Thanks for spending time on this issue Danny.
Rather than discussing the value of blocking open proxies, it is worth focusing on the use case and justification for ensuring that users with reasons to protect themselves when adding content to Wikipedia and other Wikimedia projects can be provided with easy to understand and reliable methods to do so, even while most open proxies remain blocked.
The specific use case we have is how to train and advise both new and existing volunteers editing from African countries or states with laws that criminalize queer people and who have been subjected to death threats, threats of reporting them to the police and blackmail, because they were editing queer and human rights topics regardless of whether they identify as LGBTQ. Most of our community will agree that our values of providing open knowledge projects "that anyone can edit" ought to be a priority over other practical considerations. I'm sure you can imagine how difficult it is to provide safe and secure events, or how to advise on ways for non-technical volunteers to keep themselves safe while relying on mobile connections and public wifi. An easy and quick way to provide all good faith volunteers the means to be allowed to create an account, or a legitimate anonymous sock account if their main account has been connected to their real life identity, that can edit through open proxies, without having to out themselves by emailing stewards they don't know, having this logged on a database or archived group email list that may leak or be targeted by state actors, or risk messaging local administrators for help who may themselves be openly hostile against queer content in their language wikipedia. A reliable process would be welcome as part of a set of guidelines we or the WMF can provide to volunteers and ask projects to support that ensure users understand how to protect themselves.
In recent meetings with our queer volunteers contributing from locations where being reported to authorities as LGBTQ could result in imprisonment or a death penalty, tell us that in their personal networks they know of three times as many Wikimedians that would like to edit queer content but do not feel safe doing so. Let's at least document this use case, and provide better solutions than expecting users to be so brave they are prepared to risk threats of outing or prosecution to just edit a Wikipedia article in their language and instead help all contributors to put their personal safety first.
On Sat, 30 Apr 2022 at 01:03, dhorn@wikimedia.org wrote:
(cross-posted from https://meta.wikimedia.org/wiki/Talk:No_open_proxies/Unfair_blocking#Help_fr...)
Hi folks, I'm DannyH from the Wikimedia Foundation. I manage the product teams that build Contributor Tools -- Community Tech, Campaigns, CheckUser improvements and sockpuppet detection, moderator tools on mobile web, and the new incident reporting system.
I've been reading all of these conversations, and I'm concerned about the people on both sides of the issue -- the admins working to keep the projects safe from bad-faith people, and the good-faith people who are being blocked because of someone else's rangeblock, or because they're using default network proxy features that they're not aware of.
This problem is getting attention within the WMF. Foundation folks are really concerned about what we're hearing on Wikimedia-L and in this discussion, especially because there seem to be systemic issues that are specifically making things harder for new users in Africa. I've got the opportunity right now to assign people to make software changes to help solve this problem, which is great. But now I'm trying to figure out what those software changes could be, and I don't have a clear answer yet for what that should be.
So if you don't mind, I'd like to run through what I think the main points are, and a list of possible directions that a solution could take, and then I would love it if you could help me figure this out.
Here's what I understand about the problem:
Open proxies are a vector for harassment and vandalism. Bad-faith long term abusers use them to disguise their IP and evade detection. The projects automatically block open proxies that they know about, to discourage the bad-faith vandals.
There's been a big increase in proxy blocks since July 2021 on English Wikipedia (and Oct 2021 on Spanish WP), because ST47ProxyBot has been getting trustworthy outside data to help identify open proxies.
The use of open proxies on the internet is rising, partly because people are becoming more concerned about their privacy. Apple has introduced iCloud Private Relay, which is disguising people's IP — this is currently in beta, but will probably become the default. Google is working on a similar project. Our system of using IPs to identify block vandals is gradually breaking down, and there will probably be a point when IPs just won't be useful anymore.
There are a lot of good-faith users, including first-time contributors, who are getting caught in these blocks. For some people, that's an annoying inconvenience; for many others, especially brand new people, it drives them away completely.
There appears to be a systemic issue with how some African ISPs deal with IP addresses, which is creating a lot of collateral damage in places where campaign organizers are trying to introduce new users to wiki contribution. I saw one person mention that the problem was especially bad in Ghana and Benin.
The messages that people get when they're blocked are confusing, especially for new people. They only get the message after they've made an edit and are trying to publish, which is very frustrating.
The solution for individuals is to request an IP Block Exemption, which can be either local or global, depending on whether the block is local or global. The local/global distinction is very confusing for people who are trying to make the request, and the whole process is difficult.
Each request has to be processed by hand, and the system gets backed up. It's possible to get unblocked quickly if you know the right person to email, but a lot of people just fill out the request, and then wait for who knows how long.
It's possible for admins/stewards to get overwhelmed by the number of unblock requests.
That's a cluster of many different problems, so now I'm trying to figure out which problems we could actually make progress on.
Possibilities include:
Mitigate the harm coming from open proxies, so we don't need to automatically block them
Understand the difference between a "dangerous" open proxy (which bad-faith people are actually using) and a more "innocent" proxy (which is just blocked because we know it's a proxy), and then treat them differently. (If it's possible to make that distinction.)
Make the messages to good-faith people more helpful and less frustrating
Make the unblock request process easier/faster/more friendly for the people making requests
Make the unblock request process easier for the people responding, so they can process them faster (or involve more people who can help)
Make it easier for good-faith people to get some kind of automatic exemption
Make it easier for campaign and editathon organizers to whitelist their participants
Adapt the system better to the reality of African ISPs — figure out what the problem is, and treat those ISPs differently
That's a lot, and it's not clear to me what the path forward should be. Can folks help me out? What did I get wrong here, or what did I miss? Thanks in advance for your help.
DannyH (WMF) aka Danny Horn, Director of Product Management, Contributor Tools _______________________________________________ Wikimedia-l mailing list -- wikimedia-l@lists.wikimedia.org, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/wiki/Wikimedia-l Public archives at https://lists.wikimedia.org/hyperkitty/list/wikimedia-l@lists.wikimedia.org/... To unsubscribe send an email to wikimedia-l-leave@lists.wikimedia.org