Jimbo Wales replied to my open questions on some of the privacy concerns that quickly arise given that it seems Wikia Search will be advertising supported. From the open forum (my original requestions in bold, Wales’ answers beneath):
What kind of server logs will Wikia Search maintain of user activity?
I assume we will keep normal server logs for the purpose of research into what works and what doesn’t, how people are using the site, etc.
If so, what will the data retention policy be?
What do you recommend? My own rough view is that data should be retained as short a time as is practical.
Will Wikia Search offer (and encourage) the creation of user accounts (enabling easier tracking of user activity)?
YES we will both offer and encourage the creation of user accounts, not for the purpose of “enabling easier tracking of user activity,” but because we intend to have a very strong component of wiki-style editing and transparency of editorial decision making, so that those decisions can be in the hands of the community. This is the same as in any wiki.
Will attempts be made to personalize advertising on the Wikia Search based on a user’s past search activity?
Yes, of course. This is one of the best things that can be done to keep advertising to a minimum and the annoyance of advertising to a minimum.
If so, can users opt-out of such personalization to prevent their search histories from being tracked?
Yes, of course. What I mean by the “Holy Grail of Privacy Protection” is that those who want privacy can have it, and those who want reputation can have that too. I think it important to remember the difference between “privacy” and “anonymity” and not to be fanatically opposed to the choices that other people make. The important thing is choice.
I haven’t had the opportunity to craft a suitable response to Wales (I’m behind on a couple of deadlines), but luckily someone else has continued the discussion and posted a thoughtful reply of her/his own, including some good follow-up questions. Here’s an excerpt:
However I was disappointed in the answers to Michael Zimmer’s questions, maybe because there are no details on how wikia intends to reconcile account management, personalized advertising, revenue, reputation, and normal server logs with privacy. Real privacy, not privacy dependent on circumstance.
- Will WikiaSearch be architected in such a way as to prevent any substantive response to a civil or criminal subpoena of user activity by the courts?
- Will WikiaSearch be designed in such a way as to prevent any substantive response to a ‘National Security Letter’ by the federal government?
- Will IP addresses be associated with or reconcilable with user accounts in any circumstances?
- Will all traffic be encrypted via SSL to prevent ‘man in the middle’ monitoring?
- Will transparency apply to your algorithms and models for personalized for-profit advertising?
- Will Advertisers have access to more information about wikia users than the general public?
- Will the general public be able to see exactly how Advertisers are targeting their advertisements to wikia users?
- Why is this project for profit and not non-profit, like the wikipedia model, and what are the potential effects on user privacy?
I see some real opportunity here to fundamentally alter the concept of privacy on the internet – the holy grail. But I am concerned with how a for profit, advertisement based search model, can be satisified with only ‘limited’ and ‘general’ information about users. Even if wikiaSearch starts out with strong privacy controls, how do you structure wikia as an organization, to prevent a gradual erosion of personal privacy in favor of increased functionality over time – the Google model where you are enticed to give up more and more privacy to indirectly pay for more and mores features funded by advertisers?
I couldn’t have said it much better myself. I’ll try to re-enter the conversation in earnest soon, and hope Jimbo offers his additional thoughts in the meantime.