[Foundation-l] Stewards are ignoring requests for CheckUser information?
Robert Scott Horning
robert_horning at netzero.net
Sun Apr 16 14:13:25 UTC 2006
Essjay wrote:
>I don't know that the issue that concerns me is the same that concerns
>the Foundation, but I know what scares the hell out of me about
>Checkuser is this:
>
>We have users from all over the world. Not all of them live in countries
>where their safety is guaranteed; there are, most assuredly, editors
>from regimes where if their personal information was discovered, they
>could be imprisoned and perhaps even killed. That terrifies me, because
>I don't want anybody dying over Wikipedia, nor do I want them to end up
>in prison. If checkuser falls into the wrong hands (I'm no conspiracy
>theorist, but I don't think it's too hard to imagine foreign governments
>wanting to hunt down our contributors; after all, at least two have
>blocked us flat out already), the result could literally be a matter of
>life and death. *Life and death.*
>
>Some people have advocated granting checkuser liberally, and I disagree
>strongly with that; I'm not even particularly comfortable with the idea
>of it being election-based at all, although I trust the Board, and I
>don't believe they would have allowed for local elections if they
>weren't convinced it was safe. I do think, however, that it should be
>kept to as few users as possible, whether that means having guest
>checkusers as Kelly & I have advocated, or whether it means some other
>system. I for one am certainly willing to perform checks for other
>projects (indeed, I offered to do so for Wikisource), and I am sure that
>some of the others would as well (Kelly has already stated her
>willingness to do so).
>
>As I said, I can't say that the dire scenario I laid out above is what
>the Board has in the back of their minds when thinking about checkuser,
>but I certainly know it is what is in mine. I really don't want to turn
>on CNN some morning and see "[Insert country here] dissident
>assassinated after link to Wikipedia discovered."
>
>Essjay
>
>
>
You mean to tell me that if you are using the internet in China (or
Saudi Arabia, Iran, Syria, or North Korea), that the government of those
countries has no clue about not only what IP address you are using, but
also what websites you are accessing? I am telling you that regardless
of where you are from, the government is going to know not only the
activities that you do within that country, but most major governments
will be capable of monitoring their citizens that are living outside of
their countries as well. It isn't that difficult of a task, and nothing
that the Wikimedia Foundation could do, including deliberate deleting of
all logs is going to change that. The checkuser information in
particular is not going to stop any government (or even corporate
monitoring... as in your immediate supervisor could do this as well)
from being able to find out what your on-line activites have been.
I fail to see how checkuser information falling into the wrong hands is
going to cause a problem in this situation. Really. If a government
entity wants to find out that User:Chinese_Protestor who has posted over
2000 edits in zh.wikipedia is actually using a certain internet cafe in
downtown Beijing, they don't need to have access to the checkuser
facilities to find that information out, nor to even identify exactly
who that user is. I don't even need to do that if I really cared to
find out who that person is. On top of that, how can you be absolutely
sure that some user that is a "trusted user" by whatever standard you
are discussing isn't already a steward, but also a government agent who
is using the checkuser access to monitor dissidents? And won't be in
the future?
Furthermore, as I was pointing out, the information actually given out
by checkuser status is practically nothing anyway. It is not giving out
"personally identifying information", just an IP address. And not an IP
address for what they were looking at, but only what they were doing
when they did their last edit. Yes, in theory you could contact the
ISP, and if their own logs for IP addresses had personally identifying
information, it could be a chain of evidence to link to a particular
individual, but even in this situation for most countries it would
require going into the legal process to get that information. For
governments this is a no-brainer and they would get it even if you tried
to block it. Besides, official Wikimedia policy grants access to this
information to governments, so you aren't protected anyway.
Show me exactly how having specifically this tool is going to endanger
anybody's life where they wouldn't already be in danger before?
And mind you, I'm not advocating that this tool be available to any user
under any circumstances. I'm just pointing out that by any reasonable
definition of whom you call a trusted user for access to checkuser
privileges you are also likely to grant them bureaucratship as well, and
possibly adminship only. The only reason why somebody would have
checkuser privileges on a local project and not also bureaucratship is
because they don't want to deal with the hassles of being an
administrator and have repeatedly turned down the nomination when
offered to them. I fail to see under what higher standard you are
possibly using to justify why somebody should be a checkuser and not be
given full bureaucrat privileges, or the other way around. If they
can't be trusted with checkuser privileges, why are they given
bureaucrat privileges? I'm also pointing out that the issue is scalable
as well, and that it is highly unlikely that the chinese protestor given
in the above example is going to be editing on the Maori language
Wikibooks. On these smaller projects, the potential to do damage is
going to be considerably less as well even from this more limited
perspective.
BTW, If you are willing to perform a checkuser scan, can you help me out
with, and block the IP address of [[b:User:Bruude]]? There is a
particularly vicious vandal going through Wikibooks right now, and it
would be appreciated if we could get some help trying to track him down
and stopping this user. This is one of the kinds of requests that
having somebody local with checkuser privileges would be incredibly
helpful over, but the apparent policy is such that we can't have the
apparent benefits of trying to stop idiots like this particular user who
is now deliberately attacking administrators directly, since we've
thwarted all of his previous attempts to vandalize the project. By not
giving us access to these reasonable and legitimate uses of this tool,
it is making our job at helping out the projects all that much harder.
The whole point to this thread is that this sort of assistance from
users like yourself is not forthcomming and we need to take these
matters into our own hands if we want this level of assistance.
--
Robert Scott Horning
More information about the foundation-l
mailing list