Many know Pascal Neis' site HDYC which displays detais about an OSM
user, like first created node, activity area, edit stats and so on: http://hdyc.neis-one.org/ Today to view any stats of a user you have to login with OSM. Pascal replied to me that this is related to this discussion on the German users forum: https://forum.openstreetmap.org/viewtopic.php?id=57813 I don't like the idea how this was never introduced and discussed outside of the German forum. I think that such "privacy" measures are futile and go against the spirit of OSM - transparency. Maybe this is due to some "moral panic" in Germany revolving around privacy, just like StreetView ban - except it's made clear that your edits are public and you agree to it! Michał _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
What Michal said. Any body can download the OSM data and run the same analysis. You agreed to contribute to OSM, if you want your online footprint to be non-existant: unplug your internet. On Thu, May 4, 2017 at 3:33 PM, Michał Brzozowski <[hidden email]> wrote: Many know Pascal Neis' site HDYC which displays detais about an OSM -- 外に遊びに行こう! _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
+1 both James & Michal's comments. Thanks Michal for bringing up this undiscussed topic to the mailing list. ~~~~~~ Denis Carriere GIS Software & Systems Specialist On Thu, May 4, 2017 at 3:42 PM, James <[hidden email]> wrote:
_______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
In reply to this post by Michał Brzozowski
On Thursday 04 May 2017, Michał Brzozowski wrote:
> > https://forum.openstreetmap.org/viewtopic.php?id=57813 > > I don't like the idea how this was never introduced and discussed > outside of the German forum. So you think the German community should be required to proactively communicate any subject they discuss in German language channels to the international community? > I think that such "privacy" measures are futile and go against the > spirit of OSM - transparency. Well - HDYC is a tool offered by Pascal Neis, AFAIK it is not even open source. Pascal could turn it off any time if he wanted to and of course he can also put up constraints. If you think that is against the spirit of OSM that is up to you but don't forget that there are tons of tools based on OSM data developed and run with restricted access you never hear about. It is not really conceivable how in case of HDYC making such a tool available for all mappers based on authentification with an OSM account makes this less in the spirit of OSM than a private tool that is not even known to the public. > Maybe this is due to some "moral panic" in Germany revolving around > privacy, just like StreetView ban - except it's made clear that your > edits are public and you agree to it! Just to make this clear since there are likely quite a few people reading here who will not be able or willing to parse the discussion on the German forum - discussion there was about privacy concerns w.r.t. editing metadata, which is what is the basis of HDYC. Mixing this with the subject of openness of geodata and privacy concerns reagarding geodata (like mappers recording names from the doors of private homes etc.) is not really appropriate - two very different matters which need to be considered separately. -- Christoph Hormann http://www.imagico.de/ _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
2017-05-04 17:21 GMT-03:00 Christoph Hormann <[hidden email]>:
> On Thursday 04 May 2017, Michał Brzozowski wrote: >> Maybe this is due to some "moral panic" in Germany revolving around >> privacy, just like StreetView ban - except it's made clear that your >> edits are public and you agree to it! > > Just to make this clear since there are likely quite a few people > reading here who will not be able or willing to parse the discussion on > the German forum - discussion there was about privacy concerns w.r.t. > editing metadata, which is what is the basis of HDYC. Mixing this with > the subject of openness of geodata and privacy concerns reagarding > geodata (like mappers recording names from the doors of private homes > etc.) is not really appropriate - two very different matters which need > to be considered separately. I don't think Michał was mixing those two different matters. "Your edits are public" also means the fact that *you* edited *that particular* piece of data is public, from which someone could infer eg. where you live; it's not mixing the subject of privacy concerns with the data itself. -- Nicolás _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
In reply to this post by Christoph Hormann-2
> So you think the German community should be required to proactively
> communicate any subject they discuss in German language channels to the > international community? I think the tools are _de facto_ used by the whole OSM community worldwide, that's why I think any sort of announcement would be appropriate. I am realistic. > Well - HDYC is a tool offered by Pascal Neis, AFAIK it is not even open > source. Pascal could turn it off any time if he wanted to and of > course he can also put up constraints. Keep in mind that I don't make it appear that my requests are based on something formal, they're not. I simply hope that people will tell him they don't agree with me and two already did ;) I think it also emphasizes how open-source tools are important. There are tons of obscure analysis pages which don't have their source available. For starters, there's a little known program called ChangesetMD which allows you to load changeset and discussion metadata to Postgres. However, this is changeset only and one won't be able to do all of the analyses (bboxes alone often are inaccurate, also no info on tags). Michał _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
> So you think the German community should be required to proactively > communicate any subject they discuss in German language channels to the > international community? On May 4, 2017 4:41 PM, "Michał Brzozowski" <[hidden email]> wrote:
_______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
In reply to this post by Nicolás Alvarez
On Thursday 04 May 2017, Nicolás Alvarez wrote:
> > > Just to make this clear since there are likely quite a few people > > reading here who will not be able or willing to parse the > > discussion on the German forum - discussion there was about privacy > > concerns w.r.t. editing metadata, which is what is the basis of > > Mixing this with the subject of openness of geodata and > > privacy concerns reagarding geodata (like mappers recording names > > from the doors of private homes etc.) is not really appropriate - > > two very different matters which need to be considered separately. > > I don't think Michał was mixing those two different matters. Michał made a connection to privacy concerns regarding Google StreetView which were exclusively about the recorded data and not about the recording metadata (which Google obviously has no interest in publishing). -- Christoph Hormann http://www.imagico.de/ _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
On Thu, May 4, 2017 at 10:48 PM, Christoph Hormann <[hidden email]> wrote:
> Michał made a connection to privacy concerns regarding Google StreetView > which were exclusively about the recorded data and not about the > recording metadata (which Google obviously has no interest in > publishing). Yes, these matters are separate, but I was talking about the sentiment towards privacy and over-exaggeration of it. Hence I wrote "moral panic". I think any of us here knows how Streetview and OSM work. Michał _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
In reply to this post by Christoph Hormann-2
As Michal said, forcing login wont stop "those that want to cause harm". They will just login and harvest the data. They can also just scrape the osm data, so I dont think this is an issue with HDYC as much it is a privacy concern with OSM data itself. If you dont want to be associated with your edits: create a generic account that has nothing to do with your usual usernames i.e. AnonymousUser001 or OSMUser001 and never communicate about the work done on that account with your main profile/email. That way you dissociate yourself from that user and your social media accounts. If people cant find a link between personal identifyable info(facebook, twitter, email, linkedin) and the editing user there is no cause for alarm. Worst case they will say: Oh there's an osm user that lives in this area....so do 35 other users. Basic internet anonymity 101... On May 4, 2017 4:51 PM, "Christoph Hormann" <[hidden email]> wrote: On Thursday 04 May 2017, Nicolás Alvarez wrote: _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
In reply to this post by Christoph Hormann-2
This seems to be derailing rather fast.
The background is that we are publishing a fair amount of meta data about our contributors that could at least be seen as not totally harmless from a privacy and data protection point of view. This includes all the changeset meta data, user ids and display names in the data and last but not least timestamps, distributed in the data dumps and the website. It is currently rather simple to generate a profile for a specific editor and likely even finger print contributions over multiple accounts. Most of us, I would hope, are aware of the potential consequences and accept the risk that contributing out in the open implies, but this is definitely not universally true. It has been suggested that one possible approach to resolving this is to remove all the relevant meta data from places where it can be accessed without an OSM account (that would imply no changeset dumps, and no user-ids etc in the planet dumps, and re-working the website to only show such information to logged in users). This would have to be accompanied by a new set of ToS that would clearly lay down how such meta data can be used. Naturally the above will not stop the bad guys, but it would make it slightly less trivial to misuse OSM. Pascal, who has in the past been threatened with legal action wrt privacy issues, reacted very promptly to the discussion and implemented such a login-only access model, I don't really see how he can be faulted for that given that it doesn't limit community access at all, and he is fully responsible for what he is publishing. Now the other aspect is the upcoming (2018) changes in privacy regulations in the EU. They will undoubtedly impact any such discussion and future policy and the LWG has budgeted a fair bit of money exactly to investigate and potentially implement any such required changes, which could very well include all of above and more. Personally I'm not very happy with the concept of reducing the availability of contribution meta data as it will make lots of things harder (vandalism detection and fighting for example) and likely require many things to move to OSMF run tasks that are currently done by the community at large, but it may be something that we can't avoid. Simon _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
In reply to this post by Michał Brzozowski
On Thursday 04 May 2017, Michał Brzozowski wrote:
> > > Well - HDYC is a tool offered by Pascal Neis, AFAIK it is not even > > open source. Pascal could turn it off any time if he wanted to and > > of course he can also put up constraints. > > Keep in mind that I don't make it appear that my requests are based > on something formal, they're not. I simply hope that people will tell > him they don't agree with me and two already did ;) I can only say if i was in Pascal's position here and i had decided to add the requirement of authorization to my tool because i am convinced this is important for the privacy of mappers (and i don't want to imply that i would see it that way nor that this was actually Pascal's motivation) users not liking my decision but having no convincing arguments w.r.t. the basis of my decision would not have any bearing on the matter. > I think it also emphasizes how open-source tools are important. There > are tons of obscure analysis pages which don't have their source > available. Yes - and the situation about HDYC would have different dynamics obviously if it was open source. But also keep in mind that the functionality of HDYC is not really that complex. Writing a replacement for it would certainly be quite a bit of work but it is not really rocket science. -- Christoph Hormann http://www.imagico.de/ _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
In reply to this post by Michał Brzozowski
Hi,
On 05/04/2017 09:33 PM, Michał Brzozowski wrote: > I don't like the idea how this was never introduced and discussed > outside of the German forum. > I think that such "privacy" measures are futile and go against the > spirit of OSM - transparency. I think that what we mainly want to create in OSM is a geo database, not a database of where a particular OSM mapper was at a particular time, or whether a particular OSM mapper tends to stay up long at night editing OSM. I have personally talked to people who said they don't want to contribute to OSM because Pascal Neis' page was "inviting stalkers". Those people were not the geek elite who have made it a habit to thoroughly think about what gets published and how to ensure that there's no link between their online identity and their private live if they don't want their privacy violated. Those were people from groups currently underrepresented in OSM, people whom we would like to see more of in OSM, but who felt unsafe making themselves visible like that. We are currently doing far too little to protect the privacy of our mappers, and our methods of educating mappers about the privacy consequences of their actions in OSM are laughable at best. That your contributions to OSM can lead to a detailed analysis of your online behaviour like the one produced by Pascal Neis is obvious to the tech-savvy among us but certainly not to everyone who signs up. We have a duty to, at the very least, educate new mappers about what happens to their data, and ideally we should also do more to protect their data. The "metadata" of *who* edited what when is not a necessary part of our database proper; someone just wanting to *use* the data does not have to know. We use this information inside of OSM to improve quality, to contact mappers, to find vandalism and so on. But I don't think that the broader public necessarily needs to know about such internal aspects. I am very much in favour of limiting at least the value of the "user name" field to project-internal use. Pascal has made a first step in that direction. Currently, anyone can download the planet file with all user information intact and thereby circumvent the (extremely low) barrier of having to provide an OSM username; I hope that in the long run, we will stop making username information available to the public, and instead make the user name only available "for project internal purposes", i.e. to logged in users. I think this will not hurt any legitimate use case, while at the same time making clear that we consider this information privileged and not for general consumption. It doesn't matter that anyone can sign up and then view that data; we can at least make people promise to only use the data for project internal use when they sign up. > Maybe this is due to some "moral panic" in Germany revolving around > privacy, just like StreetView ban - except it's made clear that your > edits are public and you agree to it! It is made clear that your edits are public, and we even explain about the meta data (the Privacy Policy says: "All edits made to the map are recorded in the database with the user ID of the user making the change, and a timestamp at the time of change upload. In general all of this information is also made available to everyone via the website, including links to allow everyone to easily cross-reference which user has made which edit. "). But we are hiding this like the small print in a contract; there are many people who have signed up to OSM and who are shocked to find their life reflected in Pascal's analyses. You might say it's their fault, they are stupid not to read what they signed up to; I say it's out fault, we have a duty of explaining to them what they are signing up to. Every single person who signs up to OSM and who doesn't understand what they are publishing about themselves is our fault. Pascal has recevied numerous legal threats about his pages. Making them "for project internal use only" considerably improves his legal standing should anyone ever actually try and sue him. It's his service, his legal risk, and his decision. New EU data protection regulations announced for 2017 will make things even stricter, and we will have to spend serious thought on how we can protect the privacy of our mappers if we want to expand the project past the group of geeks who know how to manage their privacy online. And it is not just a legal issue; you might call it a "moral panic", I call it a moral duty to do everything we can to ensure that our mappers don't suffer disadvantages from contributing to OSM. Bye Frederik -- Frederik Ramm ## eMail [hidden email] ## N49°00'09" E008°23'33" _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
On Thu, May 4, 2017 at 11:33 PM, Frederik Ramm <[hidden email]> wrote:
> I have personally talked to people who said they don't want to > contribute to OSM because Pascal Neis' page was "inviting stalkers". > > Those people were not the geek elite who have made it a habit to > thoroughly think about what gets published and how to ensure that > there's no link between their online identity and their private live if > they don't want their privacy violated. Those were people from groups > currently underrepresented in OSM, people whom we would like to see more > of in OSM, but who felt unsafe making themselves visible like that. How many people? I think we would make it worse for many just to have a handful of people happy. I don't think we should strive to catch mappers at any cost. I know the intentions are good, but reality has often taught me otherwise. Many national communities use their own change monitoring tools that will break, for instance greeting and monitoring new mappers. We use one site in Poland and the Dutch community also uses another site. There's also Overpass API. This is not feasible on a technical level IMO and would require significant effort to satisfy just these paranoid people. I don't trust OSMF to accommodate everyone's needs on change monitoring. Also, I see no reasonable way that upcoming EU privacy rules would affect us. Would they consider OSM as a special case or what? Everything mappers do, as has been said, is consensual and explicit. When I said spirit, I though for instance mapping parties which were once very popular and still somewhat are. It was customary to make animated progress maps colored by user. Long story short: weigh "benefits" to all the far-reaching implications. I really hope this won't come through. Really. Michał _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
Hi,
On 05/05/2017 12:39 AM, Michał Brzozowski wrote: > Many national communities use their own change monitoring tools that > will break, for instance greeting and monitoring new mappers. Why? Would it be so hard to adapt the tools to log in to OSM to access user information? > We use one site in Poland and the Dutch community also uses another site. > There's also Overpass API. Sure, all these would have to change in the long run but it is such a big deal? Even today, Overpass only gives you user names if you explicitly ask for it. > This is not feasible on a technical level IMO I don't agree, I think it would be quite easy. > and would require > significant effort to satisfy just these paranoid people. I don't think it is fair to talk of "just these paranoid people". Our mappers are not enemies; they trust us with their data and it is our moral duty to handle the data they trust us with responsibly. (And I'm not even starting to talk about what our legal duties are!) > I don't > trust OSMF to accommodate everyone's needs on change monitoring. I don't know what "everyone's needs" are but if these needs include "I must be able to download personal user data without logging in" and "I must be able to distribute personal user data without taking any safeguards as to its further use" then I'm not sure if these needs *should* be accommodated. I am sure that all existing quality control measures can be kept up even if we start saying that username data is for internal use only. > Also, I see no reasonable way that upcoming EU privacy rules would > affect us. Would they consider OSM as a special case or what? > Everything mappers do, as has been said, is consensual and explicit. As I said, I think that even in a world without data protection, it would be our duty to think about how to protect the privacy of our contributors. Just saying "you've signed this here, ha ha ha, your fault if you haven't read the small print" is not enough. Certainly not morally; maybe even not legally. If you start looking at the legal side there are many aspects that need to be evaluated. I am not a lawyer but I have a feeling that even today there's a lot of issues not directly related to the above topic where we fall foul of data protection rules, for example the way we continue to offer old planet files for download complete with user names, even if people have asked us to delete their personal information. (Remember, even if people should have agreed to the distribution of their personal data on signup, they can - as far as personal data is concerned - always withdraw their agreement; we cannot then say "har har it is too late now the data is already released under ODbL".) It is also totally unclear if this "metadata" is even part of the ODbL licensed database. Another issue is that there's no way for downstream users mirroring our data to know that "user XY has revoked permission to distribute their user name". Another big issue at least for European users is likely that many governemnt institutions and large companies have strict house rules on working with personal data; if your random government agency importing a planet file into a database were told that this actually contains a ton of personal data, they'd probably have to stop their machines immediately and ask for permission from the relevant data protection commissioner or whomever. But I don't want this to become discussion about "how low can we go with data protection to still be legal". I want this to be "how high can we go with data protection to still be useful", and I think there's a lot that can be done that will make our project better, friendlier, and a safer place to be for everyone. > When I said spirit, I though for instance mapping parties which were > once very popular and still somewhat are. It was customary to make > animated progress maps colored by user. I think that a viable middle ground could be to make user data available to signed-up project members only, and they'd have to promise to only use that data for project-internal purposes. Hence, anyone with an OSM account could make such an animated progress map, and it could be shown to anyone with an OSM account. Only if you want to distribute it outside of OSM you'd either have to remove/pseudonymize the user names or get explicit permission (as in: "I am ok with you publishing this particular work with my name in it") from the participants. Would that really be such a big issue? I think you're making this into a much bigger issue than it needs to be. Bye Frederik -- Frederik Ramm ## eMail [hidden email] ## N49°00'09" E008°23'33" _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
In reply to this post by James-2
It's nice to know where this is coming from, because I was a bit confused about this too. In what way is my privacy protected if 2 million people can see my profile; oh and also everyone who bothers to make an OSM account? Putting a somewhat pointless access limitation to HDYC is counterproductive, as it might give people a false sense of security. One thing it might add is that it's now easier to trace who has been looking at your profile in case there is a suspicion of abuse. Pascal's own argument (on Twitter) seemed to be that "it"s not just data, it's computed intelligence". Well yes. HDYC shows how much info you release about yourself through your OSM edits. The only way to solve this, is with a behavior change of the mapper themselves, or with a radically different way to share OSM data (as seems to be one of the ideas in the linked discussion). For example by using multiple accounts. A blog post about what an ill-intentioned analyst could do with your data would seem more productive than a half-measure protecting what a well-intentioned analyst learns. A more general discussion like the one you linked, but in a language more of us understand, might also help. That said, obviously HDYC is the most elaborate individual analysis tool around, so it does make snooping very easy. A system to opt-out of being included in this particular system might be reasonable. This could technically work in a way similar to the opt-in you can do to link your HDYC profile to your osm-related profiles (by including links in your OSM profile). While I would also have liked to see a more inclusive discussion about this, ultimately, it doesn't matter where and how Pascal came to his conclusion. It is his tool, so the decision is his alone. I would really love to see tools like this integrated into the core OSM systems, where we would theoretically all have a say. Unfortunately, that's not the case. _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
In reply to this post by Michał Brzozowski
Am 05.05.2017 um 00:39 schrieb Michał Brzozowski: > ... > Also, I see no reasonable way that upcoming EU privacy rules would > affect us. Would they consider OSM as a special case or what? > Everything mappers do, as has been said, is consensual and explicit. > > ... Well I don't remember giving Pascal permission to process my data, and I believe nobody else has :-) And that is the crux of the matter, in a scenario in which a) any such processing needs to be opt-in, and b) the permission for processing needs to be explicit both wrt the entity doing the processing and what is being done with the data, most such community activities become impractical. Which vandal is going to actively consent to their edits being feed in to an osmcha instance outside of one run by the OSMF? We just may be able to make giving such permission to the OSMF a required condition of getting an account but that is likely going to be it. And there are lots of other aspects that I would rather not go in to right now, as it is just asking for trouble. Simon _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
On 2017-05-05 09:17, Simon Poole wrote:
> Am 05.05.2017 um 00:39 schrieb Michał Brzozowski: >> ... >> Also, I see no reasonable way that upcoming EU privacy rules would >> affect us. Would they consider OSM as a special case or what? >> Everything mappers do, as has been said, is consensual and explicit. >> >> ... > Well I don't remember giving Pascal permission to process my data, and > I > believe nobody else has :-) But what Pascal does is not what you do, so how is this applicable? We have all agreed to the contributor terms (although I can not find the version I have agreed to, I can only find a version from 2016) and that says that OSMF has the right to sub-license. Which would include what Pascal (or anyone else using or working on the data) is doing. And, "You also waive and/or agree not to assert against OSMF or its licensees any moral rights that You may have in the Contents." That is pretty broad and basically tells you to shut up or put up. Not that I see that as the last in this discussion though. Maarten _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
Am 05.05.2017 um 09:47 schrieb Maarten Deen:
> ... > > And, "You also waive and/or agree not to assert against OSMF or its > licensees any moral rights that You may have in the Contents." > ... "the Contents" is defined as "in contributing data and/or any other content (collectively, “Contents”) " further it is limited to "to the geo-database" and refers only to the the "intellectual property rights in any Contents" that the contributor actively "that You choose to submit" contributes. This is very unlikely to include meta data generated by the act of contributing and other supplementary account data and does not cover any privacy related rights to start with (not to mention, as I've already pointed out, that blanket use permissions for privacy relevant data are likely invalid in any case). Simon _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
In reply to this post by Maarten Deen
Am 05.05.2017 um 09:47 schrieb Maarten Deen: > .. > We have all agreed to the contributor terms (although I can not find > the version I have agreed to, I can only find a version from 2016) and > that says that OSMF has the right to sub-license. PS https://wiki.osmfoundation.org/w/index.php?title=Licence/Contributor_Terms&action=history _______________________________________________ talk mailing list [hidden email] https://lists.openstreetmap.org/listinfo/talk |
Free forum by Nabble | Edit this page |