[Foundation-l] Stewards are ignoring requests for CheckUser information?

[Robert Scott Horning]

Anthere wrote:

>Hi
>
>Let me try to address your various points the best I can.
>
>Robert Scott Horning wrote:
>  
>
>>Anthere wrote:
>>
>>
>>    
>>
>>>The reason for the 25 votes limit comes from two reasons
>>>* A community with less than 25 users is unlikely to really need 
>>>frequent checkusers, because it is a project with reduced activity. So, 
>>>it can not be a heavy load for stewards.
>>>* A community with less than 25 users has a rather serious risk to have 
>>>a rather little known editor become a checkuser, rather than a trusted 
>>>oldbie. If we start handing out status just as we do for sysop status on 
>>>small projects, I think there will be abuse. I say this from my 
>>>experience, as I had to unsysop several sysops on small projects (the 
>>>guys did not know our basic rules, behaved like dictators with the 
>>>handful of editors, put advertisements on the main page, controlled povs 
>>>etc...).
>>>
>>>I am perplex that the en.wikibooks does not have a big enough base of 
>>>editors to vote on a check user...
>>>I am quite lazy, so I will not go to the stats page to check. But can 
>>>you roughly say how many active editors per month the project currently 
>>>has ? How many very active editors per month ?
>>>
>>>ant
>>>
>>>
>>>      
>>>
>>Since the stats page hasn't been updated since November of last year, it 
>>is completely useless to even gague what the current activity is on any 
>>Wikimedia project.  I can only use the current activity on the Wikibooks 
>>staff lounge to even remotely gague what the current user activity level 
>>is, but I would guess it is pretty close to about 20 user at the 
>>absolute top.  Really stretching it perhaps we can get to 25 total at 
>>the most.
>>
>>And as for advertising this, I guess we could put it in bold 40 point 
>>type on the project main page with a link to a special page only for 
>>this kind of request.  I think that is way over the top and something 
>>that is not needed in this situation.  The advertising was more than 
>>adequate, it is just that this is a very unreasonable request.
>>
>>As for a "community with less than 25 users unlikely needing frequent 
>>checkuser scans", I think this is mistaken totally what is going on. 
>> en.wikibooks has numerous links from within Wikipedia, and is being 
>>hammered by vandals that have moved on from Wikipedia, indeed with 
>>excellent training on how to be a vandal on Wikipedia, and taking on 
>>other projects as well that don't have quite the same pool of 
>>administrators.
>>    
>>
>
>I see.
>Perhaps the number 25 was too high then. That would tend to suggest this.
>But again, let me explain why we put a minimum limit. We have some small 
>projects with a number of editors of less than 5. What usually happens 
>is that the most active one simply ask sysop status (and even sometimes 
>bureaucrat status) on meta because their project *need* a sysop. Which 
>means the status is given without any community voting whatsoever.
>Sometimes, when it is a new language in particular, the editor has been 
>on our projects only for a couple of days and have no idea of our basic 
>rules of operating whatsoever (npov in particular).
>More than once, we had problems later on. And it was not always easy for 
>the very small growing community to have a black sheep unsysoped.
>
>What I think should NOT be allowed to happen, ever, is that the new 
>wikiquote project in maori be created, and a total stranger be given 
>sysop, bureaucrat and checkuser status so that he can start the 
>community. In short, I think that only editors known by a significant 
>number of other editors should ever be given checkuser access. Hence the 
>25 votes. Which may be too high a value.
>
>
>So, option 1 : decreasing the number of votes requirements.
>
>Now, there are other options we could follow.
>

I would suggest that the standards for becoming a bureaucrat should be 
much higher for brand new projects in this case, and this is perhaps 
something that needs to be established on a Wikimedia-wide policy as 
well and not just on a project by project basis.  The point about 
becoming a bureaucrat is that they have the ability to create other 
administrators and are presumed to be users trusted enough that they not 
only have full editorial control over a project to do all of the 
administrator functions, but they also have the ability to create more 
administrators.  The charges of a cabal in some cases are justified when 
you grant bureaucratship to somebody when there is no other means of 
oversight about what they are doing, and they in turn grant adminship to 
others with their same point of view but refuse to grant it to others 
that have a different point of view, and for that reason alone.  This 
has happened on some of the smaller projects, especially in languages 
that Foundation board members don't speak fluently and can't monitor 
directly.

>>As for handing out checkuser status to people who are not trusted 
>>oldies, that is totally rediculous as well.  There are admins and 
>>bureaucrats on en.wikibooks who are also admins on other projects, 
>>including meta, wikinews, and even en.wikipedia.  Active ones at that. 
>> I see absolutely no reason why the standards for giving somebody 
>>bureaucrat status when you can't also give them checkuser status.
>>    
>>
>
>I do not know what are the standards for giving bureaucrat status.
>I think they are not the same at all depending on projects.
>
>I see a **major** reason for the standards for giving bureaucrat status 
>to be different from the standards for giving checkuser status.
>
>The standards for giving bureaucrat status are different in each project 
>and each language. On one project, it will be a vote by all editors of a 
>project. On another project, it will be a vote by administrators only. 
>On another project, it might even be a vote by other bureaucrats. Or it 
>might be no vote at all (just ask on meta). It may be 80% support. It 
>may be 66%. There are no standards.
>
>But if the bureaucrat makes a mess, it is a technical/community issue. 
>Only the projects can be damaged (which is bad enough). So, it is the 
>community business to define its own rules.
>
>If a checkuser makes a mess, the Foundation itself may be concerned. We 
>might have problems with an editor for release of private data. So, the 
>Foundation has a right to have a say in WHO is granted this access. 
>Hence the policy being *more* standard.
>  
>
I'm not really understanding this point of view here.  Under what area 
is the Foundation directly threatened when this release of private data 
occurs?  It is still a technical/community issue with the checkuser 
data, and people with checkuser rights can still only do the scan only 
on registered users for their individual project.  This might be a much 
bigger concern if they had access to the general Wikimedia user 
database, such as is being proposed with the common login project.  In 
this situation where somebody with checkuser rights could access the 
data on not just the users for their individual project but for anybody 
on any Wikimedia project, you are correct that the standards should be 
much higher.... indeed IMHO higher than perhaps even becoming a steward. 
 That is not the situation right now, from my understanding.

If I take the presumption that the current process of becoming a 
registered user is still going to continue for some time, and somebody 
with local checkuser status can only do a checkuser scan on that much 
smaller group of users, I fail to see where the Foundation is really 
going to be hurt if they get out of control.  The privacy policy is that 
reasonable steps are going to happen to protect private data, but you 
should be aware that if you log onto any website, including Amazon.com, 
Google, CNN, Microsoft, BBC, or whatever including hackerz.com, that 
your IP address is going to be logged together with whatever activity 
that you do on that website.  And that information may be released to 
interested government agencies.  All the Foundation is promising is that 
some sort of due process is going to happen before that information is 
released, like a supeona, and that the information may also be used 
internally for the protection of the project, such as performing 
checkuser scans.  

Indeed the current privacy policy doesn't even do that.  It is really 
just a disclaimer that the data is going to be logged, and that if you 
don't like it, you shouldn't be logging into any Wikimedia server. 
 There are some "policies" that go into more depth about how some of 
this data is protected, but this is more for how the Foundation is going 
to respond to outside groups that insist on obtaining this information, 
including not only legal proceedings but also marketing consultants and 
outside businesses who want to do data mining on the access logs.  I 
think it is a prudent policy in this regard.

One thing to keep in mind is that the "personally identifying data" 
isn't protected that well for editors.  Every editor has all of their 
edit information logged, and not only is it logged but the information 
is actually published in a very public area for all people to see. 
 Indeed for most editors, the information is not only logged, but logged 
according to IP address as well.  Only for those who have bothered to 
become a registered user is the information partially protected, and it 
is only on this very limited set of circumstances that the checkuser 
policy even starts to apply.  And for many others (including myself), 
not only by handle but it is logged by their actual legal name.  BTW, 
this is a conscious decision I made when I created my account, knowing 
the legal implications.  

Furthermore, somebody with checkuser privileges still don't have access 
to the the full access logs.  Having checkuser status, I can't see what 
pages another user has been looking at or reading.  All I can do is just 
see what pages they have been editing, which doesn't require checkuser 
status... or even any kind of special status on Wikimedia projects, and 
if they happen to be a registered user, and if they happened to have 
done something that looks suspicious, all I get to find out with the 
increased privilege of the checkuser policy is just a list of IP 
addresses that they have logged in the local project under.  Or just the 
last IP address depending on the technical side and how far this should 
go.  No other identifying information is given.  I can't get the e-mail 
address of the person, nor can I get any of the information on 
[[Special:Preferences]], including perhaps even mundane but identifying 
information like what time zone they live in or what their language 
preference is.

In short, I fail to see where the liability is to the Foundation is 
under even the most egregious of abuses, and even that can be dealt with 
mostly by technical limitation, including perhaps a system that limits 
somebody with checkuser privileges to only a limited number of checkuser 
scans per day or some other limiting factor to keep major abuses from 
happening.  I'm also pointing out that smaller projects are going to 
have proportionally much smaller numbers of users and their ability to 
damage all of the Wikimedia projects is going to also be proportionally 
less.  Using your example of the Maori Wikibooks user request to become 
admin, bureaucrat, and checkuser... all they are going to do is find the 
IP addresses of the five or six people who even bothered to register on 
that local project.  Is that really a problem?

-- 
Robert Scott Horning