On Fri, Jun 15, 2012 at 11:18 AM, Stephanie Daugherty
<sdaugherty(a)gmail.com> wrote:
On Fri, Jun 15, 2012 at 4:52 AM, Martijn Hoekstra
<martijnhoekstra(a)gmail.com
wrote:
Two points that might help bring people on
different sides of the
issue closer together.
1. How about notifying people that they have been check-usered 2
months after the fact? By that time I hope all investigations are
complete, and is the risk of tipping off the nefarious should be over.
That's an interesting concept, and I'd think this would be the only way to
notify users without compromising the effectiveness of the tool, but I
still have serious reservations about disclosure here for reasons
previously cited and below. Also, there are conceivably complex abuse cases
where an investigation would take longer than 2 months, particularly in the
sort of cases that eventually end up before en.wiki's arbcom.
2. Though the strategies of when to checkuser and
how to interpret the
results are private, the workings of CheckUser are not. It is free
software, and its useage described at
http://www.mediawiki.org/wiki/Extension:CheckUser I would imagine any
tech-savy user with malicioius intent will check how CheckUser can be
used to detect their malicious editing, and what means they have to
avoid detection. Notifying someone they have been checkusered does not
give them any information they didn't have already, apart from being
under investigation.
The privacy rules surrounding it are very much public as well. That makes
the effectiveness of checkuser as a tool very much dependent on
carelessness or ignorance of person targeted, things we want to preserve as
much as possible lest checkuser stop being effective or massive relaxation
of privacy policies become necessary to preserve its effectiveness.
Am I correct to summorise here than that CU works because people don't
know it doesn't?