office:Data access guidelines are not public, but they probably should be. They contain straightforward and sensible policies about how to protect private, sensitive data and there are a lot of benefits to publishing them:
- Making them accessible to observers who want to verify the quality of our data protection practices (including community members who want to know how their own private data is handled)
- Making them accessible to volunteers and researchers who have access to private data and need to follow these guidelines, but don't have access to Office Wiki
- Making them more discoverable for staff who already have access, because most of our data documentation is on public wikis.
- The guidelines still seem a bit like a draft in some places (but this is a good reason to finish them)
- Several of the descriptive parts are outdated, but this is a good reason to work on updating them (e.g. "This system is not yet in place, but should be in place by July 2017" or the assumption that data visualizations can only be done on local machines rather than WMF servers - this has since changed with the introduction of SWAP).
- There could theoretically be legal considerations about publishing parts of it (but in this case the non-sensitive parts should be separated and published