[Foundation-l] Genisis of WMF Identification policy?

Lodewijk lodewijk at effeietsanders.org
Fri Feb 25 21:51:50 UTC 2011 

Hi Birgitte,

thank you for finding that link. I know it has been discussed, but was not
able to find the discussions.

The main reason why I asked for the reasoning behind the policy was not so
much because I was shocked (I was surprised by their choosing of
communications etc, not so much by the choice itself) but rather to be able
to make some estimates. The WMF has been collecting this information for a
long time already of course of stewards and checkusers - and they already
have my ID-copy for example. However, there were talks about identifying to
a chapter, and it also is a very big group to suddenly force to do this
based on only a policy which no employee was able to explain to me the
reasoning behind. If we don't know those reasons, even if we can look it up,
we might want to reconsider the policy as well - because maybe times have
changed and there is no need for it, or a different need.

It should be clear and transparant why the WMF is collecting this
information, and what they intend to do with it. If they want to be able to
sue people - fine, but then just say that. Then people know what they are up
against, and what the reasoning is. That way alone volunteers can make their
rational decision. But also chapters, because it might have quite some legal
complications if the WMF wants to force a chapter to submit private data
about one of their members because they want to sue this person.

Therefore I am glad that the staff is taking this back to the board (I
presume) and that there will be a clarification on these points. I do think
that we still need a formal answer from the WMF about why they gather this
information - not because this new influx of to-be-identified people, but
also for the people currently identified for other functions.

With kind regards,

Lodewijk

2011/2/25 Birgitte SB <birgitte_sb at yahoo.com>

> I was looking for something unrelated in the archives and came across an
> email
> [1] that I believe people might find informative wrt to the Identification
> Policy which I believe has had discussion tabled for the moment.  It seems
> to be
> the original suggestion that WMF needs some sort of identification policy
> by
> then volunteer/board-member Erik.  He was *not* a staff member at the time
> of
> this message, just to be clear, since people seem to be fond of re-framing
> debate along such lines lately. Summary of the context follows (Not
> perfectly
> accurate chronologically speaking):
>
>
> A female leader in the zh.WP community was harassed/threatened by the
> creation
> of an account User:Rape[HerRealName]. Advice was sought in handling the
> situation. There was talk about going to the authorities. There was talk
> about
> which information about the account creator could be given to the
> authorities
> under what circumstances. The existing privacy policy was quoted as "6
> Where it
> is reasonably necessary to protect the rights, property or safety of the
> Wikimedia Foundation, its users or the public." . There was talk about it
> essentially being a matter of mature judgment to differentiate between
> derogatory comments, which however reprehensible, do not merit violating a
> user's privacy and threats of violence which would compel the violation of
> privacy in order to attempt to prevent such threats from being carried out.
>  The
> idea was suggested that perhaps those with the technical ability to access
> private information need to be identified to WMF so that WMF will know who
> deal
> with in case of abuse.
>
> It seemed to me that many people were quite surprised that the WMF was
> planning
> on recording the identifications of those with access to private
> information,
> instead on the non-recording of this correspondense which I believe has
> been the
> previous practice. It even seemed to me as though some were shocked at the
> implication that WMF may perhaps be looking for legal accountability for
> the
> judgments made by those with this access. So I found it very interesting
> when I
> stumbled across evidence of public discussion of the need to record the
> identities of trusted users in order to be able to deal with any abuse of
> private information by one of the Community-seat Board Members before the
> adoption of the resolution that has become controversial so recently.  I
> don't
> mean to suggest that the surprise and shock were insincere, just that they
> seem
> to be rather uninformed as to the genesis of the resolution.  It seems to
> me
> that those things were in fact the original intentions behind the
> resolution and
> the staff does have an obligation, however unpopular this obligation may
> have
> become during the time period it has been left unfulfilled, to see to
> recording
> such identities.
>
> Granted there are good reasons the obligation was left unfulfilled before,
> namely the lack of confidence in the WMF Office's technical and
> organizational
> ability to keep these records secure. But once the WMF Office reaches a
> level of
> reliability in organizational and technical competence where that objection
> is
> mitigated, they then must address their obligation to keep identification
> records.  Also there are valid concerns over the ambiguity over whether the
> access to which particular tools should qualify people as subject to the
> Identification Resolution. What, however, in hindsight do not appear to be
> valid
> concerns to me are why the WMF "wants" to "change" things, or that the
> decision
> to keep such records was not in given a proper public place for discussion.
>
>
> I can imagine that the staff  (who are much in contact with Erik who we
> must
> grant understood the intentions of a resolution he himself suggested the
> seed of
> in 2006) to some degree assumed that the trusted volunteers understood that
> the
> Identification Resolution's ultimate goal was the production of records and
> that
> practice of destroying correspondence was done out of responsibility for
> the
> fact that staff did not feel confident in their current ability to keep
> such
> records.  I can also imagine the trusted volunteers who were upset by the
> idea
> of such records being kept to some degree assumed because there has
> sometimes
> been a practice of destroying identification correspondence that this
> practice
> was in fact the agreed upon policy of the  Identification Resolution and
> also
> because they could not recall otherwise trusted volunteers to some degree
> assumed the potential policy of actually keeping identification records and
> why
> such records may be needed had never been brought up for public discussion
> until
> after it had been adopted.
>
> Certainly the exact thoughts and communications during this recent
> misunderstanding were rather more varied, less articulated, and altogether
> a
> shade more grey than  my speculation. But I am confident that my
> speculations
> are not entirely inaccurate and that they are completely in good faith.
> There
> has recently been a lot of discussion about getting back to the tenet of
> assuming good faith.  Here is as a good a place to start that journey as
> any.
>
> On the tabled issue we are still left at least two important questions that
> need
> resolution through an open discussion that succeeds in convincing those
> volunteers who may be affected:
>
>
> *How can volunteers be made be confident in the security of their
> identification
> as records are being collected, recorded, and stored?  How can this
> confidence
> be maintained changes occur at WMF? Do these concerns merit the expense of
> security audits?
>
> *What tools that volunteers use in order to do the work of WMF will require
> them
> to become a subject of the Identification Resolution? As new tools are
> developed, who will be responsible for keeping track of their existence and
> seeing that it is determined whether or not those who will be given access
> to
> them will need to become a subject of the Identification Resolution?
>
> Birgitte SB
>
> [1]  http://www.gossamer-threads.com/lists/wiki/foundation/74095#74095
>
>
>
> _______________________________________________
> foundation-l mailing list
> foundation-l at lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
>

More information about the foundation-l mailing list