On 5/1/07, Brad Patrick bradp.wmf@gmail.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
<snip> offer. Any other statement is hogwash. If your identity is so secret that you can't let it be shared, then don't share it. That is your decision, and no one elses. For example, I appreciate what sannse is saying, and I hold her in very high regard, but I think her opposition to the policy is misguided. People *do* already know who she is. The point is that the Foundation cannot risk letting people no Foundation person has shaken hands with, spoken to on the phone, etc., from having the capacity to expose confidential information. One word: Essjay.
<snip>
While appreciating that Brad doesn't speak for the Foundation, and noting that I don't disagree with the proposed policy and am happy to provide my ID to the WMF, etc.... I do find this statement about someone that "no Foundation person has shaken hands with..." curious in light of the actual resolution.
There is, as SJ hints at, a big difference between being personally trustworthy -- online or off -- and having your identity confirmed. To take myself as an example: I've met in person, shaken hands with and spoken on the phone to many of the Foundation people; and I have a position of trust (OTRS) that comes under this resolution. In short: I hope I'm considered personally trustworthy, or at least personally known. That doesn't mean any of you necessarily know my exact age, or my middle name, or the fact that I really do have a California driver's license, or where I live, or that I really work at a university, or any of the other specific details that a positive ID could provide. Furthermore, if none of you had ever met or interacted with me, any number of government IDs couldn't confirm that I'm a trustworthy and competent person, that I'm not going to take all the personal information I've ever come in contact with and share it far and wide on teh interweb, etc. -- all they could confirm is those morally anonymous personal details.
It clearly takes some combination of the two -- positive ID and personal knowledge of someone's work -- to obtain what it seems like the policy is getting at, that is, knowing that volunteers with access to sensitive information must be both mature and over the age of consent, trustworthy and truthful in their identity, respectful of both Foundation policies and personal privacy rights, and possessed of good common and moral sense.
As I said, I'm all in favor of this goal. So far, volunteers for trusted positions have them mainly because other people think they're trustworthy from onwiki interactions. The resolution seems like it is filling in the gap of also getting a positive ID for people, so that as Kat says the Foundation can "ensure that volunteers can be held accountable for their own actions." It would be nice to clarify though if this in the only purpose or if there is a larger assumption being made about what these positive IDs will achieve.
cheers, phoebe