You may also disclose nonpublic PI in the following cases:
(iv) To authorized parties, with the express permission of the user whose nonpublic information is to be disclosed
In these cases, we recommend obtaining a message or email from the user explaining who they authorize to disclose information (the specific functionary), what information will be disclosed and why, and to whom the disclosure will be made. This ensures good documentation and that the user is fully aware of how their PI will be shared.
You do need to inform firstname.lastname@example.org within 10 days if you disclose PI under this exception.
Example User:Rory, a steward, acts on a user’s request to disclose their PI on their behalf. Before doing so, Rory obtains documentation of the user’s permission, which specifically authorizes Rory to do so and explains the what, the why, and the to whom of the disclosure.
(v) When required by law
Functionaries may disclose PI to law enforcement, administrative bodies, or other governmental agencies, if required by law, provided that the functionary notifies the Wikimedia Foundation unless restricted by law from doing so. The WMF legal team can only advise WMF on legal matters, so if you have questions about the legal validity or enforceability of an order or request you receive, please contact a lawyer.
You do need to inform email@example.com within 10 days if you disclose PI under this exception, unless restricted by law from doing so.
Example User:Rory, a steward, receives a request from his government to hand over a user's PI. Rory finds and consults with a local lawyer to determine whether he has to provide the information and, if he does so, whether he can notify WMF.
(vi) To the public, in order to block a sockpuppet or other abusive account
Functionaries may disclose PI to the public when it is a necessary and incidental consequence of blocking a sockpuppet or other abusive account.
You do not need to inform firstname.lastname@example.org if you disclose PI under this exception.