I wholely agree with Tim. 3 months is a good compromise.
There's nothing wrong with wanting to catch trolls. There is also
nothing wrong with wanting to uphold privacy.
Thus you need a balance of the two, and neither group should have a
full say in the matter (although I am on the privacy side!).
On Fri, Sep 19, 2008 at 7:23 PM, Tim Starling <tstarling(a)wikimedia.org> wrote:
Joe Szilagyi wrote:
On Thu, Sep 18, 2008 at 5:33 PM, Tim Starling
<tstarling(a)wikimedia.org>wrote;wrote:
Joe Szilagyi wrote:
That is what has been said around the chatter
lines. Was this documented
in
the SVN somewhere if so, and approved? For all
Wikis? Just some?
Are you implying that this change could somehow be controversial?
If so,
can you explain how that might be?
Not inherently controversial, but I'm not clear on if the CU data retention
is the same on each project, or different on each--does Chinese Wikipedia
save as long as English Wikipedia? Does Commons save as long as Wikinews,
etc.? If there is any change to the actual length in data retention, who
makes that decision? The WMF board? Sue? The checkuser mail list? Shouldn't
that sort of matter be decided with community input?
It's the same everywhere, it's three months. Neither the Board nor the
executive have expressed any desire to make that decision, but they are
free to weigh in if they want to. We chose the three month figure as a
compromise between privacy advocates and troll hunters. The checkuser-l
mailing list only represents one of those two groups, which is why I don't
think it's appropriate that they should make that decision. I think
community input should be encouraged, which is why I think the figure
should be public.
I've just been thinking aloud and wondering
if the debatable value of any
obfuscation of the retention length of Checkuser data, rather than clearly
articulating it in public, outweighs the risk and harm to some users given
that in the wake of the Poetlister incident we've seen that Checkuser data
is not compromise-proof.
Some people have said "trolls just leave the site for 3 months and come
back when they know the CheckUser data has expired". The same argument
would apply for any finite retention period, it's obvious that some sort
of trade-off has to be made. If it's secret and short, then the trolls
will work it out eventually anyway. If it's secret and long, then that's
the worst possible situation for privacy.
Troll hunters can and should retain CheckUser results for particularly
troublesome users, beyond the database retention period. Often, their IP
address becomes public anyway, when it is found in email headers and
anonymous edits.
If a troll stays away from the site for 3 months to avoid detection by
CheckUser, then you should consider yourself lucky. That's one of the best
possible outcomes. There are lots of ways a troll can disrupt the site
continuously, regardless of the data retention time.
-- Tim Starling
_______________________________________________
foundation-l mailing list
foundation-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/foundation-l