(on-wiki: ; Google translated notice that there is a professional Chinese
translation of the email below - 中文翻譯見下文)
I’m Maggie Dennis, the Wikimedia Foundation’s Vice President of Community
Resilience & Sustainability. I’m reaching out to you today to talk about
a series of actions the Foundation has recently taken to protect
communities across the globe.
I apologize in advance for the length and the ambiguity in certain areas.
These are complicated issues, and I will try to summarize a lot of what may
be unfamiliar information to some of you succinctly. I will answer
questions to the best of my ability within safety parameters, and I will be
hosting an office hour in a few weeks where I can discuss these issues in
more depth. We’re currently getting that set up in regards to availability
of support staff and will announce it on Wikimedia-L and Meta as soon as
that information is prepared.
Many of you are already aware of recent changes that the Foundation has
made to its NDA policy. These changes have been discussed on Meta, and I
won’t reiterate all of our disclosures there, but I will briefly
summarize that due to credible information of threat, the Foundation has
modified its approach to accepting “non-disclosure agreements” from
individuals. The security risk relates to information about infiltration of
Wikimedia systems, including positions with access to personally
identifiable information and elected bodies of influence. We could not
pre-announce this action, even to our most trusted community partner groups
(like the stewards), without fear of triggering the risk to which we’d been
alerted. We restricted access to these tools immediately in the
jurisdictions of concern, while working with impacted users to determine if
the risk applied to them.
I want to pause to emphasize that we do not mean to accuse any specific
individual whose access was restricted by that policy change of bad intent.
Infiltration can occur through multiple mechanisms. What we have seen in
our own movement includes not only people deliberately seeking to
ingratiate themselves with their communities in order to obtain access and
advance an agenda contrary to open knowledge goals, but also individuals
who have become vulnerable to exploitation and harm by external groups
because they are already trusted insiders. This policy primarily served to
address the latter risk, to reduce the likelihood of recruitment or (worse)
extortion. We believe that some of the individuals impacted by this policy
change were also themselves in danger, not only the people whose personal
information they could have been forced to access.
Today, the Foundation has rolled out a second phase of addressing
infiltration concerns, which has resulted in sweeping actions in one of the
two currently affected jurisdictions. We have banned seven users and
desysopped a further 12 as a result of long and deep investigations into
activities around some members of the unrecognized group Wikimedians of
Mainland China. We have also reached out to a number of other editors
with explanations around canvassing guidelines and doxing policies and
requests to modify their behaviors.
When it comes to office actions, the Wikimedia Foundation typically
defaults to little public communication, but this case is unprecedented in
scope and nature. While there remain limits to what we can reveal in order
to protect the safety and privacy of users in that country and in that
unrecognized group, I want to acknowledge that this action is a radical one
and that this decision was not easily made. We struggled with not wanting
to discourage and destroy the efforts of good faith users in China who have
worked so hard to fight for free and open knowledge, including some of
those involved in this group. We do not want them to fear that their
contributions are unwelcome. We also could not risk exposing them to danger
by doing nothing to protect them after we became aware of credible threats
to their safety.
While some time ago we limited the exposure of personal information to
users in mainland China, we know that there has been the kind of
infiltration we describe above in the project. And we know that some users
have been physically harmed as a result. With this confirmed, we have no
choice but to act swiftly and appropriately in response.
I take it as both a triumph and a challenge that in the years of my own
involvement I have seen Wikimedia go from a suspect non-mainstream website
to a highly trusted and widely relied upon source across the world. When I
first started editing the projects in about 2007, I already believed
Wikimedia had the capacity to be one of the greatest achievements of the
world--collective knowledge, at your fingertips. What an amazing gesture of
goodwill on the part of all of its many editors. It didn’t take me long
after I started editing to realize how entrenched the battles could be over
how to present information and how that can be exploited to achieve
specific ends. I’m not trying to suggest that I was astonishingly
prescient; I think there were many who realized that risk long before I
stumbled naively on the scene. I do think that the risk is greater than
ever now, when Wikimedia projects are widely trusted, and when the stakes
are so high for organized efforts to control the information they share.
Community “capture” is a real and present threat. For years, the movement
has been widely aware of challenges in the Croatian Wikipedia, with
documentation going back nearly a decade. The Foundation recently set up a
disinformation team, which is still finding its footing and assessing the
problem, but which began by contracting an external researcher to review
that project and the challenges and help us understand potential causes and
solutions for such situations. We have also recently staffed a human
rights team to deal with urgent threats to the human rights of communities
across the group as a result of such organized efforts to control
information. The situation we are dealing with today has shown me how much
we need as a movement to grapple with the hard questions of how we remain
open to editing by anyone, anywhere, while ensuring that individuals who
take us up on that offer are not harmed by those who want to silence them.
With respect to the desysopping, we hope to connect with the international
Chinese language community in the near future to talk about approaches to
elections that avoid the risk of project capture and ensure that people are
and feel safe contributing to the Chinese language Wikipedia. We need to
make sure that the community can hold fair elections, without canvassing or
fraud. We hope that helping to establish such a fair approach to elections
will allow us to reinstate CheckUser rights in time.
I want to close this email by noting that I am personally deeply sorry to
those of you for whom this will be a shock. This will undoubtedly include
those who wonder if they should fear that their personal information has
been exposed (we do not believe so; we believe we acted in time to prevent
that) and also those who fear that further such bold action is in the works
which may disrupt them and their work and their communities (at this point,
with this action, we believe the identified risks have been contained in
the short to medium term). I am also truly sorry to those communities who
have been uneasy in the shadow of such threats for some time. The
Foundation continues to build our capacity to support every community that
wants or needs its support - and we are still learning how to do so well
when we do. One of the key areas we seek improvement is in our ability to
understand our human rights impact and in our ability to address those
challenges. You have not had the service you’ve deserved. We can’t fix
things immediately, but we are working to improve, actively, intentionally,
and with focus.
To the 4,000 active Chinese language Wikimedians distributed across the
world and serving readers in multiple continents, I would like to
communicate my sorrow and regret. I want to assure you that we will do
better. The work you do in sharing knowledge to Chinese readers everywhere
has great meaning, and we are committed to supporting you in doing this
work into the future, with the tools you need to succeed in a safe, secure,
and productive environment.
Again, I will answer what questions I can, also relying on the support of
others in Legal and perhaps beyond. We’re setting up a page on Meta to
talk, and I will be hosting an office hour in coming weeks.
我是 Maggie Dennis, 维基媒体基金会社团及延续性的领导。 今天我想和大家分享维基媒体基金会在全球保护社团采取的一系列办事行动。
office hour 在和大家更详细的研讨。我们正在设置有关于人力资源上的问题并会在 Wikimedia-L 和 Meta 发布讯息。
相信大家已经知道基金会在几周前对 NDA 政策的改变。这些改变已经在 Meta
今天，维基媒体基金会在两个受影响的区域之一，推出了第二阶段寻址浸入风险的扫荡行动。经过了深入调查非附属团体 Wikimedians of
Mainland China 的活动， 我们禁止了七个用户和删除了十二个管理员权限。
我们也必须确认中文项目的用户可以举办公平的选举，没有拉票或欺诈。 我们希望建设这些公平的法则来维持选举能够让我们在未来恢复 CheckUser 权利.
同样，我将回答我能回答的问题，也依赖于法律领域甚至其他领域的其他人的支持。我们正在 Meta 上建立一个页面来讨论，我将在未来几周内主办 office
Vice President, Community Resilience & Sustainability
Wikimedia Foundation, Inc.