[Wikimedia-l] CheckUser openness

John phoenixoverride at gmail.com
Thu Jun 14 01:30:46 UTC 2012


Risker comment was basically "lets not set a global accountability and
ability to get CU related logs of our self on a global level, instead take
it to each project and fight it out there" to me that reeks of obfuscation.
Realistically this should be a global policy, just like our privacy policy
is. Why shouldnt users know when they have been checkusered and why?

On Wed, Jun 13, 2012 at 9:24 PM, Philippe Beaudette, Wikimedia Foundation <
pbeaudette at wikimedia.org> wrote:

> I dunno, John, you almost had me convinced until that email. I saw in that
> mail a reasonable comment from Risker based on long time precedent.
>
> As you may know, there are a number of checks and balances in place.
> First, the CUs watch each other. With a broad group, you can be assured
> they don't all always agree and there is healthy debate and dialogue.
> Second, enwp has an audit subcommittee that routinely audits the logs with
> a fine toothed comb.  They are NOT all previous checkusers, to avoid the
> sort of groupthink that appears to concern you. Then, the WMF has an
> ombudsman commission, which also may audit with commission from the Board.
> Those people take their role very seriously. And last, anyone with genuine
> privacy concerns can contact the WMF:  me, Maggie, anyone in the legal or
> community advocacy department.
>
> Is it an iron clad assurance of no misbehavior?  Probably not, and we will
> continue to get better at it: but I will say that in 3 years of being
> pretty closely involved with that team, I'm impressed with how much they
> err on the side of protection of privacy. I have a window into their world,
> and they have my respect.
>
> Best, PB
> -----------------------
> Philippe Beaudette
> Director, Community Advocacy
> Wikimedia Foundation, Inc
>
>
> Sent from my Verizon Wireless BlackBerry
>
> -----Original Message-----
> From: John <phoenixoverride at gmail.com>
> Sender: wikimedia-l-bounces at lists.wikimedia.org
> Date: Wed, 13 Jun 2012 21:17:09
> To: Wikimedia Mailing List<wikimedia-l at lists.wikimedia.org>
> Reply-To: Wikimedia Mailing List <wikimedia-l at lists.wikimedia.org>
> Subject: Re: [Wikimedia-l] CheckUser openness
>
> Yet another attempt from a checkuser to make monitoring their actions and
> ensuring our privacy more difficult.
>
> On Wed, Jun 13, 2012 at 9:10 PM, Risker <risker.wp at gmail.com> wrote:
>
> > Each project has its own standards and thresholds for when checkusers may
> > be done, provided that they are within the limits of the privacy policy.
> > These standards vary widely.  So, the correct place to discuss this is on
> > each project.
> >
> > Risker
> >
> > On 13 June 2012 21:02, Thomas Dalton <thomas.dalton at gmail.com> wrote:
> >
> > > Why shouldn't spambots and vandals be notified? Just have the software
> > > automatically email anyone that is CUed. Then the threshold is simply
> > > whether you have an email address attached to your account or not.
> > >
> > > This seems like a good idea. People have a right to know what is being
> > done
> > > with their data.
> > > On Jun 14, 2012 12:35 AM, "Risker" <risker.wp at gmail.com> wrote:
> > >
> > > > On 13 June 2012 19:18, John <phoenixoverride at gmail.com> wrote:
> > > >
> > > > > This is something that has been bugging me for a while. When a user
> > has
> > > > > been checkusered they should at least be notified of who preformed
> it
> > > and
> > > > > why it was preformed. I know this is not viable for every single CU
> > > > action
> > > > > as many are for anons. But for those users who have been around
> for a
> > > > > period, (say autoconfirmed) they should be notified when they are
> > CU'ed
> > > > and
> > > > > any user should be able to request the CU logs pertaining to
> > themselves
> > > > > (who CU'ed them, when, and why) at will. I have seen CU's refuse to
> > > > provide
> > > > > information to the accused.
> > > > >
> > > > > See the Rich Farmbrough ArbCom case where I suspect obvious
> fishing,
> > > > where
> > > > > the CU'ed user was requesting information and the CU claimed it
> would
> > > be
> > > > a
> > > > > violation of the privacy policy to release the
> time/reason/performer
> > of
> > > > the
> > > > > checkuser.
> > > > >
> > > > > This screams of obfuscation and the hiding of information. I know
> the
> > > > > ombudsman committee exists as a check and balance, however before
> > > > something
> > > > > can be passed to them evidence of inappropriate action is needed.
> > Ergo
> > > > > Catch-22
> > > > >
> > > > > I know checkusers  keep a private wiki
> > > > > https://checkuser.wikimedia.org/wiki/Main_Page and I know
> according
> > to
> > > > our
> > > > > privacy policy we are supposed to purge our information regularly
> (on
> > > > wiki
> > > > > CU logs exist for 90 days) however who oversees the regular removal
> > of
> > > > > private information on the wiki?
> > > > >
> > > > > My proposal would be for all users who are at least auto confirmed
> to
> > > be
> > > > > notified and be able to request all CU logs regarding themselves at
> > any
> > > > > point, and any mentions of themselves on the CU wiki should be
> > > > retrievable.
> > > > >
> > > > >
> > > > >
> > > > Perhaps some full disclosure should be made here John.  You are a
> > > checkuser
> > > > yourself, have access to the checkuser-L mailing list and the
> checkuser
> > > > wiki, helped to set up the Audit Subcommittee on the English
> Wikipedia
> > > > (which carries out reviews of checkuser/oversighter actions on
> > request);
> > > > you are also a member of the English Wikipedia functionaries mailing
> > list
> > > > because you are a former arbitrator, a checkuser and an oversighter
> on
> > > > enwp. (so have access there to express your concerns or suggest
> changes
> > > in
> > > > standards),   It seems you are complaining about a specific case, and
> > > > instead of talking things out about this specific case, you've
> decided
> > to
> > > > propose an entirely different checkusering standard.  I'll point out
> >  in
> > > > passing that half of the spambots blocked in recent weeks by
> checkusers
> > > > were autoconfirmed on one or more projects, and even obvious vandals
> > can
> > > > hit the autoconfirmed threshold easily on most projects.
> > > >
> > > > Full disclosure on my part: I am also an Enwp checkuser and a member
> of
> > > the
> > > > Arbitration Committee.
> > > >
> > > > Risker
> > > > _______________________________________________
> > > > Wikimedia-l mailing list
> > > > Wikimedia-l at lists.wikimedia.org
> > > > Unsubscribe:
> https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
> > > >
> > > _______________________________________________
> > > Wikimedia-l mailing list
> > > Wikimedia-l at lists.wikimedia.org
> > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
> > >
> > _______________________________________________
> > Wikimedia-l mailing list
> > Wikimedia-l at lists.wikimedia.org
> > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
> >
> _______________________________________________
> Wikimedia-l mailing list
> Wikimedia-l at lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
> _______________________________________________
> Wikimedia-l mailing list
> Wikimedia-l at lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
>


More information about the Wikimedia-l mailing list