William Connelley - The Opinionator, How one extremist skews Wikipedia Options

[Moulton]

Notwithstanding the WMF Privacy Policy (which I don't claim to understand), IP addresses are not private. If they were private, TCP/IP wouldn't work. If an individual, accessing the Internet from some IP address, opens a TCP/IP connection with another host, that host automatically acquires the sender's IP address. Without that information, the TCP/IP connection wouldn't work.

The WMF Privacy Policy has to do with disclosure to third parties of the IP addresses of those establishing TCP/IP sessions with WMF servers. Users who are not logged in automatically have their IP addresses disclosed. Matching IP addresses to nicknames is often trivial, and occasionally an interesting puzzle that anyone can undertake to solve.

Now, for those who care to parse the meaning of the applicable WMF Privacy Policy, here is the relevant section:

Policy on release of data derived from page logs

It is the policy of Wikimedia that personally identifiable data collected in the server logs, or through records in the database via the CheckUser feature, may be released by the system administrators or users with CheckUser access, in the following situations:

1. In response to a valid subpoena or other compulsory request from law enforcement
2. With permission of the affected user
3. To the chair of Wikimedia Foundation, his/her legal counsel, or his/her designee, when necessary for investigation of abuse complaints.
4. Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues.
5. Where the user has been vandalising articles or persistently behaving in a disruptive way, data may be released to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers
6. Where it is reasonably necessary to protect the rights, property or safety of the Wikimedia Foundation, its users or the public.

Wikimedia policy does not permit public distribution of such information under any circumstances, except as described above.

[Dzonatas]

That policy makes it clear that personal information can be gained from an IP address:

If you have not logged in, you will be identified by your network IP address. This is a series of four numbers which identifies the Internet address from which you are contacting the wiki. Depending on your connection, this number may be traceable only to a large Internet service provider, or specifically to your school, place of business, or home. It may be possible that the origin of this IP address could be used in conjunction with any interests you express implicitly or explicitly by editing articles to identify you even by private individuals.

It may be either difficult or easy for a motivated individual to connect your network IP address with your real-life identity. Therefore if you are very concerned about privacy, you may wish to log in and publish under a pseudonym.

Checkuser bit makes much easier to state a username to an IP, and there is nothing in the policy that allows anybody to 'publicly distribute' the username if a user logs in as an IP, except as noted here:

Wikimedia will not sell or share private information, such as email addresses, with third parties, unless you agree to release this information, or it is required by law to release the information.

What has happened here is that a username has been inquired about, an IP has been given, another username has been given, and now 'motivated individual', by the act of those being publicly distributed, is able to match those IPs, as recognized in the above policy, and find personal or private information.

There was no need and no policy allowance to post the username together with the IP address for public distribution. This is not the first time we have seen this done publicly. There is even another thread, about WJBscribe oversights, were several issues of this kind of policy were brought up, and it reveals a bit of contradiction in when and how admin actions take place.