On 3/31/07, Robert Horning <robert_horning(a)netzero.net> wrote:
I disagree that the damage that somebody using checkuser privileges is
necessarily irreversible and necessarily causes too many legal problems
"for themselves and the foundation." There is obviously an extreme case
or two where this may be the case, but on the whole I can't really seen
where revealing the IP address of a user is necessarily going to be a
major problem. At best, the worst damage that can happen is to document
what computer an edit actually took place on. Only with 3rd party
records would it even be remotely possible to tie this with a specific
individual.
The laws regarding such things vary wildly between regions. In comparison to
American privacy laws, for instance, the laws in manz European countries are
much more strict. Disclosing personal information without the consent of the
person the information belongs to can be prosecuted in criminal and civil
court in some instances. Note that many of these laws aren't primarily meant
to restrict the government from accessing the information but other private
entities. The legal implications of checkuser shouldn't be underestimated.
In addition, any user, including anonymous users, can trace the IP
addresses of many of the contributors to Wikimedia
projects.... that is
the default log-in type. And accidental disclosure of IP addresses are
almost inevitable for most users, especially if you accidentally make an
anonymous IP edit because the cookie in your browser has expired (it has
for me on a couple of occasions). For example (and I mention this
because he also did one of these accidental disclosures and later noted
this IP address explicitly) Richard Stallman of the Free Software
Foundation fame is also [[w:User:Rmstallman]], and by only accessing
Wikipedia by anonymous status (I wasn't even logged into my Wikipedia
account), I can find out that at least one of the IP addresess he has
used to edit Wikipedia was with 128.30.16.48
...
If a 10-year-old has been given bureaucrat privileges on a Wikimedia
project, I would be very surprised.
There is at least one fifteen old user who is a bureaucrat on a Wikimedia
project.
It may also present some
interesting legal problems for the WMF in terms of
liability for that
user's actions, but I also believe that any such user who has achieved
that level of trust in a particular project is going to have a level of
maturity to keep from abusing the checkuser tool as well.
Actual abuse isn't necessary to be subject to a lawsuit. People who
volunteer to perform checkuser functions must be fully aware of the
responsibilities their actions incur and the possible consequences of those
actions. It may be customary to assume good faith in Wikimedia projects.
Unfortunately, the real world doesn't always work that way.
Regards,
Sebastian