[Foundation-l] Note regarding status of privacy policy
Gerard Meijssen
gerard.meijssen at gmail.com
Sun Aug 10 07:00:02 UTC 2008
Hoi,
I would argue that there is hardly any benefit in providing what you call
acountability. When there is a user that is considered to be a sock puppet,
there is a group of people who can be considered to be the likely primary
user. There is no benefit in being informed about this. You can be offended
that you are considered as such. You get a lot of extra handling that is
just ballast.
When however it is clear that information about check user activity becomes
available to people that should not have this information, a completely
different situation occurs. This is a clear situation where people with the
check user bits are demonstratively shown to be not trust worthy. Such
people should lose their priviledges as a consequence. There is no excuse.
When you do not inform people at all about check user activity, you will not
find the checked people informing about this either.
Thanks,
GerardM
On Sun, Aug 10, 2008 at 8:47 AM, Todd Allen <toddmallen at gmail.com> wrote:
> On Sat, Aug 9, 2008 at 12:09 PM, Gerard Meijssen
> <gerard.meijssen at gmail.com> wrote:
> > Hoi,
> > An e-mail address is not universal nor is it compulsory to have one and
> as a
> > consequence it is not the solution that you think it is.
> > Thanks,
> > GerardM
> >
> > On Sat, Aug 9, 2008 at 8:02 PM, Todd Allen <toddmallen at gmail.com> wrote:
> >
> >> On Sat, Aug 9, 2008 at 11:58 AM, Gerard Meijssen
> >> <gerard.meijssen at gmail.com> wrote:
> >> > Hoi,
> >> > So you are checked. You have to appreciate that by your own words,
> there
> >> > must be a reasonable suspicion. You even insist that it is published
> that
> >> > you have been checked. This means that it is now generally known that
> you
> >> > are under a reasonable suspicion... How nice, that you are now known
> to
> >> have
> >> > a tarnished reputation...
> >> >
> >> > Actually when you are checked, and it is not published that you were
> >> > checked, you are much better off. When everyone can demand checking
> >> because
> >> > THEY are suspicious, publication of check results will only increase
> the
> >> > amount of vigilantism. Really, you are much better off when trusted
> >> people
> >> > do their checking and keep their confidences.
> >> > Thanks,
> >> > GerardM
> >> >
> >> > On Sat, Aug 9, 2008 at 7:46 PM, Todd Allen <toddmallen at gmail.com>
> wrote:
> >> >
> >> >> On Sat, Aug 9, 2008 at 11:16 AM, Jon <scream at datascreamer.com>
> wrote:
> >> >> > -----BEGIN PGP SIGNED MESSAGE-----
> >> >> > Hash: SHA1
> >> >> >
> >> >> > SlimVirgin wrote:
> >> >> >> On Sat, Aug 9, 2008 at 10:46 AM, elisabeth bauer
> >> >> >> <eflebeth at googlemail.com> wrote:
> >> >> >>> 2008/8/8 Michael Snow <wikipedia at verizon.net>:
> >> >> >>>
> >> >> >>>> The board intends to vote on this version, but before we do, I
> >> wanted
> >> >> to
> >> >> >>>> provide one last opportunity for your feedback.
> >> >> >>> While the policy deals at length with who has access it is very
> >> silent
> >> >> >>> about when all these persons are allowed to access my data and
> >> >> >>> actually access my data. The only thing somehow related to this
> was
> >> >> >>> "As a general principle, the access to, and retention of,
> personally
> >> >> >>> identifiable data in all projects should be minimal and should be
> >> used
> >> >> >>> only internally to serve the well-being of the projects." which
> is
> >> >> >>> somehow a bit vague. Who defines what is well-being? How is this
> >> >> >>> controlled? Who does guarantee that a nosy checkuser doesn't just
> >> look
> >> >> >>> up my user information, revealing my employer, the wikipedia
> user
> >> >> >>> name of my boyfriend and other friends just for fun? How would I
> >> even
> >> >> >>> know?
> >> >> >>
> >> >> >> Elian, this is exactly the situation we have on the English
> >> Wikipedia.
> >> >> >> Jimbo takes the view that checkusers may be conducted more or less
> at
> >> >> >> random, for no reason, and the checkusers follow that lead. In
> other
> >> >> >> words, the Foundation's checkuser policy is being openly flouted.
> >> >> >>
> >> >> >> We've been told we can't complain to the Ombudsman commission
> because
> >> >> >> they only deal with violations of the privacy policy, not the
> >> >> >> checkuser policy. We've been told we have no right to know whether
> >> >> >> we've been checked. Attempts to introduce such a rule have led to
> the
> >> >> >> checkusers saying they will not follow it. And when we do find out
> >> >> >> that we've been checked, the only concern of the checkusers is to
> >> find
> >> >> >> out who told us, and to punish that person. It really is a very
> bad
> >> >> >> situation for the Foundation, one that's bound to lead to trouble
> >> >> >> sooner or later.
> >> >> >>
> >> >> >> Sarah
> >> >> >>
> >> >> >> _______________________________________________
> >> >> >> foundation-l mailing list
> >> >> >> foundation-l at lists.wikimedia.org
> >> >> >> Unsubscribe:
> >> https://lists.wikimedia.org/mailman/listinfo/foundation-l
> >> >> >
> >> >> > I personally don't mind being checked. Whenever, by whomever, so
> long
> >> >> > as the results are not disclosed. (disclosure, not checking, is
> >> governed
> >> >> > by the privacy policy.
> >> >> >
> >> >> > - --
> >> >> > Best,
> >> >> > Jon
> >> >> >
> >> >> > [User:NonvocalScream]
> >> >> > -----BEGIN PGP SIGNATURE-----
> >> >> > Version: GnuPG v1.4.9 (MingW32)
> >> >> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> >> >> >
> >> >> > iEYEARECAAYFAkid0QcACgkQ6+ro8Pm1AtVy0QCeMQHlFaTDaQxNSNcE8CMzzknY
> >> >> > hBwAoK05fUsbUBc4gXcWkZsfEazCNvA/
> >> >> > =GMaV
> >> >> > -----END PGP SIGNATURE-----
> >> >> >
> >> >> > _______________________________________________
> >> >> > foundation-l mailing list
> >> >> > foundation-l at lists.wikimedia.org
> >> >> > Unsubscribe:
> >> https://lists.wikimedia.org/mailman/listinfo/foundation-l
> >> >> >
> >> >>
> >> >> I do believe that checking is covered as well. And if it's not, it
> >> >> needs to be. Checks should only be conducted at least upon reasonable
> >> >> suspicion.
> >> >>
> >> >> --
> >> >> Freedom is the right to say that 2+2=4. From this all else follows.
> >> >>
> >> >> _______________________________________________
> >> >> foundation-l mailing list
> >> >> foundation-l at lists.wikimedia.org
> >> >> Unsubscribe:
> https://lists.wikimedia.org/mailman/listinfo/foundation-l
> >> >>
> >> > _______________________________________________
> >> > foundation-l mailing list
> >> > foundation-l at lists.wikimedia.org
> >> > Unsubscribe:
> https://lists.wikimedia.org/mailman/listinfo/foundation-l
> >> >
> >>
> >> If I have a "Contact me" email address, I can be easily notified that
> >> I have been checked without "tarnishing my reputation", and I can
> >> choose to make that as public or nonpublic as I like. "You have been
> >> checkusered" by email would result in no tarnishment of a public
> >> reputation while properly notifying the target. Granted, in some
> >> circumstances, suppression of notification may be appropriate, but
> >> such suppression should be logged and justified.
> >>
> >> --
> >> Freedom is the right to say that 2+2=4. From this all else follows.
> >>
> >> _______________________________________________
> >> foundation-l mailing list
> >> foundation-l at lists.wikimedia.org
> >> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
> >>
> > _______________________________________________
> > foundation-l mailing list
> > foundation-l at lists.wikimedia.org
> > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
> >
>
> (A later response, I don't have a similar talent for writing on the
> freeway.) I know that not everyone has an email address set, the
> privacy policy itself acknowledges that in its notification clause.
> However, we could very easily set this up the same way ("if you are
> willing to set an email, you will receive such notifications, if you
> choose not to do so, well, you don't, too bad!") It's still better
> than the current setup, in which you have no way to know at all unless
> the checkuser decides to say so, and in practice, most active and
> regular editors do choose to set an email address. Checkuser is quite
> a sensitive function, as it reveals private data, so I don't think it
> would hurt to have accountability ("what were your reasonable
> suspicions about Userxyz that led you to run a checkuser?")
>
> --
> Freedom is the right to say that 2+2=4. From this all else follows.
>
> _______________________________________________
> foundation-l mailing list
> foundation-l at lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
>
More information about the foundation-l
mailing list