I'm struggling to find ANYTHING related to how MediaWiki will be updated for GDPR compliance.
I really don't want to have to remove my wiki, but I can't find anything to help with this.
Topic on Project:Support desk
You could explain why exactly you think that you'd have to "remove your wiki" because of which specific aspect of the GDPR.
In how far should MediaWiki be affected by the GDPR? MediaWiki only is a tool, which allows putting arbitrary data in it. MediaWiki itself however does not contain any restrictions, what kind of data that might be and for the developers of the MediaWiki software it is impossible to control, what a single installation might be used for.
The users are responsible for the content they are putting up in their wikis. This content then could be affected by the GDPR. However, this data also would be affected, if put up inside a different tool, e.g. inside a WordPress blog or inside a Drupal installation.
My concern is how personal data, once saved in MediaWiki, can be removed after a personal request. The "eternity" of revisions, the ability to "never forget" is a main topic for with MediaWiki. In Drupal and in WordPress you would delete a node or a post, and the content is gone. As we all know wikis work different. Maybe how wikis work is as a concept itself non-compliant with the GDPR, we'll see.
Moreover, WordPress releases these days a new version, where users have the ability to request a copy of all of THEIR special content provided to a certain platform and are able to download their "contribution package" afterwards. What will Mediawiki do, if a contributor does a request like this, pointing to GDPR?
This is how MediaWiki is affected by GDPR.
What a website running MediaWiki does in response to a GDPR request to delete information or request a copy of all information depends on the owner of the website and his/her jurisdiction. MediaWiki has no easy built-in way to comply.
If someone was to submit a request to me, I'd ignore it because I'm in the US and despite what the EU claims, I'm not subject to any laws but US laws. All foreign court orders can be ignored too. So to Americans and others outside the EU, the GDPR really is a non-issue.
> So to Americans and others outside the EU, the GDPR really is a non-issue.
The "non-issue" part, sort of depends on if you want to be able to set foot in the EU at some point later in your life. Just something to consider.
The problem i see is that mediawiki stores user attributes and does not give the user control of how the attributes are used. Consider just the user name - it is attached to every edit made by the user. The user has no ability to remove any of those references.
It might be sufficient if the user was told of this limitation at the time that they selected their username.
I too was looking on finding any information whether MediaWiki is GDPR compliant and whether the privacy statements needs to be changed. Even Wikipedia doesn't seem up to the par regarding this topic (somebody raised the issue back in February on the Wikipedia Mailing list), see https://www.quora.com/In-GDPR-what-will-happen-with-sites-like-Wikipedia-regarding-the-EU-regulation-in-terms-of-personal-information and https://lists.wikimedia.org/pipermail/mediawiki-l/2018-February/047224.html
Another issue could be that the account e-mail addresses are stored in MySQL databases unencrypted/in plain text.
This post was hidden by 196.72.158.67 (history)
No, the problem is not that email addresses are stored, the problem arises if a user wants his data deleted or handed over. No consent is eternal due to GDPR, if you need consent from users to save their data, they have the right to revoke at any time.
How do you propose enforcing such a "right" against a foreign website outside the EU's jurisdiction?
Every user can delete his or her email adres, simply by blanking it in the preferences. E-mail addresses are not required in MediaWiki.
Also, with regard to Wikipedia, when people use the site, they release their contributions under a license, which you could consider to be a legally binding contract. Now in the EU, if I go to a company, and tell them i want them to delete all their contracts with my name in them, i'm pretty sure that even under GDPR, you can pretty much ignore this.
Now I realize that not everyone has a WMF type of setup. However. Mediawiki is a tool and it has no requirement on you to make it 'easy' to comply with GDPR. If you need to go into the database to blank the text of a revision, well you can do that, no problem.
The user is able to remove the consent by entering in their Special:Preferences and unset the email AFAIK
I'm not a lawyer but was appointed DPO by my company and I spent the last weeks and months with this topic:
- Old, existing laws (like the Cookie policy) are still applicable when GDRP become effective (as it has been for the last two years). So if your Wiki's server is located in the EU and/or you are catering to EU based users, you may want to use Extension:CookieWarning, if you aren't already. Text of warning/explanation may have to modified accordingly.
- GDRP demands implementation of "appropriate, cost-effective controls" to protect the personal data of EU residents. It's still debated whether GDRP demands encryption, per se. Text uses words "such as encryption", "may include encryption", "as appropriate (...)pseudonymisation" etc. so this are more suggestions than a demand For SEO reasons and because Google Chrome will marks web pages without SSL/TLS certs as "not secure" soon, you may want to use a SSL certificate for your wiki anyway. Maybe your hoster can offer free Let's encrypt certs?
- If your wikis' SQL DB is breached, you have to inform authorities and your users which information wereaffected/stored (usually IP address for all editors) and e-mail address, user names First and last name if you request them from your user for logged users) (see GDPR Article 34).
- You may want to ask your users whether they are older than 16 years upon sign-up or if they have the consent by their parents.
- I would update the wiki privacy, if not done already, that IP address (for all editors), E-mail addresses and User names (for registered users) are stored which is technically required for tracking and roll back of edits and that user agree to that upon sign-up or editing your wiki, that who they have to contact if they want to have their account deleted.
- I would add the part with unset e-mail as mention above. Since an e-mail address is not required for registering this may only affect wikis that use emailconfirmed for editing privileges (for example for Anti Spam measures, YMMV).
- I would also add the name of an Admins/Mod(s) on the privacy article in case somebody wants information about their stored data. I would add link how they can close their account.
- Also add which data protection legal authority is responsible for your country/(or federal state like in Germany), this is also required by GDPR,
There was a workshop at the Wikimedia Hackathon 2018 in Barcelona.
Here you can find the task at phabricator: https://phabricator.wikimedia.org/T194901
And here is the documentation of the workshop:
- Public YouTube stream on MediaWiki channel: https://www.youtube.com/watch?v=uxTIpr4Ybcg
- Slides: https://docs.google.com/presentation/d/1TYbJoZ8SRUe_37mYjIvnVDwpyrrpUNwk6d7ShG3A7Bk/edit?usp=sharing
- Etherpad: https://etherpad.wikimedia.org/p/gdpr
Let me just make up an example:
First we assume you have to act according to GDPR.
A user of your wiki has put the full name and address of a random person into your wiki. After this has happened,
- new revisions of the page have been created and
- say the page has been moved (= published at another URL).
The affected person now
- wants to have a copy of all the information you are storing about him/her. And
- he wants to have all this data removed.
How can this be done?
I think this is a bit of a fallacy. This discussion depends much more on what you are doing with the technology than on the technology you are using. And i'll show you why: How do you do the same, for an article the LA times has written on someone ?
Good luck finding all instances of that one specific person (who shares a name with many other people) among all the people that the LA times has ever written something about.
Some things are just hard. And since the wiki is designed as a general, public, publishing tool this problem you posed, is in this case hard. I understand looking for an easy solution, but to some degree, this is like asking a manufacturer of a book press to solve your GDPR problem.
Please see also: GDPR (General Data Protection Regulation) and MediaWiki software
Sorry I am a bit confused. In my case, just registered users entered manually by the administrator can contribute. As far as I know, under GDPR they should give permission to store their data - personal names and emails in this example, we don't have anything else. It would be great it they can tick a "consent" box when they log in for the first time, but I am bit lost. What do you think I should include?
@Antonioagar1 This depends more on how you got these email addresses to begin with. You should gather that consent at the moment you collect the email address, not when you create the account for them. Now to retro actively do that now, since you didn't do it before, THAT I can understand, but you can write your own extensions for that of course.
I'm just slightly annoyed here by all these companies that apparently use open source software for their business, don't contribute to the product, and now that you have a problem with how you run your business, it needs to be solved for you, by volunteers here, so that you can keep running your business. I don't mean to offend, but that is sort of what it feels like from this side of the aisle.
@TheDJ Hi, thanks a lot for the response. You are right, I actually have the email-written consents of the contributors. I think I am a bit paranoid with all the GDPR stuff, but I am just fine.
Another point is that you are annoyed, as you well point out. I totally agree with you, nevertheless I think there are a lot of different situations depending on who is using the open-source (I believe this is not the right place to open this topic, but anyway...). We are a social organisation with no IT budget at all, therefore with none IT skills in-house. We are delivering as we can. We would love to have people coding extensions, but we don't get funding for that, even though we tried to ask to several donors. If we were a company and we have the budget, we will contribute for sure. I believe open source is providing a lot of opportunities for different organisations and individuals around the world which otherwise will not be able to provide their service. BUT, of course, there are companies which are taking advantage of that, in which I totally disagree and it makes me understand your side of the aisle.