Hi all,
On 27 April 2013, one of our then-Commons checkusers ran a check on my account on that project. I only found out this information in May of this year, after twelve months of asking the simple question -- was a checkuser run on my account? For twelve months this question went unanswered by checkusers on Commons. I always made it clear when I asked that I only wanted the opportunity to discuss the issue privately with the CU concerned.
On 14 May 2014, I had a discussion with a steward on the issue of editors finding out whether CUs have been run on oneself and what information, if any, should be given. It was their opinion that if they were asked they would confirm:
1) whether a CU was done, 2) who ran the checkuser, 3) the date it was run, and 4) depending on circumstances, the reason for the CU (in some instances divulging the reason may breach the privacy of another editor, and it is fair enough)
I relayed this information to a Commons checkuser on the same day, and mentioned that for 12 months neither 1, 2, 3 or 4 was ever divulged to me. They confirmed for me that a checkuser was indeed done on me on Commons in April 2013 and the reason for it being done was (along the lines of) "contact me for more info". They said they would check with other CU's whether they should divulge who ran the CU, and I re-iterated what I was told by a steward, but agreed to wait for an answer.
The following day (15 May 2014) I asked another CU privately on IRC about the outstanding issue, and I was told that it was decided that they would not tell me who ran the CU, because:
"(w)e see no advantages in telling you, only disadvantages."
On 16 May 2014 I sent in a written complaint to the CU Ombusdman. In my complaint I outlined what it was that required:
"With that said, I kindly request that the Commission investigate: * (1) on what grounds a CheckUser action was performed on my account on Wikimedia Commons, * (2) who requested that it be performed on Commons, and * (3) who fulfilled the request.
Given the apparently very serious breach of the CheckUser policy, I ask that the user who performed that action be immediately removed from their position as a Wikimedia Commons CheckUser."
On 27 May 2014 I received an email back from the OC which basically said that because no personal information was divulged, there was no breach of the WMF Privacy Policy. It also said that they would inform the WMF about the case, and if I had any further information on who "released such information" then I should contact them.
On 28 May 2014 I wrote back to the OC and informed that I was not complaining about the fact I was given any of my CU information, but rather I was complaining about the very fact that a CU was done. I again asked them to investigate the case.
On 6 June 2014 I heard back from the OC and they stated that my complaint was being forwarded to the Wikimedia Foundation and that they had been informed about the possible running of an unnecessary CU, in addition to the possible release of CU logs. Additionally, I was told that the OC would relay to me once they had it from the Board.
It should at this time be noted, that on 16 May 2014, I was forwarded by a friendly steward the entire log of the #wikimedia-stewards-internal channel on IRC. As part of this log, one steward told the channel that I was complaining about a CU leak (I wasn't) and that they had lodged a complaint with the OC. Aside from accidentally the pertinent part of the log into the stewards private chat window, I also informed them that there was no leak. I should mention the fact that the stewards private channel logs had been leaked to me also created a shitstorm in that channel (for which I was also provided logs).
However, in private discussions with someone in the know, I was informed about two pieces of information pertaining as to why the OC was not able to investigate and had instead forwarded it to the WMF Board to investigate.
1) There was indeed a leak of my CU data. An unknown Commons CU had indeed leaked my CU data to another person who was NOT a CU on Commons. The information given to this non-CU person included the very name of the person who ran the CU on me; information which was so sensitive to keep from me, but not sensitive enough that it was able to be shared with every Tom, Dick and Harry that wasn't me. 2) The CU who ran the check is no longer participating on WMF projects and hence the OC was not able to get answers from them. Only 5 Commons checkusers used the tool in April 2013,[1] and only one of these is no longer on our projects. One CU did indeed leave all projects not long after I started asking questions in May/June 2013.
On 15 June 2014, I contacted Legal and the WMF Board and asked for information on where the investigation was at, and noted that given the timeframe that this has been an ongoing issue I would appreciate a speedy resolution.
On 2 July 2014 I was contacted by someone within Legal informing me that it was their understanding that "the Ombudsman Commission has finished its investigation into this matter and has already communicated its decision to you."
On 5 July 2014, I wrote back informing the person within Legal that they were mistaken in their belief and that the issue is not resolved at all. I also asked them to give this issue some priority given the length of time that it has dragged out for.
To date, I have yet to hear another word from Legal, the Ombudsman Commission, nor the WMF Board.
Given this, I am asking very publicly the following questions:
* (1) on what grounds a CheckUser action was performed on my account on Wikimedia Commons? * (2) who requested that it be performed on Commons? * (3) who fulfilled the request? * (4) why is it acceptable for CUs to share actions related to my account with non-CUs whilst at the same time actively keeping this information from me? * (5) why are complaints such as this actively ignored by the WMF Board?
Thanks for your attention and reply.
Russavia
[1] https://commons.wikimedia.org/w/index.php?title=Commons:Checkusers/Statistic...