The thread at http://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Inciden... very disturbing. SlimVirgin seems to have inside knowledge from the Checkuser Logs of which users Lar has been running checks on. The only way she could have obtained this knowledge is if there is either a leak on the Checkuser-L list or if someone with access to the Checkuser logs told her.
What is being done to plug this leak? If it came from a CheckUser or developer that person should be sacked immediately.
SV should be required to say how she got this information and if she refuses she should be blocked until she becomes co-operative.
This sort of security breach is completely unacceptable and intolerable.
Dave
2008/7/19 David Katz dkatz2001@gmail.com:
The thread at http://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Inciden... very disturbing. SlimVirgin seems to have inside knowledge from the Checkuser Logs of which users Lar has been running checks on. The only way she could have obtained this knowledge is if there is either a leak on the Checkuser-L list or if someone with access to the Checkuser logs told her.
I don't think who's been running checks on who is considered private information - it's the results of those checks that are covered by the privacy policy. If someone with access to the logs thought there was good reason to share part of them with SlimVirgin, then I think they would be allowed to do so.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Thomas Dalton wrote:
2008/7/19 David Katz dkatz2001@gmail.com:
The thread at http://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Inciden... very disturbing. SlimVirgin seems to have inside knowledge from the Checkuser Logs of which users Lar has been running checks on. The only way she could have obtained this knowledge is if there is either a leak on the Checkuser-L list or if someone with access to the Checkuser logs told her.
I don't think who's been running checks on who is considered private information - it's the results of those checks that are covered by the privacy policy. If someone with access to the logs thought there was good reason to share part of them with SlimVirgin, then I think they would be allowed to do so.
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Sections 5 and 6 of the privacy policy permit the release of CU information to /admins/ for example for blocking and reporting.
http://wikimediafoundation.org/wiki/Privacy_policy#Policy_on_release_of_data...
Best, Jon
None of this really applies. No data derived from checkuser was released (at least, from what's being said here); rather, the fact that a checkuser was run was released. That's not in any way confidential information, nor is it a release of privileged data. The _results_ of such a request are privileged, though if someone asks me for the results of a checkuser run on their own account, I'll tell them, assuming it does not release any otherwise confidential information (for example, other unrelated users that show up on the same dynamic IP.)
On Sat, Jul 19, 2008 at 11:45 AM, Jon scream@datascreamer.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Thomas Dalton wrote:
2008/7/19 David Katz dkatz2001@gmail.com:
The thread at
http://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Inciden...
very disturbing. SlimVirgin seems to have inside knowledge from the Checkuser Logs of which users Lar has been running checks on. The only
way
she could have obtained this knowledge is if there is either a leak on
the
Checkuser-L list or if someone with access to the Checkuser logs told
her.
I don't think who's been running checks on who is considered private information - it's the results of those checks that are covered by the privacy policy. If someone with access to the logs thought there was good reason to share part of them with SlimVirgin, then I think they would be allowed to do so.
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Sections 5 and 6 of the privacy policy permit the release of CU information to /admins/ for example for blocking and reporting.
http://wikimediafoundation.org/wiki/Privacy_policy#Policy_on_release_of_data...
Best, Jon -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkiCNjQACgkQ6+ro8Pm1AtVwbwCfS/RoLLouwprJ0sikiXJx+QoF g+QAnjHb0rqLtODRuiJ4fsTZhDCg1WSS =F+K5 -----END PGP SIGNATURE-----
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
It certainly doesn't appear that SV was given this information so that she could block or report the person on whom the CheckUser was run. Instead, it appears that she was told so she could tip off the person.
Perhaps we should just have a policy where users against whom a checkuser is run have the right to be informed rather than have a situation where you only find out if your friends with someone who is the friend of a Checkuser who leaks info.
On Sat, Jul 19, 2008 at 2:45 PM, Jon scream@datascreamer.com wrote:Sections 5 and 6 of the privacy policy permit the release of CU information to /admins/ for example for blocking and reporting.
http://wikimediafoundation.org/wiki/Privacy_policy#Policy_on_release_of_data...
Best, Jon
On Sat, Jul 19, 2008 at 12:54 PM, David Katz dkatz2001@gmail.com wrote:
It certainly doesn't appear that SV was given this information so that she could block or report the person on whom the CheckUser was run. Instead, it appears that she was told so she could tip off the person.
Maybe I'm not reading well. From where do you get the idea it was run on anyone other than her?
http://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Inciden...
"Well, perhaps other people ought to learn about it. And I wouldn't bank on our mutual friend not being as pissed off about it as I am. Please don't assume anything. SlimVirgin http://en.wikipedia.org/wiki/User:SlimVirgin talk| http://en.wikipedia.org/wiki/User_talk:SlimVirgineditshttp://en.wikipedia.org/wiki/Special:Contributions/SlimVirgin05:58, 17 July 2008 (UTC)"
Josh, someone doesn't usually refer to themselves as "our mutual friend".
On Sat, Jul 19, 2008 at 4:00 PM, Josh Gordon user.jpgordon@gmail.com wrote:
Maybe I'm not reading well. From where do you get the idea it was run on anyone other than her?
-- --jpgordon ∇∆∇∆ _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
On Sat, Jul 19, 2008 at 1:06 PM, David Katz dkatz2001@gmail.com wrote:
http://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Inciden...
"Well, perhaps other people ought to learn about it. And I wouldn't bank on our mutual friend not being as pissed off about it as I am. Please don't assume anything. SlimVirgin http://en.wikipedia.org/wiki/User:SlimVirgin talk| http://en.wikipedia.org/wiki/User_talk:SlimVirginedits< http://en.wikipedia.org/wiki/Special:Contributions/SlimVirgin%3E05:58, 17 July 2008 (UTC)"
Josh, someone doesn't usually refer to themselves as "our mutual friend".
On Sat, Jul 19, 2008 at 4:00 PM, Josh Gordon user.jpgordon@gmail.com wrote:
Maybe I'm not reading well. From where do you get the idea it was run on anyone other than her?
Ah, I see. So there was an offsite request (not uncommon, I process those frequently) to checkuser SlimVirgin and some other editor; a checkuser decided it was a justified request and ran the check; and another checkuser told SlimVirgin she'd been the target of a checkuser along with another editor.
So what?
SlimVirgin might have grounds for complaint if the tool was used improperly; I don't know one way or another. But nobody has grounds to complain that she was told that she was the target of a checkuser. Whether she has the right to know who requested the checkuser is a fuzzier question; I wouldn't mind if there was a policy that a person may ask and automatically be told if and why she was checked. I'll generally not reveal the "why" information myself, especially if a check comes up without any useful information; it would just exacerbate drama.
Do users have the right to be told if a checkuser has been run by them and by whom? SlimVirgin seems to. Several years ago the fact that Kelly Martin ran a check on her was leaked and maximum drama ensued. This year, SV was informed that Lar ran a check on a friend of hers and again, drama.
Either all users should have the right to know if checks have been run on them or none should. SV should not have special access to information just because she has a friend who is a CheckUser and is willing to give her information from the CheckUser log.
On Sat, Jul 19, 2008 at 3:54 PM, David Katz dkatz2001@gmail.com wrote:
It certainly doesn't appear that SV was given this information so that she could block or report the person on whom the CheckUser was run. Instead, it appears that she was told so she could tip off the person.
Perhaps we should just have a policy where users against whom a checkuser is run have the right to be informed rather than have a situation where you only find out if your friends with someone who is the friend of a Checkuser who leaks info.
On Sat, Jul 19, 2008 at 2:45 PM, Jon scream@datascreamer.com wrote:Sections 5 and 6 of the privacy policy permit the release of CU information to /admins/ for example for blocking and reporting.
http://wikimediafoundation.org/wiki/Privacy_policy#Policy_on_release_of_data...
Best, Jon
David Katz wrote:
Do users have the right to be told if a checkuser has been run by them and by whom? SlimVirgin seems to. Several years ago the fact that Kelly Martin ran a check on her was leaked and maximum drama ensued. This year, SV was informed that Lar ran a check on a friend of hers and again, drama.
Either all users should have the right to know if checks have been run on them or none should. SV should not have special access to information just because she has a friend who is a CheckUser and is willing to give her information from the CheckUser log.
I've said whenever the topic has come up, since I introduced CheckUser, that the reason the log is private is to avoid the appearance of incrimination when innocent users are cross-tested against abusive users, to disprove an allegation of sockpuppetry. Having CheckUser run against you does not imply any kind of wrongdoing.
If anyone wants such information released about them, they can contact me, and I will give it to them. But I won't give out any information about the other users who are cross-checked in the same investigation.
If SlimVirgin wants to imply that CheckUser is indeed a form of allegation, and act offended, then so be it. That's the price we pay for openness. You always have the option of ignoring her.
-- Tim Starling
2008/7/22 Tim Starling tstarling@wikimedia.org:
I've said whenever the topic has come up, since I introduced CheckUser, that the reason the log is private is to avoid the appearance of incrimination when innocent users are cross-tested against abusive users, to disprove an allegation of sockpuppetry. Having CheckUser run against you does not imply any kind of wrongdoing. If anyone wants such information released about them, they can contact me, and I will give it to them. But I won't give out any information about the other users who are cross-checked in the same investigation. If SlimVirgin wants to imply that CheckUser is indeed a form of allegation, and act offended, then so be it. That's the price we pay for openness. You always have the option of ignoring her.
+1
Having been checked and no-one being told is not an allegation of wrongdoing or a black mark against one. Having this be public information is a recipe for truly spectacularly stupid drama.
- d.
David Katz wrote:
Do users have the right to be told if a checkuser has been run by them and by whom? SlimVirgin seems to. Several years ago the fact that Kelly Martin ran a check on her was leaked and maximum drama ensued. This year, SV was informed that Lar ran a check on a friend of hers and again, drama.
Either all users should have the right to know if checks have been run on them or none should. SV should not have special access to information just because she has a friend who is a CheckUser and is willing to give her information from the CheckUser log.
on 7/22/08 7:27 AM, Tim Starling at tstarling@wikimedia.org wrote:
I've said whenever the topic has come up, since I introduced CheckUser, that the reason the log is private is to avoid the appearance of incrimination when innocent users are cross-tested against abusive users, to disprove an allegation of sockpuppetry. Having CheckUser run against you does not imply any kind of wrongdoing.
If anyone wants such information released about them, they can contact me, and I will give it to them. But I won't give out any information about the other users who are cross-checked in the same investigation.
Fresh air at last!
If SlimVirgin wants to imply that CheckUser is indeed a form of allegation, and act offended, then so be it. That's the price we pay for openness. You always have the option of ignoring her.
Sounds like the best advice yet.
Marc
On 7/19/08, David Katz dkatz2001@gmail.com wrote:
It certainly doesn't appear that SV was given this information so that she could block or report the person on whom the CheckUser was run. Instead, it appears that she was told so she could tip off the person.
You've misunderstood what happened. I was told -- told, not "tipped off" -- about the checkuser because I was one of the people Lar checked. That is allowed under the policy.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
David Katz wrote:
It certainly doesn't appear that SV was given this information so that she could block or report the person on whom the CheckUser was run. Instead, it appears that she was told so she could tip off the person.
Perhaps we should just have a policy where users against whom a checkuser is run have the right to be informed rather than have a situation where you only find out if your friends with someone who is the friend of a Checkuser who leaks info.
On Sat, Jul 19, 2008 at 2:45 PM, Jon scream@datascreamer.com wrote:Sections 5 and 6 of the privacy policy permit the release of CU information to /admins/ for example for blocking and reporting.
http://wikimediafoundation.org/wiki/Privacy_policy#Policy_on_release_of_data...
Best, Jon _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
If this is the case, I don't really see any problem. The fact that checks are run, thats not confidential.
Best, Jon
On Sat, Jul 19, 2008 at 6:50 PM, Jon scream@datascreamer.com wrote:
If this is the case, I don't really see any problem. The fact that checks are run, thats not confidential.
Although, it is important to remember that it's not *necessary* to share the fact that checks are run. (Just a note, not a contradiction.)
2008/7/19 David Katz dkatz2001@gmail.com:
The thread at http://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Inciden... very disturbing. SlimVirgin seems to have inside knowledge from the Checkuser Logs of which users Lar has been running checks on. The only way she could have obtained this knowledge is if there is either a leak on the Checkuser-L list or if someone with access to the Checkuser logs told her.
What is being done to plug this leak? If it came from a CheckUser or developer that person should be sacked immediately.
SV should be required to say how she got this information and if she refuses she should be blocked until she becomes co-operative.
This sort of security breach is completely unacceptable and intolerable.
There are half a dozen ways SV could have got the info. Online everything leaks the various less public discussions speed that up fractionally but not to any great extent.
This being the case I would suggest that the community is unlikely to benefit from escalating this particular bit of drama.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
David Katz wrote:
The thread at http://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Inciden... very disturbing. SlimVirgin seems to have inside knowledge from the Checkuser Logs of which users Lar has been running checks on. The only way she could have obtained this knowledge is if there is either a leak on the Checkuser-L list or if someone with access to the Checkuser logs told her.
What is being done to plug this leak? If it came from a CheckUser or developer that person should be sacked immediately.
SV should be required to say how she got this information and if she refuses she should be blocked until she becomes co-operative.
This sort of security breach is completely unacceptable and intolerable.
Dave _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Yeah...... no.
There is a process for this, it is not however, blocking an editor until they give us the information we want. Inquisition? This is not our values.
Instead...
Suspicion of abuses of CheckUser should be discussed by each local wiki. On wikis with an approved ArbCom, the ArbCom can decide on the removal of access. On wikis without an approved ArbCom, the community can vote removal of access. Removal can only be done by Stewards. A Steward may not decide to remove access on their own, but can help provide information necessary to prove the abuse (such as logs). If necessary, and in particular in case of lack of respect towards the privacy policy, the Board of Wikimedia Foundation can be asked to declare removal of access as well.
Complaints of abuse of CheckUser or privacy policy breaches may also be brought to the Ombudsman committee.
3 options
Discussion RFARb Privacy Ombudsman.
Nowhere do I see "block the user till they speak".
Thanks, Jon
On 7/19/08, Jon scream@datascreamer.com wrote:
Complaints of abuse of CheckUser or privacy policy breaches may also be brought to the Ombudsman committee.
No, in fact only privacy policy breaches can be brought to the Ombudsman committee. There is no process, as I understand it, for dealing with checkuser misuse, except taking it to a full ArbCom hearing, which is why no complaint was brought against Lar, the checkuser in this case. The editor and two admins who were checked-usered by him, and I was one of them, didn't have the time or energy to start an ArbCom case over it.
Someone asked how I knew about this. I was told by one of the people Lar checkusered, whom he told about it himself, then I was also told by a sitting member of ArbCom. People who have been checked are allowed to be told about it under the policy: "Notification to the account that is checked is permitted but is not mandatory." http://meta.wikimedia.org/wiki/Checkuser#Use_of_the_tool
There are editors who have argued that it should be mandatory, a view I'm increasingly coming around to myself.
Sarah
2008/7/19 SlimVirgin slimvirgin@gmail.com:
No, in fact only privacy policy breaches can be brought to the Ombudsman committee. There is no process, as I understand it, for dealing with checkuser misuse, except taking it to a full ArbCom hearing, which is why no complaint was brought against Lar, the checkuser in this case. The editor and two admins who were checked-usered by him, and I was one of them, didn't have the time or energy to start an ArbCom case over it.
It would and should be rejected.
There are editors who have argued that it should be mandatory, a view I'm increasingly coming around to myself.
So, tell me: what is the violation you feel you have been subjected to? Use as many words as you feel you need to.
- d.
On 7/19/08, David Gerard dgerard@gmail.com wrote:
2008/7/19 SlimVirgin slimvirgin@gmail.com:
No, in fact only privacy policy breaches can be brought to the Ombudsman committee. There is no process, as I understand it, for dealing with checkuser misuse, except taking it to a full ArbCom hearing, which is why no complaint was brought against Lar, the checkuser in this case. The editor and two admins who were checked-usered by him, and I was one of them, didn't have the time or energy to start an ArbCom case over it.
It would and should be rejected.
Perhaps we should submit one and see.
There was no reason at all to check the first account(s) that Lar checked. If you know some of the details of the case, and I assume you do (though I also know you don't know all of them), you'll know that he had no grounds *whatsoever* to perform the first check, or the second, but it was assumed and hoped that both checks might lead to me. He performed the check upon the private request of a troublemaker who has been harassing me for over a year.
Both the first and second editor were affected by this. The first abandoned the checked accounts because Lar is not trusted. The second editor began to wind down his or her involvement in Wikipedia, as did I to a lesser degree.
I find your attitude worrying. The Ombudsman committee cannot hear the case because they don't cover checkuser misuse. And you say the ArbCom *should* not hear it. So there is nothing left to curb this kind of behavior, despite this person's involvement with Wikipedia Review.
I have no problem with people being checked randomly by anyone. In fact, if that's the de facto situation, why not give everyone access to checkuser and allow it to be used wily nily?
But if you're going to pretend to editors that they are checks and balances on the use of it -- and so long as the policy on meta gives that impression -- there needs to be a protection mechanism, or at least peer pressure from other checkusers, and at the moment, we have neither.
Sarah
On Sat, Jul 19, 2008 at 2:04 PM, SlimVirgin slimvirgin@gmail.com wrote:
Both the first and second editor were affected by this. The first abandoned the checked accounts because Lar is not trusted.
Lar is not trusted? Why not? By whom? Is there some specific reason to believe he's abusively released the private information of any editor? If so, then you should definitely contact arbcom with it. Repeatedly hand-waving about how you "might" file an arbitration is rather silly. Just do it or don't. Anything else is a waste of time.
2008/7/19 Luna lunasantin@gmail.com:
On Sat, Jul 19, 2008 at 2:04 PM, SlimVirgin slimvirgin@gmail.com wrote:
Both the first and second editor were affected by this. The first abandoned the checked accounts because Lar is not trusted.
Lar is not trusted? Why not? By whom? Is there some specific reason to believe he's abusively released the private information of any editor? If so, then you should definitely contact arbcom with it. Repeatedly hand-waving about how you "might" file an arbitration is rather silly. Just do it or don't. Anything else is a waste of time.
Indeed. Casual slander is not a robust method of policy formation.
- d.
2008/7/19 SlimVirgin slimvirgin@gmail.com:
There was no reason at all to check the first account(s) that Lar checked.
Your accounts? Please detail why you feel you are immune to checkuser. (I ask this while reminding all here that several admins have been caught severely sockpuppeting and then deadminned.)
I find your attitude worrying. The Ombudsman committee cannot hear the case because they don't cover checkuser misuse. And you say the ArbCom *should* not hear it.
That someone looked? Please detail why you feel you are immune to checkuser.
So there is nothing left to curb this kind of behavior, despite this person's involvement with Wikipedia Review.
I suggest you contact the Foundation with this as a reason to take it away. Let me know how that works out for you.
- d.
On 7/19/08, David Gerard dgerard@gmail.com wrote:
2008/7/19 SlimVirgin slimvirgin@gmail.com:
There was no reason at all to check the first account(s) that Lar checked.
Your accounts? Please detail why you feel you are immune to checkuser. (I ask this while reminding all here that several admins have been caught severely sockpuppeting and then deadminned.)
I don't feel I'm immune, but I do feel there should be a presumption against long-term contributors being checked, unless there are serious grounds to suspect abuse.
But I am not complaining about the check against me. I'm complaining about the check against the other two. I have their permission to explain further.
Lar was (he said) contacted privately by Mackan79 and was asked to perform a check on Wikitumnus and Crum375, on the grounds that they appeared to be sockpuppets.
Mackan79 is an editor who has been trying to cause me problems for about 12-18 months, ever since Dmcdevit blocked him for 3RR and he blamed me, both for the block in the first place, and for not persuading Dmcdevit to unblock him. I assume that his interest in Crum derived from his interest in me, and that the involvement of Wikitumnus was to give him and Lar a back door into a check of Crum.
The only "evidence" Lar had of a relationship between Wiktumnus and Crum was that Wikitumnus had ONCE reverted vandalism from Crum's talk page in November 2007 -- four months before Mackan asked Lar for a check. Here is the diff of the "evidence" http://en.wikipedia.org/w/index.php?title=User:Crum375&diff=172790564&am... Here is Mackan79 four months later, in March 2008, saying that Wikitumnus appears to be another user. http://en.wikipedia.org/w/index.php?title=User_talk%3AWikitumnus&diff=19...
It was on this basis that Lar performed a check of Wikitumnus a few days later at Mackan's request, later telling Wikitumnus and other checkusers and ArbCom members that there were grounds to believe that Wikitumnus was Crum. This is a clear fishing expedition, because there is *nothing* about that diff that would give rise to a suspicion of sockpuppetry. Wikitumnus had never edited the same articles as Crum, had never voted with him, had never supported him, had never shown up on noticeboards to comment on him, or anything else.
Personally, I have no problem with allowing checkuser to be used for fishing *so long as the policy makes clear that it may be so used* because then editors can arrange to use open or closed proxies if they don't want their real IPs to become known during random checks. What I object to is the policy saying one thing, and checkusers doing another.
When Lar performed his check of Wikitumnus, he discovered that it was an established editor who is well known to Lar, and who had abandoned their original account for various reasons. He knew *for certain* that this person was not Crum375. Yet he went on to peform the check of Crum anyway. If you want to say that, once he had checked Crum, he had reason to check me, then fine. Ignore the check of me. But his check of Wikitumnus was made on the flimsiest of grounds. And his check of Crum was made *on no grounds whatsoever*. That the request was made by a known troublemaker makes things even worse, but even if you ignore that too, you are left with two checks performed for no reason.
Lar compounded the error by telling his wife the real identity of Wikitumnus. Lar's wife is another Wikipedian, not someone Wikitumnus has had any contact with, and also not someone Wikitumnus would choose to reveal their identity to. Wiktumnus was extremely upset about that aspect of the incident, and it was a violation of the privacy policy, although not one serious enough that the Ombudsman Commission wanted to act on.
The result is that Wikitumnus felt they had to abandon their account. I recall an absolute storm when Durova blocked !!, an established editor who had abandoned his original account, but who felt his identity was compromised by the block. That is exactly the situation we have here -- an established editor with a new account is checked for no reason, and as a result feels unable to continue with the account in case their identity leaks out.
The question is why Lar is allowed simply to ignore the checkuser policy, and why, when he does, other checkusers support him in that. If there is no peer pressure on checkusers to conform to the policy, and there is no Ombudsman who can look at checkuser policy violations, the only protection we have is ArbCom. But (I believe) all ArbCom members have checkuser and are on the checkuser mailing list, so they could have acted against Lar when the issue was raised there (at my request, among others), but they didn't. They're therefore unlikely to act when it's brought before them in another venue.
The bottom line is that editors are left with no realistic way to complain about a violation of the checkuser policy, which means that it may as well not exist.
Sarah
SlimVirgin wrote:
On 7/19/08, David Gerard dgerard@gmail.com wrote:
2008/7/19 SlimVirgin slimvirgin@gmail.com:
There was no reason at all to check the first account(s) that Lar
checked.
Your accounts? Please detail why you feel you are immune to checkuser. (I ask this while reminding all here that several admins have been caught severely sockpuppeting and then deadminned.)
I don't feel I'm immune, but I do feel there should be a presumption against long-term contributors being checked, unless there are serious grounds to suspect abuse.
As somebody completely outside of this whole conflict, and with not even a remote understanding of the whole backround, let me just say that whatever the issues and or facts may be otherwise, this statement is very very deeply offensive, though I have to confess that it is quite easy to fall into this mindset, through error.
It is the newcomers and or limelight avoiding editors of occasional contribution, who should not be peremptorily considered targets which are soft enough to bully through intimations of suspicion of sockpuppetry.
There has to be proximate cause for a sockpuppet investigation, certes. But that falls far short of saying there should be a "presumption against" doing one on anyone.
The result is that Wikitumnus felt they had to abandon their account. I recall an absolute storm when Durova blocked !!, an established editor who had abandoned his original account, but who felt his identity was compromised by the block. That is exactly the situation we have here -- an established editor with a new account is checked for no reason, and as a result feels unable to continue with the account in case their identity leaks out.
Your account otherwise is quite interesting and may have merit, but your use of the word "exactly" here is fairly comical.
!! was blocked. If Wikitumnuses situation had been "exactly" the same, he would have been blocked. Was Wikitumnus blocked? I submit not.
Yours,
Jussi-Ville Heiskanen
On Sun, Jul 20, 2008 at 4:58 AM, SlimVirgin slimvirgin@gmail.com wrote:
On 7/19/08, David Gerard dgerard@gmail.com wrote:
2008/7/19 SlimVirgin slimvirgin@gmail.com:
There was no reason at all to check the first account(s) that Lar checked.
Your accounts? Please detail why you feel you are immune to checkuser. (I ask this while reminding all here that several admins have been caught severely sockpuppeting and then deadminned.)
I don't feel I'm immune, but I do feel there should be a presumption against long-term contributors being checked, unless there are serious grounds to suspect abuse.
But I am not complaining about the check against me. I'm complaining about the check against the other two. I have their permission to explain further.
Lar was (he said) contacted privately by Mackan79 and was asked to perform a check on Wikitumnus and Crum375, on the grounds that they appeared to be sockpuppets.
Mackan79 is an editor who has been trying to cause me problems for about 12-18 months, ever since Dmcdevit blocked him for 3RR and he blamed me, both for the block in the first place, and for not persuading Dmcdevit to unblock him. I assume that his interest in Crum derived from his interest in me, and that the involvement of Wikitumnus was to give him and Lar a back door into a check of Crum.
The only "evidence" Lar had of a relationship between Wiktumnus and Crum was that Wikitumnus had ONCE reverted vandalism from Crum's talk page in November 2007 -- four months before Mackan asked Lar for a check. Here is the diff of the "evidence"
http://en.wikipedia.org/w/index.php?title=User:Crum375&diff=172790564&am... Here is Mackan79 four months later, in March 2008, saying that Wikitumnus appears to be another user.
http://en.wikipedia.org/w/index.php?title=User_talk%3AWikitumnus&diff=19...
It was on this basis that Lar performed a check of Wikitumnus a few days later at Mackan's request, later telling Wikitumnus and other checkusers and ArbCom members that there were grounds to believe that Wikitumnus was Crum. This is a clear fishing expedition, because there is *nothing* about that diff that would give rise to a suspicion of sockpuppetry. Wikitumnus had never edited the same articles as Crum, had never voted with him, had never supported him, had never shown up on noticeboards to comment on him, or anything else.
Personally, I have no problem with allowing checkuser to be used for fishing *so long as the policy makes clear that it may be so used* because then editors can arrange to use open or closed proxies if they don't want their real IPs to become known during random checks. What I object to is the policy saying one thing, and checkusers doing another.
When Lar performed his check of Wikitumnus, he discovered that it was an established editor who is well known to Lar, and who had abandoned their original account for various reasons. He knew *for certain* that this person was not Crum375. Yet he went on to peform the check of Crum anyway. If you want to say that, once he had checked Crum, he had reason to check me, then fine. Ignore the check of me. But his check of Wikitumnus was made on the flimsiest of grounds. And his check of Crum was made *on no grounds whatsoever*. That the request was made by a known troublemaker makes things even worse, but even if you ignore that too, you are left with two checks performed for no reason.
Lar compounded the error by telling his wife the real identity of Wikitumnus. Lar's wife is another Wikipedian, not someone Wikitumnus has had any contact with, and also not someone Wikitumnus would choose to reveal their identity to. Wiktumnus was extremely upset about that aspect of the incident, and it was a violation of the privacy policy, although not one serious enough that the Ombudsman Commission wanted to act on.
The result is that Wikitumnus felt they had to abandon their account. I recall an absolute storm when Durova blocked !!, an established editor who had abandoned his original account, but who felt his identity was compromised by the block. That is exactly the situation we have here -- an established editor with a new account is checked for no reason, and as a result feels unable to continue with the account in case their identity leaks out.
The question is why Lar is allowed simply to ignore the checkuser policy, and why, when he does, other checkusers support him in that. If there is no peer pressure on checkusers to conform to the policy, and there is no Ombudsman who can look at checkuser policy violations, the only protection we have is ArbCom. But (I believe) all ArbCom members have checkuser and are on the checkuser mailing list, so they could have acted against Lar when the issue was raised there (at my request, among others), but they didn't. They're therefore unlikely to act when it's brought before them in another venue.
The bottom line is that editors are left with no realistic way to complain about a violation of the checkuser policy, which means that it may as well not exist.
Sarah
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
To save Lar the trouble of having to ask me, and since it probably may as well be shared, the basic issue with Wikitumnus I saw was that they arrived to remove a sock template in a way that appeared virtually impossible for a new user unfamiliar with the situation.
See from the mediawiki comparison tool:
- 2007-11-20 22:47:59 *by **Crum375*http://en.wikipedia.org/wiki/User:Crum375( histhttp://en.wikipedia.org/w/index.php?title=User:Crum375&action=history) (diffhttp://en.wikipedia.org/w/index.php?title=User:Crum375&diff=prev&oldid=172794686) m User:Crum375 http://en.wikipedia.org/wiki/User:Crum375 (Reverted edits by 86.131.88.98http://en.wikipedia.org/wiki/Special:Contributions/86.131.88.98( talk http://en.wikipedia.org/wiki/User%20talk:86.131.88.98) to last version by Mr Tumnus) *(top)* - 2007-11-20 22:33:12 *by **86.131.88.98*http://en.wikipedia.org/wiki/User:86.131.88.98( histhttp://en.wikipedia.org/w/index.php?title=User:Crum375&action=history) (diffhttp://en.wikipedia.org/w/index.php?title=User:Crum375&diff=prev&oldid=172791898) User:Crum375 http://en.wikipedia.org/wiki/User:Crum375 (Undidhttp://en.wikipedia.org/wiki/WP:UNDOrevision 172790564 by Mr Tumnus http://en.wikipedia.org/wiki/Special:Contributions/Mr%20Tumnus ( talk http://en.wikipedia.org/wiki/User%20talk:Mr%20Tumnus)) - 2007-11-20 22:32:37 *by **86.131.88.98*http://en.wikipedia.org/wiki/User:86.131.88.98( histhttp://en.wikipedia.org/w/index.php?title=User%20talk:Mr_Tumnus&action=history) (diffhttp://en.wikipedia.org/w/index.php?title=User%20talk:Mr_Tumnus&diff=prev&oldid=172791781) User talk:Mr Tumnus http://en.wikipedia.org/wiki/User%20talk:Mr_Tumnus( →http://en.wikipedia.org/wiki/User%20talk:Mr_Tumnus#Crum375_sockpuppet_of_SlimvirginCrum375 sockpuppet of Slimvirgin - new section) - 2007-11-20 22:30:13 *by **Mr Tumnus*http://en.wikipedia.org/wiki/User:Mr%20Tumnus( hist http://en.wikipedia.org/w/index.php?title=Snake&action=history) ( diffhttp://en.wikipedia.org/w/index.php?title=Snake&diff=prev&oldid=172791315) Snake http://en.wikipedia.org/wiki/Snake (Undidhttp://en.wikipedia.org/wiki/WP:UNDOrevision 172791188 by 69.37.40.85http://en.wikipedia.org/wiki/Special:Contributions/69.37.40.85( talk http://en.wikipedia.org/wiki/User%20talk:69.37.40.85)) - 2007-11-20 22:27:39 *by **Mr Tumnus*http://en.wikipedia.org/wiki/User:Mr%20Tumnus( histhttp://en.wikipedia.org/w/index.php?title=User%20talk:86.131.88.98&action=history) (diffhttp://en.wikipedia.org/w/index.php?title=User%20talk:86.131.88.98&diff=prev&oldid=172790840) User talk:86.131.88.98http://en.wikipedia.org/wiki/User%20talk:86.131.88.98(Warning) *(top)* - 2007-11-20 22:27:12 *by **Mr Tumnus*http://en.wikipedia.org/wiki/User:Mr%20Tumnus( histhttp://en.wikipedia.org/w/index.php?title=User%20talk:69.125.253.12&action=history) (diffhttp://en.wikipedia.org/w/index.php?title=User%20talk:69.125.253.12&diff=prev&oldid=172790741) User talk:69.125.253.12http://en.wikipedia.org/wiki/User%20talk:69.125.253.12(Warning) - 2007-11-20 22:26:25 *by **Mr Tumnus*http://en.wikipedia.org/wiki/User:Mr%20Tumnus( histhttp://en.wikipedia.org/w/index.php?title=User:Crum375&action=history) (diffhttp://en.wikipedia.org/w/index.php?title=User:Crum375&diff=prev&oldid=172790564) User:Crum375 http://en.wikipedia.org/wiki/User:Crum375 (Undidhttp://en.wikipedia.org/wiki/WP:UNDOrevision 172790134 by 86.131.88.98http://en.wikipedia.org/wiki/Special:Contributions/86.131.88.98( talk http://en.wikipedia.org/wiki/User%20talk:86.131.88.98)) (TUMNUS DELETES ACCUSATION 0:19 AFTER PRIOR EDIT, ALSO 2:14 AFTER FIRST ADDED) - 2007-11-20 22:26:06 *by **Mr Tumnus*http://en.wikipedia.org/wiki/User:Mr%20Tumnus( hist http://en.wikipedia.org/w/index.php?title=Kutless&action=history) (diffhttp://en.wikipedia.org/w/index.php?title=Kutless&diff=prev&oldid=172790513) Kutless http://en.wikipedia.org/wiki/Kutless (Rv) *(top)* - 2007-11-20 22:25:29 *by **Mr Tumnus*http://en.wikipedia.org/wiki/User:Mr%20Tumnus( histhttp://en.wikipedia.org/w/index.php?title=Portal:Europe/Intro&action=history) (diffhttp://en.wikipedia.org/w/index.php?title=Portal:Europe/Intro&diff=prev&oldid=172790389) Portal:Europe/Intro http://en.wikipedia.org/wiki/Portal:Europe/Intro ( Undid http://en.wikipedia.org/wiki/WP:UNDO revision 172786701 by 69.125.253.12http://en.wikipedia.org/wiki/Special:Contributions/69.125.253.12( talk http://en.wikipedia.org/wiki/User%20talk:69.125.253.12)) - 2007-11-20 22:25:04 *by **Mr Tumnus*http://en.wikipedia.org/wiki/User:Mr%20Tumnus( hist http://en.wikipedia.org/w/index.php?title=Mouse&action=history) ( diffhttp://en.wikipedia.org/w/index.php?title=Mouse&diff=prev&oldid=172790299) Mouse http://en.wikipedia.org/wiki/Mouse (Undidhttp://en.wikipedia.org/wiki/WP:UNDOrevision 172788037 by 69.125.253.12http://en.wikipedia.org/wiki/Special:Contributions/69.125.253.12( talk http://en.wikipedia.org/wiki/User%20talk:69.125.253.12)) (TUMNUS ARRIVES ONE MINUTE LATER) - 2007-11-20 22:24:11 *by **86.131.88.98*http://en.wikipedia.org/wiki/User:86.131.88.98( histhttp://en.wikipedia.org/w/index.php?title=User:Crum375&action=history) (diffhttp://en.wikipedia.org/w/index.php?title=User:Crum375&diff=prev&oldid=172790134) User:Crum375 http://en.wikipedia.org/wiki/User:Crum375http://en.wikipedia.org/wiki/WP:UNDO (SOCK ACCUSATION ADDED)http://en.wikipedia.org/wiki/Special:Contributions/69.125.253.12http://en.wikipedia.org/wiki/User%20talk:69.125.253.12 - 2007-11-20 20:38:01 *by **Crum375*http://en.wikipedia.org/wiki/User:Crum375( histhttp://en.wikipedia.org/w/index.php?title=Talk:BDORT&action=history) (diffhttp://en.wikipedia.org/w/index.php?title=Talk:BDORT&diff=prev&oldid=172769465) Talk:BDORT http://en.wikipedia.org/wiki/Talk:BDORT (→http://en.wikipedia.org/wiki/Talk:BDORT#Opening_SentenceOpening Sentence - high quality for UNDUE) - 2007-11-20 20:26:29 *by **Crum375*http://en.wikipedia.org/wiki/User:Crum375( histhttp://en.wikipedia.org/w/index.php?title=Talk:BDORT&action=history) (diffhttp://en.wikipedia.org/w/index.php?title=Talk:BDORT&diff=prev&oldid=172767268) Talk:BDORT http://en.wikipedia.org/wiki/Talk:BDORT (→http://en.wikipedia.org/wiki/Talk:BDORT#Opening_SentenceOpening Sentence - re) - 2007-11-20 20:14:16 *by **Mr Tumnus*http://en.wikipedia.org/wiki/User:Mr%20Tumnus( histhttp://en.wikipedia.org/w/index.php?title=User%20talk:137.164.143.114&action=history) (diffhttp://en.wikipedia.org/w/index.php?title=User%20talk:137.164.143.114&diff=prev&oldid=172764834) User talk:137.164.143.114http://en.wikipedia.org/wiki/User%20talk:137.164.143.114( →http://en.wikipedia.org/wiki/User%20talk:137.164.143.114#November_2007November 2007 - Another
The times here are in hours, minutes and seconds. My question to Lar was how a new user could find Crum375's talk page to remove a sock template, although the two had never interacted, within 19 seconds of [his] previous revert, when the edit to Crum375's talk page had at that point already been sitting on recent changes for nearly two minutes. Those weren't the only edits, however; in fact Tumnus arrived the next time within three minutes to remove a related comment, in that case after two days' absence. Along with a few other points including Tumnus changing his name and blanking posts of banned editors, this is what I sent to Lar.
Regarding the other comments, my issue didn't start with Dmcdevit, as you know, but with your decision to follow me to [[Folke Bernadotte]] amidst our first interaction, to revert three times in less than thirty minutes before two friends showed up to protect the page and contribute further reverts, and before you then decided the next day to report me for a "complex 3RR violation." Your second arrival, which ultimately involved Dmcdevit, was icing, although you should recall that did involve multiple editors chastizing you for your actions (see points two and three here http://en.wikipedia.org/wiki/Wikipedia:Requests_for_arbitration/C68-FM-SV/Evidence#Deceptive.2Fbattleground_editing_by_SlimVirginin the current arbitration). My issue was greatly exacerbated when, despite these remarkable actions (and several others), and despite my complete failure to respond in kind, you started accusing me of following you -- or at least you and Jayjg since the former couldn't be supported -- in the strongest possible terms. This was further worsened when you went on with additional accusations, attempted to exclude another editor and myself from a mediation involving Crum375's long-term protection of a page, and when it later became apparent not just that Crum375 protected pages for you all the time, but that in fact Crum375 did virtually nothing but follow you around Wikipedia, often supporting you in absurd fights while presenting as neutral.
To my own point, I suppose eventually my hope has been that you'd realize how unjustified all of this has been, how personally offensive it has been, and the same regarding your approach to various other editors. Similarly, if Crum375 is a friend, I'd hope they would realize how offensive it has been for them to pose as a neutral mediator in your various all-out disputes, at the same time as you've seemed willing to do just about anything to marginalize those you don't like (even while asking the same editors to assume your good faith!). Two editors who work together so much shouldn't be edit warring together, ever, regardless, or for that matter be so quick to complain if others they've edited with have a view about a particular article. Perhaps addressing these issues could also be of benefit.
So here is a breakdown of Sarah's complaint, let me know if I've got this right:
* A checkuser checked two accounts, and she disagrees with the basis for that check * The fact that her account was also checked is, to her, not relevant * One account was an established editor editing under a different name * The established editor then stopped editing for fear of the accounts being connected * The only disclosure of information was to the checkusers wife (hard to criticise, I think) * A review by other checkusers and an Ombudsman found no problem with the checks
Checkusers, Ombudsmen and ArbCom (according to Sarah) have no issue with Lar or his work in this case. She won't bother filing a request because she's confident it will be rejected. There doesn't seem to be much, if any, support for the basis of her complaint even outside of the three groups noted above.
So what is the issue? Clearly there is no underlying problem - Sarah is upset that an editor who was hiding his/her identity decided to "wind down" because he was revealed to a checkuser. There is no absolute right to privacy from the Foundation or its representatives - you should assume that if there is reasonable suspicion, in the eyes of a checkuser, your IP information can and will be reviewed by that checkuser and any others CUs asked to assist. Simple mechanism for preventing this is to not edit.
Now that Sarah has laid out her whole case, Lar has responded and Mackan has given his evidence that led Lar to run the check I think most people will agree that there is no issue the community can address at the core of *this* dispute.
Nathan
On Sun, 20 Jul 2008, Nathan wrote:
- The only disclosure of information was to the checkusers wife (hard to
criticise, I think)
I'd criticize it.
If we say it's okay to give privileged information to your wife, we're essentially saying that making any married person a privileged user is a two-for-one. If so, whenever a married person applies to become an admin, his wife should be checked out and questioned in as much detail as he is, and go through the same gauntlet of criticism as the applicant himself. We don't do this.
If you think about it a bit, we generally don't do this in the real world. For instance, HIPAA in the US governs what doctors are allowed to disclose your private health information to. Disclosure to the doctor's spouse is certainly not in there.
On Sun, Jul 20, 2008 at 4:27 PM, Ken Arromdee arromdee@rahul.net wrote:
On Sun, 20 Jul 2008, Nathan wrote:
- The only disclosure of information was to the checkusers wife (hard to
criticise, I think)
I'd criticize it.
If we say it's okay to give privileged information to your wife, we're essentially saying that making any married person a privileged user is a two-for-one. If so, whenever a married person applies to become an admin, his wife should be checked out and questioned in as much detail as he is, and go through the same gauntlet of criticism as the applicant himself. We don't do this.
Seconded. Family, relatives and friends do not have WMF trust inherited.
Realistically in everyday life, spouses will hear many things that are private - as they would about other matters in a person's life they are living with. But they do not have the /right/ to, and my expectation would be that a person who used a privacy tool (whether CheckUser, Oversight, OTRS, internal list, or otherwise) is fully responsible and accountable for the information they obtain. That means they /need/ to be responsible for assessing whether they can and will keep it private, including assessment of those they live with or who have access to their computer or saved data.
That assessment is an integral part of assessing one's own fitness for the enhanced tools. A person may be fit for the task personally but lack the assurance on that.
Realistically, I'd accept an assessment that the spouse (or other close parties/housemates involves) aren't involved or interested, or have more information but a complete sense of discretion and "chinese walls", or won't know names or details, or whatever. Realistically people may tell spouses some things, some times. But a person in any privacy related position has to be responsible for assessing the privacy of information they are allowed to access. That's not just what /they/ will say or do, but that the data will stay private in all practical senses if they are allowed access to it. I would add this to non-public data policy:
"A person being proposed to have access to non-public data will be personally responsible for the data they obtain through that access. Their access may be removed if, through their being given access, such information is improperly spread to unauthorized others."
"Guidance: - In practice this means that such a person should assess their online security practices (logging off, or sharing or locking their computer), their saved data practices (email, evidence, logs, and notes), and their shared personal discussion with others if any (housemates, close relatives and the like, and those people's discretion and involvement). These must be operated appropriately before enhanced access may be granted, and maintanced appropriately thereafter."
FT2
On Sun, 2008-07-20 at 19:00 +0100, FT2 wrote:
Seconded. Family, relatives and friends do not have WMF trust inherited.
Realistically in everyday life, spouses will hear many things that are
<snip>
Agreed on the points being made. However, is the fact that Lar has told the results to someone not authorised to have such information (his wife) even established aside from the allegation made by Sarah?
KTC
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Kwan Ting Chan wrote:
On Sun, 2008-07-20 at 19:00 +0100, FT2 wrote:
Seconded. Family, relatives and friends do not have WMF trust inherited.
Realistically in everyday life, spouses will hear many things that are
<snip>
Agreed on the points being made. However, is the fact that Lar has told the results to someone not authorised to have such information (his wife) even established aside from the allegation made by Sarah?
KTC
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Here is a question... it borders on straw man but... bear with me.
So if my wife brings me a sandwich at the computer... I should break my neck to hide the OTRS interface from her? - -- Best, Jon
[User:NonvocalScream]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Kwan Ting Chan wrote:
On Sun, 2008-07-20 at 19:00 +0100, FT2 wrote:
Seconded. Family, relatives and friends do not have WMF trust inherited.
Realistically in everyday life, spouses will hear many things that are
<snip>
Agreed on the points being made. However, is the fact that Lar has told the results to someone not authorised to have such information (his wife) even established aside from the allegation made by Sarah?
KTC
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Incidentally, my wife does not bring me sandwiches to the computer. :)
- -- Best, Jon
[User:NonvocalScream]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Kwan Ting Chan wrote:
On Sun, 2008-07-20 at 19:00 +0100, FT2 wrote:
Seconded. Family, relatives and friends do not have WMF trust inherited.
Realistically in everyday life, spouses will hear many things that are
<snip>
Agreed on the points being made. However, is the fact that Lar has told the results to someone not authorised to have such information (his wife) even established aside from the allegation made by Sarah?
KTC
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Apologies for the multiple posts, buts lets play this out...
Spouse: So, whatcha doin honey?
Jon: Nothing, nothing at all. (Minimizes windows (otrs, blog admin interface, whatever in hurried secretive fashion)
Spouse: o.O
See where this goes?
- -- Best, Jon
[User:NonvocalScream]
On Sun, 2008-07-20 at 12:29 -0600, Jon wrote:
Apologies for the multiple posts, buts lets play this out...
Spouse: So, whatcha doin honey?
Jon: Nothing, nothing at all. (Minimizes windows (otrs, blog admin interface, whatever in hurried secretive fashion)
Spouse: o.O
See where this goes?
Sure, but I was more thinking about the situation where someone deliberately go out of their way to tell privileged information to someone who shouldn't have it.
Casual conversation "leaks" happens, it's why people undergoing security vetting end up having checks / requirements made on their immediately family as well. (And no, I'm not saying someone should need to have their family checked to have access to some IP address.)
KTC
p.s. I was going to say you should break your neck for eating at your computer, before realising I do it all the time. :P
I'm not sure that divulging the connection between two pseudonyms withstands comparison to the disclosure of personal health information in violation of the law. Perhaps of equal importance - you'd be surprised what doctors tell their spouses and colleagues.
Nathan
On 7/20/08, Ken Arromdee arromdee@rahul.net wrote:
If we say it's okay to give privileged information to your wife, we're essentially saying that making any married person a privileged user is a two-for-one. If so, whenever a married person applies to become an admin, his wife should be checked out and questioned in as much detail as he is, and go through the same gauntlet of criticism as the applicant himself. We don't do this.
If you think about it a bit, we generally don't do this in the real world. For instance, HIPAA in the US governs what doctors are allowed to disclose your private health information to. Disclosure to the doctor's spouse is certainly not in there.
I would say that where a checkuser's wife is not a Wikipedian, there's less of a privacy issue, or if the editor who has been checked is not of interest to many people.
But in this case, Wikitumnus had reason to want to protect his privacy, and Lar's wife is another Wikipedian. (There are other issues relevant to that point that I can't discuss in public.) That makes this the kind of breach of the privacy policy that really shouldn't happen. Certainly, Wikitumnus felt his privacy had been breached and felt forced to abandon the account, though he had done nothing wrong.
Sarah
Ken Arromdee wrote:
On Sun, 20 Jul 2008, Nathan wrote:
- The only disclosure of information was to the checkusers wife (hard to
criticise, I think)
I'd criticize it.
If we say it's okay to give privileged information to your wife, we're essentially saying that making any married person a privileged user is a two-for-one. If so, whenever a married person applies to become an admin, his wife should be checked out and questioned in as much detail as he is, and go through the same gauntlet of criticism as the applicant himself. We don't do this.
If you think about it a bit, we generally don't do this in the real world. For instance, HIPAA in the US governs what doctors are allowed to disclose your private health information to. Disclosure to the doctor's spouse is certainly not in there.
I agree on this point. If one is giving access to confidential information, then it is confidential. Period. There is no reason to consider a spouse a special case. Or a brother. Or the best friend.
And IF the information is indeed given to the spouse, then the best that can happen is that absolutely no one knows or even suspect that the spouse has the information. The spouse must be absolutely mute on the whole matter.
Ant
On 7/20/08, Nathan nawrich@gmail.com wrote:
- A review by other checkusers and an Ombudsman found no problem with the
checks
That isn't correct. Mackensen, one of the Ombudsmen, supported Lar from the very beginning, to the point (according to Lar) of advising Lar not to tell me about the check -- though Mackensen told me that wasn't quite true. If it is true, he should not be an Ombudsman.
The other Ombudsman would, I feel, have been willing to investigate had a formal complaint been made. None was.
Several of the other checkusers were uncomfortable with the check, but again I believe they needed a formal complaint to move forward.
No, that's not quite the case, and you've been told that before. I'll repeat it again for the benefit of a wider audience.
Lar came to me because he was understandably disturbed by some of his findings and wanted my opinion before taking matters public. I counseled Lar to do nothing because I had stumbled into the 'situation' several months previously, but did not feel that I could disclose to Lar the full specifics until I had discussed the matter with the other people involved. I will not, yet, name names, but they included a member of the Arbitration Committee and another Checkuser. I grant that I didn't see any particular urgency in the matter.
I took this precaution because I felt that two administrators on the English Wikipedia would rather that the nature of their editing practices remain private. If this was not the case then I apologize for showing any delicacy: I should have told Lar to go ahead and publish his findings, to hell with responsible behavior.
I recognize this is all very vague. Like every other checkuser I'm rather constrained in what I may and may not say. I will not, however, permit this kind of abuse to go unanswered.
Charles (Mackensen)
On Sun, Jul 20, 2008 at 6:44 PM, SlimVirgin slimvirgin@gmail.com wrote:
On 7/20/08, Nathan nawrich@gmail.com wrote:
- A review by other checkusers and an Ombudsman found no problem with the
checks
That isn't correct. Mackensen, one of the Ombudsmen, supported Lar from the very beginning, to the point (according to Lar) of advising Lar not to tell me about the check -- though Mackensen told me that wasn't quite true. If it is true, he should not be an Ombudsman.
The other Ombudsman would, I feel, have been willing to investigate had a formal complaint been made. None was.
Several of the other checkusers were uncomfortable with the check, but again I believe they needed a formal complaint to move forward.
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
On Sun, Jul 20, 2008 at 8:27 PM, Charles Fulton mackensen@gmail.com wrote:
No, that's not quite the case, and you've been told that before. I'll repeat it again for the benefit of a wider audience.
Lar came to me because he was understandably disturbed by some of his findings and wanted my opinion before taking matters public. I counseled Lar to do nothing because I had stumbled into the 'situation' several months previously, but did not feel that I could disclose to Lar the full specifics until I had discussed the matter with the other people involved. I will not, yet, name names, but they included a member of the Arbitration Committee and another Checkuser. I grant that I didn't see any particular urgency in the matter.
I took this precaution because I felt that two administrators on the English Wikipedia would rather that the nature of their editing practices remain private. If this was not the case then I apologize for showing any delicacy: I should have told Lar to go ahead and publish his findings, to hell with responsible behavior.
I recognize this is all very vague. Like every other checkuser I'm rather constrained in what I may and may not say. I will not, however, permit this kind of abuse to go unanswered.
Charles (Mackensen)
On Sun, Jul 20, 2008 at 6:44 PM, SlimVirgin slimvirgin@gmail.com wrote:
On 7/20/08, Nathan nawrich@gmail.com wrote:
- A review by other checkusers and an Ombudsman found no problem with
the
checks
That isn't correct. Mackensen, one of the Ombudsmen, supported Lar from the very beginning, to the point (according to Lar) of advising Lar not to tell me about the check -- though Mackensen told me that wasn't quite true. If it is true, he should not be an Ombudsman.
The other Ombudsman would, I feel, have been willing to investigate had a formal complaint been made. None was.
Several of the other checkusers were uncomfortable with the check, but again I believe they needed a formal complaint to move forward.
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
One point that seems to be overlooked here is that a returning user really should not be blanking sock templates from the page of a previous friend, which is how SV has characterized the relationship. A recognized user, fine, but not a returning user. The fact that Tumnus arrived within one minute of the template being added, then reverted three times in quick succession before returning to Crum375's user page, also indicates the user was attempting to hide what they were doing. That is a violation of the sockpuppetry policy, whether or not the CUs were willing to overlook it in the case.
I also remain unclear how SV could state that Lar said an initial inquiry was sent by me. Did Lar say this to you, SV? I told Lar that I trusted his discretion, but I would be surprised if he said this to you or Wikitumnus.
Other than that, I see another round of inaccurate allegations which SV has attempted to lump onto another unrelated event. Likewise when pointed out I see that none of these misstatements are recognized. If SV won't, I hope ArbCom does consider this continuing approach in the current case.
On 7/20/08, Charles Fulton mackensen@gmail.com wrote:
No, that's not quite the case, and you've been told that before. I'll repeat it again for the benefit of a wider audience.
What is not quite the case, Charles?
Lar came to me because he was understandably disturbed by some of his findings and wanted my opinion before taking matters public. I counseled Lar to do nothing because I had stumbled into the 'situation' several months previously, but did not feel that I could disclose to Lar the full specifics until I had discussed the matter with the other people involved. I will not, yet, name names, but they included a member of the Arbitration Committee and another Checkuser. I grant that I didn't see any particular urgency in the matter.
But that's not what Lar said. He told me in an e-mail that you had advised him not to raise the check WITH ME. You had no business doing that as Ombudsman. If you say now that you didn't give him this advice, I believe you, but then we're back to the issue of spinning. You can't both be right.
The point is, Charles, that from the very start, even before any of us knew about the checkuser, you aided and abetted Lar in this situation, rather than stepping back as Ombudsman and realizing that it was the kind of thing you might be asked to adjudicate on. What is the point of having an Ombudsman who is so deeply biased?
You can interpret it however you like. I'm sitting here staring at the conversation from March. Given that I told Lar to *do nothing* while I consulted with two other people, you could argue that I told him not to tell you, but I effectively told him to tell no one else as well. I did so because I was weighing how much privileged information to share with Lar. I didn't think it was wise to raise the matter with you, yes, because you'd already made it quite clear to me that you didn't trust Lar and because, back in the early winter, we'd already been through this whole discussion and I was satisfied by the explanations that I'd received. I found myself in a bit of pickle, not the least because of the significant, pre-existing gap of trust between users.
The primary role of the ombudsman is to review the release of private data. Given that no such release had occurred or appeared to be pending, I was not acting in that role. It is not clear to me why I should have notified you, or Crum, or anyone else, that Lar had run such checks. I also don't see how I was "aiding" or "abetting" Lar, which implies that he was committing some sort of crime!
I don't care for the accusation nor the insinuations.
Charles
On Mon, Jul 21, 2008 at 6:40 AM, SlimVirgin slimvirgin@gmail.com wrote:
On 7/20/08, Charles Fulton mackensen@gmail.com wrote:
No, that's not quite the case, and you've been told that before. I'll repeat it again for the benefit of a wider audience.
What is not quite the case, Charles?
Lar came to me because he was understandably disturbed by some of his findings and wanted my opinion before taking matters public. I counseled Lar to do nothing because I had stumbled into the 'situation' several months previously, but did not feel that I could disclose to Lar the full specifics until I had discussed the matter with the other people involved. I will not, yet, name names, but they included a member of the Arbitration Committee and another Checkuser. I grant that I didn't see any particular urgency in the matter.
But that's not what Lar said. He told me in an e-mail that you had advised him not to raise the check WITH ME. You had no business doing that as Ombudsman. If you say now that you didn't give him this advice, I believe you, but then we're back to the issue of spinning. You can't both be right.
The point is, Charles, that from the very start, even before any of us knew about the checkuser, you aided and abetted Lar in this situation, rather than stepping back as Ombudsman and realizing that it was the kind of thing you might be asked to adjudicate on. What is the point of having an Ombudsman who is so deeply biased?
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
On 7/21/08, Charles Fulton mackensen@gmail.com wrote:
You can interpret it however you like. I'm sitting here staring at the conversation from March. Given that I told Lar to *do nothing* while I consulted with two other people, you could argue that I told him not to tell you, but I effectively told him to tell no one else as well ... I found myself in a bit of pickle, not the least because of the significant, pre-existing gap of trust between users.
The lack of trust in certain checkusers is the main problem here. When Kelly Martin was given checkuser, I guessed that she would eventually use it on me, because she doesn't like me, and she appeared not to care about the rules. And sure enough, she did. When Alison and Lar were given it and started posting regularly to Wikipedia Review, I guessed that one or both would checkuser me at some point, and sure enough, one of them did.
It would be good if ArbCom or the Ombudsman commission would see to it that admins do not use checkuser for no reason against people they don't like. It would be good if you would ensure that people who are regular posters to Wikipedia Review refrain from using the tool against editors who are attacked, cyberstalked, and defamed there.
But this is so obvious, and such common sense, that the very fact that I'm having to suggest it shows how hopeless the situation is.
The primary role of the ombudsman is to review the release of private data. Given that no such release had occurred or appeared to be pending, I was not acting in that role.
You posted on AN/I that Lar had not told anyone about the check, yet you knew he had told his wife, another Wikipedian, and had done so without Wikitumnus's consent (which WT would not have given). You have aided Lar in this from the very beginning, and have done your best to help him cover his tracks. You even gave the impression on AN/I that the Ombudsman Commission had looked into this, which it did not.
The point, Charles, which seems to escape you, is that people on the Ombudsman commission are meant to be neutral and disinterested, so that editors trust them. If you care about that lack of trust, I hope you'll give your place to someone else.
Oh good, we're on to Kelly Martin. I think that about concludes the usefulness of this thread.
For onlookers, there's a good deal not being said here because, contrary to Slim's insinuations, I actually do give a damn about people's privacy, and their reputations.
Now, you'll have to direct me to this ANI thread, because I don't recall if specifically. I've been referring directly to a private conversation which I had with Lar dated March 11. At no time did Lar mention his wife. I should note that Lar specifically denies the allegation you've made, and claims to have private correspondence to prove it. If you gained the impression from ANI that the Commission had officially looked into the matter then I regret that you gained that impression. We've not, as you've never lodged a formal complaint of any kind. In the course of your unofficial complaint to checkuser-l, of course, two of the three commissioners developed fairly vocal views on the question so frankly if you ever do lodge a complaint it'll come down to Hei ber's say so.
Look, we can go round and round on this. If I was half the unscrupulous hack you've implied I would have published my private correspondence to this thread, but my personal vindication doesn't matter as much (yet) as the trust placed in me by various parties to not disclose certain things without their consent.
Your position, if I understand it correctly (and I have no doubt that I'll be told that I do not), is that I am obligated to tell you when a checkuser whom you do not trust performs a checkuser on your account (or, rather, related accounts). This doesn't scan. At all. Not the least because I trust Lar and Alison and consider them honorable, trustworthy people, and I've been shown no cause to believe otherwise. As an Ombudsman it would be perverse for me to start disclosing random bits of the CU log without good cause and outside my official duties.
I concur, of course, that an Ombudsman should be neutral, but that doesn't require me to stay silent as what's left of my name is dragged through the mud. I'll remind you, for the umpteenth time, that all the people you're acting are open about their real identities.
Best,
Charles
On Mon, Jul 21, 2008 at 7:17 AM, SlimVirgin slimvirgin@gmail.com wrote:
On 7/21/08, Charles Fulton mackensen@gmail.com wrote:
You can interpret it however you like. I'm sitting here staring at the conversation from March. Given that I told Lar to *do nothing* while I consulted with two other people, you could argue that I told him not to tell you, but I effectively told him to tell no one else as well ... I found myself in a bit of pickle, not the least because of the significant, pre-existing gap of trust between users.
The lack of trust in certain checkusers is the main problem here. When Kelly Martin was given checkuser, I guessed that she would eventually use it on me, because she doesn't like me, and she appeared not to care about the rules. And sure enough, she did. When Alison and Lar were given it and started posting regularly to Wikipedia Review, I guessed that one or both would checkuser me at some point, and sure enough, one of them did.
It would be good if ArbCom or the Ombudsman commission would see to it that admins do not use checkuser for no reason against people they don't like. It would be good if you would ensure that people who are regular posters to Wikipedia Review refrain from using the tool against editors who are attacked, cyberstalked, and defamed there.
But this is so obvious, and such common sense, that the very fact that I'm having to suggest it shows how hopeless the situation is.
The primary role of the ombudsman is to review the release of private data. Given that no such release had occurred or appeared to be pending, I was not acting in that role.
You posted on AN/I that Lar had not told anyone about the check, yet you knew he had told his wife, another Wikipedian, and had done so without Wikitumnus's consent (which WT would not have given). You have aided Lar in this from the very beginning, and have done your best to help him cover his tracks. You even gave the impression on AN/I that the Ombudsman Commission had looked into this, which it did not.
The point, Charles, which seems to escape you, is that people on the Ombudsman commission are meant to be neutral and disinterested, so that editors trust them. If you care about that lack of trust, I hope you'll give your place to someone else.
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
On 7/21/08, Charles Fulton mackensen@gmail.com wrote:
Oh good, we're on to Kelly Martin. I think that about concludes the usefulness of this thread.
For onlookers, there's a good deal not being said here because, contrary to Slim's insinuations, I actually do give a damn about people's privacy, and their reputations.
Now, you'll have to direct me to this ANI thread, because I don't recall if specifically.
During this discussion http://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Inciden... you posted after Lar's very partial account, saying that it was accurate. http://en.wikipedia.org/w/index.php?title=Wikipedia:Administrators%27_notice... But he claimed, inter alia, that the matter had been taken to the Ombudsman Commission, when you knew that it had not been.
I've been referring directly to a private conversation which I had with Lar dated March 11. At no time did Lar mention his wife. I should note that Lar specifically denies the allegation you've made, and claims to have private correspondence to prove it.
I don't know which allegation he denies. I have not seen him deny anything.
If you gained the impression from ANI that the Commission had officially looked into the matter then I regret that you gained that impression. We've not, as you've never lodged a formal complaint of any kind. In the course of your unofficial complaint to checkuser-l, of course, two of the three commissioners developed fairly vocal views on the question so frankly if you ever do lodge a complaint it'll come down to Hei ber's say so.
I did not complaint to checkuser-l. I wrote to Anthere to ask about extending the authority of the Ombudsman to checkuser policy violations. What makes you suddenly think that you know the contents of my private e-mails to Anthere?
I'll copy my letter to her below, so that you can see how wrong you are (as well as David and Thatcher).
Look, we can go round and round on this. If I was half the unscrupulous hack you've implied I would have published my private correspondence to this thread, but my personal vindication doesn't matter as much (yet) as the trust placed in me by various parties to not disclose certain things without their consent.
Is that "yet" supposed to be a threat? You clearly have no idea how inappropriate your behavior is from someone who is supposed to be a neutral party in a position of responsibility. Do you think that anyone reading this thread is going to trust you in future if they have a problem with a checkuser, and with Lar in particular?
Your position, if I understand it correctly (and I have no doubt that I'll be told that I do not), is that I am obligated to tell you when a checkuser whom you do not trust performs a checkuser on your account (or, rather, related accounts).
I have said no such thing. Charles, please read what people actually write.
My e-mail to Anthere:
From: SlimVirgin slimvirgin@gmail.com Date: Mar 18, 2008 1:34 AM Subject: Question about checkuser/privacy policies To: Anthere anthere@wikimedia.org
Hi Florence,
I have a question about something we talked about briefly last year.
We're continuing to find examples of checkusers who are getting IPs for established editors and admins out of apparent curiosity, rather than for any of the reasons listed in the checkuser policy. It's causing quite a bit of distress among some users.
However, because the Ombudsmen are told by the Foundation only to investigate privacy policy violations, there's nothing anyone can do about the misuse of checkuser short of a full ArbCom hearing.
I can't remember what the reason was for restricting the Ombudsmen in this way, but I wanted to ask whether you'd have any objections to the scope being extended, provided the Ombudsmen themselves agree. As it's a Foundation issue, who else do you think would need to be consulted?
Sarah
On Mon, Jul 21, 2008 at 7:17 AM, SlimVirgin slimvirgin@gmail.com wrote:
On 7/21/08, Charles Fulton mackensen@gmail.com wrote:
You can interpret it however you like. I'm sitting here staring at the conversation from March. Given that I told Lar to *do nothing* while I consulted with two other people, you could argue that I told him not to tell you, but I effectively told him to tell no one else as well ... I found myself in a bit of pickle, not the least because of the significant, pre-existing gap of trust between users.
The lack of trust in certain checkusers is the main problem here. When Kelly Martin was given checkuser, I guessed that she would eventually use it on me, because she doesn't like me, and she appeared not to care about the rules. And sure enough, she did. When Alison and Lar were given it and started posting regularly to Wikipedia Review, I guessed that one or both would checkuser me at some point, and sure enough, one of them did.
It would be good if ArbCom or the Ombudsman commission would see to it that admins do not use checkuser for no reason against people they don't like. It would be good if you would ensure that people who are regular posters to Wikipedia Review refrain from using the tool against editors who are attacked, cyberstalked, and defamed there.
But this is so obvious, and such common sense, that the very fact that I'm having to suggest it shows how hopeless the situation is.
The primary role of the ombudsman is to review the release of private data. Given that no such release had occurred or appeared to be pending, I was not acting in that role.
You posted on AN/I that Lar had not told anyone about the check, yet you knew he had told his wife, another Wikipedian, and had done so without Wikitumnus's consent (which WT would not have given). You have aided Lar in this from the very beginning, and have done your best to help him cover his tracks. You even gave the impression on AN/I that the Ombudsman Commission had looked into this, which it did not.
The point, Charles, which seems to escape you, is that people on the Ombudsman commission are meant to be neutral and disinterested, so that editors trust them. If you care about that lack of trust, I hope you'll give your place to someone else.
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
If you haven't seen Lar deny anything then you haven't read his emails to this list. I encourage you to do so before sending any more mail here.
If you continue to make accusations which I know to be false, but the proof cannot be revealed, then you place me in an extremely awkward position, as you've already placed several other users.
I don't claim to be privy to your correspondence with Anthere, but the matter didn't end there as you well know, because I believe you were occasionally copied on emails. I'll have to check my archives to be certain.
You know, you're right. The matter was not taken officially to the Commission, and Lar in his summary indicated that he believed it had. I suspect this is because two of three ombudsmen (at least) already commented, privately, at length. It is true, however, that no official complaint has been made, by you or anyone else, ever. Why you have not done so baffles me, but I think you're obliged to make a formal complaint, either to Arbcom or to the Commission, or hold your peace. I will of course recuse if you choose the latter. I would emphasize that this in no way detracts from the remainder of Lar's statement. Neutrality doesn't mean I'm obliged to give equal weight to an inaccurate summary of events.
Now, you say I'm wrong in my summary of your position. What then? What is it that you want?
Charles
On Mon, Jul 21, 2008 at 8:05 AM, SlimVirgin slimvirgin@gmail.com wrote:
On 7/21/08, Charles Fulton mackensen@gmail.com wrote:
Oh good, we're on to Kelly Martin. I think that about concludes the usefulness of this thread.
For onlookers, there's a good deal not being said here because, contrary to Slim's insinuations, I actually do give a damn about people's privacy, and their reputations.
Now, you'll have to direct me to this ANI thread, because I don't recall if specifically.
During this discussion http://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Inciden... you posted after Lar's very partial account, saying that it was accurate. http://en.wikipedia.org/w/index.php?title=Wikipedia:Administrators%27_notice... But he claimed, inter alia, that the matter had been taken to the Ombudsman Commission, when you knew that it had not been.
I've been referring directly to a private conversation which I had with Lar dated March 11. At no time did Lar mention his wife. I should note that Lar specifically denies the allegation you've made, and claims to have private correspondence to prove it.
I don't know which allegation he denies. I have not seen him deny anything.
If you gained the impression from ANI that the Commission had officially looked into the matter then I regret that you gained that impression. We've not, as you've never lodged a formal complaint of any kind. In the course of your unofficial complaint to checkuser-l, of course, two of the three commissioners developed fairly vocal views on the question so frankly if you ever do lodge a complaint it'll come down to Hei ber's say so.
I did not complaint to checkuser-l. I wrote to Anthere to ask about extending the authority of the Ombudsman to checkuser policy violations. What makes you suddenly think that you know the contents of my private e-mails to Anthere?
I'll copy my letter to her below, so that you can see how wrong you are (as well as David and Thatcher).
Look, we can go round and round on this. If I was half the unscrupulous hack you've implied I would have published my private correspondence to this thread, but my personal vindication doesn't matter as much (yet) as the trust placed in me by various parties to not disclose certain things without their consent.
Is that "yet" supposed to be a threat? You clearly have no idea how inappropriate your behavior is from someone who is supposed to be a neutral party in a position of responsibility. Do you think that anyone reading this thread is going to trust you in future if they have a problem with a checkuser, and with Lar in particular?
Your position, if I understand it correctly (and I have no doubt that I'll be told that I do not), is that I am obligated to tell you when a checkuser whom you do not trust performs a checkuser on your account (or, rather, related accounts).
I have said no such thing. Charles, please read what people actually write.
My e-mail to Anthere:
From: SlimVirgin slimvirgin@gmail.com Date: Mar 18, 2008 1:34 AM Subject: Question about checkuser/privacy policies To: Anthere anthere@wikimedia.org
Hi Florence,
I have a question about something we talked about briefly last year.
We're continuing to find examples of checkusers who are getting IPs for established editors and admins out of apparent curiosity, rather than for any of the reasons listed in the checkuser policy. It's causing quite a bit of distress among some users.
However, because the Ombudsmen are told by the Foundation only to investigate privacy policy violations, there's nothing anyone can do about the misuse of checkuser short of a full ArbCom hearing.
I can't remember what the reason was for restricting the Ombudsmen in this way, but I wanted to ask whether you'd have any objections to the scope being extended, provided the Ombudsmen themselves agree. As it's a Foundation issue, who else do you think would need to be consulted?
Sarah
On Mon, Jul 21, 2008 at 7:17 AM, SlimVirgin slimvirgin@gmail.com wrote:
On 7/21/08, Charles Fulton mackensen@gmail.com wrote:
You can interpret it however you like. I'm sitting here staring at the conversation from March. Given that I told Lar to *do nothing* while I consulted with two other people, you could argue that I told him not to tell you, but I effectively told him to tell no one else as well ... I found myself in a bit of pickle, not the least because of the significant, pre-existing gap of trust between users.
The lack of trust in certain checkusers is the main problem here. When Kelly Martin was given checkuser, I guessed that she would eventually use it on me, because she doesn't like me, and she appeared not to care about the rules. And sure enough, she did. When Alison and Lar were given it and started posting regularly to Wikipedia Review, I guessed that one or both would checkuser me at some point, and sure enough, one of them did.
It would be good if ArbCom or the Ombudsman commission would see to it that admins do not use checkuser for no reason against people they don't like. It would be good if you would ensure that people who are regular posters to Wikipedia Review refrain from using the tool against editors who are attacked, cyberstalked, and defamed there.
But this is so obvious, and such common sense, that the very fact that I'm having to suggest it shows how hopeless the situation is.
The primary role of the ombudsman is to review the release of private data. Given that no such release had occurred or appeared to be pending, I was not acting in that role.
You posted on AN/I that Lar had not told anyone about the check, yet you knew he had told his wife, another Wikipedian, and had done so without Wikitumnus's consent (which WT would not have given). You have aided Lar in this from the very beginning, and have done your best to help him cover his tracks. You even gave the impression on AN/I that the Ombudsman Commission had looked into this, which it did not.
The point, Charles, which seems to escape you, is that people on the Ombudsman commission are meant to be neutral and disinterested, so that editors trust them. If you care about that lack of trust, I hope you'll give your place to someone else.
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
-- http://en.wikipedia.org/wiki/User:SlimVirgin
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
On 7/21/08, Charles Fulton mackensen@gmail.com wrote:
If you haven't seen Lar deny anything then you haven't read his emails to this list. I encourage you to do so before sending any more mail here.
If you continue to make accusations which I know to be false, but the proof cannot be revealed, then you place me in an extremely awkward position, as you've already placed several other users.
I don't claim to be privy to your correspondence with Anthere, but the matter didn't end there as you well know, because I believe you were occasionally copied on emails. I'll have to check my archives to be certain.
You know, you're right. The matter was not taken officially to the Commission, and Lar in his summary indicated that he believed it had.
No, he did not say that he *believed* it had. He said that it had, when he knew that it had not, And you confirmed that his account was accurate, when you also knew that it had not.
I suspect this is because two of three ombudsmen (at least) already commented, privately, at length. It is true, however, that no official complaint has been made, by you or anyone else, ever. Why you have not done so baffles me, but I think you're obliged to make a formal complaint, either to Arbcom or to the Commission, or hold your peace. I will of course recuse if you choose the latter.
You would have been better holding your tongue and not getting involved in the first place. Lar used you.
On Mon, Jul 21, 2008 at 8:05 AM, SlimVirgin slimvirgin@gmail.com wrote:
On 7/21/08, Charles Fulton mackensen@gmail.com wrote:
Oh good, we're on to Kelly Martin. I think that about concludes the usefulness of this thread.
For onlookers, there's a good deal not being said here because, contrary to Slim's insinuations, I actually do give a damn about people's privacy, and their reputations.
Now, you'll have to direct me to this ANI thread, because I don't recall if specifically.
During this discussion http://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Inciden... you posted after Lar's very partial account, saying that it was accurate. http://en.wikipedia.org/w/index.php?title=Wikipedia:Administrators%27_notice... But he claimed, inter alia, that the matter had been taken to the Ombudsman Commission, when you knew that it had not been.
I've been referring directly to a private conversation which I had with Lar dated March 11. At no time did Lar mention his wife. I should note that Lar specifically denies the allegation you've made, and claims to have private correspondence to prove it.
I don't know which allegation he denies. I have not seen him deny anything.
If you gained the impression from ANI that the Commission had officially looked into the matter then I regret that you gained that impression. We've not, as you've never lodged a formal complaint of any kind. In the course of your unofficial complaint to checkuser-l, of course, two of the three commissioners developed fairly vocal views on the question so frankly if you ever do lodge a complaint it'll come down to Hei ber's say so.
I did not complaint to checkuser-l. I wrote to Anthere to ask about extending the authority of the Ombudsman to checkuser policy violations. What makes you suddenly think that you know the contents of my private e-mails to Anthere?
I'll copy my letter to her below, so that you can see how wrong you are (as well as David and Thatcher).
Look, we can go round and round on this. If I was half the unscrupulous hack you've implied I would have published my private correspondence to this thread, but my personal vindication doesn't matter as much (yet) as the trust placed in me by various parties to not disclose certain things without their consent.
Is that "yet" supposed to be a threat? You clearly have no idea how inappropriate your behavior is from someone who is supposed to be a neutral party in a position of responsibility. Do you think that anyone reading this thread is going to trust you in future if they have a problem with a checkuser, and with Lar in particular?
Your position, if I understand it correctly (and I have no doubt that I'll be told that I do not), is that I am obligated to tell you when a checkuser whom you do not trust performs a checkuser on your account (or, rather, related accounts).
I have said no such thing. Charles, please read what people actually write.
My e-mail to Anthere:
From: SlimVirgin slimvirgin@gmail.com Date: Mar 18, 2008 1:34 AM Subject: Question about checkuser/privacy policies To: Anthere anthere@wikimedia.org
Hi Florence,
I have a question about something we talked about briefly last year.
We're continuing to find examples of checkusers who are getting IPs for established editors and admins out of apparent curiosity, rather than for any of the reasons listed in the checkuser policy. It's causing quite a bit of distress among some users.
However, because the Ombudsmen are told by the Foundation only to investigate privacy policy violations, there's nothing anyone can do about the misuse of checkuser short of a full ArbCom hearing.
I can't remember what the reason was for restricting the Ombudsmen in this way, but I wanted to ask whether you'd have any objections to the scope being extended, provided the Ombudsmen themselves agree. As it's a Foundation issue, who else do you think would need to be consulted?
Sarah
On Mon, Jul 21, 2008 at 7:17 AM, SlimVirgin slimvirgin@gmail.com wrote:
On 7/21/08, Charles Fulton mackensen@gmail.com wrote:
You can interpret it however you like. I'm sitting here staring at the conversation from March. Given that I told Lar to *do nothing* while I consulted with two other people, you could argue that I told him not to tell you, but I effectively told him to tell no one else as well ... I found myself in a bit of pickle, not the least because of the significant, pre-existing gap of trust between users.
The lack of trust in certain checkusers is the main problem here. When Kelly Martin was given checkuser, I guessed that she would eventually use it on me, because she doesn't like me, and she appeared not to care about the rules. And sure enough, she did. When Alison and Lar were given it and started posting regularly to Wikipedia Review, I guessed that one or both would checkuser me at some point, and sure enough, one of them did.
It would be good if ArbCom or the Ombudsman commission would see to it that admins do not use checkuser for no reason against people they don't like. It would be good if you would ensure that people who are regular posters to Wikipedia Review refrain from using the tool against editors who are attacked, cyberstalked, and defamed there.
But this is so obvious, and such common sense, that the very fact that I'm having to suggest it shows how hopeless the situation is.
The primary role of the ombudsman is to review the release of private data. Given that no such release had occurred or appeared to be pending, I was not acting in that role.
You posted on AN/I that Lar had not told anyone about the check, yet you knew he had told his wife, another Wikipedian, and had done so without Wikitumnus's consent (which WT would not have given). You have aided Lar in this from the very beginning, and have done your best to help him cover his tracks. You even gave the impression on AN/I that the Ombudsman Commission had looked into this, which it did not.
The point, Charles, which seems to escape you, is that people on the Ombudsman commission are meant to be neutral and disinterested, so that editors trust them. If you care about that lack of trust, I hope you'll give your place to someone else.
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
-- http://en.wikipedia.org/wiki/User:SlimVirgin
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Which is an obvious backdoor route to having the issue examined, with Anthere as advocate.
This thread is getting a bit ridiculous - you (Sarah) say Mackensen lied at the AN/I thread, he asks for you to point it out and it turns out you're referring to Lar's comment. You're asked how you know Lar revealed something to his wife, and you say Wikitumnus told you and Lar *might* have told him. You state categorically that Wikitumnus had no prior connection to Lar's wife, but when he makes it clear you're wrong you have no response.
You say the problem is abuse of checkuser by Lar; then you say its that checkuser abuse isn't covered by the Ombudsmen - but when directed to ArbCom, you can't be bothered to file a complaint; then the problem is the lack of trust in certain checkusers, as well as abuse by Kelly Martin (and aspersions on Alison as well, for good measure). David raises the possibility that you might be wrong, since no one so far in this thread or elsewhere appears to agree with your interpretation of events, but his aggressiveness is proof that you're right?
The fact is your claims here change with each new restatement, and the only thing you seem to have accomplished is to malign various trusted individuals without any evidence of wrongdoing. If there is a true, underlying injury here (i.e. some damage that you or anyone has received from the actions of a checkuser) then you should file a complaint to ArbCom or the Ombudsmen. WikiEn-l can't adjudicate the problem for you, we can't change the checkuser policy from this list, and no one seems to see things from your perspective - so either do something meaningful, or drop it.
Nathan
(cc'd Anthere because she's been mentioned a few times in this discussion)
From: SlimVirgin slimvirgin@gmail.com Date: Mar 18, 2008 1:34 AM Subject: Question about checkuser/privacy policies To: Anthere anthere@wikimedia.org
Hi Florence,
I have a question about something we talked about briefly last year.
We're continuing to find examples of checkusers who are getting IPs for established editors and admins out of apparent curiosity, rather than for any of the reasons listed in the checkuser policy. It's causing quite a bit of distress among some users.
However, because the Ombudsmen are told by the Foundation only to investigate privacy policy violations, there's nothing anyone can do about the misuse of checkuser short of a full ArbCom hearing.
I can't remember what the reason was for restricting the Ombudsmen in this way, but I wanted to ask whether you'd have any objections to the scope being extended, provided the Ombudsmen themselves agree. As it's a Foundation issue, who else do you think would need to be consulted?
Sarah
On 7/21/08, Nathan nawrich@gmail.com wrote:
Which is an obvious backdoor route to having the issue examined, with Anthere as advocate.
This thread is getting a bit ridiculous - you (Sarah) say Mackensen lied at the AN/I thread, he asks for you to point it out and it turns out you're referring to Lar's comment.
Nathan, no one has said that Mackensen lied.
You're asked how you know Lar revealed something to his wife, and you say Wikitumnus told you and Lar *might* have told him. You state categorically that Wikitumnus had no prior connection to Lar's wife, but when he makes it clear you're wrong you have no response.
For the umpteenth time, Wikitumnus had ZERO connection with Lar's wife. No interaction whatsoever. Lar is giving the impression of a connection to make it appear that he passed Wiktumnus's identity to one of Wikitumnus's mates. It is false. It is spin. Wikitumnus gave up his account because of it.
I was going to suggest this morning that someone else file this issue as a case with the Arbitration Committee so that the repeated slights to the character and integrity of various people can either be confirmed or formally and firmly rejected. Looks like Thatcher has done so already, and thank you Thatcher for that.
There is also a discussion at WT:CHECUSER about changing the policy to make disclosure of checks mandatory upon request. It seems like it'd be simpler (and far less bureaucratic) to implement an extension that notifies someone using the email function when they have been checked, by whom perhaps, and with the reason given. Assuming, of course, consensus forms that notification serves a useful purpose (I'm not sure it does).
~Nathan
On Mon, Jul 21, 2008 at 8:11 AM, Nathan nawrich@gmail.com wrote:
There is also a discussion at WT:CHECUSER about changing the policy to make disclosure of checks mandatory upon request. It seems like it'd be simpler (and far less bureaucratic) to implement an extension that notifies someone using the email function when they have been checked, by whom perhaps, and with the reason given. Assuming, of course, consensus forms that notification serves a useful purpose (I'm not sure it does).
One possible reason I can see a benefit to having people notified (just playing Devil's advocate for someone, or multiple someones) is that a good faith user may have an interest in knowing they were Checked, and why. For some users even the fact they were checked may be a privacy issue. Just throwing that out there.
From a technical standpoint, if something like this were to go forward,
wouldn't it be smarter or at least better from a management standpoint so that Checkusers don't get flooded with requests to do a software change where all Checkuser Log entries specific to just your own username appear in some hidden area of your preferences? Of course, stripping out IP checks for obvious reasons. Just parse the bits specific to checks directly on [[User:Whatever]] and put them in there.
- Joe
At 08:33 AM 7/21/2008, SlimVirgin wrote:
Wikitumnus had ZERO connection with Lar's wife. [...] Wikitumnus gave up his account because of it.
Please explain, as a guide to the clueless, how Lar's wife knowing about the discovery led to the departure of Wikitumnus. How did it become known that he had disclosed this? Who opened up that can of worms?
2008/7/21 SlimVirgin slimvirgin@gmail.com:
The lack of trust in certain checkusers is the main problem here. When Kelly Martin was given checkuser, I guessed that she would eventually use it on me, because she doesn't like me, and she appeared not to care about the rules.
At the time, Kelly was a pretty well trusted member of the community. I know for sure there are some checkusers who don't like me, but I don't think they'd use checkuser on me. Why the paranoia?
And sure enough, she did. When Alison and Lar were given it and started posting regularly to Wikipedia Review, I guessed that one or both would checkuser me at some point, and sure enough, one of them did.
How is whether they contribute to that site relevant here?
It would be good if ArbCom or the Ombudsman commission would see to it that admins do not use checkuser for no reason against people they don't like.
Sarah, there's always a reason to be checking someone. Checkusers do not check people for the fun of it.
It would be good if you would ensure that people who are regular posters to Wikipedia Review refrain from using the tool against editors who are attacked, cyberstalked, and defamed there.
Not possible. I'm sure checkusers can remain impartial when checking someone. Alison and Lar have not engaged in any "bad" activity on Wikipedia Review anyhow. Whether they checked you on Wikipedia doesn't affect Wikipedia Review.
The point, Charles, which seems to escape you, is that people on the Ombudsman commission are meant to be neutral and disinterested, so that editors trust them. If you care about that lack of trust, I hope you'll give your place to someone else.
I actually agree with this. If there is any sign of the slightest bit of bias in a situation, an Ombudsman should recuse from acting. The same should go for Checkusers, but I don't feel so strongly about that.
On Sun, Jul 20, 2008 at 4:58 AM, SlimVirgin slimvirgin@gmail.com wrote:
On 7/19/08, David Gerard dgerard@gmail.com wrote:
2008/7/19 SlimVirgin slimvirgin@gmail.com:
There was no reason at all to check the first account(s) that Lar checked.
Your accounts? Please detail why you feel you are immune to checkuser. (I ask this while reminding all here that several admins have been caught severely sockpuppeting and then deadminned.)
I don't feel I'm immune, but I do feel there should be a presumption against long-term contributors being checked, unless there are serious grounds to suspect abuse.
What if they've socked before and never taken responsibility for it? You as Sweet Water Blue for example?
Well, since something here made me feel like screaming, maybe it's time I comment. First, though, yes, there are sensitive issues, and this may not be the best place to discuss this *in depth.* However, there is also little practical way, without doing a lot of damage, to prevent such discussion. So ....
At 04:58 AM 7/20/2008, SlimVirgin wrote:
I don't feel I'm immune, but I do feel there should be a presumption against long-term contributors being checked, unless there are serious grounds to suspect abuse.
That's correct. Actually, there *is* a presumption against *anyone* being checked, unless there are grounds to suspect abuse. Being a long-term contributor is a possible reason to discount such suspicion, but, under some circumstances is irrelevant. There may be, and indeed I have some reason to suspect that there are, long-term contributors who have operated long-term sock accounts, carefully, using standard detection evasion methods.
There are four possibilities, first two: main account is not disruptive, sock account -- I'll define this as the newer one -- is. The reverse happens: main account was disruptive, sock account isn't. In both these cases there is some question as to whether or not we should bother with sock detection. The argument for detection and action is that if we merely deal with an block the disruptive account, there is a risk, then, that the other account will take up disruptive activity -- or will create a new sock, having learned that a disruptive sock can be created -- or a nondisruptive sock maintained -- without risk to the editors access. And the argument against detection is a common one: "Why are you bothering with this SSP report, the account isn't disruptive!" Frankly, I don't see a clear reason to prefer one of these arguments over the other, hence the circumspection that is described below.
But I am not complaining about the check against me. I'm complaining about the check against the other two. I have their permission to explain further.
We cannot prevent this, and maybe its a good thing that it is coming out. This is *not* support for SlimVirgin's position, I have no clear opinion on that yet. And what I screamed about wasn't SlimVirgin's comment, exactly, but the situation that this whole report implies.
Lar was (he said) contacted privately by Mackan79 [allegedly harassing SlimVirgin] and was asked to perform a check on Wikitumnus and Crum375, on the grounds that they appeared to be sockpuppets. [on thin evidence according to SlimVirgin]....
Given how hard it's been, sometimes, to get a checkuser request on much stronger evidence, I'm a tad worried about this. However:
It was on this basis that Lar performed a check of Wikitumnus a few days later at Mackan's request, later telling Wikitumnus and other checkusers and ArbCom members that there were grounds to believe that Wikitumnus was Crum. This is a clear fishing expedition, because there is *nothing* about that diff that would give rise to a suspicion of sockpuppetry. Wikitumnus had never edited the same articles as Crum, had never voted with him, had never supported him, had never shown up on noticeboards to comment on him, or anything else.
However, unstated here is whether or not Wikitumnus and Crum were disruptive editors. And a pattern of disruption could show similarities other than what SV mentions. But I have not checked, at all. I'm simply reacting to SV's report, at this point. Here is what the diff showed: three possibilities: Wikitumnus was watching Crum's Talk page, or Wikitumnus picked this up from Recent Changes as vandalism, or Wikitumnus saw another abusive edit by the IP, and looked at contribs, and saw the edit. Most likely: Wikitumnus was watching Crum's Talk, and that establishes a connection (particularly significant if the editors have had no obvious on-wiki connection). It *is* grounds for *mild* suspicion. By itself, not enough to file an RFCU, for sure. But if there were other grounds, that edit might indeed be cited as the primary evidence. If I have time, later, I'll look and see, there are certain obvious things to check that could help discriminate between the three possibilities.
Personally, I have no problem with allowing checkuser to be used for fishing *so long as the policy makes clear that it may be so used* because then editors can arrange to use open or closed proxies if they don't want their real IPs to become known during random checks. What I object to is the policy saying one thing, and checkusers doing another.
A reasonable objection when privacy policy is involved, which is legally binding, at least in theory.
When Lar performed his check of Wikitumnus, he discovered that it was an established editor who is well known to Lar, and who had abandoned their original account for various reasons. He knew *for certain* that this person was not Crum375. Yet he went on to peform the check of Crum anyway. If you want to say that, once he had checked Crum, he had reason to check me, then fine. Ignore the check of me. But his check of Wikitumnus was made on the flimsiest of grounds. And his check of Crum was made *on no grounds whatsoever*. That the request was made by a known troublemaker makes things even worse, but even if you ignore that too, you are left with two checks performed for no reason.
Shit happens. People make mistakes. And sometimes people do things out of intuition that look like mistakes and aren't.
Lar compounded the error by telling his wife the real identity of Wikitumnus. Lar's wife is another Wikipedian, not someone Wikitumnus has had any contact with, and also not someone Wikitumnus would choose to reveal their identity to. Wiktumnus was extremely upset about that aspect of the incident, and it was a violation of the privacy policy, although not one serious enough that the Ombudsman Commission wanted to act on.
Sure. And my guess is that the President of the United States sometimes, in various presidencies, has told his wife about things that were by law confidential. That's a special relationship, and Wikipedia editors, including checkusers, are volunteers. They can't talk to their spouses? Should they disclose? No. But ... wet noodle time, and, if warranted, loss of CU privileges. But that hasn't happened, which seems to be why SV is upset. Is it warranted? By the way, I've already come to the scream part. I'll repeat it:
When Lar performed his check of Wikitumnus, he discovered that it was an established editor who is well known to Lar, and who had abandoned their original account for various reasons.
I just managed to get a sock confirmed, who has claimed that he was just such an editor. (Abandoned original account for privacy reasons.) But was highly abusive. And I misread this, first reading. I've suspected that this particular editor, the one just blocked again, was actually a bad hand account for a long-term established user. No proof yet, which is why you won't hear much about this suspicion. Now, if I find proof, what will I do? File Checkuser? Not necessarily. It could be extraordinarily disruptive, and if the original account is not being used abusively, what's the harm? However, there might be an email or two sent ....!
The result is that Wikitumnus felt they had to abandon their account. I recall an absolute storm when Durova blocked !!, an established editor who had abandoned his original account, but who felt his identity was compromised by the block. That is exactly the situation we have here -- an established editor with a new account is checked for no reason, and as a result feels unable to continue with the account in case their identity leaks out.
Yes. Bad situation. But something was left out. How did it come to pass that it was publicly disclosed what SV has revealed here? That part of the story is missing, perhaps it is so well-known that SV omitted it. What's the story?
The question is why Lar is allowed simply to ignore the checkuser policy, and why, when he does, other checkusers support him in that. If there is no peer pressure on checkusers to conform to the policy, and there is no Ombudsman who can look at checkuser policy violations, the only protection we have is ArbCom. But (I believe) all ArbCom members have checkuser and are on the checkuser mailing list, so they could have acted against Lar when the issue was raised there (at my request, among others), but they didn't. They're therefore unlikely to act when it's brought before them in another venue.
SV is missing a couple of important facets of Wikipedia process. First, what ArbComm members do individually (even when communicating informally on a list) and what they will do when faced with formal deliberative process, evidence and arguments from the community, etc., are not necessarily the same thing. Second, Wikipedia does not punish. It doesn't withdraw privileges to "set an example," or to "pressure users to ..." do anything. Rather, it withdraws privileges when there is reason to believe that a serious error could be repeated. The argument SV is presenting is a continuation of an old debate, it's obviously never been resolved completely. Eventually, I think, we will deal with it conclusively.
The bottom line is that editors are left with no realistic way to complain about a violation of the checkuser policy, which means that it may as well not exist.
Just not true. You can still file an RfC or RfAr, and only if that process fails, based on some apparent prejudice, could this be reasonably claimed. And, still, the user would have "complained" successfully. Further, users can question RFCU policy less confrontationally in Talk for the RFCU pages. They can discuss it on the Village Pump or AN/I. Or this list. No, users can complain. The question is whether or not anyone will listen to them. And there is no way to force that, short of cattle prods. What does SV suggest?
Look, I've been "complaining" about certain situations for the better part of a year. It's hard to get people to listen. And that is actually a good thing (I won't explain why); but it takes patience to move around it. I've been establishing my credibility, so that next time I bring up something less than obvious, people may look a little deeper. Or not. I can't force it, nor should I be able to. Ultimately, it's my goal to solve what I see as a structural communications problem on Wikipedia, and it would address, very effectively, I predict, SlimVirgin's apparent problem. But it isn't here yet. And won't be until conditions are ripe.
Perhaps this was answered elsewhere in the thread - what is the actual injury here you would like ArbCom to redress? The disclosure of your IP information to a checkuser? Shouldn't it be assumed by all regular users, including administrators, that IP information submitted voluntarily to the Wikimedia Foundation (by editing) is available under the tenets of the checkuser policy? That policy allows checkusers some discretion on whether a check is justified or not (appropriately), but prohibits the release of private information. Was any private information released by Lar? If so, I haven't seen it mentioned.
Nathan
I believe the checkuser system is significantly vulnerable to abuse, and am happy to explain my concerns in greater detail elsewhere.
I think both Lar and Slimvirgin have been let down here by a systemic dysfunction, and I also believe that gaps in the checks and balances of the checkuser process may have lead to its abuse. I've been asking a few questions here and there about this for a little while, and would likely 'plug in' to an on-wiki process of some sort examing these issues in general terms.. it's quite hard to get straight answers from some stakeholders!
I'd like to formally request here that a checkuser notify me as to when checkuser was used on my current accout, User:Privatemusings, and also on my previous accounts User:Purples, and User:Petesmiles.
I support Slim in her right to access this information, and ask questions concerning the propriety or otherwise of any checks run - ironically I suspect Lar might too - the guidance to checkusers seems to have been far from clear on whether or not such information can be released however.
I asked David Gerard about this here too; http://en.wikipedia.org/w/index.php?title=User_talk:David_Gerard&oldid=2...
cheers,
Peter PM.
.... and could I come off moderation please? - I believe that process may have been misued in my case also.. happy to talk about that too! - and just because I'm paranoid... right? :-)
2008/7/20 private musings thepmaccount@gmail.com:
I believe the checkuser system is significantly vulnerable to abuse, and am happy to explain my concerns in greater detail elsewhere. I think both Lar and Slimvirgin have been let down here by a systemic dysfunction, and I also believe that gaps in the checks and balances of the checkuser process may have lead to its abuse. I've been asking a few questions here and there about this for a little while, and would likely 'plug in' to an on-wiki process of some sort examing these issues in general terms.. it's quite hard to get straight answers from some stakeholders! I'd like to formally request here that a checkuser notify me as to when checkuser was used on my current accout, User:Privatemusings, and also on my previous accounts User:Purples, and User:Petesmiles.
I would suggest that you think there's a problem because you were caught out sockpuppeting egregiously, and still don't think you did anything wrong. In your case I can't see a thing the system did wrong.
- d.
On Sat, Jul 19, 2008 at 1:50 PM, SlimVirgin slimvirgin@gmail.com wrote:
There are editors who have argued that it should be mandatory, a view I'm increasingly coming around to myself.
I think I'm beginning to agree with you myself. But then, it wouldn't be right to publicly do this, and I'd venture that the vast majority of checkuser subjects have no legitimate email address to tell privately.
On 7/19/08, Josh Gordon user.jpgordon@gmail.com wrote:
On Sat, Jul 19, 2008 at 1:50 PM, SlimVirgin slimvirgin@gmail.com wrote:
There are editors who have argued that it should be mandatory, a view I'm increasingly coming around to myself.
I think I'm beginning to agree with you myself. But then, it wouldn't be right to publicly do this, and I'd venture that the vast majority of checkuser subjects have no legitimate email address to tell privately.
I'm thinking of a policy that says anyone who asks whether they've been checkusered must be told whether, why, and by whom, if they make the request within six months of the check. The request must come from the e-mail address the editor has added to their Wikipedia preferences. They may only ask whether that particular account has been checked. They need not be told the results of the check, in case that inadvertently implicates someone else, though they may be told it if no one else is involved.
We could build in a grandfather clause so that this doesn't apply retroactively. That would protect current checkusers who had performed checks without knowing the information might become public.
Sarah
On Sat, Jul 19, 2008 at 2:10 PM, SlimVirgin slimvirgin@gmail.com wrote:
On 7/19/08, Josh Gordon user.jpgordon@gmail.com wrote:
On Sat, Jul 19, 2008 at 1:50 PM, SlimVirgin slimvirgin@gmail.com
wrote:
There are editors who have argued that it should be mandatory, a view I'm increasingly coming around to myself.
I think I'm beginning to agree with you myself. But then, it wouldn't be right to publicly do this, and I'd venture that the vast majority of checkuser subjects have no legitimate email address to tell privately.
I'm thinking of a policy that says anyone who asks whether they've been checkusered must be told whether, why, and by whom, if they make the request within six months of the check. The request must come from the e-mail address the editor has added to their Wikipedia preferences. They may only ask whether that particular account has been checked. They need not be told the results of the check, in case that inadvertently implicates someone else, though they may be told it if no one else is involved.
We could build in a grandfather clause so that this doesn't apply retroactively. That would protect current checkusers who had performed checks without knowing the information might become public.
I'd support that. The "why" doesn't have to include the identity of the person who requested the check. I don't have any particular reason to think that checkusers have any right to expect that their activities will not be reported to the targets of the checks, but I guess such a clause would be drama reducing.
I'm thinking of a policy that says anyone who asks whether they've been checkusered must be told whether, why, and by whom, if they make the request within six months of the check. The request must come from the e-mail address the editor has added to their Wikipedia preferences. They may only ask whether that particular account has been checked. They need not be told the results of the check, in case that inadvertently implicates someone else, though they may be told it if no one else is involved.
Sounds good to me. I'm not 100% it's necessary to be told who did, since that could cause checkusers to become targets. If you find out you've been checkusered and don't think the reason was good enough, you can file an ArbCom case (the checkuser in question can make an anonymous statement) and if it's decided the check wasn't warranted, then the checkuser is revealed (and de-checkusered). I don't know if that's really necessary, though, we don't allow anonymity for other privileged actions. I'm not sure if the reason is currently logged - if this policy is implemented, a reason should be required when the checkuser is performed. Giving a reason afterwards lends itself to abuse.
We could build in a grandfather clause so that this doesn't apply retroactively. That would protect current checkusers who had performed checks without knowing the information might become public.
The policy on when you can and can't run a checkuser hasn't changed, so I'm not sure a grandfather clause is necessary, but it could be included if it's necessary to get the policy accepted.
On Sat, Jul 19, 2008 at 2:19 PM, Thomas Dalton thomas.dalton@gmail.com wrote:
I'm not sure if the reason is currently logged - if this policy is implemented, a reason should be required when the checkuser is performed. Giving a reason afterwards lends itself to abuse.
A reason is logged, if it is provided. I'll admit I don't enter a reason for a lot of the cases that I process that involve, for example, Grawp socks. It could easily be made mandatory, at the cost of making the process more annoying than it already is. An exhaustive checkuser search of a sock farm can take hundreds of checks, and the tools, as powerful as they are, have a pretty primitive interface. But there's no technical cause that reasons can't be mandatory.
A reason is logged, if it is provided. I'll admit I don't enter a reason for a lot of the cases that I process that involve, for example, Grawp socks. It could easily be made mandatory, at the cost of making the process more annoying than it already is. An exhaustive checkuser search of a sock farm can take hundreds of checks, and the tools, as powerful as they are, have a pretty primitive interface. But there's no technical cause that reasons can't be mandatory.
The reason could be preserved between checks, so you don't have to type it in again. That should solve that problem.
On Sat, Jul 19, 2008 at 02:27:28PM -0700, Josh Gordon wrote:
A reason is logged, if it is provided. I'll admit I don't enter a reason for a lot of the cases that I process that involve, for example, Grawp socks.
I would be interested to know the opinions of active checkusers on whether reveaing to an abuser that some account had been checked might allow the abuser to evade detection later. That is the main concern I have about routinely revealing to a user that a check has been made.
- Carl
Probably would only matter to the truly stupid abusers; it's not like the smart ones don't know how to evade detection anyway.
On Sat, Jul 19, 2008 at 4:40 PM, Carl Beckhorn cbeckhorn@fastmail.fm wrote:
On Sat, Jul 19, 2008 at 02:27:28PM -0700, Josh Gordon wrote:
A reason is logged, if it is provided. I'll admit I don't enter a reason for a lot of the cases that I process that involve, for example, Grawp socks.
I would be interested to know the opinions of active checkusers on whether reveaing to an abuser that some account had been checked might allow the abuser to evade detection later. That is the main concern I have about routinely revealing to a user that a check has been made.
- Carl
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
If SlimVirgin is complaining about a check being run on Crum and herself then she really protesteth too much. The obsessive tag teaming of those two editors makes running a check a no brainer.
On 7/19/08, Josh Gordon user.jpgordon@gmail.com wrote:
Probably would only matter to the truly stupid abusers; it's not like the smart ones don't know how to evade detection anyway.
On Sat, Jul 19, 2008 at 4:40 PM, Carl Beckhorn cbeckhorn@fastmail.fm wrote:
On Sat, Jul 19, 2008 at 02:27:28PM -0700, Josh Gordon wrote:
A reason is logged, if it is provided. I'll admit I don't enter a reason for a lot of the cases that I process that involve, for example, Grawp socks.
I would be interested to know the opinions of active checkusers on whether reveaing to an abuser that some account had been checked might allow the abuser to evade detection later. That is the main concern I have about routinely revealing to a user that a check has been made.
- Carl
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
-- --jpgordon ∇∆∇∆ _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
On 7/19/08, SlimVirgin slimvirgin@gmail.com wrote:
We could build in a grandfather clause so that this doesn't apply retroactively. That would protect current checkusers who had performed checks without knowing the information might become public.
In which case they are too stupid to be a checkuser. Given time, all "private" information becomes public, unless it is destroyed (both physically and mentally).
—C.W.
On 7/20/08, Charlotte Webb charlottethewebb@gmail.com wrote:
On 7/19/08, SlimVirgin slimvirgin@gmail.com wrote:
We could build in a grandfather clause so that this doesn't apply retroactively. That would protect current checkusers who had performed checks without knowing the information might become public.
In which case they are too stupid to be a checkuser. Given time, all "private" information becomes public, unless it is destroyed (both physically and mentally).
You may be right, but I'd want to see a grandfather clause because it seems unfair to shift the goalposts suddenly. And without such a clause, very few checkusers would support this.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SlimVirgin wrote:
On 7/19/08, Jon scream@datascreamer.com wrote:
Complaints of abuse of CheckUser or privacy policy breaches may also be brought to the Ombudsman committee.
No, in fact only privacy policy breaches can be brought to the Ombudsman committee. <snip>
Sarah, yes, checkuser abuse can be brought to the ombudsman. I did copy the entire statement from the checkuser policy on meta.
See the checkuser policy here:
http://meta.wikimedia.org/wiki/Checkuser#Removal_of_access
Best,
Jon
On 7/19/08, SlimVirgin slimvirgin@gmail.com wrote:
No, in fact only privacy policy breaches can be brought to the Ombudsman committee. There is no process, as I understand it, for dealing with checkuser misuse...
Sucks, doesn't it?
—C.W.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Charlotte Webb wrote:
On 7/19/08, SlimVirgin slimvirgin@gmail.com wrote:
No, in fact only privacy policy breaches can be brought to the Ombudsman committee. There is no process, as I understand it, for dealing with checkuser misuse...
Sucks, doesn't it?
—C.W.
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
This is incorrect. Checkuser misuse can be brought to the ombudsman.
- -- Best, Jon
[User:NonvocalScream]