I do hear and understand the argument here, but it is
somewhat
problematic to have to have the argument "if we do this, we'll be
handing over information to sockpuppeteers we don't want them to have,
and we can't tell you what that information is, because otherwise
we'll be handing over information to sockpuppeteers we don't want them
to have". While I think the methods currently used are probably sound,
and the information would indeed give them more possibilities to evade
the system, I can't be sure of it, because I can't be told what that
information is.
I don't think this is a viable long-term strategy. The Audit Committee
is a way around this, but as indicated before, there is somewhat of an
overlap between the committee and the Check-User in-crowd, which could
(again, could, I'm not sure if it is indeed true).
Apart from the 'timed release' of information I proposed earlier, I
don't really see a viable solution for this, as I doubt we have enough
people that are sufficiently qualified on a technical level to
actually judge the checkuser results, who also have enough statistical
knowledge to interpret the level of certainty indicated in a result,
who also have the trust of the community to carry out the task, who
also have never been a checkuser or arb, who also have the backbone to
blow the whistle if something goes wring, who also have the
willingness and time to take it upon themselves to be a meaningful
member of the Audit Committee.
Hi Martijn,
I agree that there might be ways to structure a delayed and limited release
so that it poses only a moderate risk to investigations, but as I have said,
I think that the benefits to an honest user are limited, and there is
potential for substantial cost in terms of volunteer hours for many types of
users with enhanced permissions who might get lots of requests for audits of
CU actions and lots of detailed questions about CU policy. Even if the risk
to investigations was zero, there would still be those costs of time. In a
cost/benefit analysis, I think there will be more cost value than benefit
value. Consider the amount of time that users with enhanced permissions
could spend conducting risk-based investigations and risk-based or random
audits of CUs, instead of being asked to spend that time answering questions
and conducting investigations solely because users make requests for second
opinions about their account being CU'd even if that CU action had
relatively low risk of CU misuse and inaccuracy.
Regarding who checks the checkusers, I think the current systems of peer
review, AUSC and arbcom reviews, ombudsman review, and WMF review are about
as extensive as realistically possible. Maybe if I was a CU or a member of
one of these organizations I would have deeper insight into potential
opportunities for valuable improvements. If you are seriously interested in
these issues then consider nominating yourself or someone you trust to serve
as a CU, community-appointed AUSC member, ombudsman, or arbiter.
Cheers,
Pine