[Foundation-l] Fwd: Jimbo's response re:Rampant CheckuserPrivacy Abuse

[Andrew Whitworth]

> I am strongly against CheckUser being performed in secret, sunlight is the
> best disinfectant and open and honest procedures will - in the long term -
> garner the various projects more respect.

I guess I'm not certain what you mean here by "secret". Each project
has at least 2 CUs to double-check each other, and all CU checks are
recorded in the log for all CUs to see. In that sense, there is no
such thing as total secrecy, although the argument could be made
(against good faith) that the CUs were in collusion, or that they were
forming some sort of "cabal" or whatever.

Consider the case where there are suspicions about an established
user, a CU checks it out, and nothing is uncovered. Do you say to that
person: "Hey some people around here suspected that you are a
sockpuppet or a meatpuppet, or a vandal, or whatever, and we got your
IP records to test that theory, and it turns out that you aren't". And
then, if the person doesn't storm off in a huff immediately, he could
respond "well maybe the guy who accused me of it is actually a
sockpuppet himself! check him!" While this is a hypothetical, it's not
too far-fetched. If you tell people that they were suspected of
wrongdoing and that their privacy was violated because of those
suspicions, it is going to make people very angry.

CUs do need to be worried about privacy, and they need to know when
NOT to divulge certain information. Sometimes, that means knowing when
to keep your CU activities quite from the general public. Everything
is in the log, little things don't explode into big emotional
disasters, and everybody stays happy.

--Andrew Whitworth