Hi Nathan,
For a moment, let's suppose that there is a global policy that all CU checks must be disclosed to the person being checked, with the information disclosed in private email, and only consisting of the date of the check and the user who performed the check. What benefit does this have to the user who was checked? This information doesn't make the user more secure, it doesn't make the user's information more private, and there are no actions that the user is asked to take. Perhaps there is a benefit, but I am having difficulty thinking of what that benefit would be. I can think of how this information would benefit a dishonest user, but not how it would benefit an honest user. If there is a valuable benefit that an honest user receives from this information, what is it?
Thanks,
Pine
On Fri, Jun 15, 2012 at 2:22 AM, En Pine deyntestiss@hotmail.com wrote:
Hi Nathan,
For a moment, let's suppose that there is a global policy that all CU checks must be disclosed to the person being checked, with the information disclosed in private email, and only consisting of the date of the check and the user who performed the check. What benefit does this have to the user who was checked? This information doesn't make the user more secure, it doesn't make the user's information more private, and there are no actions that the user is asked to take. Perhaps there is a benefit, but I am having difficulty thinking of what that benefit would be. I can think of how this information would benefit a dishonest user, but not how it would benefit an honest user. If there is a valuable benefit that an honest user receives from this information, what is it?
Thanks,
Pine
Pine: As you have said, checkuser oversight comes from AUSC, ArbCom and the ombudspeople. These groups typically respond to requests and complaints (well, the ombuds commission typically doesn't respond at all). But you only know to make a request or complaint if you know you've been CU'd. So notifying people that they have been CU'd would allow them to follow up with the oversight bodies. My guess is most would choose not to, but at least some might have a reason to. It's also plain that even if there is no recourse, people will want to know if their identifying information has been disclosed.
Neil: The difference between the FBI and checkusers is clear: checkusers are volunteers. They are elected on some projects, appointed on others, and the process can often be murky or poorly attended. The "background check" as such for checkusers is minimal. People with an intention to abuse the system have become checkusers in the past.
Martijn: A delay makes sense. Two months seems like a long time, but two weeks or a week might be reasonable.
Stephanie: Supposedly, the data only survives 3 months. If data is being retained much longer than this for "investigations" that go on for months on the checkuser wiki, that's concerning.
~Nathan
On 15 June 2012 04:55, Nathan nawrich@gmail.com wrote:
Supposedly, the data only survives 3 months. If data is being retained much longer than this for "investigations" that go on for months on the checkuser wiki, that's concerning.
We have well-known trolls and repeat vandals who have been coming back to the various wiki communities for many years - in some cases, for nearly a decade now. Why is it "concerning" to you that the people responsible for detecting, tracking and defeating these individuals keep track of these users and their work over time (whilst of course always being within the Privacy and CheckUser policies)?
Yours,
wikimedia-l@lists.wikimedia.org