GDPR (General Data Protection Regulation) and MediaWiki software

The  category contains articles on creating language/locale specific versions of MediaWiki. The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. It also addresses the export of personal data outside the EU and EEA. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

GDPR has already came into effect on May 24th 2016, May 25th 2018 is date it's applicable. There was a two year transition period that ended on May 25th 2018. Since the MediaWiki Software is also used by users inside the EU or offered to user there, there were several question raised how to make MediaWiki compliant to GDRP.

'''Please note the following are recommendations collected by affected MediaWiki users who are not lawyers. Please proceed at your own risk.'''

This article is NOT on how to change MediaWiki software to make it GDPR compliant (if at all necessary), it is on any website build on MediaWiki software. So, this focuses on extensions, scripts, or anything you can think of that may make the website more GDPR compliant. 2. Absolute compliance is not possible on public MediaWiki websites, at least for the website administrators, as most of the content are posted by the users. So the title is how to make it “MORE” GDPR compliant. 3. Please try to suggest anything about general MediaWiki websites that can be a problem due to GDPR and all the possible ways to correct or at least circumvent this problem.

Is my MediaWiki affected at all?
if you have a MediaWiki located on a server in the EU or which may be accessed by people from the EU, you need to GPDR compliant since even IP addresses are considered data that is protected by that. Since you can't access a website without logging the IP address, your site also affected. (Even if you yourself are not logging the IP on your site, your hoster will in some log files you have no idea of. In this case you may require a signed ODP [order data processing] from your hoster.)

Using existing tools and meams

 * Old, existing laws (like the Cookie policy) are currently still applicable when GDRP become effective (as it has been for the last two years). So if your Wiki's server is located in the EU and/or you are catering to EU based users, you may want to use Extension:CookieWarning, if you aren't already. Text of warning/explanation may have to modified accordingly.
 * GDRP demands implementation of "appropriate, cost-effective controls" to protect the personal data of EU residents. It's still debated whether GDRP demands encryption, per se. Text uses words "such as encryption", "may include encryption", "as appropriate (...)pseudonymisation" etc. so this are more suggestions than a demand For SEO reasons and because Google Chrome will marks web pages without SSL/TLS certs as "not secure" soon, you may want to use a SSL certificate for your wiki anyway. Maybe your hoster can offer free Let's encrypt certificates?
 * If your wiki's SQL DB is breached, you have to inform authorities and your users which information were affected/stored (usually IP address for all editors) and e-mail address, user names First and last name if you request them from your user for logged users)
 * You may want to ask your users whether they are older than 16 years upon sign-up or if they have the consent by their parents.
 * update the wiki privacy statement, if not done already, that IP address (for all editors), E-mail addresses and User names (for registered users) are stored which is technically required for tracking and roll back of edits and that user agree to that upon sign-up or editing your wiki, that who they have to contact if they want to have their account deleted etc. A GDRP conform privacy generator may be used for private use, for example:
 * German: https://datenschutz-generator.de/ (unfortunately available only in German)
 * please add privacy generators for other languages here
 * if you requested e-mail addresses upon sign-up, inform your users that they may unset their e-mail address in their user preferences. Since an e-mail address is not required for registering this may only affect wikis that use emailconfirmed for editing privileges (for example for Anti Spam measures, YMMV).
 * add the name of an Admins/Mod(s) on the privacy article in case somebody wants information about their stored data. I would add link how they can close their account.
 * add which data protection legal authority is responsible for your country/(or to be determined for Germany), this is also required by GDPR.

=Issues=

Deleting User accounts

 * Mediawiki Users can't delete their account themselves. Of course there are extensions that allow merging accounts and there is always the possibility to delete the entries in SQL, but in general, it's not preferred to delete users

Please add: overview for SQL commands to delete accounts or link to existing documentation

The Problem of deleting a user's contributions
Also Extension:DeletePagesForGood was recommended. Also you can directly delete from the database (though a bit risky).
 * deleting a user's contributions leaves behind the username (or IP address if the user is not logged in) in deletion log - thus, is not a clean process.The record of user's contribution in revision history can be deleted using the Manual:DeleteOldRevisions.php . Read this thread for more info - Topic:Tf2bj711f0x48dba.

A user want to remove any references to their username

 * the username is attached to every edit make by the user. The user has no ability to remove any of those references.
 * Possible solution (also suggested by @Rocketpipe) - It might be sufficient if the user is told of this limitation during the account creation process.

Google has cached old privacy related content from your wiki that was removed by now

 * Please refer to Remove outdated content on how to removed cached content

A user wants to delete or hand over their data
Possible solution (suggested by @TheDJ): Please add: overview for SQL commands to delete accounts or link to existing documentation
 * a user can delete his/her email address by removing it in the preference. Email address is not required by MediaWiki.
 * The user releases his/her contributions under the license mentioned in the specific website.
 * Database user can delete a specific contribution if needed.

=List of existing Extension which might be useful for compliance=
 * Extension:Checkuser you will want to limited people who can access it to registered data controllers only.
 * Extension:UserMerge might come in handy if one merges the user to an existing generic one set up by the Wiki Admin.
 * Extension:CookieWarning will add a banner. It's not sure if this meets a consent opt-in as required by GDRP

=List of required/missing functions=
 * MediaWiki could use an extension where user can export their saved data as an XML or JSON file (still to be defined what that would includes besides the username, IP address etc what additional information was stored, if the changes/edits would have to be included), similar to Wordpress - although given the nature of how wikis works this might become a major headache (basically if a editor decides to have their personal data scraped, which is their right to do so, this means Wiki admins would have to change the user name to some anonymized version like "deleted user" or something, same for edits that were done by not logged in users where the IP is shown).
 * an extension to edit the sign-up form (for example to add a check box that a user is older that 16 years) or for adding a link to the privacy statement

=Using Semantic MediaWiki as a tool for documenting GDPR compliance=
 * https://archive.org/details/emwcon2018-mediawiki_and_european_gdpr_datencockpit

=Further reading=
 * A note on our approach to privacy from Wikimedia
 * Thread in the MediaWiki Mailing list
 * Thread on the r/WikiInAction/ subreddit
 * Wikimedia Hackathon 2018 in Barcelona:
 * task at phabricator: https://phabricator.wikimedia.org/T194901
 * the documentation of the workshop:
 * Public YouTube stream on MediaWiki channel
 * Slides
 * Etherpad

=Support desk threads=
 * Topic:Udnw29wn64if2m14
 * Topic:Ud7xbwbzxcgyfgzm
 * Topic:Ucy8sfl44i6n6i51