Two points that might help bring people on different sides of the
issue closer together.
1. How about notifying people that they have been check-usered 2
months after the fact? By that time I hope all investigations are
complete, and is the risk of tipping off the nefarious should be over.
2. Though the strategies of when to checkuser and how to interpret the
results are private, the workings of CheckUser are not. It is free
software, and its useage described at
I would imagine any
tech-savy user with malicioius intent will check how CheckUser can be
used to detect their malicious editing, and what means they have to
avoid detection. Notifying someone they have been checkusered does not
give them any information they didn't have already, apart from being
under investigation.
On Fri, Jun 15, 2012 at 8:43 AM, Neil Babbage <neil(a)thebabbages.com> wrote:
Notification of some checks would always have to be withheld to allow complex
investigations to be completed without "tipping off". There is public
information that suggests there have been complex abuse cases (real abuse, like
harassment, not vandalism). To notify parties suspected of involvement while these long
running investigations are underway is broadly analogous to receiving an automated email
when your name is searched on the FBI national computer: the innocent want an explanation
that wastes police time; the guilty realise they are being investigated and are tipped off
to adapt their behaviour. As soon as there is an option to suppress the alert you are
back to square 1: CUs may suppress the notification to "hide" what they are
doing.
End of the day, the communities elected the CUs knowing they'd be able to secretly
check private data - so you have to trust them to do what you ask them to do or elect
someone else you do trust.
Neil / QuiteUnusual@Wikibooks
-----Original Message-----
From: Nathan <nawrich(a)gmail.com>
Sender: wikimedia-l-bounces(a)lists.wikimedia.org
Date: Thu, 14 Jun 2012 22:10:33
To: Wikimedia Mailing List<wikimedia-l(a)lists.wikimedia.org>
Reply-To: Wikimedia Mailing List <wikimedia-l(a)lists.wikimedia.org>
Subject: Re: [Wikimedia-l] CheckUser openness
On Thu, Jun 14, 2012 at 8:06 PM, Dominic McDevitt-Parks
<mcdevitd(a)gmail.com>wrote;wrote:
I think the idea that making the log of checks
public will necessarily be
a service to those subject to CheckUser is misguided. One of the best
reasons for keeping the logs private is not security through obscurity but
the prevention of unwarranted stigma and drama. Most checks (which aren't
just scanning a vandal or persistent sockpuppeteer's IP for other accounts)
are performed because there is some amount of uncertainty. Not all checks
are positive, and a negative result doesn't necessarily mean the check was
unwarranted. I think those who have been checked without a public request
deserve not to have suspicion cast on them by public logs if the check did
not produce evidence of guilt. At the same time, because even justified
checks will often upset the subject, the CheckUser deserves to be able to
act on valid suspicions without fear of retaliation. The community doesn't
need the discord that a public log would generate. That's not to say that
there should be no oversight, but that a public log is not the way to do it.
Dominic
The threat of stigma can be ameliorated by not making the logs public,
which was never suggested. A simple system notification of "The data you
provide to the Wikimedia web servers has been checked by a checkuser on
this project, see [[wp:checkuser]] for more information" would be enough.
En Pine's reply to my queries seems calibrated for someone who is
unfamiliar with SPI and checkuser work. I'm not - in fact I worked as a
clerk with checkusers at SPI for a long time and am quite familiar with the
process and its limitations. I know what's disclosed, approximately how
frequently checks are run, the general proportion of checks that are public
vs. all checks, etc. I still am not clear on how disclosing the fact of a
check helps socks avoid detection, and I still believe that it's worthwhile
for a transparent organization like Wikimedia to alert users when their
private information (information that is, as Risker has mentioned,
potentially personally identifying) has been disclosed to another
volunteer.
Nathan
_______________________________________________
Wikimedia-l mailing list
Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
_______________________________________________
Wikimedia-l mailing list
Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l