|Resolved||Varnent||T201022 Third party resources loaded by wikimediafoundation.org|
|Resolved||Varnent||T201422 Wikimedia Foundation website includes Wordpress tracking pixel|
- Mentioned In
- T222089: Allow URL shortening for wikimediafoundation.org domain
T201203: blog.wikimedia.org loads external scripts
T201422: Wikimedia Foundation website includes Wordpress tracking pixel
- Mentioned Here
- T201203: blog.wikimedia.org loads external scripts
T201572: Publish Source Code for wikimediafoundation.org
https://wikimediafoundation.org/technology/ attempts to load resources from wp.com, googleapis.com and gravatar.com.
Please remove gravatar. We have removed it in the past from multiple places always for the same reasons, such as gitblit, grafana.
I agree that the Gravatar and Google resources are problematic privacy-wise and should be removed or replaced. But it also needs to be pointed out that wp.com is not a third party here - it's hosted by Automattic, like the main site wikimediafoundation.org, so loading that resource doesn't expose the visitor's IP to any additional parties. That's the same situation as on blog.wikimedia.org. When the blog was moved to Automattic's servers in 2014, particular attention was given to privacy aspects - to quote from the announcement at https://blog.wikimedia.org/2014/07/31/introducing-the-new-blog/ : "We [...] concluded that it made sense to work with a third-party host, Automattic, that has particular expertise in this area and understands our needs and values, including a commitment to free software. They have been a strong partner, working to meet our privacy standards, disabling some of their standard analytics tools and clarifying how they handle certain information. They have also altered their WordPress VIP Terms of Service to accommodate Creative Commons licenses." (Again, this is from 2014 and refers to blog.wikimedia.org - @Varnent is the expert on the current arrangements for wikimediafoundation.org.)
Minor point - Even if s0.wp.com is hosted by the same people as wikimediafoundation.org, loading resources from a shared domain like that does in theory provide some opportunities for correlating access to other domains that load s0.wp.com, beyond what can be done simply by recording IP addresses. So in principle, it could allow a wordpress to track if users visit other sites hosted by automattic even if the user's IP changes (e.g. Via third party cookies, however it should be noted that no cookies or set on that request, or perhaps more exotic tracking techniques like keeping track of TLS session resumption tickets). I should emphasize that it is extremely unlikely that they are doing this.
I would still agree that they are a privacy concern if they were third party, but as discussed above, they are not.
Got it. Even though they're not "3rd party" I still think we should remove them unless they are strictly necessary so that there's no confusion or uncertainty about it (especially with the community).
@Aklapper - Not high priority - essentially we wanted to see what impact removing them would have on the existing design and design changes in progress. However, those are far enough long now I am reasonably confident we have the info we were looking for.
We could close the ticket now, or wait until design changes go live (in the next month or so) and close it then. I am fine either way.