Hi WikiTreers,
I want to talk about some big privacy-related changes we may implement soon.
Some of you have heard of the European Union's "General Data Protection Regulation (GDPR)". It's a very far-reaching law with significant consequences for everyone on the Internet. It doesn't just affect Europeans because it's very hard for sites like WikiTree to precisely separate everyone who could be an EU or UK citizen, or just living in Europe. Moreover, genealogy sites are especially vulnerable to the GDPR because there are "special categories" of protection for anything having to do with genetic information, race, ethnicity, etc.
For more info on the GDPR, you may want to start with this blog post from Roberta Estes.
We may need to make two fairly radical changes in the next few weeks:
1.) Set all profiles of living people as Unlisted unless they are a member, at least temporarily.
You could still choose the privacy level for your own account profile, but not for anyone else.
Later we might be able to allow profiles of living non-members to have public information again if a member will certify that they have explicit permission from the person, or that the person is a celebrity and the profile is based on information they have made public, etc. We don't know yet and will have to proceed carefully.
2.) Delete all DNA test information on living non-members.
You will no longer be able to enter information about tests for other living people, e.g. when you manage the test kit for a family member who is not a genealogist.
We may also need to prohibit mentioning someone else's DNA test in a source citation.
I know that these changes will negatively impact our Notables Project, our DNA features, and many other things you and I care about.
I would like to say that we could debate the logic of these changes and come to conclusions in the open, collaborative, community-based way that we normally operate. We cannot, though I do want to hear your input and ideas, especially about the impact of these changes on aspects of WikiTree that we may not have considered. If you're a lawyer offering legal advice, please say so.
I would also like to say that these are all the GDPR-related changes we will be making, or that I could tell you what changes we will be making in the future. The fact is, we just don't know a lot of things about how the GDPR will be interpreted and enforced. Nobody does.
I can tell you that we will continue to communicate about it, and that my personal commitment to our shared mission to grow a free, collaborative worldwide family tree has not changed.
Sincerely,
Chris