Submitted 9 September 2025 2025 EU Systemic RiskAssessment - Cover note - Executive Summary Wikipediaʼs 2025 EU Systemic Risk Assessment—in spreadsheet form—is appended to thiscover note. It sets out the Wikimedia Foundationʼs assessment of “systemic” risks, in the EU,linked to the use of Wikipedia. This is a legally-required document under the EuropeanUnion Digital Services Act (DSA). Out of 8 EU systemic risks that were assessed, the 2025 risk assessment designates threerisks as having the highest salience for Wikipedia: 1. Disinformation around conflicts, and/or civic and electoral processes 2. Disinformation around historical/geographical narratives 3. Harassment among the volunteer community The designation of these three risks as the most salient for Wikipedia reflects a high degreeof continuity with the systemic risks identified in our 2023 and 2024 submissions, given therelative consistency of the external threat environment over the past year and the relativelystatic nature of our systems. Indeed, the systemic risks identified in this submission remainlargely consistent with those reported in 2024 as a result. It is important to acknowledge thatWikipedia as a platform - that is, the technical aspects and user experience of the platform -is both low risk and relatively static. It does not undergo significant changes year over year,nor do any of the systemic risks we have identified appear to rise to a level that wouldrequire sudden and urgent changes to mitigate them. This feature is by design and stands incontrast to other online platforms, which seek to rapidly evolve and incorporate newtechnologies and features in order to pursue their profit-driven incentives. Any changesmade to Wikipediaʼs technical infrastructure or user experience occur incrementally over anumber of years and are carried out through an intentional process that incorporates robustefforts to solicit the input and feedback of readers and members of our volunteercommunity from across the globe. For example, the Foundation introduced in 2023 the first update to Wikipediaʼs interface in a decade. As this 2023 article in Fast Company observed, “For years, Wikipediaʼs volunteers have been hashing out an update to the internetʼsforemost encyclopedia. You might not even notice—which, for such a widely used service, iskind of the point.” Any such changes to Wikipedia are centered around the Foundationʼs commitment to upholding usersʼ rights to privacy and access to information. Thus, thesystemic risks we identify in this exercise are expected to be largely consistent year overyear and remain at a level where new mitigations are attempts to further improve andincrement technology and policies that are already working generally well to mitigate theserisks. Nonetheless, the Foundation continues to implement a range of existing and plannedmitigations for all 8 risks identified in this risk assessment on an ongoing basis. An updatedmitigations plan will also be submitted to regulators—as a follow up to this RiskAssessment— upon its completion without delay. Globally, the Foundation continues to dealwith a much wider range of risks, such as growing threats of physical intimidation toWikimedia volunteers in authoritarian countries outside of the EU, but these remain out ofscope for the DSA. The Wikimedia Foundationʼs 2025-26 Annual Plan provides a more holistic overview of the issues our volunteer editors and audience of readers are facing every day, and what is beingdone to protect and defend the rights of our audiences and editors to access and share free knowledge across borders. Furthermore, the Foundationʼs Human Rights Policy describes the organizationʼs commitment to identify and mitigate human rights risks globally. About the Wikimedia Foundation The Wikimedia Foundation is the nonprofit organization that hosts Wikipedia and other free knowledge projects. The vision of our free knowledge communities is a world in which every single human being can freely share in the sum of all knowledge. To this end, wesupport a vibrant community of more than 300,000 volunteers around the world, whocontribute to the Wikimedia projects by adding, editing, and verifying content in over 55million articles across more than 300 languages, all for free and without ads. Contents Executive Summary About the Wikimedia Foundation Contents Background About this document About the Wikimedia model: advantages and challenges when it comes to EU DSA SRAM How are relevant risks selected? What risks are excluded by this approach? How are the selected risks assessed? Stakeholder engagement What are the key risks highlighted in this 2025 exercise? Conclusion 2 Annex: Human Rights Risk Assessment Framework Background About this document Wikipediaʼs 2025 EU Systemic Risk Assessment sets out the Wikimedia Foundationʼsassessment of systemic risks linked to the use of Wikipedia in the EU. This is alegally-required document under the DSA. It has been completed by the Foundationʼs Legaldepartment in consultation with a range of internal subject matter experts and stakeholdersacross the Foundation. The Risk Assessment is an intermediate step in a wider exercise. TheDSAʼs overall Systemic Risk Assessment and Mitigation (SRAM) process requires theFoundation (as the hosting provider of Wikipedia) to not only assess risks, but alsodetermine what risk mitigations are appropriate. This process of assessment and mitigation is repeated at least annually. Interim updatesmay be appropriate, in response to significant changes in the risk landscape. The DSA SRAM exercise should not be viewed in isolation - it is a smaller piece of broaderongoing risk and mitigation assessment work by the Foundation (see Figure 1), and a muchbroader overall program of work for the Foundation and in the wider Wikimedia ecosystem,to fulfil our mission to empower and engage people around the world to collect and developeducational content under a free license or in the public domain, and to disseminate iteffectively and globally. 3 Figure 1: The EU DSA SRAM process adds to work that is already done in order to ensure that theWikimedia projects are a force for good in society; the role of human rights impact assessment andmitigation at the Foundation is shown in this cycle diagram. The Foundation is opting for a single, living SRAM document which can be updated on anongoing basis. This is also sometimes referred to as the Foundationʼs DSA Risk Register.Each year, an annual snapshot will be taken of that document, and will be filed withregulators. The DSA sets out risk assessment and mitigation as a two-step process (requiring twosuccessive filings: first the risk assessment, and then the mitigation plan—see Figure 1,above). Despite this, our DSA SRAM Register has been structured so that it can be used in asingle-step strategy in future years if appropriate (see Figure 2, below). The Foundation submitted its first plan to mitigate the risks identified in its inauguralSystemic Risk Assessment for 2023 on July 12, 2024. The Foundation has already begunimplementing and will continue to implement these mitigations while it evaluates theirefficacy and identifies any new strategies that could be implemented to further mitigaterisk. An updated mitigation plan will be submitted in the coming months. 4 Figure 2.1: Example extract from the Foundationʼs EU DSA SRAM Register. Its componentswill be updated and filed at least once a year with EU regulators. The DSA foresees the Mitigationscolumn (blue) being completed and filed separately, as a second step following Risk Assessment. Inpractice, our DSA SRAM Register will record both our assessment of risks and their mitigations;this example, which shows all columns, illustrates our planned end-state for the Register. Figure 2.2: Example extract from the Foundationʼs EU DSA SRAM Register (continued). About the Wikimedia model: advantages and challenges when it comes toEU DSA SRAM Wikipedia and other Wikimedia projects provide free access to neutral, well-sourcedinformation about science, culture, history, and other encyclopedic subjects. Theinformation in question is added, organized, and edited by a decentralized community ofvolunteers who engage in open debate to reach consensus around content decisions andpolicies. Volunteers address most everyday content issues on the Wikimedia projects, such asintentional vandalism or edits that do not meet Wikipediaʼs reliability and neutralitystandards, without interference from the Wikimedia Foundation. 5 This volunteer-led, self-governing model provides for several advantages that allow ourmovement to advance knowledge equity and to combat disinformation through collectivecontributions and open debate about content and content moderation. A global communityof committed volunteers with specific expertise and local knowledge and language skillshave built an unprecedented repository of encyclopedic information that is available andculturally relevant to more than 300 language communities around the globe. These samequalities allow these communities to monitor Wikipedia pages for disinformation and torapidly remove content that may range from common vandalism to artifacts of coordinateddisinformation campaigns. All of this work adding, editing, and verifying content takesplace in the open and is governed by policies developed and implemented democratically bythese volunteer communities themselves. This unique model has allowed the Wikimedia projects to achieve the prominence and highquality they have now, and the volunteer-led, distributed decision-making that occurs on theWikimedia projects is a manifestation of the ideals of online participation and freedom ofexpression. Despite these advantages, some challenges naturally arise. One challenge relevant to this work emanates from our community governance model.Beyond the Foundationʼs Terms of Use and other high-level policies, most policies anddecision making related to platform governance and content moderation are developed andimplemented by these volunteer communities. Thus, any significant changes to platformgovernance and content moderation policies or practices—such as possiblerecommendations stemming from human rights impact assessments—require consultationwith, buy-in from, and leadership by these communities. This model of governance,therefore, can be slower to effect change than that which is feasible for platforms withtop-down models. Another challenge is that the Wikimedia Foundation operates as a non-profit organization.The Foundationʼs largest share of revenues comes from individual donations; it does notgenerate ad revenue or sell user data to generate income. As a result of this model, theFoundation has fewer financial and human resources available to tackle significanttechnical changes or upgrades than do other VLOPs. Any reallocation of resources to makesignificant changes to Wikipedia for risk mitigation requires pulling resources from otherpriority areas, such as requested feature development, fixing bugs or broken tools,enhancing the overall stability and reliability of the websites we host, or—morefundamentally—continuing to create an environment in which volunteers want to engageand improve the projects. This presents a challenge with respect to the EU DSA SRAM process: the DSA expectsgreater intervention from platform operators (“accountability” / “ responsibilization” ofplatforms). This is a sensible objective for more conventional, for-profit, social mediaplatforms, whose content policies and moderation are imposed on a top-down basis. 6 However, when it comes to the Wikimedia projects, regulatory obligations should not beinterpreted in a way that reduces the Wikimedia communitiesʼ autonomy, enthusiasm, andcontrol. Accordingly, in stark contrast to other commercial platforms, the Foundation intends togenerally refrain from dictating changes to content policy, or displacing effectivecommunity mechanisms (e.g. for complaint handling, or efforts to tackle certain categoriesof problematic content). Our focus is instead on creating the right conditions for success.This is achieved by continuing the Foundationʼs catalytic, framework role, for instance bycreating useful tools, supporting community structures (such as key committees), offeringtraining, fostering discussion, offering guidance and support, and engaging in theco-creation of new policies and systems, such as the Universal Code of Conduct (“UCoC”)and its enforcement processes. The Foundation continues to assess that this approach iseffective, while monitoring for possible risks that may develop over time, particularly insmaller communities that may be less resilient due to the lower number of available editorsto address issues. The UCoC itself contemplates this issue, with more global supportavailable for languages that may have fewer volunteers to provide local governance andeditorial processes. The focus is therefore on ensuring that the Wikipedia communities have the means to tacklethese important problems—rather than usurping their leading role. How are relevant risks selected? Our starting point is the Foundationʼs global, non-DSA-specific view of the risk landscape forWikimedia projects. In particular, our DSA exercise builds on the earlier results of a detailed, third-party-led, enterprise-wide Human Rights Impact Assessment (HRIA), last conducted in 2020, which laid out a detailed analysis of risks relating to the Wikimediaprojects generally, and how they could be better mitigated. This body of human rights duediligence is complemented by ongoing efforts to identify and mitigate human rights-related risks on Wikimedia projects, such as the Foundationʼs Child Rights Impact Assessment, which was published in January 2024, and a more recent human rights impact assessmentevaluating the opportunities and risks associated with artificial intelligence and machinelearning on Wikimedia projects, which will be published in the coming weeks. Following arecommendation provided in the Foundationʼs first DSA audit report, an updatedenterprise-wide HRIA will be commissioned in the coming months to evaluate howpreviously identified risks have evolved over the past five years and whether new risks haveemerged. The findings of this HRIA will be incorporated into subsequent DSA systemic riskassessments. The DSA is clear that the Foundationʼs global, non-DSA-specific work should not be usedas-is for this specific exercise. For one thing, the HRIA (and related work) are notEU-specific. For another, not all risks in the HRIA have the EU-wide scope and scale to be 7 “systemic”, as the DSA requires. And not all of them are also Wikipedia-specific.1 Forexample, the use of algorithms to recommend content on commercial platforms hasresulted in significant concern among the general public around the privacy of usersʼ dataand how that data feeds into those algorithms, the internal workings of which are rarelyvisible to the public. On Wikipedia, however, the few algorithms used to recommendencyclopedic articles do not rely heavily on individualsʼ user data because Wikipedia onlycollects the minimal amount of user data feasible. Furthermore, the internal workings ofsuch algorithms are documented transparently using model cards for the public toscrutinize. These differences represent an important distinction between how commercial platformsand Wikipedia use these technologies – a difference that is often underappreciated by thegeneral public. We are therefore being careful to assess the seriousness of each riskidentified in our risk register based on two factors: 1) how that risk could manifest onWikipedia given how the platform actually operates; and 2) the likelihood of that risk arisingwithin the EU. Based on the wording and structure of the law, our first step for this exercise was thereforeto select risks by taking the risks that were are salient at a more global level (identifiedthrough large scale but possibly infrequent exercises such as our HRIA, and from othersources such as reporting, ad hoc studies, etc), and then applying DSA-specific filters: Figure 3: Diagram showing how the Wikimedia Foundation selects risks for inclusion in the DSASRAM process. 1 Of all the Wikimedia projects, only Wikipedia is in-scope for the DSA SRAM exercise—it is the onlyproject large enough to have been designated as a Very Large Online Platform (VLOP); the otherWikimedia projects are subject to several other DSA obligations, but not SRAM. 8 What risks are excluded by this approach? DSA-specific filtering means that important global risks, which are the focus of extensiveFoundation and wider community activity, are not reflected in the DSA SRAM Register. For example, country-wide blocking of the Wikimedia projects is a major risk for affectedpopulations and for the Wikimedia projects themselves, which then have reducedparticipation from affected citizens. We do not currently consider this an EU systemic risk,nor is it clearly linked to Wikipediaʼs design/functioning/use, so it has not been included inthis DSA-specific exercise, despite its wider importance. In addition, it should be noted that Wikipedia was designated as a VLOP based on itsnumber of monthly active visitors from the EU. However, certain of the risks included inour DSA SRAM exercise are likely to be experienced only by actively-engaged volunteers,such as those making and discussing changes to Wikipedia articles. This is a much smallernumber of people—far below the 45 million user VLOP threshold. By way of example,English-language Wikipedia only sees (approximately) 59,000 active editors a month; ofthese, at least 34,000 come from non-EU countries.2 For French Wikipedia, there are onlyapproximately 5,700 active editors from France, and another 420 from Belgium.Accordingly, even though the Foundation is focused on tackling risks such as volunteerharassment, globally, it was unclear to us to what extent that should be selected as aDSA-specific EU systemic risk. We have not made any adjustments based on these criteriathis year, but plan to continue to monitor the EU-specific extent and impact of the risks weidentify in the EU context. Some risks were sunsetted last year based on their lowerlikelihood of occurrence and the Foundationʼs judgment that they have been effectivelymitigated. How are the selected risks assessed? Based on the four factors shown in Figure 3, the global risks and their assessments are—orare not—transposed (modified, if appropriate) into the DSA SRAM Register. For the mostpart, the Foundationʼs broader assessments of global risks, e.g. the analysis contained in ourHRIA, will remain somewhat relevant to the risks transposed into the DSA SRAM Register.Those documents therefore provide important further reading for those with an interest inthe various risks logged in the DSA SRAM Register. Starting from that existing (wider) assessment of risks in exercises such as our growing bodyof human rights impact assessments, we then conduct a second pass assessment from aDSA-specific perspective. This includes consideration of the matters listed in DSA Article 2 https://stats.wikimedia.org/#/en.wikipedia.org/contributing/active-editors-by-country/normal|table|last-month|(activity-level)~5..99-edits|monthly 9 34(2) - such as what our Terms of Use permit or prohibit, and how that is enforced),although in practice, a wider range of considerations are relevant than just those; consistentwith Wikimedia principles, user community policies and moderation practices tend to bemore restrictive than our basic Terms of Use, and are therefore an important consideration. In terms of inputs, this second-pass exercise relies heavily on existing assessments (thosedone at the more “global”, non-DSA-specific level), bringing in additional knowhow, studiesand data (often EU-specific, country-specific or European language-specific), if available - for example the latest reports and results of studies into EU election-related disinformation. Figure 4: Process chart showing how the Wikimedia Foundation assesses risks and theirmitigations (and circulates the findings to ensure scrutiny and real-world impact) as part ofthe DSA SRAM process. Our primary consideration is (1) the likelihood of a risk manifesting, and (2) the impact arisk is likely to have, if it manifests. Among other factors, this takes into account themitigations which are already in place. These components of risks are evaluated accordingto the Foundationʼs Human Rights Risk Assessment Framework, which consists of a set ofheuristic criteria and norms that are intended to reduce bias and facilitate discussions aboutranking and prioritization that lead to consensus. These criteria can be found in Annex:Human Rights Risk Assessment Framework. The distribution of Child Sexual Abuse Material (CSAM), for instance, can be damaging, butits prevalence on Wikipedia (as an EU systemic risk) appears to be low. Unlike otherwebsites, the openness of Wikipedia, i.e. that all contributions and edits are logged publicly,and volunteer editors can identify and remove such content, makes it a highly unattractiveplatform for distributing such material. That transparency similarly makes Wikipedia a 10 relatively unattractive environment for grooming, or other types of conduct that thrive inobscurity. Finally, our risk prioritization (including the ability to devote resources to a selected riskʼsmitigation, for DSA purposes) also takes into account the Foundation and wider editor andreader communitiesʼ global (non-DSA-specific) priorities. As noted above, the Wikimediaprojects, globally, are exposed to important risks, such as mass censorship, or impedimentsto global knowledge equity, that demand significant prioritization outside of this EU,DSA-specific exercise. For all these reasons, it is important to also note that the results of the Foundationʼs DSASRAM exercises cannot be compared on a like-for-like basis with those produced by otherplatforms and search engines that have been designated as VLOPs and VLOSEs. Forinstance, the number of EU-based users exposed to some of these risks on large socialmedia platforms could be orders of magnitude greater than on Wikipedia. Stakeholder engagement A significant number, though unknown precisely, of the more than 300,000 volunteersaround the world that contribute to Wikimedia projects reside in the EU, participate inEU-based organizations affiliated with the Wikimedia movement, and may be directlyimpacted by the systemic risks identified in this exercise. The Wikimedia Foundation iscommitted to substantively engaging such affected stakeholders in order to meet thecommitments articulated in our Human Rights Policy, particularly with regards toconducting ongoing human rights due diligence and assessing systemic risks. Indeed, suchstakeholder engagement is strongly encouraged under the Digital Services Act. In April 2025, the Foundation facilitated a stakeholder engagement session to help thesestakeholders understand the Foundationʼs regulatory obligations under the DSA, the processby which we identify and assess systemic risks under the DSA, and the nature of the risks identified. This session occurred as a part of the 2025 Wikimedia Europe General Assembly and brought together approximately 27 representatives of affiliate organizations from acrossEurope. Participants were leaders in their organizations and generally possessed a thoroughunderstanding of the issues, risks, and challenges Wikimedians experience in theircountries. The session had two primary objectives: to educate participants how theWikimedia Foundation identified and assessed systemic risks relating to Wikipedia in theEuropean Union as required under the DSA, and to learn from participantsʼ reflections onhow they experience these risks and others in their own work. In general, participants concluded that the systemic risks the Foundation had identifiedgenerally align with their experiences and shared some ideas for future systemic riskassessment reporting. Participants discussed harassment on Wikimedia projects and howwomen and LGBTQIA+ people often experience this threat disproportionately. Foundationstaff also engaged participants on the subtle difference between disinformation and 11 misinformation and the risks they pose to European society, as well as the emergingchallenges posed by generative AI. This exercise helped to inform and validate the contentpresented in this systemic risks assessment. In the future, the Foundation will undertakeefforts to continue this kind of stakeholder engagement within the EU. The Wikimedia Foundation also engaged stakeholders in broader civil society at theEuropean Rights \& Risks Forum hosted by the Global Network Initiative and the DigitalTrust \& Safety Partnership in Brussels in June 2025. This forum, which was the second of itskind, gathers civil society, academics, investors, and very large online platforms and searchengines (respectively, VLOPs and VLOPSEs) subject to the DSA, to stakeholdersʼ experienceswith producing risk assessments and lessons learned. Representatives of the WikimediaFoundation shared its unique experiences supporting Wikipedia—the only nonprofitplatform designated as a VLOP— in complying with the additional requirements thoseplatforms face under the law. Representatives also shared the above-mentioned experienceworking with the volunteer community to understand and provide feedback aroundWikipediaʼs risk assessments. These exchanges provided unique opportunities forFoundation staff leading our DSA compliance work to engage directly with thesestakeholders to answer questions, share experiences, and benefit from mutual learning. A summary report of this forum is available here. What are the key risks highlighted in this 2025 exercise? Our assessment for 2025 identifies three risks of highest salience: 1. Disinformation regarding civic and electoral processes, and conflicts 2. Disinformation regarding historical/geographical narratives 3. Harassment among the volunteer community The designation of these three risks as the most salient for Wikipedia reflects a high degreeof continuity with regard to the external threat environment and our systems since 2023 and2024\. Work to address these risks has been underway across the whole communities ofWikipedia contributors and allies for some time and will continue in the coming monthsand years. More generally, Wikipedia is a broadly welcoming environment for contributorsthat results in reliable, neutrally-presented information on a vast range of topics. This is theresult of longstanding efforts by the community, the Foundation, and others. But as is clearnot just from our human rights impact assessments, but also community conversations andoutside research, more can be done. These most salient risks have been long-term focuses of the Wikimedia Foundation and itsvolunteer communities. In general terms, the Foundationʼs approach to mitigating theserisks is as follows, though more granular elements of these approaches will be provided inour upcoming mitigation inventory for 2025: 12 1. Anti-harassment efforts are being supported by rollout of the Universal Code of Conduct and its related guidance and enforcement processes; and the Foundation is working on a new, supplemental way for UCoC-violating incidents to be reported; 2. Anti-disinformation efforts are sufficiently diverse that the Foundation hasdeveloped an overarching Anti-Disinformation Strategy. Specific disinformationrisks—for example ahead of certain elections—are responded to by supporting theformation of temporary task forces (by the volunteer community, or the Foundation,or both). This approach is backed by a program of work to improve technical tools tosupport moderation and content curation carried out by volunteer editors, and a wider research program to support Knowledge Integrity on Wikipedia and its sister projects. An e-learning module has also been developed and deployed to assistvolunteer editors in identifying and combatting disinformation. These same effortsalso assist in combating disinformation or bias that may be introduced as a result ofusers adding content developed through generative AI. Other risks that were assessed and are being mitigated, as part of this exercise, include thefollowing. More details on these risks and mitigations can be found in the Risk Registeritself, and the underlying materials it is based on. Medium Salience: ● Dangerous content: Exposure of vulnerable individuals to content that may bedangerous in that context ● Child sexual abuse material (CSAM) ● Terrorist or violent extremist content (TVEC) Lower Salience: ● Propagation of disinformation or bias through generative AI ● Privacy risks for young contributors Conclusion The Wikimedia Foundation appreciates the opportunity to discuss these risks with theEuropean Commission, members of the volunteer community that make free knowledgeprojects like Wikipedia possible, and, indeed, the broader public. The Foundation looksforward to engaging in sustained dialogue with these stakeholders around these risks, how itis already working to mitigate them now and in the future, and how our work to identify andmitigate risks will continue in the coming years as the digital ecosystem evolves. This process of systemic risk assessment continues to serve as a timely incentive for theFoundation to take stock of the broader societal impacts of Wikipedia within the EU. Wewelcome the opportunity to describe to the Commission, and the EU citizens it represents,how our organization plans to mitigate risks that the DSA is intended to address. Indeed, we 13 welcome efforts by governments to work with platforms on processes that foster greatertransparency and accountability for online platforms. As discussed above, many important actions to mitigate the risks identified in thissubmission will require buy-in and action from Wikimedia affiliates and volunteersthroughout the EU. We hope our publication of material about the risks and mitigations willultimately spark important discussions with the Wikimedia communities about theirimportant and essential roles in mitigating risks to themselves and European society morebroadly, thereby empowering Wikimedians across Europe to exercise leadership andinitiative in our collective endeavor. 14 Annex: Human Rights Risk Assessment Framework Risk Impact Likelihood Freedom of Expression and Government Censorship 3 Wikimedians face heightened threats for creating and editing content; Wikimedia projects are blocked; Wikimedians are charged and/or jailed for conveying information; Governments actively engage in disinformation campaigns on Wikimedia projects, including instances of project capture 3 Ongoing, Probable, or Imminent in the EU OR Probable and requires a long lead time for treatment Online Privacy and Government Surveillance Wikimedians are broadly and actively surveilled by government entities, including targeted surveillance in violation of human rights norms; Personal data and private communications of WIkimedians are intercepted by government entities. Conflict Severe impact to Wikimedia platforms, affiliates, people, and events, including (but not limited to): physical security threats to individuals, critical damage to physical assets, blocking of access to platforms Diversity, Equity, \& Inclusion Women, racial and ethnic minorities, persons with disabilities, and LGBTQIA+ individuals face pervasive legal, social, and/or cultural discrimination in online fora or in-person gatherings, including in public accommodation Technology, Products, \& Tools Users' access, freedom of expression, and/or 15 privacy online are severely impacted Child Rights Minors (under the age of 18) face significant physical and significant emotional dangers, including experiencing or being exposed to sexual abuse or exploitation. Freedom of Expression and Government Censorship 2 Wikimedians face limitations on their freedom of expression and may be harassed by government entities for sharing information on particular topics; Governments seek to exploit legal mechanisms to remove or alter content it finds objectionable 2 Possible in next 6 months in the EU Online Privacy and Government Surveillance Some Wikimedians are surveilled by government entities for reasons beyond their involvement in the Movement; Government entities seek to use legal requests to obtain user data Conflict Minor impact to platforms, affiliates, people, and events, including (but not limited to): minor damage to physical assets, temporary disturbance to individuals' everyday life, etc. Diversity, Equity, \& Inclusion Women, racial and ethnic minorities, persons with disabilities, and LGBTQIA+ individuals face occasional legal, social, and/or cultural discrimination in online fora or in-person gatherings, including in public accommodation Technology, Products, \& Tools Users' access, freedom of expression, and/or privacy online are moderately impacted Child Rights Minors (under the age of 18) face emotional hazards, such as bullying, harassment, or teasing. 16 Freedom of Expression and Government Censorship 1 Wikimedians face minimal risks to freedom of expression; Wikimedians are not subjects of clearly rights-violating government interest 1 Unlikely to occur or deteriorate this year in the EU Online Privacy and Government Surveillance Wikimedians are not generally surveilled online by government entities; Wikimedia projects are not censored; Government entities follow and respect legal processes for removing or altering content. Conflict Wikimedia platforms, affiliates, people, and events are not seriously affected Diversity, Equity, \& Inclusion Women, racial and ethnic minorities, persons with disabilities, and LGBTQIA+ individuals face minimal legal, social, and/or cultural discrimination in online fora or in-person gatherings, including in public accommodation Technology, Products, \& Tools Users' access, freedom of expression, and/or privacy online are not meaningfully affected Child Rights Children (minors under the age of 18) face minimal emotional hazards. \* 17