[Foundation-l] Note regarding status of privacy policy

List overview All Threads
Download

newer

older

Re: [Foundation-l] Arabic, a non...

[Foundation-l] Metagovernment...

Michael Snow

8 Aug 2008 8 Aug '08

2:37 a.m.

I've been meaning to update you on our progress regarding the privacy policy. Several months ago, the board asked Mike Godwin to revise and update the privacy policy. Mike consulted with his colleagues at the Electronic Frontier Foundation, and then worked with his then-legal intern, Shun-ling Chen, to create a first redraft which was posted to Meta at the beginning of June. That engendered a lot of feedback, which Mike reviewed. He found quite a bit of it useful, and incorporated it into a subsequent redraft, which is available here: http://meta.wikimedia.org/wiki/Draft_Privacy_Policy_June_19_2008 (note: despite the date in the page name, the current version is from a later date, based on feedback from the June 19 version) At our meeting in Alexandria, the board reviewed the status of the policy, and seemed inclined to agree that this second version (at the URL above) is fundamentally good, and an improvement on the current policy. It's hard to write a privacy policy that's fun to read, but I think this version is clear, thorough, responsible and accurate. It also now includes a linkable table of contents, which will enable people to easily link to subsections of the draft for reference. (When adopted, we encourage you to link to the appropriate section from community policy pages where they touch on privacy issues, rather than paraphrasing or generating unofficial versions of the policy.) The board intends to vote on this version, but before we do, I wanted to provide one last opportunity for your feedback. If you see something in this last draft that strikes you as a dealbreaker: that is potentially misleading or seriously problematic for any reason, please send me or Mike a note. If we don't hear anything within a week, I will ask the board to vote on the current version for formal adoption. --Michael Snow

Show replies by date

Nathan

8 Aug 8 Aug

3:05 a.m.

My only quibble is that its still visually not very presentable. Definitely not a big deal, but I wonder if anyone wants to take a stab at making it more stylistically pleasant - on the web and on paper. Often makes it easier to read and follow along, particularly for people who aren't frequent readers of corporate policy documents. Otherwise, good work folks. Nathan

elisabeth bauer

9 Aug 9 Aug

3:46 p.m.

2008/8/8 Michael Snow <wikipedia(a)verizon.net>et>:

...

The board intends to vote on this version, but before we do, I wanted to provide one last opportunity for your feedback.

Thank you for the reminder :-) My thoughts on the draft: * length & style: it can be shortened and it should be shortened. there's a lot of redundancy in it. My favorite "publishers publicly puplish in a public act" paragraph for example: "Anyone with Internet access (and not otherwise restricted from doing so) may edit the publicly editable pages of these sites with or without logging in as a registered user. By doing this, editors create a published document, and a public record of every word added, subtracted, or changed. This is a public act, and editors are identified publicly as the author of such changes. All contributions made to a Project, and all publicly available information about those contributions, are irrevocably licensed and may be freely copied, quoted, reused and adapted by third parties with few restrictions." Translated by amateurs as we usually do, it will read in other languages absolutely ridiculous (and not very comprehensible). * Contradicition In the introduction I read "In general, this Policy only applies to private information stored or held by the Foundation which is not publicly available." but in the following the policy deals extensively with public contributions, public discussions, public postings to public mailing lists etc (possible solution: deal with everything public in the "scope" paragraph) * commitments A privacy poliy is a commitment. Lawyers may love the phrase "include but is not limited to" which I find several times in the policy but it does nothing to assure the reader. As a reader and user of the wikimedia projects, I would prefer a privacy policy which gives a commitment of some sort to _not_ give access to my private information to any random person. This refers to this: " Other users who may have access to private identifiable information include, but are not limited to, users who have access to OTRS, or to the CheckUser and Oversight functions, users elected by project communities to serve as stewards or Arbitrators, Wikimedia Foundation employees, trustees, appointees, and contractors and agents employed by the Foundation, and developers and others with high levels of server access." the question of access leads me to the next point; I read a few privacy policies for comparison and I found something I really liked as informative in one: a mention of where all these private informations are stored, bluntly spoken: which country can confiscate the servers. Including this will obviously requiring the privacy policy each time a server farm is founded in a new country but this isn't necessarily a bad thing. *to have access and to access While the policy deals at length with who has access it is very silent about when all these persons are allowed to access my data and actually access my data. The only thing somehow related to this was "As a general principle, the access to, and retention of, personally identifiable data in all projects should be minimal and should be used only internally to serve the well-being of the projects." which is somehow a bit vague. Who defines what is well-being? How is this controlled? Who does guarantee that a nosy checkuser doesn't just look up my user information, revealing my employer, the wikipedia user name of my boyfriend and other friends just for fun? How would I even know? Wikimedia has a wonderful institution called ombudsmen commission - might be an idea to mention it in the privacy policy. It might also be an idea to establish a right for users to be informed on request if they were checkusered. * now for the disclaimer... okay, disclaimers are legally a sensible thing. "We try to do our best and if this isn't enough..." We recently had in the german Wikipedia a discussion about individual user rankings. One person used the current privacy poliy to argue that the Wikimedia foundation approved such statistics because it said they were possible. While this dispute concerned fairly trivial rankings of aggregated nr. of edits, blocks etc. it is possible to do much worse with the public data. Bot created user profiles with interests, hobbies, living rhythm, estimated timezone. Network analysis with the users position in the community. While the Wikimedia Foundation can't legally prevent any third parties from generating and publishing such informations, it can do two things: * it can issue a policy for these cases for the Wikimedia projects * it can issue recommendations for third parties, for example to anonymize user names in research publications. greetings, elian

SlimVirgin

4:16 p.m.

On Sat, Aug 9, 2008 at 10:46 AM, elisabeth bauer <eflebeth(a)googlemail.com> wrote:

...

2008/8/8 Michael Snow <wikipedia(a)verizon.net>et>:

The board intends to vote on this version, but before we do, I wanted to provide one last opportunity for your feedback.

While the policy deals at length with who has access it is very silent about when all these persons are allowed to access my data and actually access my data. The only thing somehow related to this was "As a general principle, the access to, and retention of, personally identifiable data in all projects should be minimal and should be used only internally to serve the well-being of the projects." which is somehow a bit vague. Who defines what is well-being? How is this controlled? Who does guarantee that a nosy checkuser doesn't just look up my user information, revealing my employer, the wikipedia user name of my boyfriend and other friends just for fun? How would I even know?

Elian, this is exactly the situation we have on the English Wikipedia. Jimbo takes the view that checkusers may be conducted more or less at random, for no reason, and the checkusers follow that lead. In other words, the Foundation's checkuser policy is being openly flouted. We've been told we can't complain to the Ombudsman commission because they only deal with violations of the privacy policy, not the checkuser policy. We've been told we have no right to know whether we've been checked. Attempts to introduce such a rule have led to the checkusers saying they will not follow it. And when we do find out that we've been checked, the only concern of the checkusers is to find out who told us, and to punish that person. It really is a very bad situation for the Foundation, one that's bound to lead to trouble sooner or later. Sarah

Jon

5:16 p.m.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SlimVirgin wrote:

...

On Sat, Aug 9, 2008 at 10:46 AM, elisabeth bauer <eflebeth(a)googlemail.com> wrote:

2008/8/8 Michael Snow <wikipedia(a)verizon.net>et>:

The board intends to vote on this version, but before we do, I wanted to provide one last opportunity for your feedback.

I personally don't mind being checked. Whenever, by whomever, so long as the results are not disclosed. (disclosure, not checking, is governed by the privacy policy. - -- Best, Jon [User:NonvocalScream]

...PGP SIGNATURE...

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkid0QcACgkQ6+ro8Pm1AtVy0QCeMQHlFaTDaQxNSNcE8CMzzknY hBwAoK05fUsbUBc4gXcWkZsfEazCNvA/ =GMaV -----END PGP SIGNATURE-----

Todd Allen

5:46 p.m.

On Sat, Aug 9, 2008 at 11:16 AM, Jon <scream(a)datascreamer.com> wrote:

...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SlimVirgin wrote:

On Sat, Aug 9, 2008 at 10:46 AM, elisabeth bauer <eflebeth(a)googlemail.com> wrote:

2008/8/8 Michael Snow <wikipedia(a)verizon.net>et>:

The board intends to vote on this version, but before we do, I wanted to provide one last opportunity for your feedback.

...PGP SIGNATURE...

_______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

Gerard Meijssen

5:58 p.m.

Hoi, So you are checked. You have to appreciate that by your own words, there must be a reasonable suspicion. You even insist that it is published that you have been checked. This means that it is now generally known that you are under a reasonable suspicion... How nice, that you are now known to have a tarnished reputation... Actually when you are checked, and it is not published that you were checked, you are much better off. When everyone can demand checking because THEY are suspicious, publication of check results will only increase the amount of vigilantism. Really, you are much better off when trusted people do their checking and keep their confidences. Thanks, GerardM On Sat, Aug 9, 2008 at 7:46 PM, Todd Allen <toddmallen(a)gmail.com> wrote:

...

On Sat, Aug 9, 2008 at 11:16 AM, Jon <scream(a)datascreamer.com> wrote:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SlimVirgin wrote: > On Sat, Aug 9, 2008 at 10:46 AM, elisabeth bauer > <eflebeth(a)googlemail.com> wrote: >> 2008/8/8 Michael Snow <wikipedia(a)verizon.net>et>: >> >>> The board intends to vote on this version, but before we do, I wanted

> provide one last opportunity for your feedback. While the policy deals at length with who has access it is very silent about when all these persons are allowed to access my data and actually access my data. The only thing somehow related to this was "As a general principle, the access to, and retention of, personally identifiable data in all projects should be minimal and should be used only internally to serve the well-being of the projects." which is somehow a bit vague. Who defines what is well-being? How is this controlled? Who does guarantee that a nosy checkuser doesn't just look up my user information, revealing my employer, the wikipedia user name of my boyfriend and other friends just for fun? How would I even know?

...PGP SIGNATURE...

_______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

I do believe that checking is covered as well. And if it's not, it needs to be. Checks should only be conducted at least upon reasonable suspicion. -- Freedom is the right to say that 2+2=4. From this all else follows. _______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

Todd Allen

6:02 p.m.

On Sat, Aug 9, 2008 at 11:58 AM, Gerard Meijssen <gerard.meijssen(a)gmail.com> wrote:

...

On Sat, Aug 9, 2008 at 11:16 AM, Jon <scream(a)datascreamer.com> wrote:

>> provide one last opportunity for your feedback. > While the policy deals at length with who has access it is very silent > about when all these persons are allowed to access my data and > actually access my data. The only thing somehow related to this was > "As a general principle, the access to, and retention of, personally > identifiable data in all projects should be minimal and should be used > only internally to serve the well-being of the projects." which is > somehow a bit vague. Who defines what is well-being? How is this > controlled? Who does guarantee that a nosy checkuser doesn't just look > up my user information, revealing my employer, the wikipedia user > name of my boyfriend and other friends just for fun? How would I even > know? Elian, this is exactly the situation we have on the English Wikipedia. Jimbo takes the view that checkusers may be conducted more or less at random, for no reason, and the checkusers follow that lead. In other words, the Foundation's checkuser policy is being openly flouted. We've been told we can't complain to the Ombudsman commission because they only deal with violations of the privacy policy, not the checkuser policy. We've been told we have no right to know whether we've been checked. Attempts to introduce such a rule have led to the checkusers saying they will not follow it. And when we do find out that we've been checked, the only concern of the checkusers is to find out who told us, and to punish that person. It really is a very bad situation for the Foundation, one that's bound to lead to trouble sooner or later. Sarah _______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

...PGP SIGNATURE...

_______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

If I have a "Contact me" email address, I can be easily notified that I have been checked without "tarnishing my reputation", and I can choose to make that as public or nonpublic as I like. "You have been checkusered" by email would result in no tarnishment of a public reputation while properly notifying the target. Granted, in some circumstances, suppression of notification may be appropriate, but such suppression should be logged and justified. -- Freedom is the right to say that 2+2=4. From this all else follows.

Chad

6:08 p.m.

On Sat, Aug 9, 2008 at 2:02 PM, Todd Allen <toddmallen(a)gmail.com> wrote:

...

Agreed in principle, however I don't believe it would work. Knowing some communities fondness for drama, I could easily imagine the clusterfuck that would ensue by a highly active editor getting an e-mail saying "You've been checkusered." Personally, I would be rather put off that someone felt the need to use a tool that is supposed to be used for countering vandalism (both obvious and subversive) being used for no real reason against me. -Chad

Gerard Meijssen

6:09 p.m.

Hoi, An e-mail address is not universal nor is it compulsory to have one and as a consequence it is not the solution that you think it is. Thanks, GerardM On Sat, Aug 9, 2008 at 8:02 PM, Todd Allen <toddmallen(a)gmail.com> wrote:

...

On Sat, Aug 9, 2008 at 11:58 AM, Gerard Meijssen <gerard.meijssen(a)gmail.com> wrote:

have

a tarnished reputation... Actually when you are checked, and it is not published that you were checked, you are much better off. When everyone can demand checking

because

THEY are suspicious, publication of check results will only increase the amount of vigilantism. Really, you are much better off when trusted

people

do their checking and keep their confidences. Thanks, GerardM On Sat, Aug 9, 2008 at 7:46 PM, Todd Allen <toddmallen(a)gmail.com> wrote: > On Sat, Aug 9, 2008 at 11:16 AM, Jon <scream(a)datascreamer.com> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > SlimVirgin wrote: > >> On Sat, Aug 9, 2008 at 10:46 AM, elisabeth bauer > >> <eflebeth(a)googlemail.com> wrote: > >>> 2008/8/8 Michael Snow <wikipedia(a)verizon.net>et>: > >>> > >>>> The board intends to vote on this version, but before we do, I

wanted

> to > >>>> provide one last opportunity for your feedback. > >>> While the policy deals at length with who has access it is very

silent

> >>> about when all these persons are allowed to access my data and > >>> actually access my data. The only thing somehow related to this was > >>> "As a general principle, the access to, and retention of, personally > >>> identifiable data in all projects should be minimal and should be

used

> >>> only internally to serve the well-being of the projects." which is > >>> somehow a bit vague. Who defines what is well-being? How is this > >>> controlled? Who does guarantee that a nosy checkuser doesn't just

look

> >>> up my user information, revealing my employer, the wikipedia user > >>> name of my boyfriend and other friends just for fun? How would I

even

> >>> know? > >> > >> Elian, this is exactly the situation we have on the English

Wikipedia.

> >> Jimbo takes the view that checkusers may be conducted more or less at > >> random, for no reason, and the checkusers follow that lead. In other > >> words, the Foundation's checkuser policy is being openly flouted. > >> > >> We've been told we can't complain to the Ombudsman commission because > >> they only deal with violations of the privacy policy, not the > >> checkuser policy. We've been told we have no right to know whether > >> we've been checked. Attempts to introduce such a rule have led to the > >> checkusers saying they will not follow it. And when we do find out > >> that we've been checked, the only concern of the checkusers is to

find

> >> out who told us, and to punish that person. It really is a very bad > >> situation for the Foundation, one that's bound to lead to trouble > >> sooner or later. > >> > >> Sarah > >> > >> _______________________________________________ > >> foundation-l mailing list > >> foundation-l(a)lists.wikimedia.org > >> Unsubscribe:

https://lists.wikimedia.org/mailman/listinfo/foundation-l

> > > > I personally don't mind being checked. Whenever, by whomever, so long > > as the results are not disclosed. (disclosure, not checking, is

governed

> > by the privacy policy. > > > > - -- > > Best, > > Jon > > > > [User:NonvocalScream]

...PGP SIGNATURE...

> > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.4.9 (MingW32) > > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > > > iEYEARECAAYFAkid0QcACgkQ6+ro8Pm1AtVy0QCeMQHlFaTDaQxNSNcE8CMzzknY > > hBwAoK05fUsbUBc4gXcWkZsfEazCNvA/ > > =GMaV > > -----END PGP SIGNATURE-----

> > > > _______________________________________________ > > foundation-l mailing list > > foundation-l(a)lists.wikimedia.org > > Unsubscribe:

https://lists.wikimedia.org/mailman/listinfo/foundation-l

_______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

Todd Allen

10 Aug 10 Aug

6:47 a.m.

On Sat, Aug 9, 2008 at 12:09 PM, Gerard Meijssen <gerard.meijssen(a)gmail.com> wrote:

...

On Sat, Aug 9, 2008 at 11:58 AM, Gerard Meijssen <gerard.meijssen(a)gmail.com> wrote:

have

a tarnished reputation... Actually when you are checked, and it is not published that you were checked, you are much better off. When everyone can demand checking

because

THEY are suspicious, publication of check results will only increase the amount of vigilantism. Really, you are much better off when trusted

people

wanted

> to > >>>> provide one last opportunity for your feedback. > >>> While the policy deals at length with who has access it is very

silent

used

look

> >>> up my user information, revealing my employer, the wikipedia user > >>> name of my boyfriend and other friends just for fun? How would I

even

> >>> know? > >> > >> Elian, this is exactly the situation we have on the English

Wikipedia.

find

https://lists.wikimedia.org/mailman/listinfo/foundation-l

> > > > I personally don't mind being checked. Whenever, by whomever, so long > > as the results are not disclosed. (disclosure, not checking, is

governed

> > by the privacy policy. > > > > - -- > > Best, > > Jon > > > > [User:NonvocalScream]

...PGP SIGNATURE...

> > > > _______________________________________________ > > foundation-l mailing list > > foundation-l(a)lists.wikimedia.org > > Unsubscribe:

https://lists.wikimedia.org/mailman/listinfo/foundation-l

> I do believe that checking is covered as well. And if it's not, it needs to be. Checks should only be conducted at least upon reasonable suspicion. -- Freedom is the right to say that 2+2=4. From this all else follows. _______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

_______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

(A later response, I don't have a similar talent for writing on the freeway.) I know that not everyone has an email address set, the privacy policy itself acknowledges that in its notification clause. However, we could very easily set this up the same way ("if you are willing to set an email, you will receive such notifications, if you choose not to do so, well, you don't, too bad!") It's still better than the current setup, in which you have no way to know at all unless the checkuser decides to say so, and in practice, most active and regular editors do choose to set an email address. Checkuser is quite a sensitive function, as it reveals private data, so I don't think it would hurt to have accountability ("what were your reasonable suspicions about Userxyz that led you to run a checkuser?") -- Freedom is the right to say that 2+2=4. From this all else follows.

Gerard Meijssen

7 a.m.

Hoi, I would argue that there is hardly any benefit in providing what you call acountability. When there is a user that is considered to be a sock puppet, there is a group of people who can be considered to be the likely primary user. There is no benefit in being informed about this. You can be offended that you are considered as such. You get a lot of extra handling that is just ballast. When however it is clear that information about check user activity becomes available to people that should not have this information, a completely different situation occurs. This is a clear situation where people with the check user bits are demonstratively shown to be not trust worthy. Such people should lose their priviledges as a consequence. There is no excuse. When you do not inform people at all about check user activity, you will not find the checked people informing about this either. Thanks, GerardM On Sun, Aug 10, 2008 at 8:47 AM, Todd Allen <toddmallen(a)gmail.com> wrote:

...

On Sat, Aug 9, 2008 at 12:09 PM, Gerard Meijssen <gerard.meijssen(a)gmail.com> wrote:

Hoi, An e-mail address is not universal nor is it compulsory to have one and

as a

consequence it is not the solution that you think it is. Thanks, GerardM On Sat, Aug 9, 2008 at 8:02 PM, Todd Allen <toddmallen(a)gmail.com> wrote: > On Sat, Aug 9, 2008 at 11:58 AM, Gerard Meijssen > <gerard.meijssen(a)gmail.com> wrote: > > Hoi, > > So you are checked. You have to appreciate that by your own words,

there

> > must be a reasonable suspicion. You even insist that it is published

that

> > you have been checked. This means that it is now generally known that

you

> > are under a reasonable suspicion... How nice, that you are now known

> have > > a tarnished reputation... > > > > Actually when you are checked, and it is not published that you were > > checked, you are much better off. When everyone can demand checking > because > > THEY are suspicious, publication of check results will only increase

the

> > amount of vigilantism. Really, you are much better off when trusted > people > > do their checking and keep their confidences. > > Thanks, > > GerardM > > > > On Sat, Aug 9, 2008 at 7:46 PM, Todd Allen <toddmallen(a)gmail.com>

wrote:

> > > >> On Sat, Aug 9, 2008 at 11:16 AM, Jon <scream(a)datascreamer.com>

wrote:

> >> > -----BEGIN PGP SIGNED MESSAGE----- > >> > Hash: SHA1 > >> > > >> > SlimVirgin wrote: > >> >> On Sat, Aug 9, 2008 at 10:46 AM, elisabeth bauer > >> >> <eflebeth(a)googlemail.com> wrote: > >> >>> 2008/8/8 Michael Snow <wikipedia(a)verizon.net>et>: > >> >>> > >> >>>> The board intends to vote on this version, but before we do, I > wanted > >> to > >> >>>> provide one last opportunity for your feedback. > >> >>> While the policy deals at length with who has access it is very > silent > >> >>> about when all these persons are allowed to access my data and > >> >>> actually access my data. The only thing somehow related to this

was

> >> >>> "As a general principle, the access to, and retention of,

personally

> >> >>> identifiable data in all projects should be minimal and should be > used > >> >>> only internally to serve the well-being of the projects." which

> >> >>> somehow a bit vague. Who defines what is well-being? How is this > >> >>> controlled? Who does guarantee that a nosy checkuser doesn't just > look > >> >>> up my user information, revealing my employer, the wikipedia

user

> >> >>> name of my boyfriend and other friends just for fun? How would I > even > >> >>> know? > >> >> > >> >> Elian, this is exactly the situation we have on the English > Wikipedia. > >> >> Jimbo takes the view that checkusers may be conducted more or less

> >> >> random, for no reason, and the checkusers follow that lead. In

other

> >> >> words, the Foundation's checkuser policy is being openly flouted. > >> >> > >> >> We've been told we can't complain to the Ombudsman commission

because

> >> >> they only deal with violations of the privacy policy, not the > >> >> checkuser policy. We've been told we have no right to know whether > >> >> we've been checked. Attempts to introduce such a rule have led to

the

> >> >> checkusers saying they will not follow it. And when we do find out > >> >> that we've been checked, the only concern of the checkusers is to > find > >> >> out who told us, and to punish that person. It really is a very

bad

> >> >> situation for the Foundation, one that's bound to lead to trouble > >> >> sooner or later. > >> >> > >> >> Sarah > >> >> > >> >> _______________________________________________ > >> >> foundation-l mailing list > >> >> foundation-l(a)lists.wikimedia.org > >> >> Unsubscribe: > https://lists.wikimedia.org/mailman/listinfo/foundation-l > >> > > >> > I personally don't mind being checked. Whenever, by whomever, so

long

> >> > as the results are not disclosed. (disclosure, not checking, is > governed > >> > by the privacy policy. > >> > > >> > - -- > >> > Best, > >> > Jon > >> > > >> > [User:NonvocalScream]

...PGP SIGNATURE...

> >> > -----BEGIN PGP SIGNATURE----- > >> > Version: GnuPG v1.4.9 (MingW32) > >> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > >> > > >> > iEYEARECAAYFAkid0QcACgkQ6+ro8Pm1AtVy0QCeMQHlFaTDaQxNSNcE8CMzzknY > >> > hBwAoK05fUsbUBc4gXcWkZsfEazCNvA/ > >> > =GMaV > >> > -----END PGP SIGNATURE-----

> >> > > >> > _______________________________________________ > >> > foundation-l mailing list > >> > foundation-l(a)lists.wikimedia.org > >> > Unsubscribe: > https://lists.wikimedia.org/mailman/listinfo/foundation-l > >> > > >> > >> I do believe that checking is covered as well. And if it's not, it > >> needs to be. Checks should only be conducted at least upon reasonable > >> suspicion. > >> > >> -- > >> Freedom is the right to say that 2+2=4. From this all else follows. > >> > >> _______________________________________________ > >> foundation-l mailing list > >> foundation-l(a)lists.wikimedia.org > >> Unsubscribe:

https://lists.wikimedia.org/mailman/listinfo/foundation-l

> >> > > _______________________________________________ > > foundation-l mailing list > > foundation-l(a)lists.wikimedia.org > > Unsubscribe:

https://lists.wikimedia.org/mailman/listinfo/foundation-l

_______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

Andre Engels

9 Aug 9 Aug

7:38 p.m.

On Sat, Aug 9, 2008 at 6:58 PM, Gerard Meijssen <gerard.meijssen(a)gmail.com> wrote:

...

Not to mention the leak of confidential information that such information would entail. Suppose that I am checking whether X and Y are sockpuppets, and instead I find that X shares an ip with Z. I go on, check Z some more. Whether Z and X actually are the same person or not, the information that while checking X and Y I came to Z contains confidential information that I'm not supposed to give out - whether it is the information that they are allowed sockpuppets or the information that they (for example) happen to work in the same company. -- André Engels, andreengels(a)gmail.com

David Gerard

6:04 p.m.

2008/8/9 SlimVirgin <slimvirgin(a)gmail.com>om>:

...

We've been told we can't complain to the Ombudsman commission because they only deal with violations of the privacy policy, not the checkuser policy. We've been told we have no right to know whether we've been checked. Attempts to introduce such a rule have led to the checkusers saying they will not follow it. And when we do find out that we've been checked, the only concern of the checkusers is to find out who told us, and to punish that person. It really is a very bad situation for the Foundation, one that's bound to lead to trouble sooner or later.

Sarah neglects to note that there is a body that can answer this, that being the Arbitration Committee, and that the matter is currently with this body after Sarah brought it up in a lengthy and accusation-filled but evidence-poor thread on wiken-l (she refused to file a case even while making extensive accusations, so someone else did): http://en.wikipedia.org/wiki/Wikipedia:Requests_for_arbitration/SlimVirgin-… - d.

SlimVirgin

10:01 p.m.

On Sat, Aug 9, 2008 at 1:04 PM, David Gerard <dgerard(a)gmail.com> wrote:

...

2008/8/9 SlimVirgin <slimvirgin(a)gmail.com>om>:

There is a body that is full of other checkusers, who instantly take the side of their colleague, so there really is no point in complaining to it. What we need is a truly independent body run by the Foundation, answering only to the Foundation and not to people's mates. The point is that the Foundation has a checkuser policy that is being ignored. My argument is either enforce it or get rid of it.

David Gerard

10:08 p.m.

2008/8/9 SlimVirgin <slimvirgin(a)gmail.com>om>:

...

Because it must surely be conspiracy, not that you're actually wrong and forum-shopping. - d.

SlimVirgin

10:22 p.m.

On Sat, Aug 9, 2008 at 5:08 PM, David Gerard <dgerard(a)gmail.com> wrote:

...

2008/8/9 SlimVirgin <slimvirgin(a)gmail.com>om>:

Because it must surely be conspiracy, not that you're actually wrong and forum-shopping.

Your attitude is an example of the problem. When someone has a complaint about checkuser use, they are insulted and ridiculed by ArbCom members, moaned about by other checkusers, and ignored by the Ombudsman commission. Then attacked on this list for "forum shopping" if they dare to mention it here. Of the recent case regarding Lar, I've been told all evidence must be submitted by this Sunday, then the case will be closed. But I don't have time to hunt for diffs right now, because I have family coming to stay until the end of the month. They know this -- they also know this is a holiday season -- but they want it closed by Sunday nevertheless, for reasons they're unable to explain. So nothing will be resolved. What puzzles me is why people like you argue against enforcing the checkuser policy. If you want to get rid of it -- and if it's so patently absurd that only lunatics and conspiracy theorists like me would ever want to enforce it -- why not argue for its removal? There is simply no point in having a policy that assures editors reasons are needed for checks, when in fact no reason is ever needed, and Jimbo supports that, while the Ombudsmen won't look at it, the ArbCom won't act, the checkuser list won't self-police, and when the issue is raised here, it's "forum shopping" and time for more abuse from David Gerard. With the current gulf between policy and practice, we are lying to users, pure and simple.

David Gerard

10:31 p.m.

2008/8/9 SlimVirgin <slimvirgin(a)gmail.com>om>: For those with too much time on their hands, this is largely a reiteration of the following thread, starting July 19th, after lengthy postings by SlimVirgin on the subject to [[:en:WP:ANI]]: http://lists.wikimedia.org/pipermail/wikien-l/2008-July/thread.html#94535 The "put up or shut up" RFAr was accepted July 23rd. - d.

Thomas Dalton

11:06 p.m.

...

Of the recent case regarding Lar, I've been told all evidence must be submitted by this Sunday, then the case will be closed. But I don't have time to hunt for diffs right now, because I have family coming to stay until the end of the month. They know this -- they also know this is a holiday season -- but they want it closed by Sunday nevertheless, for reasons they're unable to explain. So nothing will be resolved.

Have you tried politely requesting an extension? That you have family staying seems to be an excellent reason for needing some more time and I really can't see ArbCom saying no. I've had my own problems with ArbCom (I was recently desysoped and was appalled at the bad practices and judgement shown), but they are usually pretty reasonable when it comes to real life commitments.

SlimVirgin

10 Aug 10 Aug

3:15 a.m.

On Sat, Aug 9, 2008 at 6:06 PM, Thomas Dalton <thomas.dalton(a)gmail.com> wrote:

...

Have you tried politely requesting an extension? That you have family staying seems to be an excellent reason for needing some more time and I really can't see ArbCom saying no.

Yes, I requested an extension until the end of August, and was told (very rudely) by Charles Matthews that no extension would be given.

...

I've had my own problems with ArbCom (I was recently desysoped and was appalled at the bad practices and judgement shown), but they are usually pretty reasonable when it comes to real life commitments.

I've always found that too, but for some reason they want to get rid of this case as soon as possible.

Nathan

12 Aug 12 Aug

5:30 p.m.

You have absolutely no standing to complain about a time limit - personally, I am very glad to see the Committee putting some effort into resolving issues in a somewhat timely manner. You made your complaint in various places, multiple versions at different times, and failed to file a case yourself. When it was filed "on your behalf," you ignored it. Now you suddenly don't have enough time to gather the diffs for a problem in the relatively distant past that you've been complaining about ever since? I'm sorry, I don't expect many to be so credulous as to accept your dispute of the time limit as good faith. When the Committee publicizes a decision, you'll have a decision of your own to make - to continue raising your complaint at every opportunity (claiming its ignored and unresolved) and thus invite increasingly aggressive censure, or to let it go. Nathan On Sat, Aug 9, 2008 at 6:22 PM, SlimVirgin <slimvirgin(a)gmail.com> wrote:

...

Nathan

5:42 p.m.

Apologies for being a bit off topic with the previous e-mail. Perhaps if I'd read to the end of the thread, it would have been more obvious to me that this issue has been largely (and appropriately) ignored. Thanks, Nathan

Christiano Moreschi

11 Aug 11 Aug

9:28 a.m.

Well, then, someone's just going to have bite the bullet and ban her. It's not as if we're expecting anything useful from that quarter beyond mere pointless wiki-drama. ArbCom, this is what we set you up for. CM Odi profanum vulgus et arceo.

...

Date: Sat, 9 Aug 2008 23:08:05 +0100 From: dgerard(a)gmail.com To: foundation-l(a)lists.wikimedia.org Subject: Re: [Foundation-l] Note regarding status of privacy policy 2008/8/9 SlimVirgin <slimvirgin(a)gmail.com>om>:

Because it must surely be conspiracy, not that you're actually wrong and forum-shopping. - d. _______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

_________________________________________________________________ Win New York holidays with Kellogg’s & Live Search http://clk.atdmt.com/UKM/go/107571440/direct/01/

Thomas Dalton

9 Aug 9 Aug

10:19 p.m.

...

It's normal for appeals to go to people with the same powers as the person that made the original decision, it doesn't really work otherwise. When you think a judge has made a mistake you appeal to a higher court where the matter will be considered by other judges. ArbCom is a group of checkusers, whereas the original decision was made by a single checkuser, that's why the appeal is worthwhile. It's much easier for one person to make a mistake than for a majority of a group to make that mistake.

SlimVirgin

10:29 p.m.

On Sat, Aug 9, 2008 at 5:19 PM, Thomas Dalton <thomas.dalton(a)gmail.com> wrote:

...

Self-policing works where people have integrity and are willing to criticize their friends. In reality, it's too much to ask of many people, and there's no need to ask it. It would be a simple matter for the Foundation to find a couple of mature, truly independent-minded volunteers (who couldn't care a stuff about being liked by the other checkusers) to act as a checkuser oversight panel. The very existence of such a panel would instantly reduce checkuser misuse.

Thomas Dalton

11:09 p.m.

...

The foundation generally avoids getting involved in the running of the projects except where absolutely necessary. How about you wait and see how ArbCom rule (and the reasons they give - those probably will be private, but presumably you'll be privy to them as a party) before passing judgement on them?

Dan Rosenthal

11:09 p.m.

If you cannot share the trust that en wp has placed in its checkusers via a duly elected arbcom you can either vote against that body at election time or contribute elsewhere. But on en wp mistrusting entire groups is a no no per WP:AGF. Btw this is not a foundation l issue and I'm scared to say I agree with both of gerardm's posts. Dan Sent from my iPhone On Aug 9, 2008, at 6:29 PM, SlimVirgin <slimvirgin(a)gmail.com> wrote:

...

On Sat, Aug 9, 2008 at 5:19 PM, Thomas Dalton <thomas.dalton(a)gmail.com> wrote:

geni

10 Aug 10 Aug

12:16 a.m.

2008/8/10 Dan Rosenthal <swatjester(a)gmail.com>om>:

...

Not at all. There are a number of options if you don't trust checkusers. If you don't trust them to report honestly you can ignore them. If you don't trust them not to abuse their powers when it comes to you you can arrange things so that their powers are largely useless in your case (have say BT or AOL as you ISP). If you don't trust them not to damage wikipedia you have more of a problem. -- geni

Al Tally

12:33 a.m.

2008/8/10 Dan Rosenthal <swatjester(a)gmail.com>

...

"Enwp" meaning a community from 2005, that no longer exists. There's no way they can be voted against, until their three year term ends. Even then, they don't lose the extra privs granted to them. I don't see why the whole group would be not trusted. There are a few "bad eggs", but the rest are fine. To sum up, are you basically saying we can't do anything about the issues raised, and we should leave if we don't like it? That's a very bad attitude. -- Al Tally (User:Majorly)

Thomas Dalton

1:41 a.m.

...

There's no way they can be voted against, until their three year term ends. Even then, they don't lose the extra privs granted to them.

They don't lose the checkuser bit, but they do lose their seat on the committee that handles complaints about checkusers, which is the important thing.

Al Tally

1:46 a.m.

2008/8/10 Thomas Dalton <thomas.dalton(a)gmail.com>

...

There's no way they can be voted against, until their three year term

ends.

Even then, they don't lose the extra privs granted to them.

They don't lose the checkuser bit, but they do lose their seat on the committee that handles complaints about checkusers, which is the important thing. _______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

Hmm, not really. Right, they lose the right to vote in cases. But they keep everything else; including checkuser/oversight rights, access to the arbcom list, a voice in discussion of checkuser candidates (I'm sure people are familiar with the leak about my own request, if not pm me), and they also request things on "behalf of arbcom" - two users to do this were Dmcdevit and Raul654. They may not be *on* the arbcom, but they're still considered as members until they actually properly quit. -- Al Tally (User:Majorly)

Thomas Dalton

2:09 a.m.

...

they also request things on "behalf of arbcom" - two users to do this were Dmcdevit and Raul654.

Really? That doesn't seem on to me. Even if it's following a discussion on the arbcom mailing list, the request should still be made by someone that's actually on the committee.

Al Tally

2:20 a.m.

2008/8/10 Thomas Dalton <thomas.dalton(a)gmail.com>

...

they also request things on "behalf of arbcom" - two users to do this were Dmcdevit and Raul654.

Really? That doesn't seem on to me. Even if it's following a discussion on the arbcom mailing list, the request should still be made by someone that's actually on the committee.

Indeed... not that us mere peons have any say in the matter though. -- Al Tally (User:Majorly)

Michael Snow

2:22 a.m.

Thomas Dalton wrote:

...

they also request things on "behalf of arbcom" - two users to do this were Dmcdevit and Raul654.

Really? That doesn't seem on to me. Even if it's following a discussion on the arbcom mailing list, the request should still be made by someone that's actually on the committee.

Can we please move discussions that are purely about the arbitration process on the English Wikipedia elsewhere? On the off chance that there's somewhere in this thread is a point that warrants actually modifying the privacy policy (which is supposed to be what the thread is about), it's not really fair for us to expect Mike Godwin to sort through so much irrelevancy to find it. --Michael Snow

Anthony

9 Aug 9 Aug

7:11 p.m.

On Thu, Aug 7, 2008 at 10:37 PM, Michael Snow <wikipedia(a)verizon.net> wrote:

...

If you see something in this last draft that strikes you as a dealbreaker: that is potentially misleading or seriously problematic for any reason, please send me or Mike a note. If we don't hear anything within a week, I will ask the board to vote on the current version for formal adoption.

It seems okay as a descriptive document. I wish there were stricter and more explicit limits on what can be collected and for how long it can be kept, but that's probably not going to happen. Specifically, I'd like to see a commitment to throw away the IP address and username information after a definite period of time, maybe 30 days. On a separate point, I disagree with Jon that "disclosure, not checking, is governed by the privacy policy". There is essentially no difference between disclosure and checking when the people doing the checking are not agents of the foundation. Checkusers are, for the most part, *third parties*, so giving them access to private information *is* disclosure to third parties. Maybe the privacy policy can (or is) worded in a way to get around that fact, but it shouldn't be.

Gerard Meijssen

8:39 p.m.

Hoi, When someone accepts the function to checkuser, he accepts a role that is clearly with the community. Calling such a person a "third party" is in my opinion wrong. The person doing the check user has accepted the rules that allows for executing this function. Thanks, GerardM On Sat, Aug 9, 2008 at 9:11 PM, Anthony <wikimail(a)inbox.org> wrote:

...

On Thu, Aug 7, 2008 at 10:37 PM, Michael Snow <wikipedia(a)verizon.net> wrote:

Sue Gardner

9:11 p.m.

Gerard Meijssen wrote:

...

This is an extremely important point. As you can imagine, it was challenging for Mike to construct a policy that made it clear that there are roles in the projects such as checkuser which are inside the community (and therefore, as per Gerard, not considered 'external'), and yet whose behaviour is not controlled/controllable by the Foundation. It's an unusual situation, and we tried to be extremely clear, here: "Projects are primarily run by volunteer contributors. Some dedicated users are chosen by the community to be given privileged access. For example, for an English Wikipedia user, user access levels to Wikipedia are determined by the user's presence in various 'user groups'. Other users who may have access to private identifiable information include, but are not limited to, users who have access to OTRS, or to the CheckUser and Oversight functions, users elected by project communities to serve as stewards or Arbitrators, Wikimedia Foundation employees, trustees, appointees, and contractors and agents employed by the Foundation, and developers and others with high levels of server access. Access to and publication of this information is governed by the Access to nonpublic data policy, as well as specific policies covering some of the functions in question. Sharing information with other privileged users is not considered "distribution.""

...

On Sat, Aug 9, 2008 at 9:11 PM, Anthony <wikimail(a)inbox.org> wrote:

On Thu, Aug 7, 2008 at 10:37 PM, Michael Snow <wikipedia(a)verizon.net> wrote:

_______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

Anthony

10 Aug 10 Aug

12:10 a.m.

On Sat, Aug 9, 2008 at 5:11 PM, Sue Gardner <sgardner(a)wikimedia.org> wrote:

...

Gerard Meijssen wrote:

Hoi, When someone accepts the function to checkuser, he accepts a role that is clearly with the community. Calling such a person a "third party" is in

opinion wrong. The person doing the check user has accepted the rules

that

allows for executing this function. Thanks, GerardM

There's a good reason it's unusual. It's a recipe for disaster. Did you know that Kelly Martin (alleged "attack site" proprietor) has printed copies of checkuser results sitting around the house? The privacy policy might explain how thing are done, but that doesn't mean it's a sane thing to do.

SlimVirgin

3:22 a.m.

On Sat, Aug 9, 2008 at 7:10 PM, Anthony <wikimail(a)inbox.org> wrote:

...

On Sat, Aug 9, 2008 at 5:11 PM, Sue Gardner <sgardner(a)wikimedia.org> wrote:

Gerard Meijssen wrote:

Hoi, When someone accepts the function to checkuser, he accepts a role that is clearly with the community. Calling such a person a "third party" is in

opinion wrong. The person doing the check user has accepted the rules

that

allows for executing this function. Thanks, GerardM

Kelly Martin e-mailed me recently to tell me that, contrary to her statement at the time to the Ombudsman, she retained my IP address when she checked me. I have no idea why she decided to tell me now. But it's definitely another issue that I've not seen anyone discuss -- the extent to which private databases are being retained, and how legislation covers its handling in different countries. In the UK, for example, the Data Protection Act may require that the information be handed over on request, and that the UK chapter (insofar as it's a separate organization) take steps to ensure that it's not used in a way that causes damage or distress.

Thomas Dalton

3:32 a.m.

...

In the UK, for example, the Data Protection Act may require that the information be handed over on request, and that the UK chapter (insofar as it's a separate organization) take steps to ensure that it's not used in a way that causes damage or distress.

What does the UK chapter have to do with it? It *is* a separate organisation and is in no way involved with checkuser results...

SlimVirgin

3:46 a.m.

On Sat, Aug 9, 2008 at 10:32 PM, Thomas Dalton <thomas.dalton(a)gmail.com> wrote:

...

What does the UK chapter have to do with it? It *is* a separate organisation and is in no way involved with checkuser results...

I don't know how or whether the Data Protection Act would apply, but I think if members of the UK group were involved in retaining checkuser information (and I have no idea whether they are), it would kick in if a request were made under the Act. I mentioned it only as an example. I'm reminded of the animal liberation movement here. They set up so-called "leaderless resistance" groups, because they don't want to belong to an organization that can be sued or have its assets confiscated, but they also don't want to act as lone wolves. Similarly, the checkusers don't want to be part of the Foundation (or the Foundation doesn't want them), but they also don't want to be regarded as third parties under the privacy policy. The legal sleight of hand hasn't worked with animal liberationists and I don't see how it can work here either. The courts do find a way to hold people and groups responsible for the damage and distress they cause, so the best thing is to avoid the damage ahead of time by making sure the checkuser and privacy policies are strictly enforced.

Thomas Dalton

4:24 a.m.

2008/8/10 SlimVirgin <slimvirgin(a)gmail.com>om>:

...

On Sat, Aug 9, 2008 at 10:32 PM, Thomas Dalton <thomas.dalton(a)gmail.com> wrote:

What does the UK chapter have to do with it? It *is* a separate organisation and is in no way involved with checkuser results...

Just because they happen to be members of a given UK company doesn't make that company involved in their actions. They might be members of Royal Society for the Protection of Birds as well, does that make the RSPB liable for their actions as checkusers on the English Wikipedia?

Jussi-Ville Heiskanen

4:36 a.m.

SlimVirgin wrote:

...

On Sat, Aug 9, 2008 at 10:32 PM, Thomas Dalton <thomas.dalton(a)gmail.com> wrote:

What does the UK chapter have to do with it? It *is* a separate organisation and is in no way involved with checkuser results...

Firstly; if it were the case taht you are seriously reminded by animal liberationists in the context of wikimedia, you are really really strange. They are a single cause movement. We are most most definitely not.

...

The legal sleight of hand hasn't worked with animal liberationists and I don't see how it can work here either. The courts do find a way to hold people and groups responsible for the damage and distress they cause, so the best thing is to avoid the damage ahead of time by making sure the checkuser and privacy policies are strictly enforced.

This is not even a proverbial (builders will know what part of the human integument I am talking about) apart from threatening in a legal fashion on the mailing list to accomplish a result. Please desist. I ask in the nicest possible way. Yours, Jussi-Ville Heiskanen

private musings

5:06 a.m.

hmmm.... can't quite agree with you, Jussi. I share some of Slim's concerns on this one, though I write more as a reprobate whose multiple accounts were detected late last year - also the comparison with the animal rights movement's attempts to decentralise made sense to me - it seemed like an apt analogy. Does it really matter if people are checkusered regularly, with a liberally low bar, and the information garnered from such checks is shared between friends and colleagues equally liberally? Maybe, maybe not - but I think that's kinda the status quo, and I think people deserve the right to question it without being poo pooed - especially when it's not really reflected by what's written on the tin at the policy pages. On the other hand - I see this thread's purpose was intended to be a review of the new draft of the privacy policy. I think it's an improvement - I think the key issues relate to the ways it's implemented - I would like to assume for example that some rigour is applied to the assessment of external legal claims before IP data is handed over. best, Peter PM.

Jussi-Ville Heiskanen

5:34 a.m.

private musings wrote:

...

Well, it just isn't. I find it quite laughable that anyone would assume that a checkuser would be somehow "free as a bird" to do what they wish in terms of their technical widgets, with no connexion to the foundation at all. Even suggesting that is tantamount to FUD in the third degree to my mind.

...

Does it really matter if people are checkusered regularly, with a liberally low bar, and the information garnered from such checks is shared between friends and colleagues equally liberally? Maybe, maybe not - but I think that's kinda the status quo, and I think people deserve the right to question it without being poo pooed - especially when it's not really reflected by what's written on the tin at the policy pages. On the other hand - I see this thread's purpose was intended to be a review of the new draft of the privacy policy. I think it's an improvement - I think the key issues relate to the ways it's implemented - I would like to assume for example that some rigour is applied to the assessment of external legal claims before IP data is handed over. best, Peter PM.

Yours, Jussi-Ville Heiskanen

Gerard Meijssen

6:39 a.m.

Hoi, It has been said and confirmed, that people who have the bits to check user on a project, are beholden to the rules of that community. There is no formal or other connection to the foundation or the organisation. It is really nice that you consider this fact fud but that does not make it so. Please read back on this thread to find the relevant bits. Thanks, GerardM On Sun, Aug 10, 2008 at 7:34 AM, Jussi-Ville Heiskanen <cimonavaro(a)gmail.com

...

wrote:

...

private musings wrote:

made

sense to me - it seemed like an apt analogy.

Does it really matter if people are checkusered regularly, with a

liberally

low bar, and the information garnered from such checks is shared between friends and colleagues equally liberally? Maybe, maybe not - but I think that's kinda the status quo, and I think people deserve the right to question it without being poo pooed -

especially

when it's not really reflected by what's written on the tin at the policy pages. On the other hand - I see this thread's purpose was intended to be a

review

of the new draft of the privacy policy. I think it's an improvement - I think the key issues relate to the ways it's implemented - I would like

assume for example that some rigour is applied to the assessment of

external

legal claims before IP data is handed over. best, Peter PM.

Yours, Jussi-Ville Heiskanen _______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

Jussi-Ville Heiskanen

7:17 a.m.

Gerard Meijssen wrote:

...

Gerard Meijssen

10:18 a.m.

Hoi, You are using terminology that makes what you say absolutely not the same. It is explicitly said that a person with check user rights has these rights as a member of a community. You express that this same person is part of the Foundation. This is not what gives him the ability to wield the specialised tools to gain private information. So I disagree we say the same thing; you are overly broad and wrong as a consequence. Now you may have meant to say this, and in your later reply there are indications that you do, but the opposite was obvious to me and consequently my reaction. I think we agree that check user is a right given by a community, not the Foundation. Thanks, GerardM On Sun, Aug 10, 2008 at 9:17 AM, Jussi-Ville Heiskanen <cimonavaro(a)gmail.com

...

wrote:

...

Gerard Meijssen wrote:

Hoi, It has been said and confirmed, that people who have the bits to check

user

on a project, are beholden to the rules of that community. There is no formal or other connection to the foundation or the organisation. It is really nice that you consider this fact fud but that does not make it so. Please read back on this thread to find the relevant bits. Thanks, GerardM

You are just restating what I myself said, and purporting to disagree with me. That just doesn't make sense. Doing as the customs of the community are, is the strongest possible connection I can imagine. Legal shackles are only necessary if there is an expectation that that connection can be broken. Yours, Jussi-Ville Heiskanen _______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

Jussi-Ville Heiskanen

12:19 p.m.

Gerard Meijssen wrote:

...

I don't tend to phrase things in a way that could be parsed as an offfensive way, and I definitely don't want you to read this that way, if you are able... But, jesus!! I fail at wordś here, in not being able to even compass what your problem is. Come on, my god, whatever people do, there has to be a point where people just say, yes, you just went past the pale... Yours, Jussi-Ville Heiskanen

scream＠datascreamer.com

5:46 a.m.

New subject: [Foundation-l] Note regarding status of privacy policy (suggestion)

...

Speaking of the privacy policy... I think I would like to see the data retention to something along the lines of fifteen days or so. Jon I'll pgp sign this later if requested.

private musings

6:56 a.m.

New subject: [Foundation-l] Note regarding status of privacy policy (suggestion)

It's interesting that you mention 15 days, Jon - as I think the trend has been in the other direction - towards retaining information for a longer period - perhaps to better combat vandal accounts? It was at one point communicated to me that IP data was retained for approx one month - recently it has been confirmed to me that IP data is now stored for at least three months - I'm not really sure quite what I think the time period should be, but I would prefer it to be disclosed openly - I don't really find arguments supporting security through obscurity wholly compelling. Also - I'd like to confirm that general discussion of checkuser form and function appropriate to this mailing list? - I'm not sure of the norms around here, and it seems a bit... well... heated, and I don't want to poke anyone into further rudeness. best, Peter, PM.

Gerard Meijssen

7:07 a.m.

New subject: [Foundation-l] Note regarding status of privacy policy (suggestion)

Hoi, Security through obscurity is when the way the security is implemented is undocumented, it is not peer reviewed. If anything this does not apply to the WMF, the MediaWiki software and the policies as implemented by our communities. When precise details like how long are results from check user activity retained are public knowledge, the only persons who benefit from this knowledge are the persons who aim to game the system. When they consider that this information stays available, it will hinder their ability to make mischief. Thanks, GerardM On Sun, Aug 10, 2008 at 8:56 AM, private musings <thepmaccount(a)gmail.com>wrote;wrote:

...

private musings

7:29 a.m.

New subject: [Foundation-l] Note regarding status of privacy policy (suggestion)

...I think we probably could work out way towards agreeing to disagree on this one - but I also suspect there's some common ground hiding there somewhere! Yes - full openness surrounding the length of time IP data is stored for may increase 'gamability' in some areas - it may also cause other unspoken, or un-thought of problems. The benefits to doing so are in my view a bit fuzzier and related to big picture community health issues and an abstract concept of what's 'right' - perhaps it'll suffice to say for now that I currently believe it would be a net gain to be open, honest, and clear about this sort of stuff. best, Peter PM. On Sun, Aug 10, 2008 at 5:07 PM, Gerard Meijssen <gerard.meijssen(a)gmail.com>wrote;wrote:

...

wrote:

approx

one month - recently it has been confirmed to me that IP data is now

stored

for at least three months - I'm not really sure quite what I think the

time

period should be, but I would prefer it to be disclosed openly - I don't really find arguments supporting security through obscurity wholly compelling. Also - I'd like to confirm that general discussion of checkuser form and function appropriate to this mailing list? - I'm not sure of the norms around here, and it seems a bit... well... heated, and I don't want to

poke

anyone into further rudeness. best, Peter, PM. _______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

_______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

David Gerard

11 a.m.

New subject: [Foundation-l] Note regarding status of privacy policy (suggestion)

2008/8/10 private musings <thepmaccount(a)gmail.com>om>:

...

It should be noted here that PM's opinions on the matter should be taken in the context of (a) having been thoroughly busted massively sockpuppeting on en:wp (b) at no stage accepting that he did anything wrong in doing so, and that there must be a problem with the checkuser procedures for him to have been caught. - d.

private musings

11:25 a.m.

New subject: [Foundation-l] Note regarding status of privacy policy (suggestion)

yup... I'm a bad little thing! ....this is an attempt at levity - David's comments could do with a bit of context - but yeah, people should be aware of my situation. I'm more than happy to chat about it if anyone wants to contact me - it's certainly what led me to look further into the role of checkuser, and was the seed which led to my belief that the oversight of checkuser processes currently doesn't do enough to prevent wik-political misuse of the tool. actually.. this gives me the welcome opportunity to reiterate where I see the centre of this discussion; Does it really matter if people are checkusered regularly, with a liberally low bar, and the information garnered from such checks is shared between friends and colleagues equally liberally? I very much feel like I'm finding my feet at this list, so will lurk a bit more now lest I run the risk of being placed on moderation for disruption... this list is pretty heated, isn't it! Peter, PM.

Dan Rosenthal

2:32 p.m.

New subject: [Foundation-l] Note regarding status of privacy policy (suggestion)

private musings wrote:

...

While I don't presume to speak for the list moderators (not being one and all), I can't imagine you're anywhere close to moderation here at this time. Moderation tends to be used here for off-topic conversations that won't die, conversations that are "over" but someone isn't letting them die, excessive flaming, or in rare cases (usually connected to the second), to stifle a conversation that is not welcome. This thread as it exists now is none of those (though given a few more days it probably will be). -Dan

Anthony

1:16 p.m.

New subject: [Foundation-l] Note regarding status of privacy policy (suggestion)

On Sun, Aug 10, 2008 at 7:00 AM, David Gerard <dgerard(a)gmail.com> wrote:

...

2008/8/10 private musings <thepmaccount(a)gmail.com>om>:

may

increase 'gamability' in some areas - it may also cause other unspoken,

un-thought of problems. The benefits to doing so are in my view a bit fuzzier and related to big picture community health issues and an abstract concept of what's 'right'

perhaps it'll suffice to say for now that I currently believe it would be

net gain to be open, honest, and clear about this sort of stuff.

Well, sure, he's experienced first hand the silliness of the whole system, where people are secretly investigated for what are at worst minor rules violations and then railroaded with the gathered up data all at once. It's as though the police installed secret speed cameras, gathered up evidence of your speeding over a period of several months, then suspended your license and threw you in jail as a habitual traffic violator when you were convicted of 7 counts of going 9 mph (14 kmph) over the speed limit.

Dan Rosenthal

5:26 a.m.

Jussi-Ville Heiskanen wrote:

...

SlimVirgin wrote: > On Sat, Aug 9, 2008 at 10:32 PM, Thomas Dalton <thomas.dalton(a)gmail.com> wrote: > > >>> In the UK, for >>> example, the Data Protection Act may require that the information be >>> handed over on request, and that the UK chapter (insofar as it's a >>> separate organization) take steps to ensure that it's not used in a >>> way that causes damage or distress. >>> >>> >> What does the UK chapter have to do with it? It *is* a separate >> organisation and is in no way involved with checkuser results... >> >> > I don't know how or whether the Data Protection Act would apply, but I > think if members of the UK group were involved in retaining checkuser > information (and I have no idea whether they are), it would kick in if > a request were made under the Act. I mentioned it only as an example. > >

<snip>

...

scream＠datascreamer.com

5:44 a.m.

...

ps. Sorry for the brevity or abbreviations in any previous emails today, they were written on my phone at 85 mph on the highway on the 13 hour drive from South Florida to D.C. -Dan

And by that you mean, you were safely using the hands free voice activated composing tool :) (no sig on this on, private keys not with me at the moment)

Chad

1:17 p.m.

On Sun, Aug 10, 2008 at 1:26 AM, Dan Rosenthal <swatjester(a)gmail.com> wrote:

...

I agree with Jussi-Ville. These combined statements read very much like a veiled legal threat aimed at David Gerard. At the very least it's fearmongering by analogy. ps. Sorry for the brevity or abbreviations in any previous emails today, they were written on my phone at 85 mph on the highway on the 13 hour drive from South Florida to D.C. -Dan _______________________________________________ foundation-l mailing list foundation-l(a)lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l

I don't know about the whole length of 95 (it's been some time since I've taken 95 down to Florida), but at least in Virginia, the speed limit on I-95 is 65. Speeding _and_ texting Dan? Shame on you :-) -Chad

Dan Rosenthal

2:38 p.m.

Chad wrote:

...

On Sun, Aug 10, 2008 at 1:26 AM, Dan Rosenthal <swatjester(a)gmail.com> wrote:

Oh my battery died on the phone WAY before Virginia. My emails were I think around Jacksonville, FL; Hilton Head, SC; and Rocky Mount, NC. On an interesting note, I was able to read the Wikipedia article on Aphasia as I was passing through Jacksonville, meaning Wikimedia projects as an iPhone app are certainly workable. I did a search in the app store, and found several projects that access Wikipedia for things, but mainly as geo-locators to find articles related to your nearby coordinates from the GPS. None of them were actually a dedicated Wikimedia reader interface -- iPhone users still have to load up safari and get the actual webpage. It would be very nice to see something that is a dedicated Wikimedia reader, it will show you the article very quickly, and then have a place where you can click to view images (separately, so they don't slow down the text loading). But this is all getting off topic for the original point.

Ray Saintonge

10:55 p.m.

SlimVirgin wrote:

...

We may well be dealing with something unenforceable here. If a person with checkuser privileges wishes to keep a private file full of data about every time he used the privilege, how can anyone stop him? As long as he has those privileges such a file can make his work more efficient. We can say that the file must be destroyed once he loses the privilege, but we have no way of making sure that he does. If he tries to use the information later for improper purposes his ownership of the information will become obvious, but in most cases the file will just lie dormant until the hardware is ready for the scrap heap. Ec

Aphaia

4:28 p.m.

I found this thread now and forwarded it to translator-l, for asking for translation, if they think it appropriate: but there are only four days until the announced deadline. Michael, could you please extend it, say, one more week? For most of non-English community, regarding the time of translation, even if they luckily get their own language version of the draft, they may have only one or two days. Still one week is shorter, but better than nothing. Cheers, On Fri, Aug 8, 2008 at 11:37 AM, Michael Snow <wikipedia(a)verizon.net> wrote:

...

-- KIZU Naoko http://d.hatena.ne.jp/Britty (in Japanese) Quote of the Day (English): http://en.wikiquote.org/wiki/WQ:QOTD

Michael Snow

11 Aug 11 Aug

12:50 a.m.

Aphaia wrote:

...

Sure, I'll wait an extra week before asking the board to vote, although I don't want to delay much beyond that. Work on this initiative started even before our April board meeting, and at some point this particular segment needs to be brought to a conclusion. Which is not to say the policy will never again be revised or revisited - Mike is still making revisions based on feedback he's received. I asked initially if there were any dealbreakers or aspects that were seriously misleading, and nobody's identified issues of that nature to me. So I'm still inclined to think the draft is good and, as a significant step forward from the existing policy, should be adopted "with all deliberate speed". I appreciate that there's considerable interest in how this relates to the Checkuser tool, even though that's mentioned only a handful of times. This draft is not trying to be the Checkuser policy, and as Sue has pointed out, that role and therefore the details of its policy are within the control of the community rather than the Wikimedia Foundation. But I certainly encourage people to review the policy and practices of their projects in light of the overall privacy policy. (I'm sorry, I thought I heard something there. Did somebody say Volunteer Council?) --Michael Snow

Aphaia

5:42 a.m.

On Mon, Aug 11, 2008 at 9:50 AM, Michael Snow <wikipedia(a)verizon.net> wrote:

...

Sure, I'll wait an extra week before asking the board to vote, although I don't want to delay much beyond that.

Thank you for one extra week, and hope it works. Dear translator, please give a look to meta draft, and if you have no enough time to spare, at least make it sure your home wiki community informed of this revision? Cheers, On Mon, Aug 11, 2008 at 9:50 AM, Michael Snow <wikipedia(a)verizon.net> wrote:

...

Aphaia wrote:

-- KIZU Naoko http://d.hatena.ne.jp/Britty (in Japanese) Quote of the Day (English): http://en.wikiquote.org/wiki/WQ:QOTD

5763

days inactive

5767

days old

wikimedia-l@lists.wikimedia.org

Manage subscription

64 comments

22 participants

tags (0)

participants (22)

Al Tally
Andre Engels
Anthony
Aphaia
Chad
Christiano Moreschi
Dan Rosenthal
David Gerard
elisabeth bauer
geni
Gerard Meijssen
Jon
Jussi-Ville Heiskanen
Michael Snow
Nathan
private musings
Ray Saintonge
scream＠datascreamer.com
SlimVirgin
Sue Gardner
Thomas Dalton
Todd Allen