[WikiEN-l] Re: Wikipedia privacy

[Toby Bartels]

koyaanis qatsi wrote:

>Oh, it's not hypothetical at all; they'll even
>"detain" (or, more properly, "disappear" [and q.v.
>Argentinian history for those not understanding that
>term]) people for something as innocuous as
>contributing to certain charities.  It happened
>recently with an Intel employee.

All the more reason that we should not give people the impression of anonymity
when their IP addresses are, in fact, being logged by us indefinitely.

>I'd argue that now is the time to be proactive, while
>it's still legal.  I think it woul be great to encrypt
>*all* IP addresses in the database, and to *chronjob
>scrap server logs every 24 hours.

Despite what I've said in other posts, I actually agree with you.
But this is a significant undertaking, to consistently attempt to
provide secure anonymity for our contributors.  I will support it ...
... BUT, until it's done, we should make IP addresses visible
and make it clear on the every edit page that contributions
are NOT anonymous yet.

IOW, you're proposing to change the reality, and that's fine with me.
But I am proposing to insist that reality match appearances.
Indeed, regardless of whether IPs are encrypted in the database,
whatever's in the database should be shown publicly.
If that's an encrypted ID, great -- we have anonymity.
If that's not encrypted, then people realise that they're not anonymous.
The fundamental principle to avoid fooling people --
which is actually a basic wiki principle in general --
is to make the information in the database publicly available.
Then if we want to provide anonymity -- and it is a good idea --
then the only way to give even the *appearance* of anonymity
is to actually provide anonymity in *reality* -- by encrypting IPs
before putting them into the database, as you suggested.


-- Toby