[Foundation-l] check user...

Sat Mar 31 18:26:29 UTC 2007

On 3/31/07, Robert Horning <robert_horning at netzero.net> wrote:
>
> I disagree that the damage that somebody using checkuser privileges is
> necessarily irreversible and necessarily causes too many legal problems
> "for themselves and the foundation."  There is obviously an extreme case
> or two where this may be the case, but on the whole I can't really seen
> where revealing the IP address of a user is necessarily going to be a
> major problem.  At best, the worst damage that can happen is to document
> what computer an edit actually took place on.  Only with 3rd party
> records would it even be remotely possible to tie this with a specific
> individual.

The laws regarding such things vary wildly between regions. In comparison to
American privacy laws, for instance, the laws in manz European countries are
much more strict. Disclosing personal information without the consent of the
person the information belongs to can be prosecuted in criminal and civil
court in some instances. Note that many of these laws aren't primarily meant
to restrict the government from accessing the information but other private
entities. The legal implications of checkuser shouldn't be underestimated.

In addition, any user, including anonymous users, can trace the IP
> addresses of many of the contributors to Wikimedia projects.... that is
> the default log-in type.  And accidental disclosure of IP addresses are
> almost inevitable for most users, especially if you accidentally make an
> anonymous IP edit because the cookie in your browser has expired (it has
> for me on a couple of occasions).  For example (and I mention this
> because he also did one of these accidental disclosures and later noted
> this IP address explicitly)  Richard Stallman of the Free Software
> Foundation fame is also [[w:User:Rmstallman]], and by only accessing
> Wikipedia by anonymous status (I wasn't even logged into my Wikipedia
> account), I can find out that at least one of the IP addresess he has
> used to edit Wikipedia was with 128.30.16.48
> ...
> If a 10-year-old has been given bureaucrat privileges on a Wikimedia
> project, I would be very surprised.

There is at least one fifteen old user who is a bureaucrat on a Wikimedia
project.

It may also present some
> interesting legal problems for the WMF in terms of liability for that
> user's actions, but I also believe that any such user who has achieved
> that level of trust in a particular project is going to have a level of
> maturity to keep from abusing the checkuser tool as well.

Actual abuse isn't necessary to be subject to a lawsuit. People who
volunteer to perform checkuser functions must be fully aware of the
responsibilities their actions incur and the possible consequences of those
actions. It may be customary to assume good faith in Wikimedia projects.
Unfortunately, the real world doesn't always work that way.

Regards,

Sebastian