Tuesday 1 May 2007

Nonpublic data resolution

I'll open with the standard disclaimer that IANAL (JALS).

All Wikimedia volunteers for tasks which involve access to nonpublic data (stewards, checkusers, oversighters, OTRS volunteers, developers), a group that happens to include me and many other Wikimedians, now need to identify themselves to the Foundation, and be of the age of majority in whatever jurisdiction they live in, following this resolution from the Board of Trustees. In many ways the resolution is a companion to the privacy policy.

The idea was suggested by Anthere about a month ago and developed over the days following (although it has been mooted before, and was raised most recently in the context of the validating credentials debate). It seems that the resolution was passed in the middle of April, but the process of collecting information from people is just beginning.

I think it's definitely a positive development. However, it's interesting to take a closer look at the reasons behind it; there are two threads to the rationale which are seemingly running in opposition.

The first part of the rationale is an ethical consideration (one might put it more crudely and say that it's a PR consideration), and revolves around cultivating and strengthening both the internal culture and the external perception of the Foundation as a responsible organisation. In this respect it's essentially about allaying common fears, because the volunteers who currently fulfil these tasks are for the most part eminently trustworthy people. It's about underlining for the public's benefit that we take these things seriously.

The second part of the rationale is based on legal considerations; essentially, as Kat says, "we wish to be able to say who is responsible for handling this information to ensure that volunteers can be held accountable for their own actions."

Delphine put it more bluntly:

"...people who have [access to this information] are trusted with information that could mean they end up in court one day, whether to testify for or defend the Foundation. As such, they should have the capacity to act without the consent of their parents."

Perhaps a better expression would have been to act without requiring the consent of their parents :) Nevertheless, the idea that Delphine was getting at, that these volunteers need to be of the age of majority so that they can be legally accountable for their actions (to the fullest extent possible) is the crux of the matter.

sj expressed this well:
" 'This is a very important role' is not a reason to discriminate based on age. 'This is a role that requires being responsible' is likewise not appropriate. 'This is a role that requires being legally accountable for one's actions' is..."

...even though (at the time, at least) he was unconvinced of the necessity of the change.

Essentially, the legal rationale is that these various types of volunteers should be fully legally competent in their jurisdiction, so they can be as legally responsible as possible - thus insulating the Foundation against them to a certain extent.

The reason I say that the two rationales for this policy change are seemingly in opposition is that the first, the ethical consideration, is about bolstering (the image of) the Foundation as a responsible organisation that deals with this information in a professional way. The legal consderation, however, revolves around isolating the volunteers from the Foundation. It's essentially about making sure that they're legally competent so that the Foundation's liability is limited as much as possible.

I should emphasise that I agree with the resolution, I just think it's interesting to observe this cross-current in the rationale.

0 comments:

Post a Comment