Wow I am utterly in shock, while trying to dig up the diff that En Pine
requested I get this comment from a checkuser....
*Checkusers are accountable to your representatives on the AUSC, to the
Foundation's ombudsmen, and to one another—not to you.*
-User:AGK
when a user was looking into possible mis-use of checkuser tools. This
basically screams fuck you to the community, when the actions of a CU are
questioned. Keep in mind that this is coming from a
1) a active CheckUser
2) enwiki ArbCom member
3) AUSC member.
A independent user had then notified the ombudsmen committee only to get
zero response from them. This is supposed to make me trust them with my
private data why?
On Thu, Jun 14, 2012 at 5:46 PM, Nathan <nawrich(a)gmail.com> wrote:
On Thu, Jun 14, 2012 at 5:35 PM, En Pine
<deyntestiss(a)hotmail.com> wrote:
I'm inclined to agree with Risker here. Telling someone that a CU has
been
performed on their account, at the time that a CU
is performed, might
alert
a disruptive user that some part of their recent
activity has triggered
the
attention of SPI. This information could be used
to the advantage of the
disruptive user.
If someone believes that CU may have been used improperly, various groups
can investigate the use of CU.
John, you said in your original email, "See the Rich Farmbrough ArbCom
case where I suspect obvious fishing, where the CU'ed user was requesting
information and the CU claimed it would be a violation of the privacy
policy to release the time/reason/performer of the checkuser." Can you
provide a link to the relevant diffs? I would be interested in reading
the
diffs to get a fuller understanding of what was
said, particularly
regarding the Wikimedia-wide Privacy Policy.
Thanks,
Pine
Here are some problems with that rationale:
1) If a sock confirmation results from a CU check, the person is blocked,
which is a pretty big tip off all its own. If a case is filed at SPI, then
tons of evidence is submitted, then a CU check is performed in public, then
a block is or is not imposed. That whole process is a pretty big tip off
too, but we haven't shut it down for providing a road map to abusers.
2) You can't dispute the use of CU on your information if you don't know
that it was used. It's kind of like secret wiretapping with a FISA warrant;
if you never know you've been wiretapped, how are you supposed to challenge
it or know whether it was used improperly? As for "various groups can
investigate", to some extent that's true. Most of them are checkusers,
however, and they still tend not to disclose all relevant information. I'm
not saying that any CU is doing anything improper or that it's likely, but
such allegations have been made in the past, and it seems like a pretty cut
and dried case of people having a right to know how their own information
is being used. If Wikimedia were based in Europe, it would most likely be
required by law.
Nathan
_______________________________________________
Wikimedia-l mailing list
Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l