[WikiEN-l] SlimVirgin and CheckUser leaks

Sun Jul 20 18:00:31 UTC 2008

On Sun, Jul 20, 2008 at 4:27 PM, Ken Arromdee <arromdee at rahul.net> wrote:

> On Sun, 20 Jul 2008, Nathan wrote:
> > * The only disclosure of information was to the checkusers wife (hard to
> > criticise, I think)
>
> I'd criticize it.
>
> If we say it's okay to give privileged information to your wife, we're
> essentially saying that making any married person a privileged user is a
> two-for-one.  If so, whenever a married person applies to become an admin,
> his
> wife should be checked out and questioned in as much detail as he is,
> and go through the same gauntlet of criticism as the applicant himself.
> We don't do this.

Seconded.  Family, relatives and friends do not have WMF trust inherited.

Realistically in everyday life, spouses will hear many things that are
private - as they would about other matters in a person's life they are
living with. But they do not have the /right/ to, and my expectation would
be that a person who used a privacy tool (whether CheckUser, Oversight,
OTRS, internal list, or otherwise) is fully responsible and accountable for
the information they obtain. That means they /need/ to be responsible for
assessing whether they can and will keep it private, including assessment of
those they live with or who have access to their computer or saved data.

That assessment is an integral part of assessing one's own fitness for the
enhanced tools. A person may be fit for the task personally but lack the
assurance on that.

Realistically, I'd accept an assessment that the spouse (or other close
parties/housemates involves) aren't involved or interested, or have more
information but a complete sense of discretion and "chinese walls", or won't
know names or details, or whatever. Realistically people may tell spouses
some things, some times. But a person in any privacy related position has to
be responsible for assessing the privacy of information they are allowed to
access. That's not just what /they/ will say or do, but that the data will
stay private in all practical senses if they are allowed access to it. I
would add this to non-public data policy:

"A person being proposed to have access to non-public data will be
personally responsible for the data they obtain through that access. Their
access may be removed if, through their being given access, such information
is improperly spread to unauthorized others."

"Guidance: - In practice this means that such a person should assess their
online security practices (logging off, or sharing or locking their
computer), their saved data practices (email, evidence, logs, and notes),
and their shared personal discussion with others if any (housemates, close
relatives and the like, and those people's discretion and involvement).
These must be operated appropriately before enhanced access may be granted,
and maintanced appropriately thereafter."

FT2