[OSM-talk] threats

[Nick Black]

First I think it is unreasonable to hold an entire project to ransom
like this.  Every few weeks there is a flame war like this, yet when
there is an IRC meeting, none of the pressing concerns about privacy
and licensing that stimulate these arguments and disagreements were
brought out in the IRC meeting.  There is always a tendency towards
silence in the run up to a public, open meeting.  Why is that?

There seems less doubt over the reasoning behind the privacy decisions
this time round, but copyrighted data is a big concern for the
project.  The Ordnance Survey have a team called Map-Watch.  A handful
of people dedicated to busting people for infringing their copyright.
If I was working for them, looking for an easy target, I know where
I'd look.

We need a privacy policy and a lawyer and we need one soon.  I have a
meeting this week that should give us some good information about
forming a legal entity.  Lets try and direct frustration towards
coming up with a decent, water tight privacy policy that protects the
project and all or our work.

Nick



On 7/23/06, David Groom <reviews at pacific-rim.net> wrote:
>
> ----- Original Message -----
> From: "SteveC" <steve at asklater.com>
> To: <talk at openstreetmap.org>
> Sent: Sunday, July 23, 2006 11:06 AM
> Subject: [OSM-talk] threats
>
>
> >I can see this might start a flame war but I'd rather at least talk
> > about it.
> >
> > Imi came on instant message today, he wants to set up an anonymous
> > account so that anyone can upload 'anonymously' from JOSM to OSM. I
> > pointed out the following problems.
>
> Can someone (Imi ?) explain to me the real benefit of an anonymous account,
> other than the fact that a new user does not have to go through the very
> small step of setting up his own account?


>
>
>
> >
> > First, if anyone uses it to delete all the nodes or anything else stupid
> > then I have to deactivate the entire account. I can't sit around pouring
> > through the history. Currently you can't look through the history easily
> > as an end user.
> >
> > Second, if anyone uses that account to upload copyrighted data and we
> > get a cease and desist then I have to remove everything that account
> > did.
> >
> > Third, it's just not due diligence to allow it.
> >
> > There are arguments for allowing ip address-based editing like wikipedia
> > but it's not implemented at all.
> >
> > So we went on to IRC as jabber instant message was having problems
> > (transcript below, please read, I've just removed his password). Imi
> > published his user/pass for OSM (thus compromising everything above) and
> > said if I deactivate the account then he's off for sure. I asked him to
> > reconsider, see below.
> >
> >
> >
> > These kind of threats are _unfair_, and having them linger is unfair.
> > Imi does amazing work but I, or we as it is now, can't just submit to
> > every threat to leave. It's also a stress to have to deal with and write
> > this email.
> >
> > The other thing is the claim that I am trying to stop anonymity. Given
> > the flak/flames I took for not releasing everyones login details, their
> > gps traces etc (the entire database)... I'm just perplexed.
> >
> >
> >
> > Imi, please reconsider and let me change your password now its out in
> > the open.
> >
> >
> > ---
> >
> > * Now talking on #osm
> > <imi> morning steve.
> > <SteveC> talk here?
> > <imi> sorry. con problems
> > <SteveC> yeah
> > <imi> damnit.. amessage.de is unstable last days..
> > <SteveC> so I don't see what the benefits are
> > <imi> well, I will not talk about "why people want to remain anonym".
> > Really. Thats below my level :-(
> > <SteveC> but hold on
> > <SteveC> you were the one asking for eveyones email addresses and stuff
> > to be released!
> > <imi> Yes, and if you remember, I added in the same email, that I don't
> > care about my privacy as long as I can be anonym and can decide when I
> > don't want to identify myself-.
> > <SteveC> which is a contradiction
> > <imi> phe.
> > <imi> well, anyway. I think we should provide an anonymous account,
> > where the user don't have to enter an email. Alternative, we could give
> > the probability to use an openstreetmap.org-email, if that is
> > technically easier.
> > <imi> everything else leads to bogus accounts.
> > <SteveC> so what?
> > <SteveC> bogus accounts are more hassle to set up and much easier to
> > track
> > <imi> so you call this a security feature?
> > <SteveC> its security, privacy and copyright due diligence
> > <imi> I want to ALLOW anonymity, you want to fight it.
> > <SteveC> bollocks do you, you were the one who wanted everyones
> > addresses and all their edits... thats not wanting privacy
> > <imi> to all: if you want to be anonym, just use
> > "immanuel.scholz at gmx.de" with password "****", as already written in
> > many subversion scripts.
> > <imi> and if this leads to an account deactivation, I am off for sure.
> > <imi> :-(
> > <SteveC> you're mad
> > <imi> I will use my account for the testing stuff.
> > <imi> this is now an open account.
> > <imi> since I did not contribute much stuff anyway, I see no problem
> > here.
> > <SteveC> if that account is used for anything malicious I'll have to
> > deactivate it
> > <imi> or you remove the malicious thing.
> > <SteveC> so now you want me to sit around all day looking for malicious
> > edits
> > <imi> and since all history is preserved, that could be possible in
> > (hopefully) all case.
> > <imi> no, I want everyone to sit around and look for it. Like in
> > wikipedia.
> > <imi> Jimbo does not look around all the day.
> > <SteveC> but none of that functionality is there yet
> > <imi> *shrug*.. ok, time to implement history in JOSM.
> > * eckhart (~eckhart at p549BA6A8.dip0.t-ipconnect.de) has joined #osm
> > * eckhart_ (~eckhart at p549BA6A8.dip0.t-ipconnect.de) has joined #osm
> > * eckhart has quit (Read error: Connection reset by peer)
> > <SteveC> I'm sorry I have to write to the list about this, will you
> > reconsider?
> > * eckhart__ (~eckhart at p549BA5DA.dip0.t-ipconnect.de) has joined #osm
> > <imi> what should I reconsider?
> > <SteveC> your threat to leave, and the publication of your login details
> > <imi> well, you either have to throw me out or I will create an open
> > account for people who like to be anonym.
> > <imi> sorry, but I will not discuss this.
> > <imi> I never thought you are going to forbid anonymity. I am very picky
> > about this.
> >
> > have fun,
> >
> > SteveC steve at asklater.com http://www.asklater.com/steve/
> >
> > _______________________________________________
> > talk mailing list
> > talk at openstreetmap.org
> > http://lists.openstreetmap.org/cgi-bin/mailman/listinfo/talk
> >
> >
>
>
>
>
> _______________________________________________
> talk mailing list
> talk at openstreetmap.org
> http://lists.openstreetmap.org/cgi-bin/mailman/listinfo/talk
>