Page MenuHomePhabricator

Hacking: Provide a clickthrough workflow for file copyright email permissions
Open, MediumPublic

Description

The current Commons workflow for file copyright permissions requires the copyright owner to email OTRS, if unable to specify a free license for the files in a website where they are published.

File are uploaded with {{OTRS-pending}} on it, and the OTRS agent verifies the permission by replacing the template with {{OTRS received}}. Before or after the upload, often contacted by an editor, the copyright owner emails a permission to OTRS, referring to the specific works in question.

There are many problems with this:

  • The burden of writing a correct boilerplate permission is on the uploader. This does not works well in practice; less experienced users often omit some obscure but important requirement (e.g. permission for commercial reuse) and the OTRS agent has to refuse. This annoys uploaders and copyright holders and wastes the time of OTRS agents.
  • The process involves more manual work for the OTRS agent than ideal (OTRS backlogs are huge) and extra work for the uploader.
  • The software has no concept of permissions; the workflow is enforced by external hacks (e.g. AbuseFilter to prevent non-OTRS-agent users from adding {{OTRS received}}) which makes it hard to reuse in other wikis.

One solution would be to use a post-upload permission workflow with a clickthrough interface: the editor uploads the file to non-public storage, receives a secret link, sends it to the copyright holder, the copyright holder can see the image and give permission via clickthrough. The text of the permission does not depend on the editor or the copyright holder (neither of which are usually very knowledgeable about technical details of free content licensing), and OTRS agents only get involved once a boilerplate text which has been pre-approved by them is accepted.

A possible implementation:

  • When uploading via Special:Upload[Wizard], there is a checkbox "I need to request permission for this image".
  • When the box is checked, the upload goes to the permission stash (a new type of upload stash). The uploader can add license, description and other metadata, but the image is not public, does not appear on recent changes etc.
  • Unlike the normal stash, the image is still visible to anyone (not just the uploader) via a new special page Special:PermissionRequest/<secret token>. The page has a boilerplate text for the selected license; the text can be accepted via clickthrough.
  • The uploader only needs to send the link to this page to the copyright holder. After the copyright holder accepts by clickthrough another secret link is generated (along with some boilerplate text for an email message). The copyright holder needs to send that link to OTRS in email.
  • OTRS agents can verify the permission by clicking on the secret link, reviewing the permission, and clicking accept, at which point the image becomes public.
  • If the verification does not happen for a given period of time, and the image gets deleted.

The Lyon Hackathon will be a good chance to come up with initial user stories/mocks and think about the future of uploadstash.

This card tracks a proposal from the 2015 Community Wishlist Survey: https://meta.wikimedia.org/wiki/2015_Community_Wishlist_Survey

This proposal received 9 support votes, and was ranked #68 out of 107 proposals. https://meta.wikimedia.org/wiki/2015_Community_Wishlist_Survey/Moderation_and_admin_tools#OTRS_permissions_checker

Event Timeline

Tgr created this task.Feb 4 2015, 11:02 PM
Tgr raised the priority of this task from to Needs Triage.
Tgr updated the task description. (Show Details)
Tgr added a subscriber: Tgr.
Restricted Application added a project: Multimedia. · View Herald TranscriptFeb 4 2015, 11:02 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
Ijon added a subscriber: Ijon.Feb 5 2015, 3:28 AM
Rubin16 added a subscriber: Rubin16.Feb 5 2015, 3:57 AM
Qgil added a project: OTRS.Feb 5 2015, 7:53 AM
Qgil added a subscriber: Qgil.
Nemo_bis renamed this task from Provide a clickthrough workflow for file copyright permissions to Provide a clickthrough workflow for file copyright email permissions.Feb 5 2015, 8:24 AM
Nemo_bis set Security to None.

This only works for the case where the copyright owner is also able to perform the upload: do we have statistics on how common this case is?

The gist of this proposal is to keep using email for permissions, but move the content of the permission to an attachment stored on wiki. Is this really worth it? Can't we just provide a form which produces a correct email? Ideally the output of the form would just be a mailto: link with all the necessary content; but many don't know how to use email, so we might need to connect to their mailbox directly.

Nemo_bis updated the task description. (Show Details)Feb 5 2015, 8:35 AM
Nemo_bis updated the task description. (Show Details)Feb 5 2015, 8:38 AM

I think we'd also get requests for the ability to move images back into the permission stash, because some users will inevitably misunderstand or just forget to tick "I need to request permission for this image".

Nick added a subscriber: Nick.Feb 6 2015, 9:03 PM
Matthewrbowker triaged this task as Medium priority.
Tgr added a comment.Mar 2 2015, 8:56 PM

This only works for the case where the copyright owner is also able to perform the upload: do we have statistics on how common this case is?

I don't see why that would be the case.

The gist of this proposal is to keep using email for permissions, but move the content of the permission to an attachment stored on wiki. Is this really worth it? Can't we just provide a form which produces a correct email? Ideally the output of the form would just be a mailto: link with all the necessary content; but many don't know how to use email, so we might need to connect to their mailbox directly.

Email is somewhat understood as a legal tool for creating contracts, and has some value as an audit trail. Being able to show that the email was sent by the copyright holder, and the copyright holder organization being able to use the email details to figure out (for example) which employee exactly wrote it is important. So I think we need to stick with email and it needs to be sent by the copyright holder from their own mail system.

Using mailto: instead of / next to showing the boilerplate text is certainly possible; I'm not sure about the user-friendlyness of mailto: links.

Steinsplitter removed Matthewrbowker as the assignee of this task.Mar 3 2015, 10:00 AM

Email is somewhat understood as a legal tool for creating contracts, and has some value as an audit trail.

Some value compared to what? Sources appreciated. The best tool is direct publication under a free license, according to the Creative Commons website.

Tgr added a comment.Mar 6 2015, 1:22 AM

The best tool is direct publication under a free license, according to the Creative Commons website.

I'm not sure about that. What if six month later they redo their website, and another six month later they demand to know by what right do you use the image? Especially in large organizations, where employees come and go, it's easily possible that no record remains that someone gave a permission at some point.

Of course, direct publication + email is better than just email, but if someone is willing to go the direct publication route, they can just copy/paste some boilerplate text, I don't think a tool is warranted for that. But that would put most of the burden on the copyright holder (and thus decreasing the probability of success) - sending a permission email is much simpler than modifying a web page.

Also, this tool should be implemented with reusability in mind - many projects allow non-free images in which case direct publication is not an option.

Refining the workflow and creating a mockup or prototype could be a hackathon project.

Qgil removed a subscriber: Qgil.Mar 6 2015, 7:30 AM
Qgil added a subscriber: Qgil.
Ariconte removed a subscriber: Ariconte.Mar 6 2015, 8:05 AM
Steinsplitter moved this task from Incoming to Backlog on the OTRS board.Mar 12 2015, 12:38 PM
Qgil added a comment.May 18 2015, 11:12 AM

It is time to promote Wikimedia-Hackathon-2015 activities in the program (training sessions and meetings) and main wiki page (hacking projects and other ongoing activities). Follow the instructions, please. If you have questions, about this message, ask here.

Tgr claimed this task.May 21 2015, 3:31 PM
Tgr renamed this task from Provide a clickthrough workflow for file copyright email permissions to Hacking: Provide a clickthrough workflow for file copyright email permissions.May 21 2015, 9:52 PM
Tgr updated the task description. (Show Details)
Nemo_bis removed a subscriber: Nemo_bis.Jun 3 2015, 3:55 PM
Jdforrester-WMF moved this task from Untriaged to Backlog on the Multimedia board.Sep 4 2015, 6:27 PM
Restricted Application added subscribers: Steinsplitter, Matanya. · View Herald TranscriptSep 4 2015, 6:27 PM
Restricted Application added a project: Commons. · View Herald TranscriptDec 7 2015, 10:41 PM
zhuyifei1999 moved this task from Incoming to Backlog on the Commons board.Dec 8 2015, 11:55 AM
IMPORTANT: If you are a community developer interested in working on this task: The Wikimedia Hackathon 2016 (Jerusalem, March 31 - April 3) focuses on #Community-Wishlist-Survey projects. There is some budget for sponsoring volunteer developers. THE DEADLINE TO REQUEST TRAVEL SPONSORSHIP IS TODAY, JANUARY 21. Exceptions can be made for developers focusing on Community Wishlist projects until the end of Sunday 24, but not beyond. If you or someone you know is interested, please REGISTER NOW.
Restricted Application added a subscriber: JEumerus. · View Herald TranscriptJan 21 2016, 2:53 PM
DannyH updated the task description. (Show Details)Feb 6 2016, 12:17 AM
Restricted Application added subscribers: TerraCodes, Poyekhali. · View Herald TranscriptJun 9 2016, 5:31 AM
Basvb added a subscriber: Basvb.Jun 15 2016, 1:18 AM
Quiddity added a subscriber: Quiddity.

Notes:
This task has some potential, as a possible candidate for a strongly qualified Outreachy/GSoC candidate.

The planned implementation makes sense to at least one OTRS agent, but would definitely need to be verified with a larger number of other OTRS agents, before development progressed.

@Tgr is potentially willing to be the primary mentor, if his other proposed mentor project isn't accepted first.

Tgr added a comment.Sep 22 2016, 12:26 AM

Note that the linked wishlist discussion was about (part of) the same use case but a different proposal.

Scoopfinder added a subscriber: Scoopfinder.
ESM added a subscriber: ESM.Mar 10 2018, 12:04 PM

Guess I'm doing some task necromancy here, but the current file copyright pemissions workflow is a pet peeve of mine and thought that we could try to improve it somehow during next Wikimedia Hackathon.
I'm not a developer myself, but I'd like to help to make this tool and workflow better so that we don't lose so many file uploads due to a rather obscure process.

What do you think?
Pinging those users that seemed the most active in the thread & other that might be interested to know: @Tgr @Qgil @Nemo_bis @Krenair @Aklapper @Quiddity @Toniher @KRLS