GDPR and "Famous People"

Question

As the lead of the US Presidents Project, the implementation of the privacy "unlisted" for all the living Presidents and living family members of past presidents is becoming an issue.   I am sure that the notables project is suffering in the same way.

I am confident that numerous duplicate profiles are being created by well meaning new members.

I know that Wikitree was very conservative in their approach to this privacy issue, is there a plan to move forward with opening up these profiles?

It is clear that Wikipedia and other family tree websites have not taken this approach and I do fear that it is having an impact on our membership.

Comments

Perhaps there needs to be a policy: no profile creation for living persons other than yourself, no matter their age.

---

I thought about that, and the problem would be connecting yourself to the bigger tree if you parents are still living.....so perhaps the rule would be that only living people attached directly to a member....so, parents, spouse, children.   I guess that would still be an issue if your grandparents are still alive.

---

Though that sounds a bit extreme, that's probably the only solution to prevent the creation of countless duplicates.

If it is allowed, I will still create profiles for living persons, but only if they are a necessary link in an important connection chain. (... and if the link is the child of two unmarried persons, I WILL set up the two parents as married instead of creating the living child - even if said child is 90 years old - and it will stay that way until everybody is dead and it can be fixed!)

---

It's totally extreme but how else do you prevent duplicates of living persons being added at this point?

Yes, Robin, your way should probably include grandparents. Some folks even have great-grandparents still living, too.

It's  a tough situation all around!

---

At this stage, I completely like the idea of NO living profile creation allowed, EXCEPT yourself, your direct ancestors, your direct descendants, your direct first cousins, etc.

Maybe the simple way to handle it is to only allow creation of a living person profile within, say, six degrees of separation. So, if you are an elderly person, you could create your own great-grandchildren and their spouses. Or you could create your second cousins and their grandchildren.

But you would NOT be able to create all sorts of duplicates of random movie stars and their second cousins, etc. unless you ARE one of those relations.

---

Sure. We just need to focus on something else.

For the record, the profiles for living "random movie stars" I've worked on (they're more like authors and politicians, but anyway) are almost all French, and the risk of creating duplicates is not a big concern, since the WikiTreers who are interested in them can be counted on the fingers of one hand and we communicate.

If it is necessary to entirely forbid creating profiles for living people, however... so be it. We can adapt.

Answer 1

I agree with you, Robin.

Wikipedia and IMDB (among others) are both still running with the Living Notable People wide open. There are agents and social media reps and PR reps handling their media presence, and we can't even name them and show them linked to parents who may have passed away? Some of the older notable people are even included in the 1940 US Census.

If the notable is over 21, they should, at the very least, have a private profile with public bio and family tree.Much of their information is all over the internet anyway. (I mean, those Kardashians have almost no privacy to protect, other than that of their children! tee hee.)

Comments

From my perspective, anyone who has chosen a deliberately public life has voided any basis for any claim by any third party that information on them is a breach of GDPR. facepalm

Wiki needs to grow some spine on this.

---

But Bruce, it is not lack of a "spine," rather it is the commitment to staying a FREE website eternally.

A single huge EU fine could destroy that part of the mission very quickly.

---

Not that I'm going to go for it, but all anyone needs to do is get express written consent from the man or woman whose profile is in question, and it's done. If buddy has a blog, youtube, FB, or whatever, they've implicitly abandoned any pretense their privacy to that extent requires any oversight by third party interlopers such as foreign government, however maintaining that information by an unaffiliated organization requires permission be granted.

As far as I can tell the GDPR is in Civil Jurisdiction, meaning consent is required for regulations to gain force of law, and rejection is through the Demand Notice process if it gets to that.

---

I think that there are notables and notables.People with wikipedia articles range from.those whose every move is public to those only known in one sphere.
Some  have very public data about themselves and their families. Sometimes it is willingly made public, Sometimes such has to be public knowledge because it  is in the public interest.
e.g.  public knowledge of the UK royal families  dates of birth marriage etc  is necessary to legitimise  the order of succession . The BBC hasn't got rid of its coverage of the Royals, nor its family tree complete with dates. The BBC obviously considers that such information may be published afer GDPR https://www.bbc.co.uk/news/uk-23272491
Public knowledge of the origins of politicians  may also important in many countries (for example https://en.m.wikipedia.org/wiki/2017–18_Australian_parliamentary_eligibility_crisis https://en.m.wikipedia.org/wiki/United_States_presidential_eligibility_legislation )
Then there are those who make themselves and their families very public in the pages of various magazines. They are still visible after GDPR.
 There are 'notables' who have a presence on wikipedia but are simply notable for their own achievements. Their birth date, parents and family are not relevant to their achievement.
Wikipedia adresses privacy concerns about these living individuals  in its guidelines https://en.m.wikipedia.org/wiki/Wikipedia:Biographies_of_living_persons  particularly the section on presumption in favour of privacy .
I know of a father and son who have wikipedia articles. Neither article mentions the names of parents, wives or siblings   Though their  work has at times been intertwined, the two biographies are not linked.This means the articles are just about them and their work. If they had had 'notable' project profiles on wikitree this wouldn't have been the case . Father and son would have been linked. Father linked to his father. Instead, I created empty private profiles.(now even better, unlisted) Their full biographies can be completed by their descendants.

I'm sure that eventually profiles of  living royals and presidents and prime ministers will be found to be fine.
However, it may also be that  profiles of many other 'notables' that were previously openly on wiki-tree will remain unlisted until they have died.
But then I always thought genealogy was really about ancestors.

---

Thus, the difference between "notable" and "famous".  

Yes, some notables do not need to have open WT profiles. Many "famous" living persons are quite willing to let out all sorts of information (they even write books about their lives.) Those are the people I'm talking about: those with open private lives and publicity information readily available.

Genealogy is about ancestors, as you mention, but it starts with an interest developed by a living person. Who am I? Where did I come from? Who are "my" people? We connect to each other through our common ancestors, so it is also about the living persons.

---

How is this different then when someone chooses to not show the parents of a profile?

I realize I may be a minority in this discussion but I think it gives you greater freedom in being able to work profiles of living people because you do not have to concern yourself with people being upset that you have invaded their privacy

I don't know if this is practical but maybe we could have a group that looks at unlisted profiles to check for duplicates in the unlisted or even a program that checks for duplicates and if they are found the the profile managers are contacted and they are asked to discuss if they are duplicates .

---

Hopefully they will relax a bit on profiles of very public people, especially those who are in government service.

Answer 2

Firstly most of the new rules (GDPR) pertain to DNA information and neither IMDB or Wikipedia deal with the DNA of the living notables.

Secondly, I believe that Chris Whitten said he would rather "batten down the hatches" and avoid a possible huge fine from the EU - since we are all-voluntary - and wait and see if the EU slackens off their rules some time further down the line.

Because we have no idea just how strictly the EU will enforce payments of fines or how much they will demand and I dont think Wikitree wants to be the first website to find out!!

This is how I understand the situation.

Comments

The new rules pertain to all personal information, not only DNA.  I understand the reasons behind the decision to do this, but for notable people, it makes little sense when public knowledge is involved.  For instance, Deborah mentioned the Queen. (below) We have volumes of information on her and her children and grandchildren, but we can't have her profile showing and we can't really check to see if there are hundreds of duplicates being made. So, when she passes away, we might find that we have quite a bit of merging to do.

---

Clearly the EU have not realised how contradictory their rules are - maybe they don't have enough notables to make a difference?

Or they haven't read wikipedia to learn that their rules are now being broken!!

As I mentioned above, Wikitree should follow the rules, to avoid fines. We should stop creating any profiles for living people, and just stick to dead people for now.

I have no trouble with this. Yes it is annoying when i go looking for a notable and suddenly cannot find them - but those are the rules and I just go do something else.

Would you want Wikitree to go out of business because the EU fined us for breaking their rules?

Answer 3

Perhaps an option is to create a new privacy level for “famous people” that acts in the same way as yellow privacy level but doesn’t show the birth and marriage dates in the profile.

I noticed that relationship finder now looks at Queen Victoria rather than Queen Elizabeth II, so even Our Queen is locked down now.

Comments

Let's hope this is what will eventually happen. But that won't be until the law has been tested and it is certain there is no risk.

Meanwhile, here in France, news coverage has not changed, Geneanet has not changed, Wikipedia has not changed... All I got was confirmation requests from all sorts of organisms that have my data in their files (shops where I bought stuff, etc.).

---

And young Prince George, Princess Charlotte and Prince Louis may even have had their profiles deleted!!  I know they did have profiles because I saw them in early May before the GDPR came into effect.

---

Well, they were children under 13 and obviously the profiles were not managed by their parents. I think it would be as well if they didn't have Wikipedia pages until they're 18, actually.

But for instance, French Roots manages unlisted profiles for 5 living Presidents of France. The succession box doesn't work, because a currently living person (name withheld for privacy) was President between Pompidou and Mitterrand. As for the two most recent ones, we might as well delete their profiles, if we are soon banned from even adding their parents. This is annoying, but not really important in the big picture.

Have plenty to keep busy with dead presidents and other dead notables though. It's just a question of forgetting some of the things we enjoyed doing and focussing on different projects.

---

Do the profile IDs for deleted profiles get preserved for that person in future, or are they available for reuse for someone different?

Using Robyn's example above, the Wikidata page for Prince George of Cambridge says that his wikitree ID is Windsor-325 but that page does not exist. Is it eventually going to be used for someone else, or recreated when he turns 13, 18, 21, joins Wikitree in his own right or some other event? Wikidata also provides a photo, parents, siblings and dates and places of birth and baptism, and when he started at which school. That's enough to build a Wikitree profile without storing anything locally at all beyond an ID number.

---

When a profile is *deleted* it creates a "hole" in the database. The Id cannot be used again. And it would probably be more prudent to remove the WikiTree IDs from WikiData for living notables, at least for now.

---

So when Prince George etc die (or the rules are relaxed for public people and they turn 14), will they get their old Wikitree IDs back or will new ones be created?

I think we should look into using the Wikidata information to create a synthesised profile for living notables. I'm still learning Wikidata, but it is developing enough to be useful now. As I said somewhere else, the infoboxes that are appearing in Wikimedia Commons appear to be completely generated from Wikidata, and for Royals at least, contain almost everything we would need. The Commons {{wikidata infobox}} uses Lua code underneath, and I'm not sure if that is available here, so there could be a number of technical challenges that would need to be overcome.

---

New profiles will have to be created.The IDs of deleted profiles cannot be used again. I hope the rules will be eventually relaxed but I also hope there won't be a rush to re-create these profiles for minor children. It should be quite good enough to have their names listed on their parents' profiles.

FYI a few months earlier, I created a profile for the current King of the Belgians. I stopped short of creating his wife (which I'm retrospectively quite happy about) because of doubts about what her LNAB should be - but I never considered creating profiles for their children, not even the eldest, at least not before she would turn 18. (She was born October 2001). Now that is completely out of the question. Even if the rules are relaxed, I would not think it useful to create a profile for her before she is really an adult with public duties and personal achievements. This is just my opinion of course.

Answer 4

Can we leverage from Wikimedia projects to provide WIkitree readers with useful information and links, but not actually host "private" information on Wikitree itself?

Almost by definition, Wikitree Notables have (or could have) Wikipedia profiles as well. Any Wikipedia page has a corresponding Wikidata page, which can contain all sorts of facts (but not the story that is built from them).

Have a look at https://commons.wikimedia.org/wiki/Queen_Elizabeth_II - the infobox on the right is automatically generated by a template ( https://commons.wikimedia.org/wiki/Template:Wikidata_Infobox ). All of the information in it is drawn from Wikidata - including parents, children, siblings, spouse. The photo is linked from Wikidata and is drawn from Commons.

The Wikidata page ( https://www.wikidata.org/wiki/Q9682 ) includes her Wikitree id to cross-link.

That's quite a lot of information about living Notables that we could display, but not store at all.

Answer 5

One way of dealing with the issue would be reaching out to the living notables and inviting them to take charge of their own profiles, and then open those profiles up to the degree they choose. If somebody is a huge fan of Ferdinand Grubstake, they should be able to contact him through Twitter, email, his fan club, or whatever. Fans write to celebrities all the time. (I myself have a couple of notes from notables in response to fan letters that I had written them. Douglas Bader sent a very nice letter which I still treasure.)

Answer 6

The GDPR (to my understanding at least) does have provisions to protect the privacy of all living persons living within or doing business within the EU, but also does appear to have some levels of reasonableness built into it as well. Those who make their living upon a public lifestyle are within a bit of a gray area - note that news agencies, public websites like Wikipedia and IMDB, and the like are all operating within "business as usual" models and have made little to no changes as it relates to the GDPR.

However, to my understanding (as well) I have not heard of any specific charges or case law being brought before the international or a specific EU court as of yet that would clarify this gray line as to where it is acceptable to call it "public information" versus crossing the line into violating someone's "private information". And I do get it that WikiTree is attempting to hold fast by protecting the site by locking down such information in an attempt to avoid being one of the first. In all likelihood, the steps that have been taken already will prevent any charges from being presented. In most cases, a legal "warning" would be the first step, advising the site that they should take down certain information within a certain period of time or else further steps would be taken. This has been a common practice in the past and it seems likely that will continue. Plus there are better case law examples than to target a site that is making every attempt to follow the law as best as it can be understood.

That being said, while I agree that the "unlisted" approach for Notables is tedious, likely to create duplicates, and extremely frustrating at times, I suspect it will be the status quo for awhile yet. I'd be the first to open the doors back up and let the information out, but until we fully understand how the law will be applied, it would be premature to unlock what has just recently been locked down. It would also be premature to simply delete all the information that has so painstakingly been gathered. For now, my vote would be to stay the course, wait and see who becomes the first target for GDPR case law, determine in general how the law will be applied, and then we can determine if profiles like the Notables can be adjusted to ensure that information can be opened up without concern that we would be in violation.

Just my 2 cents...

Comments

That's what I said as well. Well said Scott. Thank you.

Answer 7

It seems the decision for WIkiTree is final for the time being until GDPR shakes out some. The big challenge seems to be how this will actually be implemented and interpreted. Unfortunately, those with deepest pockets or unlimited funds often prevail.

Nonetheless, could we consider automation that if there is a Wikipedia article attached via a standardized template and the name and dates or whatever information matches agree that the profile becomes public? It would seem reasonable that relying on Wikipedia as arbiter of notability would be a lower risk.  It would need to have a recheck/reverify option to catch profiles that get deleted from Wikipedia  - that may not pass a notability standard. Also, if complete automation is impractical perhaps and WikiTree special admin can approve via a dashboard/list as is done for new member approvals.

Comments

Michael,

These are rather insightful comments about the about degrees of notability and different type of data that could be public. WikiTree profiles given the genealogical focus of our community could certainly have more data of a private nature for less famous notables that are present on Wikipedia profiles. I'm much less comfortable now at drawing the line at present on Wikipedia as the only criteria for inclusion on WikiTree.

---

Michael

That final paragraph of yours was so good! It deserves to be an 'answer' all by itself, just so people can vote it as 'best answer'.  And it needs to be in BOLD and large text. (Then maybe even the blinkered can see it LOL)  Here it is again:

Yet again, can I remind everyone that a cardinal principle of ethical genealogy is to respect others’ privacy; that most non-EU developed countries apart from the USA have rules similar to GDPR; and that even in the USA the US National Genealogical Society has some strong guidelines about privacy for living people - guidelines which, if followed fully, are actually in some respects tougher than what GDPR requires, and which have no exceptions whatsoever for information about the famous.

---

Thank you, Ros. I think some Wikitree members feel I harp on this too much. I don’t and that is why I am likely to keep on saying these things.

---

Jelena Eckstädt, IIRC that is part of the policy law for EU right... I seen that when I seen the GDPR law mention.. did that mean I guess they put a cease and desist order, or wikitree would not be changing to comply.  It all depends where wikitree is from they could be over reacting to comply with the new laws.. If the IIRC law still stands. I believe through what others are saying are that birthdates are to remain private on a public figure. 

Which should be about programming the the public profile to have a tick box, to just not show the dates. 

---

This would be so much easier for a public figure.

---

Other genealogy sites the age is 85 and under... unlisted... That I have been on French.. also.. many others... That has before this, and for years. that did not apply to public figures

---

This is also why when people started changing my living privacy settings on people I was a little up set. I was use to people not touching living profiles,  manage by others. Some one edited my grandmother whom was living setting her to visible.. I wasn't to please. other sites people can't do that if they are not the managers of the profiles.

---

This site has change, and reformed of the years with new people, I have been on it a long time.  It has been fun to watch wikitree develop.  I have loved it

---

Hopefully they will relax the rules on very public people.

---

I doubt we should get into wider political debates in G2G. As far as GDPR goes, I have said ad nauseam and repeat again, this is all about living people’s rights to privacy. Even the famous have such rights. I warmly welcome the fact that GDPR has led Wikitree to take privacy issues more seriously, as I believe they should always have been. Familysearch and commercial sites like Ancestry have for years had automatic systems in place to protect the privacy of information about living people in information people add to their sites.

I would be furious if someone posted information about me on Wikitree without my agreement, without telling me, and without giving me a chance to check what was being said. While I am by no means a notable, I do appear in a number of reference works, where I have ensured that the information given is limited. Some close members of my family have a policy of avoiding, so far as is humanly possible, any mention of them or their children on the internet.

Almost every developed country in the world, and some other countries too, have rules to protect people’s privacy rights. They generally follow a pattern agreed multinationally in OECD. Some non-EU countries’ rules on the face of it go further than GDPR, including on the extra-territorial scope of their rules. There are usually added protections - either in privacy law or in wider law - for children.The USA is a notable exception in not yet having rules similar to GDPR.

The Guidelines of the US National Genealogical Society are strict on information about living persons, and state firmly that genealogists should

“require evidence of consent before assuming that living people are agreeable to further sharing or publishing information about themselves;

▪ convey personal identifying information about living people—such as age, home address, genetic information, occupation, or activities—only in ways that those concerned have expressly agreed to;

▪ recognize that legal rights of privacy may limit the extent to which information from publicly available sources may be further used, disseminated, or published...”

These guidelines have no let-outs for the famous.

Wikitree itself has long had firm guidance about respecting privacy. That guidance has probably in the past not always been adhered to. All of us who signed up to the Honor Code agreed to observe the guidance.

GDPR gives an explicit exception for information which people have chosen to release into the public domain, and there may in principle be scope for relaxing the current approach of Wikitree a little. The acute difficulty, though, is where to draw the line. Notables range from the UK Royal Family and Presidents of the USA, for whom a lot of information has been released into the public doman, to, say, a doctor who has made a significant medical advance but who has not released personal information into the public domain. In practice, the only safe and appropriate course for Wikitree may well be the one it has adopted.

Answer 8

I know GDPR caused a HUGE stir and major controversy as well as inconveniences all across Wikitree. Whereas I don't fell that ALL Living profiles that are on WikiTree needed to be unlisted unless they are members, it was the quickest, easiest, safest method to do.

As far as fines are concerned, they would have to target WikiTree, actually get them into court, and impose a maximum of 4% yearly income or profit. (it is unclear which) Considering it is a free site there is no profit. I'm not sure if there is any income or not for the servers. But the problem is court fees and bad publicity.

I'm sure eventually we will look into re-opening profiles for public figures, notables, and possibly even non-EU family members. (I wouldn't wait on that last one) But for now it is more a wait and see game.

As far as notables, I have always figured that "Private with Public Family Tree" was sufficient for most notables and "Private with Public Biography and Family Tree" for famous people. We would however have to watch what is put in the Biography. No home address, children's names, etc.

The DNA part will probably be the hardest twist to unwind. (pun intended) This ranks right up there with posting emails, phone numbers, and home addresses of living people.

I'm obviously not happy about the changes brought on by GDPR but I'd feel much worse if Chris decided not to risk it and closed WikiTree instead. So for now, put your big boy britches on (either or any gender!?) batten down the hatches, and wait to see how big the storm is before we throw open all the portholes.

Comments

When I saw that provision regarding 4% of yearly revenues, I estimated that WikiTree isn't rich enough to be a target for someone seeking fines or damages.  Why go after WikiTree if you could go after Facebook?   ;-)

But, then again, Facebook would have more resources to fight back.

---

then again, 4% of 0 is how much? lol

Ok, you caught us. Guilty. Here is your zero dollars.

---

It is a good point, however, I suspect they have a minimum fine structure somewhere in mind, even if it is simply to cover court costs, filing cost, and legal fees. But I did get a chuckle out of the thought.

And I don't truly understand how the law will be applied. I suspect it will be civil in structure - which means that criminal charges won't be filed. But typically in the civil approach, the offended party files the civil case in court against the offender. I suspect the largest concerns come from having just 1 offended person blowing up about something that was documented and then we'll see the case law proven out.