[kwlug-disc] kwlug-disc mailing list privacy

[Paul Nijjar]

I received a response from the original poster, who asked me to
forward it to the list. I am doing so that the person in question can
make their voice heard. 

I am hoping this won't inflame an acrimonious discussion. 

As for steps to take, I will add a heads-up to the kwlug-disc signup
page that the archives are public, because that is easy to do. 

Some of the other suggestions seem interesting (such as leaving
archives public but anonymizing identities) but I personally am not
planning to take that on now. 

- Paul


------

If you could relay my response below on the list, I would very much
appreciate it.

--

I'd like to address a few of the arguments I've seen while following
this discussion.

Firstly, a number of people mentioned spam, and seemed to assume that
this was my reason for not wanting the archives to be public. This is
not the case. Spam is a nuisance, but one that can be taken care of
easily enough with properly configured filters. For those who use major
email providers that have very good spam filtering (like Gmail) or those
who self-host but use their own anti-spam measures, this can be a non-issue.

An analogy was made between public mailing list archives and
conversations at parties, the idea being that it's like walking through
a room and listening to different people talk, joining in if you want
to. However, I do not believe this is a good comparison. In-person
conversations (unless recorded with a microphone) are inherently
ephemeral, limited in time by human memory and scope by proximity to the
speaker. The internet is different. It is permanent, more or less. What
you say may follow you around for the rest of your life, easily accessed
by anyone. Maybe you don't think you've said anything controversial, and
yet "controversial" is a subjective notion and can change very easily
over time. What's acceptable to support or denounce today may become
unacceptable tomorrow.

A number of people have suggested using a different email address as a
pseudonym. This is a fine suggestion, unless you've screwed up (as I
have) and already said things you don't want public on your regular
email. This can either be because you didn't know the lists were public
in the first place, or because your views have shifted over time and
you've come to regret things you've said, or perhaps you just got
carried away in the heat of the moment (as can happen to the best of us)
and had a momentary lapse in judgment. (Additionally, pseudonyms can be
broken over time. If you use one too long, it can become easy to build a
profile on you that can in theory be matched to your real world
identity. And this is ignoring all of the technical ways that pseudonyms
can be broken.)

Many have also made arguments about the ideal of openness, and the
availability of public knowledge. I sympathize with this. However, I
don't know that it applies as strongly here as it would with, say, an
actual FLOSS project. As Khalid mentioned, I have never searched for a
tech-related query and found a thread on the KWLUG mailing list. I
somewhat doubt that anyone has, or at least the number is probably very
close to zero. Also, in my opinion, mailing list archives are hardly the
ideal place for aggregation of important knowledge. That should be done
on something like a wiki, where relevant details are not scattered
across many pages. Mailing lists are useful for having a discussion and
arriving at a consensus, but a person looking for the consensus and not
everything leading up to it should hardly need to browse through dozens
of pages filled with dense text to find it! Any important information
which it would be a shame to lose should not be stored solely on one
mailing list, and in the case of KWLUG in particular, I doubt that there
is any important information that can only be found on these archives
and not elsewhere.

And yet, even if you do not find that argument persuasive, that still
leaves room for a compromise solution where the messages of the archives
themselves remain public but without any identifier (name or email
address) attached to them. This is not a perfect solution, since there
may be identifying information inside the body of the email itself, but
it would at least be an improvement.

A few more quick rebuttals to other arguments:

- Sometimes it may be useful to share messages in the archives with
non-members. Yet this does not require the archives to be public.
Forwarding the email would do, or even a simple copy-paste.

- Likewise for those who want to see what this list is like before
joining it. Similar solutions as above would work. Or they could simply
join and then unsubscribe if it wasn't what they were expecting.

- Someone mentioned the fact that many members keep their own private
archives, and making the official archives private would do nothing to
delete those other copies. This does not really worry me. Additionally,
an argument was made that anyone who kept such archives could
theoretically make them public. But if, hypothetically, we arrived at
the consensus to make these archives private, I'd like to think there's
no one so spiteful among us who would publish their own private copy
publicly, at least not without removing identifying information first.

- Archive searches. Of course, these would still be possible for members
who keep their own private archives, and those who don't could either
ask someone who does to run a query, or simply download the archives (as
GNU Mailman allows you to do) and grep.

There is one message I would like to personally address:



> On Dec 6, 2018, at 8:07 AM, Andrew Kohlsmith (mailing lists account) wrote:
>>> On Dec 6, 2018, at 12:37 AM, Andrew Sullivan Cant
> <acant at alumni.uwaterloo.ca> wrote:
>> Again, I realize that this would not be perfect, but would probably
>> reduce the likelihood of mailing list messages popping up in searches.
>> And it is simpler than having to authenticate who is on the mailing list
>> and who is not.
>

> Caution: this is from pre-coffee Andrew; it’s perhaps written more
> sharply than post-coffee Andrew, but the opinions expressed are
> correct.

> This seems counter to the idea of public discourse. Personally I
> *want* mailing list results to show up in web searches.
 
Why? Members can search the archives on their own, and the utility of
non-members being able to search the archives, as explained above, is
likely very low.
 
> If you don’t want your email identified, there are (low effort) things
 that can be done to help that.
>
> If you don’t want your name showing up, use a pseudonym.
 
Again, as explained above, this does not help with messages that were
already sent without one.
 
> if you don’t want your *text* showing up: don’t post. Keep your
> information to yourself. I think it’s awfully selfish to post on a
> list such as this and then hold it close to your chest because someone
> outside of your network might see it. That’s not what this list is
> about, in my opinion. We’re here to ask questions, share knowledge and
> exchange pithy one-liners. Whether the person reading it is in Guelph
> or Guangzhou is irrelevant; they may have the same question and a
> simple answer may be found here. Why would you want to prevent that?
 
I'm selfish for fearing the consequences of messages I thought were
private actually being visible to the entire world? Really?
 
And once more, as explained above, I seriously doubt that the answer to
anyone's question can be found here and only here. "Ah, I'm so
incredibly glad that this random LUG mailing list contained the solution
to my problem that could not have been found anywhere else on the entire
internet!" -- said no one ever. If that is the case, it shouldn't be,
and that knowledge should be shared elsewhere.
 
> This thread seems to be getting less about privacy and more about
> knowledge-hoarding or what I’m going to call citadel-ism: keeping
> knowledge away from those who you feel are “other” or “unworthy". This
> list was always about public discourse. If you want an elite “members
> only” list, feel free to create one, but don’t take the years of open
> exchange from this one and make it hidden in the name of “privacy”.
 
This could not be further from the truth, and I believe you are arguing
in bad faith. The quotes you put around "privacy" really don't help in
this regard. Privacy *is* the issue for me, believe it or not.

> Of course, all this ‘you’ is not to you personally, Andrew, nor to
> anyone in this thread.


Then to whom, precisely, is it addressed? You've created a straw man
argument that no one on this list actually believes and attacked that
instead of the main point.

Caution: this is from pre-rested anon; it's perhaps written more sharply
than post-rested anon, but the opinions expressed are correct.

There's your pithy one-liner.

My apologies if that response was a bit sharp, but then so was yours, so
let's call it even.

Anyway...

I'd like to expand on the reasons why I'm personally so concerned about
this. Of course, I'm limited in the extent that I can do so, since
pointing to specific messages would defeat the point of saying this
(semi-)anonymously and only serve to draw more attention to the things I
don't want getting attention. Thus, all I can really say is that I've
said a few things on this list that I wouldn't have said if I'd known at
the time that it would be public and directly tied to my identity.

These things might seem innocuous to most if I told you, but I believe
that they could potentially, under certain circumstances, threaten my
personal privacy, liberty, or even safety. That's all I can say.

Overall, it seems like I'm a little outnumbered here. I can't fault
anyone for expressing their opinion, but I'd be lying if I said some of
these responses didn't make me feel a little more hesitant about
participating in KWLUG.

Finally, I'd like to close by saying that even if you all do not find
this persuasive, and we don't make the archives private, at the very
least, it needs to be made *very clear* to anyone who joins this list
that these archives are public and potentially permanent, and that their
messages may follow them around forever. It wasn't clear to me. That was
my mistake, and I take full responsibility for it, but I at least don't
want this to happen to anyone else.