Privacy policy/IT guidelines
People interacting with Wikimedia UK (members, board members, donors, staff and partners in general) deserve absolute privacy in their exchange with Wikimedia UK. As long as the contrary is not clearly announced, the data are private and should not be communicated to a third party. This principle, which is mandatory to achieve trustful relationships, is supported by a few legal texts[1] and policies. Wikimedia UK wants to be exemplary and does its best to have high privacy protection standards.
As most of our communications and data are digitized, the IT is in the middle of the privacy challenges. Our data have a high value. Recent history has shown us private companies and states trying to gather as much information as possible in a pro-active and systematic manner. Although it would be presumptuous to pretend fighting efficiently against intelligence services targeted actions, there are a lot of things which can be done to guaranty a high level of protection. Therefore, our information solutions need to be thoughtfully architectured to support our privacy standards.
We are aware that data protection has a cost in term of resources and that our resources are limited. Moreover, we are conscious of the fact that all the data do not have the same value and that differentiated approaches may be needed. We are also aware that we face a fundamental dilemma between security and usability. Nevertheless, Wikimedia UK is involved in a continuous improvement process to belong to a modern and as secure as possible IT infrastructure.
Dangers
- Curiosity of simple users
- Private data are available to a broader audience. A lot of common sense and a few low tech solutions are enough to fight it.
- Malicious computer attacks
- Attacks of computer experts. This is certainly the most complicated incident to fight, usually requiring the response of security experts.
- Network surveillance
- Monitoring and surveillance of the networks. Using strong encryption for our exchanges is the first and most common measure to fight this. Using open-source software is another one.
- Activity surveillance
- The most common source of data leak. This is mostly operated by services, including websites, that do not charge. To fight this, we should try to replace them (or provide an alternative) as much as possible by our own services or pay services offering high privacy protection. In the worst case, we should well inform our users.
- Stored data leaks
- Storage providers copy/analyse the data for their own usage or sell/communicate them to third parties. This is a big problem with US based services, especially the free one. To fight this, preferably use (in this order) our infrastructure/UK based/paid servers. Encrypting the data is also a good approach.
Solutions
We are facing many dangers and data might leak in a lot of different manners. The goal is not to provide a solution able to fix all the potential issues, but to have some tools/guidelines to improve the overall infrastructure and assure at middle term a good level of privacy protection. Here are the recommendations:
- Push communication encryption
- Reduce use of "free" services
- Reduce use of US based services
- Push free software
- Push storage encryption
Continous improvement process
The process of improving the overall privacy protection by adapting/rethinking our IT solutions is a long term and ongoing process. This process will be driven within the Technology Committee and based on dialogue between users and solution providers. The tech community coordinator is responsible for driving this effort. Service providers are responsible to make improvement propositions, provide the tech community and users with all the information necessary to make a decision.