OpenStreetMap Community exposes way too much details about user behavior on this site. Even if you’re only visiting the site, reading some posts, other users are able to track you.
This seems all a bit excessive. I can’t think of a good reason why we should keep this feature around. Let’s just turn it off, or block access to the user statistics page.
I agree. I have gone and removed it for now.
I am still open to debate on or off.
How the information there is different from the stats you get on user profiles? Which information seems sensitive?
Screenshot from Discourse Meta forums
The screenshot doesn’t include all the fields which were previously shown on “our” user stats page, so this is not really comparable. Maybe Discourse Meta forum trimmed the list down to a more sensible default.
As I mentioned in my first post, even visiting the site without posting anything was exposed to other users, even if you hide your user profile.
Interesting, it seems we disabled the “directory of users” altogether. @Firefishy was there an option to hide some of the information?
I see there is an enabled option to “allow users to hide profile” so people can opt-out from those listings.
This didn’t really work. I checked some of the users which are known to have a hidden profile, and they were still included in the user stats. You could easily write a bot and extract the information on a frequent basis to generate a fairly precise activity profile.
Did you check logged off? Maybe the trust level of your user here grants you access to more info (?)
I think I did. That was another issue, the user stats page was accessible to the whole world without a need to login in the first place. (yes, this has some GDPR implications)
What GDPR implication are we talking about? AFAIK no personal information is disclosed.
The hide user profile and user directory seems to be a known issue upstream.
On the user directory, I’m not concerned if it’s displaying publicly accesible information, such as number of posts, most likes… What were the additional data we were showing up that was concerning?
I can only recommend to go through SimonPoole's Diary | The earth is defintely flat (OSM and the GDPR) | OpenStreetMap … as long as the information is visible without login (+ accepting ToU), we have an issue.
To name a few examples:
- Number of posts read
- Exact days when you’ve visited the site
- Total reading time spent on the site per day
These stats would be available on a daily, weekly, monthly, quarterly, yearly basis. If you automate the extraction, you can get to daily granularity over a longer period of time.
I agree, the user page exposes similar statistics. I see this as another candidate where we should stop exposing some of the information, and make them available to logged on users only.
Making any information only available to logged-in users should, IMHO, be enforced.
Since the user directory data can be also scrapped by anyone from user profiles, can I suggest we enable again the user directory only for logged in users?
I think being able to understand people activity can be important in different dynamics, some examples:
- Reward users who are providing consisten solutions on #help-and-support, empower them, maybe asking them to become moderators eventually.
- Understand if people in moderation roles has been inactive for a long time and maybe need a break/support. (this will be a need for the current moderation selection criteria proposal)
- Identify users whose content receives a lot of likes often, to empower this leadership.
Right now there is no way to do so without stats, they are not even present for admins, mods.
Well, you could certainly work on that bit, without giving access to everyone. All the use cases you’ve mentioned seem to be relevant to a small group of admins/super users. I don’t think a random user Joe could grant moderator rights to anyone else.
Understanding and empowering the community is not something that only admins and global moderators do.
I would say that in general this done by local community members.
Suggesting someone for moderator is mainly done by communities themselves, as well as self evaluating how they are doing.
That’s why I think these stats should be accessible by any logged in user.
We can test this for a few months and then check how useful has been or if there’s been any issues. At the moment I see no flags if this requires login.
@nukeador is it indeed possible that profiles can be made hidden by default? It is a bit ignored in this topic but this is quite privacy intrusion that people can see this. In understand why discord tracks it but others should not be able to see it. Quite some people in the OSM community are very privacy aware.
@Cartographer10 moving your message to the relevant topic.
We can make users stats require log in, and people can choose from their preferences if they want to hide their whole profile.
I think require login to show user stats is indeed a good step.
The user profile visibility was a small search but found it under preferences > interface. Is it an idea to hide a profile by default? I suppose other users can still send the user personal message etc?
I think that explicit instructions about how to do this would be helpful. I find everything at the top-right corner of the Discourse window as essentially “pot luck” - as I’ve said elsewhere, trying to change anything in there is a real pain (e.g. the tab paradigm used changes three times as you try and change things).
I understand tracking activity as a mean to understand which people are more active and should be given more responsibilities.
On the other side, I don’t understand what tracking time reading articles is for.
If it is needed to increase trust levels (and frankly, I don’t see why that should be needed) then the tracking of time should stop after a user reached a certain level.
Let’s say after level 2 it doesn’t matter how many hours you’ve been reading posts but just the amount of replies and reactions you sent.
At that point the server should stop tracking logged time completely.
Even if tracking the amount of time comes out to be necessary for whatever reason, I don’t see why other users should be able to see that.
I’m not going to propose someone as moderator because he’s spending 6 hours a day on the forum, but rather because he is knowledgeable, provides good insights and can manage discussions well.
Thus, I would propose the whole time tracking thing to be disabled or at least not visible to other users.
time tracking is not working as a metric for those of us who contribute via email