> I'm skeptical. How much do they actually spend on necessary legal work?

A non-zero amount.

This isn't like a huge part of their budget, but people sue wikipedia constantly. Someone has to deal with that. We're also seeing a more complicated regulatory environment with new privacy laws, new nsfw laws, new social media laws. Someone has to keep track of those developments, figure which apply, and figure out what needs to be done to comply with them.

> What do you mean by "trust and safety"? We're talking about a public community edited website here not a bank or a healthcare provider,

And what happens when someone in an edit war makes death threats to another editor. What happens when they figure out where that person lives and show up at their house? Big public communities have more Trust&safety needs not less. We want people to feel safe editing Wikipedia.

And then you also have people who are arrested for their edits to Wikipedia (e.g. https://www.eff.org/deeplinks/2026/05/eff-launches-new-offli... ). Often there is not a whole lot anyone can do about that, but having someone at WMF advocating for them where they can seems like a worthy thing to do.

Its also important to keep in mind, last year at a wikipedia event someone brought a gun and attempted to commit suicide on stage (traumatizig most of the attendees). The previous year the same event had a bomb threat. Part of trust and safety's job is to ensure proper security procedures for in person events

> I wouldn't expect there to be any PII.

People post PII to wikipedia all the time. You are right that WMF intentionally collects less than most, but people post PII to dox others all the time.

> How much software maintenance is really required and could that not be left largely to the community at this point? It seems like an extremely mature stack. Am I missing something obvious?

I'm mostly just claiming the amount is not zero. There is a lot of room to debate specifics. However stuff does pop up. Security vulns happen. Software needs to be updated to work with updates dependencies (php has been making a lot of breaking changes lately). The AI boom has made access patterns shift causing caches to be less effective then before. Sometimes servers die and you need to swap out a replacement. Etc etc. There is always something.

> IMO their stated mission would be better served by putting the funds towards the research and development of a more distributed and resilient system that could be hosted by community members. If they truly aim to preserve and disseminate the totality of human knowledge then they should be actively attempting to brace for both their own downfall as well as broader political instability and technological upheaval.

They do offer database downloads, which are mirrored extensively.

The thing with most distributed solutions is the make tradeoffs which make the product worse. Often they are rigid, and have poor latency characteristics. You could spend a lot of money trying to make a better distributed system only to get nowhere. I think most wikipedians would prefer WMF focus on lower risk ventures.

> > Having people write new software features is important to stay relavent.

> Going to have to hard disagree with that one. They aren't a startup or a for profit company they're effectively an archival service. "Staying relevant" is the last thing they should be doing IMO.

That's a debatable point, but i do think users eventually drift away if nobody fixes the bugs and frustrations they encounter. To be clear though, i dont think every software feature wmf works on is a good idea. Actually i think quite a few are stupid. But i think some are needed.

----

Anyways, my point is that all these things add up, and they are important at least to some extent. I'm sure you could dig in to these items and find parts of each that could be cut. All i want to say is they should not be eliminated entirely. I think to make fair criticisms of WMF budget people need to do the actual digging and not just say any money not spent on a server is wasted money.