prefer the “indomitable divide” to the “cutting edge”.

In reference to comment 13, I hope there is still some facility for correcting wicki entries. For example I am an aviation historian with 50 years experience and a masters degree and often find, usually minor, errors.

I’m disappointed I didn’t come across this sooner. It would have been the perfect opportunity to ONCE AGAIN voice my concern and disappointment that Wiki has gone the way of our democracy; at times to the highest bidder. Suggesting a few more fixes to cure their edit process might have helped the +90% of Wikipedia that serves its purpose… As central a resource as Wiki is, it’s not quite the incredible, compounding central database it could have been. Whether it’s a policy issue or some short-coming of all wiki-s, it seems when subsequent corrections/edits don’t sit well with a special… Read more »

Wikipedia needs a better policy as regards transparency regarding the actions of its administrators. Some may be over zealous in some regards. It might be helpful for users to see statistics on administrative actions and be able to vote for which ones they value most and least with the objective of setting administrative limits, so many per week per administrator on the ones valued least.

Thank you.

Gracias por avisar

With respect to the likelihood or otherwise of a subpoena being issued against user information stored by Wikipedia, your assertion that such was “unlikely” was, I must assume, referring to the probability that any given specific user (for example, the reader of this document) would ever be subject to such. On the other hand, I’d guess the aggregate probability that some one or more users among all the wikipedia users will at some future time be subject to such subpoena is not negligible.

Some of us appreciate you all taking a clear, deliberate, and most importantly accountable policy when it comes to user security. This place in internet history is an especially murky and uncertain one, where the Utopian fools, cowboys, and salesmen have rather unflatteringly metastasised into mutually assured, multiplicitous beast. Seeded in the psychology what used to be just one of many search engines. Now obsessed with a subjective definition (and subsequent dominion) of all topology of the landscape, (to the point where many people will never understand or see beyond what has been framed for them – hypothetically: You were… Read more »

I am concerned with googles practice of listing information regarding individuals that may not be true which could damage ones reputation. Such as, information regarding disciplinary proceeding regarding an attorney that my be false without giving the affected person an opportunity to respond. Such practice should be stopped.

Un saludo cordial.
Decir que no entiendo Ingles, por lo tanto no se en que términos y condiciones va a cambiar la política de privacidad de vuestra pagina WEB, a través de la encuesta realizada, es decir que querria que se tradujera tambien al Castellano o Español. At..WIKIPEDIA…….GRACIAS

Valoro el hecho de querer aplicar una política de privacidad mas rígida pues muchos de los documentos de wikipedia contienen errores provocados por los mismos usuarios, aun así, creo que las opiniones de usuarios que si tengan conocimiento pleno de un tema en particular y observando su nivel de preparación académico, deberían de ser tomadas en cuenta para la perfección del documento sin que el mismo sea alterado directamente