[Wikimedia-l] CheckUser openness
Dominic McDevitt-Parks
mcdevitd at gmail.com
Fri Jun 15 00:06:47 UTC 2012
I think the idea that making the log of checks public will necessarily
be a service to those subject to CheckUser is misguided. One of the best
reasons for keeping the logs private is not security through obscurity
but the prevention of unwarranted stigma and drama. Most checks (which
aren't just scanning a vandal or persistent sockpuppeteer's IP for other
accounts) are performed because there is some amount of uncertainty. Not
all checks are positive, and a negative result doesn't necessarily mean
the check was unwarranted. I think those who have been checked without a
public request deserve not to have suspicion cast on them by public logs
if the check did not produce evidence of guilt. At the same time,
because even justified checks will often upset the subject, the
CheckUser deserves to be able to act on valid suspicions without fear of
retaliation. The community doesn't need the discord that a public log
would generate. That's not to say that there should be no oversight, but
that a public log is not the way to do it.
Dominic
On 6/14/12 6:34 PM, En Pine wrote:
> Nathan, I’d like to respond to all three of your recent comments.
>
>> Can you explain how this is so? I did a fair amount of work at SPI as a
>> clerk, and I'm not sure I understand how the mere fact that a check was
>> performed is giving sockpuppeters a roadmap for how to avoid detection. If
>> you mean they could test the CU net by running a bunch of socks on
>> different strategies to see which get checked and which don't, that seems
>> like a lot of work that a vanishingly small number of abusers would
>> attempt... and also basically the same information as they would receive
>> when those sock accounts are ultimately blocked or not blocked per CU.
>>
>> ~Nathan
> I think you might be amazed that the persistence and sophistication of some individuals. I personally haven’t dealt with them much on-wiki, but I’ve certainly seen them on IRC.
>
>> Here are some problems with that rationale:
>>
>> 1) If a sock confirmation results from a CU check, the person is blocked,
>> which is a pretty big tip off all its own. If a case is filed at SPI, then
>> tons of evidence is submitted, then a CU check is performed in public, then
>> a block is or is not imposed. That whole process is a pretty big tip off
>> too, but we haven't shut it down for providing a road map to abusers.
>>
> You are correct that the start of the CU case is public at the time of filing at WP:SPI. The identity of the CU is also public when it is run for those filed cases. I believe that we are discussing in this thread are instances of the CU tool being used, or data from the tool being used and shared among functionaries who are permitted access to private data, when that use or sharing is not made publicly known at WP:SPI. I am not a Checkuser but perhaps someone who is a Checkuser can give some examples of situations when this happens. I personally know of at least two scenarios.
>
>> 2) You can't dispute the use of CU on your information if you don't know
>> that it was used. It's kind of like secret wiretapping with a FISA warrant;
>> if you never know you've been wiretapped, how are you supposed to challenge
>> it or know whether it was used improperly? As for "various groups can
>> investigate", to some extent that's true. Most of them are checkusers,
>> however, and they still tend not to disclose all relevant information. I'm
>> not saying that any CU is doing anything improper or that it's likely, but
>> such allegations have been made in the past, and it seems like a pretty cut
>> and dried case of people having a right to know how their own information
>> is being used. If Wikimedia were based in Europe, it would most likely be
>> required by law.
>>
>> Nathan
> When you use Wikipedia, information about what you do is logged. The same is true for other websites. In most cases on the internet in general, it’s impossible for the average user to know if their information has been used or disclosed in a way that is contrary to the site’s privacy policy. Sometimes misuse or preventable, improper disclosure of private data is made publicly known, as has happened with many online services being hacked for credit card or password information. The reality on the internet is that generally the information you provide can’t be guaranteed to remain private and secure. It is true that there can be abuses of investigative tools like CU, search warrants, and almost anything else. The best that can be done is to take reasonable precautions and to be careful about what you disclose in the first place, for the people who are trusted with special investigative tools to be honest and competent, to have sufficient “separation of powers” to help as much as possible to verify that the investigators are honest and competent, and for there to be penalties for investigators who misuse their authority. Regarding the investigative use of private information, as I think others have said also, sometimes there may be a good reason to keep an active investigation from being known to the individual who is being investigated. Like you, I value accountability and transparency, and I would gladly listen to suggestions that enhance accountability and transparency while maintaining reasonable safeguards for active investigations. There needs to be a balance. I prefer transparency, but sometimes there are good reasons for information to remain private.
>
> Pine
> _______________________________________________
> Wikimedia-l mailing list
> Wikimedia-l at lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
More information about the Wikimedia-l
mailing list