[Foundation-l] Stewards are ignoring requests for CheckUser information?

[Essjay]

I don't know that the issue that concerns me is the same that concerns 
the Foundation, but I know what scares the hell out of me about 
Checkuser is this:

We have users from all over the world. Not all of them live in countries 
where their safety is guaranteed; there are, most assuredly, editors 
from regimes where if their personal information was discovered, they 
could be imprisoned and perhaps even killed. That terrifies me, because 
I don't want anybody dying over Wikipedia, nor do I want them to end up 
in prison. If checkuser falls into the wrong hands (I'm no conspiracy 
theorist, but I don't think it's too hard to imagine foreign governments 
wanting to hunt down our contributors; after all, at least two have 
blocked us flat out already), the result could literally be a matter of 
life and death. *Life and death.*

Some people have advocated granting checkuser liberally, and I disagree 
strongly with that; I'm not even particularly comfortable with the idea 
of it being election-based at all, although I trust the Board, and I 
don't believe they would have allowed for local elections if they 
weren't convinced it was safe. I do think, however, that it should be 
kept to as few users as possible, whether that means having guest 
checkusers as Kelly & I have advocated, or whether it means some  other 
system. I for one am certainly willing to perform checks for other 
projects (indeed, I offered to do so for Wikisource), and I am sure that 
some of the others would as well (Kelly has already stated her 
willingness to do so).

As I said, I can't say that the dire scenario I laid out above is what 
the Board has in the back of their minds when thinking about checkuser, 
but I certainly know it is what is in mine. I really don't want to turn 
on CNN some morning and see "[Insert country here] dissident 
assassinated after link to Wikipedia discovered."

Essjay

http://en.wikipedia.org/wiki/User:Essjay
Wikipedia:The Free Encyclopedia
http://www.wikipedia.org/



Robert Scott Horning wrote:
> Anthere wrote:
>
>   
>> Hi
>>
>> Let me try to address your various points the best I can.
>>
>> Robert Scott Horning wrote:
>>  
>>
>>     
>>> Anthere wrote:
>>>
>>>
>>>    
>>>
>>>       
>>>> The reason for the 25 votes limit comes from two reasons
>>>> * A community with less than 25 users is unlikely to really need 
>>>> frequent checkusers, because it is a project with reduced activity. So, 
>>>> it can not be a heavy load for stewards.
>>>> * A community with less than 25 users has a rather serious risk to have 
>>>> a rather little known editor become a checkuser, rather than a trusted 
>>>> oldbie. If we start handing out status just as we do for sysop status on 
>>>> small projects, I think there will be abuse. I say this from my 
>>>> experience, as I had to unsysop several sysops on small projects (the 
>>>> guys did not know our basic rules, behaved like dictators with the 
>>>> handful of editors, put advertisements on the main page, controlled povs 
>>>> etc...).
>>>>
>>>> I am perplex that the en.wikibooks does not have a big enough base of 
>>>> editors to vote on a check user...
>>>> I am quite lazy, so I will not go to the stats page to check. But can 
>>>> you roughly say how many active editors per month the project currently 
>>>> has ? How many very active editors per month ?
>>>>
>>>> ant
>>>>
>>>>
>>>>      
>>>>
>>>>         
>>> Since the stats page hasn't been updated since November of last year, it 
>>> is completely useless to even gague what the current activity is on any 
>>> Wikimedia project.  I can only use the current activity on the Wikibooks 
>>> staff lounge to even remotely gague what the current user activity level 
>>> is, but I would guess it is pretty close to about 20 user at the 
>>> absolute top.  Really stretching it perhaps we can get to 25 total at 
>>> the most.
>>>
>>> And as for advertising this, I guess we could put it in bold 40 point 
>>> type on the project main page with a link to a special page only for 
>>> this kind of request.  I think that is way over the top and something 
>>> that is not needed in this situation.  The advertising was more than 
>>> adequate, it is just that this is a very unreasonable request.
>>>
>>> As for a "community with less than 25 users unlikely needing frequent 
>>> checkuser scans", I think this is mistaken totally what is going on. 
>>> en.wikibooks has numerous links from within Wikipedia, and is being 
>>> hammered by vandals that have moved on from Wikipedia, indeed with 
>>> excellent training on how to be a vandal on Wikipedia, and taking on 
>>> other projects as well that don't have quite the same pool of 
>>> administrators.
>>>    
>>>
>>>       
>> I see.
>> Perhaps the number 25 was too high then. That would tend to suggest this.
>> But again, let me explain why we put a minimum limit. We have some small 
>> projects with a number of editors of less than 5. What usually happens 
>> is that the most active one simply ask sysop status (and even sometimes 
>> bureaucrat status) on meta because their project *need* a sysop. Which 
>> means the status is given without any community voting whatsoever.
>> Sometimes, when it is a new language in particular, the editor has been 
>> on our projects only for a couple of days and have no idea of our basic 
>> rules of operating whatsoever (npov in particular).
>> More than once, we had problems later on. And it was not always easy for 
>> the very small growing community to have a black sheep unsysoped.
>>
>> What I think should NOT be allowed to happen, ever, is that the new 
>> wikiquote project in maori be created, and a total stranger be given 
>> sysop, bureaucrat and checkuser status so that he can start the 
>> community. In short, I think that only editors known by a significant 
>> number of other editors should ever be given checkuser access. Hence the 
>> 25 votes. Which may be too high a value.
>>
>>
>> So, option 1 : decreasing the number of votes requirements.
>>
>> Now, there are other options we could follow.
>>
>>     
>
> I would suggest that the standards for becoming a bureaucrat should be 
> much higher for brand new projects in this case, and this is perhaps 
> something that needs to be established on a Wikimedia-wide policy as 
> well and not just on a project by project basis.  The point about 
> becoming a bureaucrat is that they have the ability to create other 
> administrators and are presumed to be users trusted enough that they not 
> only have full editorial control over a project to do all of the 
> administrator functions, but they also have the ability to create more 
> administrators.  The charges of a cabal in some cases are justified when 
> you grant bureaucratship to somebody when there is no other means of 
> oversight about what they are doing, and they in turn grant adminship to 
> others with their same point of view but refuse to grant it to others 
> that have a different point of view, and for that reason alone.  This 
> has happened on some of the smaller projects, especially in languages 
> that Foundation board members don't speak fluently and can't monitor 
> directly.
>
>   
>>> As for handing out checkuser status to people who are not trusted 
>>> oldies, that is totally rediculous as well.  There are admins and 
>>> bureaucrats on en.wikibooks who are also admins on other projects, 
>>> including meta, wikinews, and even en.wikipedia.  Active ones at that. 
>>> I see absolutely no reason why the standards for giving somebody 
>>> bureaucrat status when you can't also give them checkuser status.
>>>    
>>>
>>>       
>> I do not know what are the standards for giving bureaucrat status.
>> I think they are not the same at all depending on projects.
>>
>> I see a **major** reason for the standards for giving bureaucrat status 
>> to be different from the standards for giving checkuser status.
>>
>> The standards for giving bureaucrat status are different in each project 
>> and each language. On one project, it will be a vote by all editors of a 
>> project. On another project, it will be a vote by administrators only. 
>> On another project, it might even be a vote by other bureaucrats. Or it 
>> might be no vote at all (just ask on meta). It may be 80% support. It 
>> may be 66%. There are no standards.
>>
>> But if the bureaucrat makes a mess, it is a technical/community issue. 
>> Only the projects can be damaged (which is bad enough). So, it is the 
>> community business to define its own rules.
>>
>> If a checkuser makes a mess, the Foundation itself may be concerned. We 
>> might have problems with an editor for release of private data. So, the 
>> Foundation has a right to have a say in WHO is granted this access. 
>> Hence the policy being *more* standard.
>>  
>>
>>     
> I'm not really understanding this point of view here.  Under what area 
> is the Foundation directly threatened when this release of private data 
> occurs?  It is still a technical/community issue with the checkuser 
> data, and people with checkuser rights can still only do the scan only 
> on registered users for their individual project.  This might be a much 
> bigger concern if they had access to the general Wikimedia user 
> database, such as is being proposed with the common login project.  In 
> this situation where somebody with checkuser rights could access the 
> data on not just the users for their individual project but for anybody 
> on any Wikimedia project, you are correct that the standards should be 
> much higher.... indeed IMHO higher than perhaps even becoming a steward. 
>  That is not the situation right now, from my understanding.
>
> If I take the presumption that the current process of becoming a 
> registered user is still going to continue for some time, and somebody 
> with local checkuser status can only do a checkuser scan on that much 
> smaller group of users, I fail to see where the Foundation is really 
> going to be hurt if they get out of control.  The privacy policy is that 
> reasonable steps are going to happen to protect private data, but you 
> should be aware that if you log onto any website, including Amazon.com, 
> Google, CNN, Microsoft, BBC, or whatever including hackerz.com, that 
> your IP address is going to be logged together with whatever activity 
> that you do on that website.  And that information may be released to 
> interested government agencies.  All the Foundation is promising is that 
> some sort of due process is going to happen before that information is 
> released, like a supeona, and that the information may also be used 
> internally for the protection of the project, such as performing 
> checkuser scans.  
>
> Indeed the current privacy policy doesn't even do that.  It is really 
> just a disclaimer that the data is going to be logged, and that if you 
> don't like it, you shouldn't be logging into any Wikimedia server. 
>  There are some "policies" that go into more depth about how some of 
> this data is protected, but this is more for how the Foundation is going 
> to respond to outside groups that insist on obtaining this information, 
> including not only legal proceedings but also marketing consultants and 
> outside businesses who want to do data mining on the access logs.  I 
> think it is a prudent policy in this regard.
>
> One thing to keep in mind is that the "personally identifying data" 
> isn't protected that well for editors.  Every editor has all of their 
> edit information logged, and not only is it logged but the information 
> is actually published in a very public area for all people to see. 
>  Indeed for most editors, the information is not only logged, but logged 
> according to IP address as well.  Only for those who have bothered to 
> become a registered user is the information partially protected, and it 
> is only on this very limited set of circumstances that the checkuser 
> policy even starts to apply.  And for many others (including myself), 
> not only by handle but it is logged by their actual legal name.  BTW, 
> this is a conscious decision I made when I created my account, knowing 
> the legal implications.  
>
> Furthermore, somebody with checkuser privileges still don't have access 
> to the the full access logs.  Having checkuser status, I can't see what 
> pages another user has been looking at or reading.  All I can do is just 
> see what pages they have been editing, which doesn't require checkuser 
> status... or even any kind of special status on Wikimedia projects, and 
> if they happen to be a registered user, and if they happened to have 
> done something that looks suspicious, all I get to find out with the 
> increased privilege of the checkuser policy is just a list of IP 
> addresses that they have logged in the local project under.  Or just the 
> last IP address depending on the technical side and how far this should 
> go.  No other identifying information is given.  I can't get the e-mail 
> address of the person, nor can I get any of the information on 
> [[Special:Preferences]], including perhaps even mundane but identifying 
> information like what time zone they live in or what their language 
> preference is.
>
> In short, I fail to see where the liability is to the Foundation is 
> under even the most egregious of abuses, and even that can be dealt with 
> mostly by technical limitation, including perhaps a system that limits 
> somebody with checkuser privileges to only a limited number of checkuser 
> scans per day or some other limiting factor to keep major abuses from 
> happening.  I'm also pointing out that smaller projects are going to 
> have proportionally much smaller numbers of users and their ability to 
> damage all of the Wikimedia projects is going to also be proportionally 
> less.  Using your example of the Maori Wikibooks user request to become 
> admin, bureaucrat, and checkuser... all they are going to do is find the 
> IP addresses of the five or six people who even bothered to register on 
> that local project.  Is that really a problem?
>
>