PRISM, government surveillance, and Wikimedia: Request for community feedback

Last week, news outlets published information about a U.S. government internet surveillance program called PRISM[1] that reportedly enables the U.S. government to directly collect personal information from the servers of certain U.S.-based service providers.[2] Most of the service providers that were allegedly involved have denied participating in PRISM,[3] but President Obama appears to have acknowledged and defended the existence of the program.

Uncertainty and open questions persist about the nature and scope of PRISM. These public reports, and the conflicts among them, have raised concerns in the Wikimedia community, including at the Wikimedia Foundation.

Where we stand

The Wikimedia Foundation has not received requests or legal orders to participate in PRISM, to comply with the Foreign Intelligence Surveillance Act (FISA), or to participate in or facilitate any secret intelligence surveillance program. We also have not "changed" our systems to make government surveillance easier, as the New York Times has claimed is the case for some service providers.[4]

Why we care

Freedom of speech and access to information are core Wikimedia values. These values can be compromised by surveillance: editors and readers understandably are less willing to write and inform themselves as honestly and freely. Put simply, "rights of privacy are necessary for intellectual freedom."

In addition, while PRISM is a United States government program, the global nature of internet traffic, and the alleged sharing of surveillance information between governments, means that Internet users around the world are potentially affected. Because of this, we feel an obligation to our entire global community of contributors and readers to further understand (and possibly respond to) this issue.

Consultation and action

Because of the many open questions about PRISM, and the potential importance of this issue to our core values, we feel it is appropriate to consult with the Wikimedia community about what next steps we might take.[5] In our opinion, governments must be transparent to their publics. This transparency is essential to our ability (and that of other like-minded organizations) to determine whether a legal or constitutional challenge is appropriate in a case like this.

Mozilla, the Electronic Frontier Foundation, the Free Software Foundation, and the Center for Democracy and Technology, among many others, have begun to work together on this issue. They have started by preparing an open letter to the U.S. Congress, calling for transparency, investigation, reform, and accountability, and have asked individuals and other interested organizations—like the Wikimedia Foundation—to join them.

As we see it, we have an important role to play in helping ensure protections for free expression and access to information as it relates to our mission. We accordingly feel that the Wikimedia Foundation should collaborate with these organizations, and possibly others, and join in their effort to demand that the government account for and explain their internet surveillance programs.

That said, we want to hear from you on these topics before we take any action. Should we join with these organizations in their public statements and efforts as they relate to the Wikimedia community’s values and mission? Please leave your thoughts on the talk page. We will consider all feedback, but, because events are moving quickly, we feel we need to make a decision on this by June 21, 2013.[6]

Notes

  1. The Washington Post and The Guardian broke the story on June 6.
  2. An early report alleged remarkable breadth of data accessible under the program. CNET has since reported, however, that the program at least involves some formalized and particularized process.
  3. TechCrunch has published denials from eight allegedly-involved organizations.
  4. Surveillance is possible without our cooperation. As a result, snooping on general internet traffic by governments or others may affect our contributors and readers. To help block this, Wikimedia sites are already reachable under HTTPS, and installing HTTPS Everywhere makes this the default. We are working towards increasingly making HTTPS the default both for readers and logged in users without the need to install an extension. Updates will be posted to our engineering blog.
  5. As you may know, the Wikimedia community worked with the Wikimedia Foundation to put together a policy on the Foundation’s association with certain political or policy issues. It applies when, among other things, the Wikimedia Foundation seeks to collaborate with other organizations to take action on a particular policy or political question. Under this policy, community consultation is highly valued.
  6. This proposal is intended only to address the participation of the Wikimedia Foundation and is not intended to restrict other Wikimedians from acting in their personal capacity.