[Foundation-l] Re: checkUser live

Chris Jenkinson chris at starglade.org
Tue Nov 8 15:41:27 UTC 2005 

Anthere wrote:
> I guess that most points you are raising do not really belong to the 
> checkuser policy proper, but to the privacy policy.
> 
> More particular, these points are visible here : 
> http://meta.wikimedia.org/wiki/Privacy_policy#Policy_on_release_of_data_derived_from_page_logs 

That is exactly the same text as the text I was questioning - it's just 
as vague.

>> What does "If the user has said they're from somewhere and the IP 
>> confirms it, it's not releasing private information to confirm it if 
>> needed." mean?
> 
> Well... I live in Clermont Ferrand and published this information 
> myself. If for some reasons a check is done on my user:Anthere, I can 
> not complain that it be publicly revealed that the user:Anthere ips are 
> leading to Clermont Ferrand...

What happens if someone claims they are from somewhere (for example 
France), yet the IP address of the user suggests they are from somewhere 
else (for example Japan)?

>> What does "generally" in "Revealing the country is generally not 
>> personally identifiable (e.g. "User:Querulous is coming in from the 
>> UK, User:Sockpuppet is coming in from Canada")." mean?
> 
> The problem with releasing data is to allow others to identify a 
> "person". If my ip is fixed and if I edit under another name, such as 
> user:antfish, the check will reveal that user:anthere and user:antfish 
> are editing from the same ip... which could lead to high suspicion that 
> both are the same editor.
> 
> Versus, if it is revealed that user:antfish is an editor with an ip in 
> France... well, we are only 60 millions or so. This will not publicly 
> prove I am user:Antfish.

I don't think you've defined "generally" there.

>> I'm still not happy with the idea that access to personal information 
>> can be given to people on the say-so that they will behave. Yes, the 
>> people who this will be given to are going to be some of the most 
>> trustworthy Wikipedians there are, but this is *personal information*. 
>> We should have some kind of legal agreement in place so there are no 
>> excuses.
> 
> Difficult to do as I understood...
> Amongst things we could do for example, is to require an editor with 
> this type of access to provide his real name (privately) and a valid 
> email. And have him confirm by email that he read the privacy policy. 
> Would that be an idea ? Yes ? No ?

How is signing an agreement difficult? You get sent the agreement via 
email, print it off, sign it, scan it and email it back. Or, print it 
off and fax/post it back.

Chris

More information about the foundation-l mailing list