Add "doxing" to list of prohibited practices in the Code of Conduct #4552
Comments
|
This is not doxing. First of all there is no real private address here, just a general area. There is not a picture of him/her on the internet, thus making it unable to find the user / unable to identify him/her, therefore it is not doxing. Secondly if the user had not obscured it, and make such a fuss about it, no one would know it was near his home. By just searching for "O 2890" and "Stationsgatan" you already get a direct link to the area. Imagico just showed that it could be found quite easily, that is all. Finally the user could have searched a different area with the same problems to make his point, or create a fake map. He/she didn't had to use his home area. Could this have been handled better/nicer? Problably. But I don't see any huge problem with it. Adding some words about doxing to the CoC doesn't hurt of course. |
The fact that @imagico didn't share a private address doesn't make it any less doxing or wrong. Sharing any information that could be used to identify someone, private address or not, goes against both GitHub's Doxxing and Invasion of Privacy policy and OpenStreetMap's etiquette guidelines. It would be kind of weird to enforce a change to the CoC after the fact, but OpenStreetMap's etiquette guidelines should at least be enforced if nothing else. |
|
Please use the link for reporting in CODE_OF_CONDUCT.md. In a case like this involving a maintainer, drop the maintainer involved from the email list. Not every maintainer will read every issue, including this one, so the reporting process is important. |
Note that https://docs.github.com/en/site-policy/acceptable-use-policies/github-doxxing-and-invasion-of-privacy is far less strict, because merely mentioning or linking my OSM account would be also "information that could be used to identify someone" despite that it is trivially findable and should not be treated as doxxing (as indicated by fact that I deliberately linked both in multiple ways). |
|
I agree that this comment was counterproductive and better way to response would be something like
@swedneck - please, consider removing this image. It is trivial to recover its location, I needed less than 60 seconds to find it and did nothing advanced or hidden. But I am not convinced that it was doxxing. Would it be doxxing me if I would comment "I am on Podzamcze 4, Kraków, Poland" and someone would link https://www.openstreetmap.org/node/9574968315#map=19/50.05555/19.93733 ? If location is trivially recoverable solely from info provided in this specific posting then linking direct location is rude if someone tried to keep location private... But is it still doxxing? |
Closes gravitystorm#4552 This proposes to explicitly state that revealing identifying information about a user against their wishes is unwelcome behavior on the project.
Last night I was looking at the doxing policies of other websites, like Facebook and Twitter, and they all seem to be along the same lines as GitHub in defining doxing. If not more lose in how they define it. The general theme with all of them seems to hinge on if the information is "private" and if the user want's it to be publicly shared or not. For instance Facebook defines doxing as "Posting personal information about others without their consent." There's nothing about it being identifiable or not in that. We can debate all day if the information that was de-anonymized could be used to locate swedneck, but they clearly didn't want the information shared. Otherwise, they would have shared it themselves. So it's still doxing IMO. I don't think the analogy to your user name works because you publicly share what your name is in it. If you didn't, and someone linked to it by saying "this is the account of Mateusz Konieczny", then sure it would be doxing. But your not keeping that information private. Personally, if it were me I'd still consider it creepy and a form of harassment if someone shared what street I live on. The fact that there's only like a 30% chance of someone figuring out where I live based on that information is immaterial. It shouldn't have to get to the point where the person is knocking on my door or harassing my kids at school before it violate the guidelines. Just like it's not OK to share someone's bank account information regardless of if the account number is eventually used to make fraudulent transactions or not. |
To prevent ambiguity about the meaning of doxxing, I would suggest adding concrete examples or guidelines. In general, this seems as much a breach of 'be friendly and welcoming' and 'be respectful' by deliberately exposing someone's location just to one-up them and proof some point. |
In #4527, @imagico, a maintainer of this project, was involved in a discussion with a user in which the user posted a screen shot from the style near his city of residence, with portions obscured in order to protect his privacy. In a subsequent comment, @imagico de-anonymized the user's location, posted a link to it, and chided the user, saying "Trying to keep secret the location of your example is both pointless and counterproductive".
This is a violation of several points of the openstreetmap-carto Code of Conduct, including:
A screenshot of the offending comment is here for documentation, with the location masked:
Both the user and no less than an OSMF board member subsequently commented in objection to the doxing, yet no action was taken. Two months later, neither @imagico nor any other maintainer has removed the offending information.
I call on the maintainer team to:
The text was updated successfully, but these errors were encountered: