Page MenuHomePhabricator

Forward emails addressed to privacy@wikidata to privacy@wikimedia
Open, Stalled, LowPublic

Description

privacy[at]wikidata[dot]org is currently an OTRS queue. Because the issues that are sent there can be intended for the Wikimedia Foundation's Legal / Privacy team, we'd like to have these forwarded to privacy[at]wikimedia[dot]org. The latter is a Google Group, so this will probably need to be done through the database. WMF Legal has already spoken with the OTRS administration about this.

Event Timeline

To clarify: Do you want the mail to still be in OTRS but additionally also forward to the external address or do you want it to not arrive in OTRS anymore and only be forwarded to the external address? And which database are you referring to?

To clarify: Do you want the mail to still be in OTRS but additionally also forward to the external address or do you want it to not arrive in OTRS anymore and only be forwarded to the external address?

The latter of these options; the privacy-related emails are handled directly from a Google inbox so it would make sense for this to function in the same way.

And which database are you referring to?

Sorry, I just used "database" as the general term. I don't know which database / system this information would be actioned through.

Hi @jrbs

understood! This is surprisingly complex because so far wikidata.org isn't a domain that has any special cases aliases like this.

There are 3 groups of domains:

a) domains that (already) have their own alias files (custom rules to forward specific mail addresses to others

  • wikipedia.org
  • wikimedia.org
  • wikivoyage.org
  • wikimediafoundation.org
  • benefactors.wikimedia.org
  • pr.wikimedia.org
  • wmflabs.org

b) domains that are merely links to wikimediafoundation.org so all mail aliases are identical for them

  • mediawiki.org
  • wikibooks.org
  • wikinews.org
  • wikiquote.org
  • wikisource.org
  • wiktionary.org
  • wikiversity.org
  • wikidata.org
  • w.wiki

c) wikivoyage.de -> links to wikivoyage.org

So what we could do here relatively easily is to add a rule that privacy@<any domain in group b> always gets sent to privacy@wikimedia.org.

Or we could make it so that privacy@<any domain in any group> always gets sent to privacy@wikimedia.org.

Or.. we could really make a new special case for only wikidata.org and move it from group b) to group a), but that requires a bit more work and before we do that I would really like to ask how to handle privacy@ for all the other domains.

Would you want to just have privacy@ mail for ANY of our domains and have NONE of them be sent to OTRS anymore in general? Would that also be the understanding of existing OTRS users/admins?

Thank you for the detailed breakdown here! Let me ask the Privacy team what would be best for them and get back to you here. They'll probably want to talk about it as a team before we do anything.

herron changed the task status from Open to Stalled.Jul 27 2020, 8:19 PM
herron triaged this task as Medium priority.

gentle ping. any updates here from Privacy team?

gentle ping. any updates here from Privacy team?

Sorry for the delay, slipped off my radar!

Would you want to just have privacy@ mail for ANY of our domains and have NONE of them be sent to OTRS anymore in general?

Yes.

Would that also be the understanding of existing OTRS users/admins?

I raised this on the admins' mailing list and did not get objections, though I am happy to send a link to this ticket to them to confirm that is the case.

I am happy to send a link to this ticket to them to confirm that is the case.

{{done}}

Dzahn changed the task status from Stalled to Open.Jul 29 2020, 6:12 PM

@jrbs @Emufarmers I just made the change to the wikimediafoundation.org template (and wmflabs.org).

This means you should now receive privacy@ mail for:

mediawiki.org
wikibooks.org
wikinews.org
wikiquote.org
wikisource.org
wiktionary.org
wikiversity.org
wikidata.org
w.wiki
wmflabs.org

at privacy@wikimedia

@jrbs

So the original request for privacy@wikidata is resolved.

We can either close this ticket or talk about the domains that are not in the group above. That's up to you.

@Emufarmers I guess the corresponding OTRS queues can be disabled or removed if that's appropriate and needed.

Dzahn changed the task status from Open to Stalled.Aug 3 2020, 10:33 PM
Dzahn lowered the priority of this task from Medium to Low.

If the subject of an item is unhappy with specific information in the item about themselves, they can request the removal of specific information via the Administrators' noticeboard or by emailing privacy at wikidata.org. When the information isn't of public interest, an administrator may revision delete it. Information that's revision deleted is not visible for normal users who visit the history of a item but only visible for our administrators. In special cases where information is particularly sensitive, an oversighter may be contacted to oversight the information, so that even our administrators can't access the information from the history.
When a user sends an email to privacy at wikidata.org a new ticket will be created in OTRS. Everybody who wants to help with the handling of those requests is happily invited to apply as a volunteer for OTRS.

This needs to be updated to reflect the new recipient and whether the WMF team that now gets these emails will likewise conduct routine removal of "specific information in the item" and/or revision deletion (I would do so myself, but not sure about the second part)

@DannyS712 Thanks for pointing that out. I made this change but that just states who the new recipient is. For the second part of it i will refer to @jrbs.

@jrbs See above, is that good? Could you add more info as appropriate? I was also wondering what the best URL is to link "Wikimedia Foundation's Legal / Privacy team" to.

Just a note that I'm waiting for confirmation about the text changes before marking the updates for translation.

@jrbs Assinging over to you because it seems remaining questions are for you and this is currently stalled.

Why did this happen without seeking any input from the Wikidata community? It seems very disrespectful to invalidate the solution decided on by the Wikidata community in an RFC without consulting it.

@ChristianKl: Please provide references (a link to an RFC). Thanks.