Talk:Data retention guidelines: Difference between revisions
Content deleted Content added
→Comments from //Shell: more potential private info, search terms not really optional, more examples not immediately needed |
|||
Line 51:
**:: Would it be possible to remove "optionally" and just say "Provided by a user"? [[User:Skalman|//Shell]] 09:09, 10 January 2014 (UTC)
**:::I would be fine with doing that. I think we originally added "optionally" to more clearly distinguish that kind of data from data that is collected either automatically or actively by us. But obviously, if it makes it less clear rather than helping, we can remove it. [[User:Mpaulson (WMF)|Mpaulson (WMF)]] ([[User talk:Mpaulson (WMF)|talk]]) 14:32, 10 January 2014 (UTC)
**:::: I was confused about ''search terms'' being optional, since they feel necessary to use the site, while the email address is ''usually'' mandatory, but in the Wikimedia case it's optional. So, I wouldn't mind adding back "optional" to the "personal information" one, but it's more consistent not to. [[User:Skalman|//Shell]] 19:04, 10 January 2014 (UTC)
** Do you intend to have most common data in this table, in the form of examples? It would be nice to see a ''complete'' list somewhere (though that might be asking too much).
**:The table is meant to address broad categories of data so that we address the treatment of as much data as we can in these guidelines. That said, we are going to try to improve the table (and the exceptions section) with more examples over time as we refine our practices. [[User:Mpaulson (WMF)|Mpaulson (WMF)]] ([[User talk:Mpaulson (WMF)|talk]]) 01:21, 10 January 2014 (UTC)
**:: It would be nice to have as many examples as possible, so I could imagine that there was a long list in this table, but collapsed by default. [[User:Skalman|//Shell]] 09:09, 10 January 2014 (UTC)
**:::I agree. The hope is that we will gradually expand the guidelines with more examples over time. I will talk to people internally and see what additional examples (if any) we can add now though. I imagine if the table gets unwieldy, we'll experiment with formatting so that it's as easy-to-read as we can make it. [[User:Mpaulson (WMF)|Mpaulson (WMF)]] ([[User talk:Mpaulson (WMF)|talk]]) 14:20, 10 January 2014 (UTC)
**:::: Great. Since there are already examples that feel representative, it's not a big deal, but it'd be nice to eventually have an almost complete list. [[User:Skalman|//Shell]] 19:04, 10 January 2014 (UTC)
* <u>Definition of personal information</u> (good job!)
** I can think of a couple more items to put in (b), though I'm not sure if it's necessary: (current) city ''(clarification: which is different/broader than address)'', marital status, family ties
**::I added "marital and familial status" to the definition. I'm checking internally whether it makes sense to add current city. [[User:Mpaulson (WMF)|Mpaulson (WMF)]] ([[User talk:Mpaulson (WMF)|talk]]) 18:41, 10 January 2014 (UTC)
**::: I was thinking about city, since that something you can "easily" get from an IP address, but street address is not.
**::: Of course there's lots of other private information, but maybe it's unnecessary to add that, since I don't see how Wikimedia would get the info: income level/economic situation, level of education, profession, current job situation, hobbies/interests (though interests could be gleaned from what pages a user visits).
**::: There's also the user-agent info: OS/browser version, browser language(s), screen size etc. which websites almost never make public, but which could potentially uniquely identify a user over multiple websites[https://panopticlick.eff.org/]. [[User:Skalman|//Shell]] 19:04, 10 January 2014 (UTC)
* <u>Exceptions to these guidelines</u>: ''"Data may be retained in system backups for longer periods of time."'' Is there any restriction on how long those backups can exist? Would it be possible, for instance, to delete, aggregate, or anonymize them after at most 5 years?
* <u>Design of new systems</u>: ''"inclusion of privacy considerations in the code review process"''. Would this be added to some checklist, or is it just a general guideline?
| |||