The policy says http://wikimediafoundation.org/wiki/Privacy_policy#Reading_projects: "page visits do not expose a visitor's identity publicly.", however the fact that a user registered on one project visited another site and the first time he/she did so are logged and viewable publicly by SUL account.
Version: unspecified
Severity: normal
I doubt that this is actually something for bugzilla (yet). That looks more like something that needs a discussion, which shouldn't happen here but on meta.
(In reply to comment #3)
How is SUL autocreation exposing one's "identity" publicily?
I read it as my user name. For example I'm [[en:User:Liangent]] and is publicly known as this username on enwiki. You can find the time I visited simplewiki for the first time.
This is not a Bugzilla bug, but a legalese discussion. You'll need to define what "identity" is in the first place (and I very much doubt it's your nickname, as this is not a "personally identifiable information").
By the way, the information in the log is does not tell when you visited simplewiki for the first time; it only says when the account was created - which happens when you log-in into the wiki for the first time or visit it while logged-in on another project for the first time (so you might have visited it a long time before doing either of this things).
If you still have any doubts about that, please contact the Foundation's LCA team at http://meta.wikimedia.org/wiki/Legal_and_Community_Advocacy/Team_responsibilities.
Closing as RESOLVED INVALID.
I think Liangent has a point, your first visit is logged if you're logged in, which is contradictory with what the privacy policy states (the gist of it being "visits aren't publicly logged"). I have passed it on to the WMF staff responsible for rectifying that.
Just as a heads-up, the Deputy General Counsel thinks no changes are necessary in the privacy policy for the following reasons: