Last updated: Nov 23 2008
At Colorado Indymedia, we understand that independent journalists and whistle blowers are often subject to harassment or threats to their safety. We also understand that average, everyday citizens who are trying to "be the media" may not want their personal information spread across the web, especially in the face of large data mining operations where a users identity is sold to advertisers. We recognize that the right to privacy and anonymity is vitally important to a free society and the freedom of expression.
Here's what you need to know: Colorado Indymedia and its servers do not log or store any personally-identifiable information about you without your explicit permission. We don’t know who you are or what you’re doing on our servers. We don’t let anybody see what is on our servers without a valid court order or other legal justification and we do not process out-of-jurisdiction requests. We will challenge any requests that we believe to be illegitimate. Access to personally-identifiable information is tightly controlled and transparent. We will even delete the information we have on you at your request. For more information on how this works keep reading.
What Information We Collect
Colorado Indymedia servers do not log any information about you. The only personal information we store on our servers is the information you explicitly provide to us through registering accounts, subscribing to mailing lists, posting to mailing list, and other normal uses of our servers. We try to require as little information as possible from you. If you think we’re asking too much, remember that you can usually lie.
In order to maintain our servers properly and diagnose problems, we may log personally-identifiable information for short periods of time while we work on the problem. After the problem has been fixed and the logs are no longer needed, the logs will be securely deleted.
If the site encounters an error, then information on who caused that error may be stored to our logs including the username, IP address, user agent, time, and what the user was trying to do. We log these in case people try and break the security on our site. These logs should not be generated in normal course of utilizing the site.
Access to personally-identifiable information, encryption keys, servers, and passphrases is very tightly controlled. If we grant access to personally-identifiable information on the basis of a single case, we will notify you beforehand as detailed in the section about communications later in the policy. If we are to grant access on a unilateral level such as root access to our servers, passphrases for our encryption, etc. then we will announce it on our website and through our mailing lists.
Some communications (you know what these are) with us including but not limited to baseless legal threats and threats against an individual may be shared (without your explicit permission) among the collective and anybody else who we feel needs to see it, which could be the entire world.
Who We Give Information To
Colorado Indymedia does not give our information up to anybody without a valid court order or other legal justification. We do not respond to requests outside of our own jurisdiction. We will not respond to nice requests or demands for information (without legal justification). We will fight any court order or any other legally-sanctioned order if we believe it to be illegitimate.
Purging Your Personal Information
We understand that as time goes on your level of comfort (or paranoia) with the distribution of your personal information will change. Assuming we are not retaining it for any other reason, we will delete any information about you at your request. If we have published information about you or your communications with us because you have threatened us or for some other reason then we will not un-publish it. You can not expect us to clean up the internet of references to you or compromise on issues of our principles to keep your mind at ease.
Most of our services provide an automated way to remove personally-identifiable information about yourself from our servers such as deleting an account. In the event that these ways do not work for you or do not exist, you can send an email to webmaster[at]coimc[dot]org to ask that your information is securely purged. We will notify you once we have purged your information.
A False Guarantee
Ultimately, privacy is your responsibility. If you are concerned about the above threats to your privacy and ours, then consider taking additional measures to protect it such as encrypting your hard drive, encrypting your emails, and using proxy systems like Tor.
Direct any questions, clarifications, or suggestions to webmaster[at]coimc[dot]org or the "all" list.