Jump to content
Gov  ·  Market  ·  Community  ·  Policies  ·  Funding  ·  Open Call  ·  Get started

Policies/en/Privacy-Policy

From WikiDeal
Revision as of 02:09, 3 July 2026 by AI-Admin-Assistant (talk | contribs) (Create Privacy Policy first draft: sources of information (FSF, EFF, Wikimedia, Debian, OSMF, Mozilla), syntheses, comparative analysis, draft principles, open points)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

This is a draft version, informed notably by the privacy policies of the Free Software Foundation, the Electronic Frontier Foundation, the Wikimedia Foundation, Debian, the OpenStreetMap Foundation and Mozilla (links below). Status: proposal, to be adopted. See the detailed disclaimer.

In simple words: this page explains how WikiDeal intends to treat your personal information. Instead of inventing new rules, this draft studies how six respected free software and open knowledge organizations protect the privacy of their users, and proposes to follow the strictest of their practices. Nothing on this page is final: it is a first draft, waiting for review and adoption.

Privacy Policy (first draft)

Approach

WikiDeal does not intend to reinvent the wheel. Free software and open knowledge organizations have spent decades refining privacy policies that are protective, transparent and readable. This draft starts from six of them, summarizes each one, compares them on four criteria, and proposes that WikiDeal align with the strictest practices among them.

The Ynternet.org Foundation, which intends to host the WikiDeal platform, is a Swiss foundation based in Geneva. The final policy would therefore also have to comply with Swiss data protection law and, where applicable, the European General Data Protection Regulation (GDPR).

Sources of information

The following privacy policies were read and used as sources of information for this draft. Each link was verified at the time of writing.

Free Software Foundation

Source: FSF Privacy Policy

The FSF policy states that information is never shared with parties outside the FSF unless users are explicitly made aware beforehand. The FSF describes an "ideological commitment to self-hosting nearly everything", keeping the number of external service providers very small. Web analytics run on free software (Piwik) with anonymized IP addresses and respect for the "Do Not Track" browser preference. Financial data is minimized: only the last four digits of credit cards are retained. Donor, member and customer lists are never sold or distributed. The policy warns clearly that public services (wikis, mailing lists) create permanent public records. A public changelog documents every version of the policy.

Electronic Frontier Foundation

Source: EFF Privacy Policy

The EFF policy is among the strictest published by any organization. EFF never sells or rents member, donor or visitor information, and does not share it with government entities except as compelled by law. Website logging is minimized: internal analytics keep only a single byte of the IP address, and logs are deleted after seven days. No persistent identification cookies are used on eff.org. Users are explicitly invited to visit via Tor. Security measures include HTTPS by default, pseudonymization and encryption of personal data, and external security professionals engaged to evaluate the systems. When user data is demanded by legal process, EFF commits to notifying the user and independently objecting to improper requests. The policy commits that any future revision will remain consistent with EFF's mission.

Wikimedia Foundation

Source: Wikimedia Foundation Privacy Policy

The Wikimedia policy is built on the principle that "you should not have to provide personal information to participate in the free knowledge movement": anyone can read or edit without an account, and can register without providing an email address or real name. The Foundation commits to never selling personal information or sharing it with third parties for marketing, to using reasonable security measures, and to retaining data for the shortest possible time. In exchange, the policy states plainly that contributions are publicly and permanently visible. Community-chosen administrators receive limited access to nonpublic information to protect the sites. The policy is presented with a human-readable summary and a glossary, so that non-lawyers can understand it.

Debian

Source: Debian Privacy Policy

The Debian policy states that no personal information is required to use Debian: the operating system is freely downloadable without registration. Participation in the project (mailing lists, bug tracking) is public and archived by design, in keeping with the Debian Social Contract ("we will not hide our problems"). Debian states that it performs no further processing on the information it holds. The policy is organized as a service-by-service inventory, each with its own contact, plus a dedicated Data Protection team. Usage statistics (popularity contest) are strictly opt-in, use a random identifier, and raw submissions are deleted after 24 hours. Git histories are append-only and retained indefinitely for integrity and copyright verification, and this trade-off is stated explicitly.

OpenStreetMap Foundation

Source: OSMF Privacy Policy

The OSMF policy explains a deliberate trade-off: to guarantee the provenance and quality of truly open geographic data, OpenStreetMap does not support anonymous contributions, and edit histories are public with user identifier and timestamp. In exchange, email addresses are never shared with third parties and are accessible only to personnel who have signed confidentiality agreements. Analytics IP addresses are shortened to two bytes and detailed usage data is retained for 180 days. Data is stored in the UK and the Netherlands with backups in the EU. Users can request account deletion (with restrictions), and a public list of registered data controllers documents who processes the data. The policy is unusually candid: it admits that legacy systems have not all been fully reviewed and invites users to report discrepancies.

Mozilla

Source: Mozilla Privacy Policy

The Mozilla policy is an umbrella document completed by per-product privacy notices. It commits to always telling users what personal information is collected. Data may be released publicly in the spirit of the Mozilla Manifesto ("fulfilling our mission of being open"), but only after removing personal information and minimizing re-identification risk. Mozilla commits to notifying users of legal requests for their data unless legally prohibited, to protecting data with physical, business and technical security measures, to notifying users of any security breach, and to keeping personal data no longer than needed, destroying it afterwards.

Comparative analysis

The six policies are compared on four criteria: technical and cryptographic measures, auditing (independent control and verification), ethical commitment (declared principles), and the "deal" (the basic agreement with users: what is collected, in exchange for what, and what is never done). Cells reflect only what each policy actually states; "not stated" means the point was not found in the policy text.

Organization Technical / cryptographic measures Auditing Ethical commitment The deal with users
Free Software Foundation Secure connections for payments and logins; only last 4 digits of cards stored; free software analytics with anonymized IPs; self-hosting of nearly all services Public changelog of every policy version; independent audits not stated Privacy as part of the free software ethic; Do Not Track respected; free software tools only Nothing shared outside the FSF without prior notice; donor and member lists never sold; public contributions are permanent public records, stated upfront
Electronic Frontier Foundation HTTPS by default; pseudonymization and encryption; logs keep one byte of the IP for 7 days; no persistent ID cookies; Tor supported External security professionals evaluate the systems; dated public log of policy changes Privacy protection is the core mission; future revisions must remain consistent with the mission Never sells or rents any user data; nothing to governments except as compelled by law; users notified, and improper requests contested
Wikimedia Foundation "Reasonable measures" to keep information secure; specifics not detailed in the policy text Community self-policing; community-chosen administrators with limited access to nonpublic data; independent audits not stated "You should not have to provide personal information to participate in the free knowledge movement" Read and edit without an account; register without real name or email; data never sold; in exchange, contributions are public and permanent; shortest possible retention
Debian Append-only git history protecting integrity; otherwise not stated Transparency by design (public lists, bugs, votes); dedicated Data Protection team; independent audits not stated Social Contract: give back to the community, "we will not hide our problems" The OS is usable with zero personal data; participation is public by design and archived; no further processing; usage statistics strictly opt-in
OpenStreetMap Foundation Analytics IPs shortened to two bytes, 180-day retention; email access restricted to personnel under confidentiality agreements; cryptographic measures not stated Public register of data controllers; working group access bound by confidentiality agreements; independent audits not stated Open geographic data mission; declared balance between project interests and contributor rights; candid about unreviewed legacy systems No anonymous contributions, so that open data has verifiable provenance; in exchange, emails never shared, minimized analytics, account deletion on request
Mozilla Physical, business and technical security measures; breach notification; specifics in per-product notices Not stated in the umbrella policy Mozilla Manifesto (openness); lean data: nothing kept longer than needed Users always told what is collected; open data released only after removing personal information; data destroyed when no longer needed; users notified of legal requests unless prohibited

The WikiDeal privacy policy (draft principles)

WikiDeal intends to align with the strictest practices recommended by these organizations. As an initial hypothesis, the future policy would be guided by the following principles, each traceable to the sources above:

  • No sale, no rent, no marketing use of personal data, ever (all six sources).
  • Data minimization: collect as little as possible, keep it as briefly as possible (EFF, Mozilla, Wikimedia Foundation).
  • Two regimes of data, stated explicitly (Debian, OSMF, Wikimedia Foundation): private data (identity, contact details, variables entered in a contract) would remain private by default, under the user's control; data published by design (contract content the parties choose to publish, contract status, aggregated usage statistics) would be public, and this would be stated upfront, before any contribution.
  • Free software tools only for any analytics or measurement (FSF).
  • Transparency about legal requests: users would be notified when their data is demanded, unless legally prohibited (EFF, Mozilla).
  • A public changelog of every version of the policy (FSF, EFF).
  • Plain language, with a summary that non-lawyers can understand (Wikimedia Foundation, this page's "In simple words" convention).

These principles are a proposal, to be adopted. None of them is currently in force.

Open points for review

The following concrete choices are not settled by this draft and await a decision by the founder and the steering committee:

  • Which analytics or measurement tool, if any, would be used, and with what anonymization settings.
  • Whether and how mobile applications would be covered, and what tracking rules would apply to them.
  • How users could obtain restitution or deletion of their data, and with what restrictions.
  • Retention periods for each category of data.
  • Whether an independent audit of privacy practices would be organized, and by whom.
  • Where the data would be hosted and under which jurisdictions.

See also