Wikipedia:Arbitration Committee/CheckUser and Oversight/May 2010 election: Difference between revisions
KnightLago (talk | contribs) fix |
KnightLago (talk | contribs) reword |
||
Line 3: | Line 3: | ||
* The May 2010 election will start at '''00:01 (UTC) on May 9''' and end at '''23:59 (UTC) on May 22, 2010''' using ''[[Special:SecurePoll|SecurePoll]]''. |
* The May 2010 election will start at '''00:01 (UTC) on May 9''' and end at '''23:59 (UTC) on May 22, 2010''' using ''[[Special:SecurePoll|SecurePoll]]''. |
||
* For this election |
* For this election the Committee will likely take up to 4 Checkusers, and 6 Oversighters from the vetted candidates. |
||
* Voters can vote for as many candidates as they wish and must have made 150 mainspace edits by March 31, 2010. |
* Voters can vote for as many candidates as they wish and must have made 150 mainspace edits by March 31, 2010. |
||
* Current arbitrators and former arbitrators from within the past year may not vote. |
* Current arbitrators and former arbitrators from within the past year may not vote. |
Revision as of 15:07, 7 May 2010
The Arbitration Committee recently determined that additional Oversighters and CheckUsers were needed to improve workload distribution and ensure complete, timely response to requests. Following an application period, and review of submissions of by the Committee, the below candidates are being presented for community consideration. The election process is as follows:
- The May 2010 election will start at 00:01 (UTC) on May 9 and end at 23:59 (UTC) on May 22, 2010 using SecurePoll.
- For this election the Committee will likely take up to 4 Checkusers, and 6 Oversighters from the vetted candidates.
- Voters can vote for as many candidates as they wish and must have made 150 mainspace edits by March 31, 2010.
- Current arbitrators and former arbitrators from within the past year may not vote.
For answers to common questions about the election process, please see here.
Timeline of election process
March 31 – Announcement of upcoming election and invitation to request applicationsApril 10 – Deadline to request applicationsApril 12 at 23:59 UTC – Deadline for submission of applicationsMarch 31 – April 30 – Arbitration Committee review of submissions- May 1–8 – Preparation for election, including offers of nomination to selected candidates
- May 7 – Candidates are announced and may post a brief statement.
- May 8 – The community may begin asking questions of the candidates.
- May 9–22 – Voting using the SecurePoll extension for a secret ballot
- May 22–27 – Arbitration Committee review of results
- May 28 – Announcement of results
CheckUser candidates
Amalthea (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)
Hi everyone,
I'm offering to help with the CheckUser tool.
About me: I have an account since September 2005, became an active editor in June 2008, an administrator in February 2009. I am a relatively recent active editor, but do not foresee my activity on this project to change in the near future. I've always only worked on the maintenance part of Wikipedia, in recent times mainly on technical things like templates or maintaining Twinkle and Friendly.
I am a computer scientist, am familiar with the MediaWiki Checkuser extension, and have prior work-related experience with web server log analysis and investigation of multiple account abuse therein, so I know I have the required technical and investigative skills. I believe myself to be an upright, serene, and communicative person and editor, am familiar with the WMF's privacy policy and the CheckUser policy, and have a good understanding of when CheckUser should and should not be used. I only have limited experience with pure contributions-based sock analysis or SPI clerking. Nonetheless, I believe I can be useful at the CheckUser part of SPI.
Amalthea 15:27, 7 May 2010 (UTC)
Comments and questions for Amalthea
Noting in advance that I will only have limited Internet access this weekend (read: via analog modem), so I will probably only be able to respond to questions late on UTC Sunday. Amalthea 15:27, 7 May 2010 (UTC)
Questions from Deskana: (five questions, so I'm only looking for brief answers)
- 1. What are the key differences between the checkuser policy and the privacy policy?
- A. The WMF privacy policy formulates principles about gathered private data, access to that data, and circumstances that can prompt release of that data to third parties. That gathered private data far exceeds what can be queried through the CheckUser extension, and CheckUser queries are only one aspect of the privacy policy, so its principles are more far-reaching than CheckUser queries. CheckUser policy mainly spells out specifics when queries may be used and may not be used, based on the principles from the privacy policy. In addition it details access to the right and gives some specific guidance and best practices, again building on the privacy policy. Amalthea 01:02, 10 May 2010 (UTC)
- 2. What conditions does the checkuser policy require to be met in order to use the checkuser tool on an account?
- A. Most important condition is, I believe, that there needs to be a "good and specific cause" to use it. Checkusers have a range of discretion to use CheckUser queries if there is such a legitimate purpose. Explicitly and most typically, it may be used to prevent damage to the project, i.e. to fight vandalism/bad faith editing, to check for sockpuppet abuse, and to limit disruption of the project. It may not be used to pressure or threaten editors (quite like admin tools in a dispute), and is not normally used to prove innocence on en-wiki (which the privacy policy wouldn't restrict). Amalthea 01:02, 10 May 2010 (UTC)
- 3. What conditions does the privacy policy require to be met in order to use the checkuser tool on an account?
- A. Essentially the same thing, in a more general sense. Principles applying would be that the collected data may be used to "serve the well-being of its projects", by countering "certain kinds of abuse and counterproductive behavior", like "suspected use of malicious “sockpuppets” (duplicate accounts), vandalism, harassment of other users, or disruptive behavior", and minimal access (which translates, in part, to the "good and specific cause" from above). Amalthea 01:02, 10 May 2010 (UTC)
- 4. What conditions does the checkuser policy give on the release of data from the checkuser tool?
- A. It generally defers to the conditions from the privacy policy (see below), and stresses again that disclosure of IP information should be avoided, if possible. Amalthea 01:02, 10 May 2010 (UTC)
- 5. What conditions does the privacy policy give on the release of data from the checkuser tool?
- A. Either of: Compulsory request by authorities, with permission by the user, when necessary for abuse investigations, certain technical issues with bots/spiders, message to ISP complaint department following vandalism/persistent disruption abuse, or in response to certain threats.
Brief answers, as asked for, and in parts simply taken from the policy pages. Feel free to ask follow-up questions. Amalthea 01:02, 10 May 2010 (UTC)
- A. Either of: Compulsory request by authorities, with permission by the user, when necessary for abuse investigations, certain technical issues with bots/spiders, message to ISP complaint department following vandalism/persistent disruption abuse, or in response to certain threats.
Just one question from HJ Mitchell
- 6. If you are granted CU access, how do you think that will affect you as an editor and an administrator and do you think that will (or should) affect the way that other editors interact with you?
- A. Checkusers are comparatively rare since the right is (and should be) given out sparingly, so my focus will certainly shift to SPI.
I remember that when I was a very new editor comments from editors with additional user rights seemed to carry more weight. It obviously shouldn't and doesn't, by itself. Was that your question? Amalthea 01:02, 10 May 2010 (UTC) (slightly tweaked 09:13, 10 May 2010 (UTC))
- A. Checkusers are comparatively rare since the right is (and should be) given out sparingly, so my focus will certainly shift to SPI.
One last minute question by Buggie111
- 7. When do you think your definition of "the near future" will be?
- A. Counted in years. Amalthea 01:02, 10 May 2010 (UTC)
Really last minute question from Spitfire
- 8. Imagine a scenario where a user has created a vandalism page, which was tagged for speedy deletion, and they then then tried to remove the tag, but upon being stopped by a bot, they appeared to log out and remove the tag that way. The page was later deleted but an SPI case was opened on the user, you preform a check which reveals that the user is related to the IP, what action do you take, and why? (or would you not have preformed the check, and if not, why?)
- A. Unless there are circumstances that suggest a wider pattern, there's no need for a checkuser, in particular considering the behavioral evidence, so I would not have performed one. Potential actions range from talking to the user to an indefinite block, depending on other edits by the user, the type of vandalism, and the user's reaction, but that's independent of the SPI case. Amalthea 01:02, 10 May 2010 (UTC)
Question from User:zzuuzz
- 9. What actions would you consider taking if you found an editor was using one or more open proxies to edit? Under what circumstances would you reveal this discovery to the community?
- A. Depends extremely on the circumstances. The IPs of the open proxies will almost always need to be blocked right away (see WP:PROXY), if they aren't already. If the editor used the proxies in violation of WP:SOCK or other policies the violating accounts will be blocked indefinitely, and possibly the master as well. There are circumstances where no action needs to be taken at all, editing through open proxies or Tor is not forbidden per se and we explicitly grant exemptions for that (e.g. for users from Mainland China). If the editor I found was using Wikipedia legitimately and the open proxy was still unblocked, I might contact the editor privately. If the proxy is open and used by only one editor, it might be a misconfiguration and he should be notified privately and urged to quickly rectify it.
In all such legitimate uses, the community should not be notified. If an open proxy was used abusively, a note of that on the respective SPI case can be useful for the future. Amalthea 01:02, 10 May 2010 (UTC) (slightly tweaked 09:13, 10 May 2010 (UTC))
- A. Depends extremely on the circumstances. The IPs of the open proxies will almost always need to be blocked right away (see WP:PROXY), if they aren't already. If the editor used the proxies in violation of WP:SOCK or other policies the violating accounts will be blocked indefinitely, and possibly the master as well. There are circumstances where no action needs to be taken at all, editing through open proxies or Tor is not forbidden per se and we explicitly grant exemptions for that (e.g. for users from Mainland China). If the editor I found was using Wikipedia legitimately and the open proxy was still unblocked, I might contact the editor privately. If the proxy is open and used by only one editor, it might be a misconfiguration and he should be notified privately and urged to quickly rectify it.
Questions from User:7 (ignore the struck question)
10. What is an analog modem?- 10. One of the less documented areas of CU work is to help out at WP:ACC when a CU rangeblock has been applied to an IP requesting a new account. This can be done directly in the ACC interface, or by responding to emails sent to the functionaries list or to a Quick SPI request. Do you have an account with ACC or would you be willing to setup one to help there too?
- A. I do not have an account with the account creation tool. If I find that such requests are more efficiently processed in the ACC tool then sure, I'll ask for an account. I won't seek involvement beyond that, though. Amalthea 09:13, 10 May 2010 (UTC)
Question from Happy-melon
- 11. All CheckUsers and Oversighters are members of the functionaries-en mailing list, a forum for discussion and co-ordination of privacy-related issues which affect any and all areas of Wikipedia. What qualities and perspectives would you bring to such discussions?
- A. Hmm. Probably no perspectives that aren't already there. I believe I am calm, neutral, and objective, don't hold any grudges, and hope that I can be a reasonable voice there. I tend to investigate a lot of background before I write any conclusions. I'd say that my views on privacy are comparatively conservative. Another quality might be that I'm very available throughout the day (UTC+2, currently), and can give input quickly if an issue is pressing. Amalthea 16:30, 12 May 2010 (UTC)
Jamesofur (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)
Howdy!
For those who haven't met me either on wiki or IRC (or some of you irl) my name is James. If you look at my account ( here for my matrix or here for the SUL util) you will notice a couple things. One that is obvious is that while my En account has been created for a while I wasn't really active before last August. Before that I was around (with very infrequent wikignomish edits logged in and out) but I mostly read, and read. Because of a habit I have of following links to keep getting the story this often included pages about the "infrastructure" of the wiki and eventually led me to getting more active. The other thing you will notice is that while I have not been an admin on En for long (RfA Passed April 22nd) I have a fair amount of tools... on other wikis. My focus for quite a while has been cross-wiki abuse (vandalism and spam) as part of that I am a Checkuser and Sysop on the Simple English Wikipedia, a sysop on Meta Wiki as well as a Global sysop and Global rollbacker. I am also an OTRS agent focusing on Permissions and copyright violations.
I think I could be a great addition to the En checkuser team:
- Availability: I constantly idle on IRC and am available for hours a day (and frequently at odd hours when other CUs do not seem to be available) and easily contactable by multiple people for emergencies (and happy to help whenever humanly possible).
- crosswiki experience, work and tools: Having access to the Checkuser tools on En would allow me to help for both time sensitive (and perhaps complex) checks and the fast and simple requests that are not worth leaving to rot, especially for the fairly frequent occurrences when stewards are looking for help or vandals are crossing project boundaries where I have either the tools or contacts to help deal with them. I will also be available to speed up processing of normal on wiki Checkuser requests.
- Prior experience: I have held the Checkuser on another WMF project since December. Because of this I have already had extensive experience with the tools both technically (range blocks, proxies/nmap, XFF's etc) and (arguably more important) first hand experience learning more about behavioral evidence. I have also had experience with the vandals we already have to deal with through work both with they come to Simple (when they get blocked here they go there) and through the Checkuser-l mailing list (where I'm a list admin).
I can tend to be a bit tl;dr and so I don't want to drag on too much longer, but I am happy to answer any questions people have and will promise to respond quickly. I also have a slightly expanded statement since I had to cut this one down for the 500 word limit. James (T C) 16:38, 7 May 2010 (UTC)
Comments and questions for Jamesofur
- Questions from Deskana: (five questions, so I'm only looking for brief answers)
- What are the key differences between the checkuser policy and the privacy policy?
- The short answer is that they tend to have different job. The part of privacy policy that we deal with as a CU is largely focused on the release of information with some broader comments about access and use. The Checkuser policy quotes the privacy policy but the rest is much more directly focused on who is allowed access to the tool and when it can be used. What little is added on Wikipedia:Checkuser focuses on the same.
- What conditions does the checkuser policy require to be met in order to use the checkuser tool on an account?
- The checkuser policy is quite clear, you can only use checkuser to prevent damage to the WMF projects most specifically to combat vandalism, abusive socks and disruption and that it must NOT be used as any kind of political tool or threat. You are allowed to check an account on request, but not required to.
- What conditions does the privacy policy require to be met in order to use the checkuser tool on an account?
- In general the privacy policy does not concern itself with what conditions must be required to use the tool, except that it must be used as minimally as possible and to serve the good of the projects except when forced to use it by a legally binding decision (which is generally outside of our purview).
- What conditions does the checkuser policy give on the release of data from the checkuser tool?
- In general the checkuser policy does not deal with this issue (though it does quote the privacy policy). It does give some deeper explanation that basically boils down to "if in doubt, don't or seek additional tool holders to discuss it with)
- What conditions does the privacy policy give on the release of data from the checkuser tool?
- The privacy policy states that data must never be released except under specific conditions (paraphrased):
- Valid, and forced, request from law enforcement.
- With permission from the user
- When required to investigate, defend against and report abuse.
- When necessary to protect the Foundation, it's users, and the public (this is a bit of the catch all, threats of harm for example)
- Bot related technical data to help the developers (generally involves data the developers will get from elsewhere).
- The privacy policy states that data must never be released except under specific conditions (paraphrased):
On a side note the Checkuser quote from the privacy policy seems a bit out of date... I'm going to have to look into that later today. James (T C) 23:50, 8 May 2010 (UTC)
- Really last minute question from Spitfire
- Imagine a scenario where a user has created a vandalism page, which was tagged for speedy deletion, and they then then tried to remove the tag, but upon being stopped by a bot, they appeared to log out and remove the tag that way. The page was later deleted but an SPI case was opened on the user, you preform a check which reveals that the user is related to the IP, what action do you take, and why? (or would you not have preformed the check, and if not, why?)
- To be totally honest it is highly unlikely I would do the check at all. In a case like that "proving" the connection isn't of any real help especially with the duckyness. Removing the speedy tag while "pretending" to be someone else (assuming they realized they weren't logged in) is bad but is really just a continuation of the vandalism and not an abusive sock issue. Even when vandalism is involved the tools only need to be used (and should be used) when you need them. Further actions would be the same, the vandalism is the real issue here not abuse of accounts/ips, if the IP or account is continuing to vandalize and isn't blocked then I would block but knowing they are linked is not sufficient (in my mind) to warrant placing or adjusting a block on it's own merits. James (T C) 12:26, 9 May 2010 (UTC)
- Question from User:zzuuzz
- What actions would you consider taking if you found an editor was using one or more open proxies to edit? Under what circumstances would you reveal this discovery to the community?
- The policy on En, (it's actually a bit different in practice on some projects despite meta) is fairly clear and if I discover new, unblocked, open proxies they're going to get blocked as such. While editing from an Open Proxy may make me take a second look at the info I have there are very legitimate reasons to do so (most obviously when editing from a location which censors or blocks the project such as China or Iran). In my CU checks on Simple I have definitely found very legitimate editors while checking vandals. So far any legitimate editor I've found using Open Proxies had already asked for and received an IPBlockExemption but if I found one who did not I would attempt to get a hold of them (privately) to see if they need the Exemption. Legitimate editors are more then welcome to edit from unblocked proxies if they want without running afoul of policy and if they have to do it for some reason I have no problem given the ability to do so.
- Regarding when I would reveal the discovery: As always, only when necessary. When investigating a sockpuppet or abuser noting on the SPI or checkuser-l thread that they used open proxies can be very helpful for future investigations and so should be noted. I can't think of any reason to reveal the fact that a legitimate editor is using open proxies. In general Open proxy editing can be used as a marker but isn't "the problem" the problem is if they are acting abusively or not. If they are then we need to address that and if they aren't then there is nothing to address other then making sure they are able to edit. James (T C) 21:53, 9 May 2010 (UTC)
- Question from User:7
- Q One of the less documented areas of CU work is to help out at WP:ACC when a CU rangeblock has been applied to an IP requesting a new account. This can be done directly in the ACC interface, or by responding to emails sent to the functionaries list or to a Quick SPI request. Do you have an account with ACC or would you be willing to setup one to help there too?
- A: Aye, I actually already have an account on ACC and idle in the channel on IRC where both requests and comments are posted. While I make accounts when I see them still open the majority of what I already do there is to help people who have questions on whether they should make the account or not (so same thing a CU will do) I've actually ended up helping out as a CU on multiple instances already because I was able to confirm it was not the person who was being blocked (because of evidence I had seen on either checkuser-l or from Simple since many of the vandals cross project). James (T C) 18:50, 10 May 2010 (UTC)
- Question from Happy-melon
- All CheckUsers and Oversighters are members of the functionaries-en mailing list, a forum for discussion and co-ordination of privacy-related issues which affect any and all areas of Wikipedia. What qualities and perspectives would you bring to such discussions?
- Mostly I don't think I'll bring something "new" as much as another angle. I think in general I'm another level headed and calm individual who would be able to comment whenever people wanted advice/thoughts or when I thought I had something that would contribute. Just like the checkuser-l list now I like to read every post I get on any of the foundation/wikipedia mailing lists even if that means I look at it briefly when I get it and read it fully when I have time if it doesn't look like it needs an emergency response and to make sure I read everything even when responding would be superfluous or unhelpful. I also think I'd be able to bring another voice from someone active in the xwiki community which can be very helpful, of course we already have some good voices in that category already. The other thing is a bit harder to "prove", I like to think that I try to see things from a "reader/user/new editor" point of view as much as possible along with the editor point of view and would like to add that insight when something comes up on the mailing list. I don't honestly know how much current functionaries think along those lines so it very well good be something that is already well represented :). James (T C) 07:30, 13 May 2010 (UTC)
MuZemike (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)
Hello, folks! I am MuZemike (first name being Mike, of course), and I am making myself available to run for CheckUser in this CheckUser/Oversight election. I have been an editor on the English Wikipedia since May 31, 2008 and an administrator since September 14, 2009. I have over 40,000 edits so far (verify) and have conributed to 7 good articles and 12 did you know articles. Recently, I have co-coordinated with User:Wizardman in the April 2010 good article nomination backlog elimination drive, which resulted in a reduction in the backlog by over 300 nominations.
I have been a CheckUser clerk for sockpuppet investigations since July 21, 2009 and have helped to rewrite the administrators' instructions for sock puppetry (as now transcluded on the WP:SOCK policy page). As a clerk, I have assisted other editors and the CheckUsers in many cases; as an admin, I have handled hundreds of SPI cases, especially at times when the backlogs were quite large. In addition to SPI, I am also an edit filter manager and have created to date four edit filters, three of which I actively maintain to combat various vandalism.
Being a Wisconsinite, I live in the Central Time Zone (UTC-5). I am not in school right now, and I work 4 days a week, normally having off Saturdays, Sundays, and Mondays unless other RL activities require me to be away. I have at times coordinated with CheckUsers on other Wikipedias and have gotten accounts blocked on enwiki or globally locked on Meta; if elected to CheckUser I will continue in cross-wiki coordination with other CheckUsers and administrators.
Technically, I am knowledgeable in the CIDR notation (which is essential for any type of rangeblocking) and have made many rangeblocks. I am also able to read WHOIS and geolocation information as well as interpret editing patterns to determine whether IP addresses are static or dynamic. I generally block IP addresses on a need-be basis; that is, I usually block long enough to prevent disruption as other innocent users can easily take over on IPs. If there hasn't been any recent disruption, then I normally don't block.
I have knowledge to how the CheckUser tool works and what it can check and what it can not check. As we know CheckUser is not a fishing or 8-ball tool, I understand that it's not a be-all and end-all tool for determining sock puppetry - that is up to the regular admin (as I have done many times) to ultimately take the CheckUser evidence alongside the behavioral editing patterns and determine if there is a match.
Finally (I'll put this out right here and now), I am above the legal age required by the Wikimedia Foundation (I am 28) and will identify myself to the Foundation if elected by the community. –MuZemike 17:30, 7 May 2010 (UTC)
Comments and questions for MuZemike
- Questions from Deskana: (five questions, so I'm only looking for brief answers)
- What are the key differences between the checkuser policy and the privacy policy?
- In the crudest sense, the WMF's privacy policy is more general and applies to both checkuser and oversight, while the checkuser policy is more specific as to what cannot be done per the privacy policy. In addition, the privacy policy covers additional points of emphasis such as the viewing of deleted pages/revisions, the usage of cookies, and legal implications. Basically, the privacy policy is the driving force behind what the checkuser policy does. –MuZemike 15:54, 9 May 2010 (UTC)
- What conditions does the checkuser policy require to be met in order to use the checkuser tool on an account?
- Because of privacy policy reasons and the need to prevent releasing one's private information out to the public, checkuser is supposed to be used only when necessary. As the policy states, that includes abuse via socks or other abuse such as vandalism or similar disruption. Just as with other tools given to editors and admins like rollback, deletion, or blocking, you cannot use it to gain an upper hand in a dispute. –MuZemike 15:54, 9 May 2010 (UTC)
- What conditions does the privacy policy require to be met in order to use the checkuser tool on an account?
- The privacy policy basically says the same thing as the checkuser policy, while the privacy policy adds that the usage of its main applicable tools (CU and OS) should be kept to a minimum to (understandably) reduce exposure to such privacy issues. This is why we normally block users without running a checkuser when behavioral evidence clearly indicates sock puppet activity. –MuZemike 15:54, 9 May 2010 (UTC)
- What conditions does the checkuser policy give on the release of data from the checkuser tool?
- First off, I sense the difference between this and the following question is that #4 deals with specifically what checkuser can and cannot do, while #5 deals with what checkuser, oversight, or any other future tool dealing with privacy can or cannot do in general. The big things with checkuser is that IPs should not be revealed publicly (which is why you see many times from CUs "no comment on the IP(s)") and only to other users (the privacy policy actually narrows this down to "other privileged users"), and the old "when in doubt, don't disclose" mantra. –MuZemike 15:54, 9 May 2010 (UTC)
- What conditions does the privacy policy give on the release of data from the checkuser tool?
- The release of private information is made more explicit in the privacy policy than in the checkuser policy. To briefly list them, reasons to release include in response to a subpoena or law enforcement request, with the affected user's permission, for abuse complaints (either internally or with an ISP) for resolution of technical issues, or when otherwise necessary to protect the WMF or the public. –MuZemike 15:54, 9 May 2010 (UTC)
- Questions from Firsfron:
You recently indefinitely blocked a good-faith contributor with over 17,000 edits under his belt with the block summary Vandalism-only account. Although you reversed the block and apologized, the editor is question has politely requested an explanation, but still has received none. You've edited since then. As a Checkuser, what will you do to prevent mistakes like this (relating to both Checkuser tools and Administrator tools) from occurring in the future? And, in the case of a mistake in Checkuser procedures, will you explain your rationale for the mistaken action? Firsfron of Ronchester 17:45, 8 May 2010 (UTC)
- I thought I have explained that in the unblocking and thought the situation was settled. I made a mistake there and admitted to it, albeit at a horrible, horrible time. I cannot add anything else there besides the fact that I messed up there on blocking.
- As far as CU is concerned, if I have overlooked something in the CU results, I would not be afraid to admit to error (as I have done in the past and very recently), but my the WMF privacy policy, I cannot go as far as to disclosing anything that would result in outing a person's private information if it hasn't been done so already by that person. It is just as bad if not worse to try to rectify one mistake and then make another in the rectification process. –MuZemike 08:11, 9 May 2010 (UTC)
- Really last minute question from Spitfire
- Imagine a scenario where a user has created a vandalism page, which was tagged for speedy deletion, and they then then tried to remove the tag, but upon being stopped by a bot, they appeared to log out and remove the tag that way. The page was later deleted but an SPI case was opened on the user, you preform a check which reveals that the user is related to the IP, what action do you take, and why? (or would you not have preformed the check, and if not, why?)
- First off, if a block is necessary to stop the continued vandalism, then I would block the registered account only (remember that the related IP would be autoblocked, and such information about autoblocks is hidden from public view including administrators). The main thing here to worry about is to try and prevent the release or personally identifiable information to the user, so I there would be no need for me to disclose whether or not there is a connection. Since some will easily assume that the IP is related due to looking at the contributions on a page, there isn't much that I would be able to do preventing such inferences from being made. Now if the registered user clearly indicated that the IP did belong to that user, then there would be no privacy policy violation by disclosing that. –MuZemike 16:04, 9 May 2010 (UTC)
- Question from User:zzuuzz
- What actions would you consider taking if you found an editor was using one or more open proxies to edit? Under what circumstances would you reveal this discovery to the community?
- Per our (WMF also) policy on open proxies, the OP would be blocked and normally for a very long time or until the proxy closes; good faith contributors caught under . Naturally, this block would be listed in the block logs, so this would already be revealed. They may be disclosed as part of a sockpuppet investigation for instance that OPs were being used. This is done to let users know in the case of repeated abuse via OPs; for our more serial vandals and sockpuppeteers, this is commonplace. –MuZemike 16:26, 9 May 2010 (UTC)
- Question from User:7
- Q One of the less documented areas of CU work is to help out at WP:ACC when a CU rangeblock has been applied to an IP requesting a new account. This can be done directly in the ACC interface, or by responding to emails sent to the functionaries list or to a Quick SPI request. Do you have an account with ACC or would you be willing to setup one to help there too?
- A. I have just a little experience in creating accounts for others, as the unblock-en-l mailing list gets similar requests from time to time. If checkuser assistance is needed over in the ACC area, I'd be willing to volunteer some of my time to help over there. I do realize the folks over at ACC are fairly low-key but just as essential. –MuZemike 17:30, 10 May 2010 (UTC)
Tiptoety (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)
Hello everyone. I am Tiptoety. I have been on Wikipedia for a little over three years. In those years, I have spent a fair amount of time dealing with sockpuppetry. I started as a clerk at the former request for CheckUser back in June of 2008. After noticing a number of flaws in the system we were using, I, along with a small group of other users created Wikipedia:Sockpuppet investigations (our current process for dealing with, and responding to sockpuppetry). I still currently serve as a clerk there.
I was granted sysop rights on this project in March of 2008 and have since performed approximately 14,500 logged actions. I also serve as a Sysop, CheckUser, and Oversight on Wikimedia Commons, and am a Global Sysop. In those roles I deal with a large amount of cross-wiki vandalism/sockpuppetry (most of which is initiated on the CheckUser mailing list). A number of these involve en.wiki in which me having access to the CheckUser tool could assist in investigations and in the speedy response to vandalism. (For all my other userrights, please see my matrix).
One of our current issues is that there are a large amount of request for CheckUser attention that sit untouched for sometimes up to a week. I feel that by me having CheckUser rights I could assist in ensuring the quick handling of cases. I am online every day, and consider myself active. I am reachable via email, and use IRC.
Lastly, I am already identified with the foundation and am very familiar with the privacy policy. My personal philosophy is that if I am unsure, hold off and ask for a second opinion. Tiptoety talk 03:01, 8 May 2010 (UTC)
Comments and questions for Tiptoety
- From Aiken drum: Why do you think you failed your last request, and do you think you've overcome the problems raised there? Aiken ♫ 12:06, 8 May 2010 (UTC)
- A. I think the main cause of concern related to my previous request was my professional life. Many felt that with my work in the field of law enforcement my judgment would impaired by some form of "legal requirement to act", specifically relating to threats of violence. While I respect peoples concern, I am not sworn in any manner that requires me to report perceived threats of violence to law enforcement, nor am I bound by any policy to do so. This was confirmed by and Arbitrator (Risker), who contacted my employer. Like I promised in my last request, should I be put into a position of "mandatory reporting" I would resign as a CheckUser. I also promised the defer to other CheckUser's should I feel my decision making is some how being effected by my professional life. That said, I would argue (as shown on commons, in my role as a CheckUser there) such situations have never happened. Cheers, Tiptoety talk 20:00, 12 May 2010 (UTC)
- Questions from Deskana: (five questions, so I'm only looking for brief answers)
- What are the key differences between the checkuser policy and the privacy policy?
- The foundation's privacy policy is far more specific in regards to the principles of privacy, the release and retention of private (non-public data), and is not just limited to the information that the CheckUser tool provides those with access to it. The CheckUser policy goes more in depth with regards to the principles surrounding the actual usage of the CheckUser tool. More specifically, the criteria that must be met in order for a check to be ran, and standard operating procedures. Tiptoety talk 20:40, 10 May 2010 (UTC)
- What conditions does the checkuser policy require to be met in order to use the checkuser tool on an account?
- The CheckUser policy states that CheckUser is a tool which is granted to trusted users for the purpose of fighting vandalism, investigate cases of "bad faith editing" where there is a possibility of multiple accounts being used, and more generally to limit disruption to any Wikimedia project. As such an account must be involved in some form of disruption where there is a reasonable suspicion of multiple accounts being used before a check can be ran. It is worth nothing there are legitimate uses for alternate accounts. Tiptoety talk 20:40, 10 May 2010 (UTC)
- What conditions does the privacy policy require to be met in order to use the checkuser tool on an account?
- And I quote: "when investigating abuse on a project, including the suspected use of malicious “sockpuppets” (duplicate accounts), vandalism, harassment of other users, or disruptive behavior, the IP addresses of users (derived either from those logs or from records in the database) may be used to identify the source(s) of the abusive behavior." Tiptoety talk 20:40, 10 May 2010 (UTC)
- What conditions does the checkuser policy give on the release of data from the checkuser tool?
- For most of the cases, revealing a users IP is not an appropriate response. Only under certian circumstances should private data be released, those generally being when the disruption has reached a level to warrant IP blocks / range blocks. That said, there are ways of going about issuing range blocks without revealing who the IP is linked too. Tiptoety talk 20:40, 10 May 2010 (UTC)
- The privacy policy states very specific conditions:
- In response to a valid subpoena or other compulsory request from law enforcement,
- With permission of the affected user,
- When necessary for investigation of abuse complaints,
- Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues,
- Where the user has been vandalizing articles or persistently behaving in a disruptive way, data may be released to a service provider, carrier, or other third-party entity to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers,
- Where it is reasonably necessary to protect the rights, property or safety of the Wikimedia Foundation, its users or the public. Tiptoety talk 20:40, 10 May 2010 (UTC)
- Just one question from HJ Mitchell
- If you are granted CU access, how do you think that will affect you as an editor and an administrator and do you think that will (or should) affect the way that other editors interact with you?
- A.Nothing will change. I already work around SPI quite a bit, and deal with sockpuppetteers often. I will still ask for second opinions and seek help when needed. Just because I will have access to CheckUser will not mean I will be the end all know all. Tiptoety talk 20:40, 10 May 2010 (UTC)
- Really last minute question from Spitfire
- Imagine a scenario where a user has created a vandalism page, which was tagged for speedy deletion, and they then then tried to remove the tag, but upon being stopped by a bot, they appeared to log out and remove the tag that way. The page was later deleted but an SPI case was opened on the user, you preform a check which reveals that the user is related to the IP, what action do you take?
- A. I am not sure a situation like that would even warrant a check to start with, given it is a pretty clear cases of DUCK. That said, I would probably leave a message on the users talk page advising them of our sock policies. I do not feel a block would be warranted. Tiptoety talk 20:40, 10 May 2010 (UTC)
- Question from User:zzuuzz
- What actions would you consider taking if you found an editor was using one or more open proxies to edit? Under what circumstances would you reveal this discovery to the community?
- A. I think each situation needs to be evaluated on its own merits. Before taking any action, I would contact the user who is believed to be editing through an open proxy. If after doing so, I conclude that the intention of the user was to cause some form of disruption, evade a block, or avoid scrutiny then I would reveal the discovery to the community. Tiptoety talk 00:47, 11 May 2010 (UTC)
- Question from User:7
- Q One of the less documented areas of CU work is to help out at WP:ACC when a CU rangeblock has been applied to an IP requesting a new account. This can be done directly in the ACC interface, or by responding to emails sent to the functionaries list or to a Quick SPI request. Do you have an account with ACC or would you be willing to setup one to help there too?
- A. I had an ACC account a while ago, but had it closed due to inactivity. If this is an area that requires a fair amount of CheckUser work I would be willing to have my account reopened and help out when needed. I will be honest that this would not be a top priority for me. Tiptoety talk 22:33, 10 May 2010 (UTC)
- Question from Happy-melon
- All CheckUsers and Oversighters are members of the functionaries-en mailing list, a forum for discussion and co-ordination of privacy-related issues which affect any and all areas of Wikipedia. What qualities and perspectives would you bring to such discussions?
- A. Being that I already have access to the cross-wiki CheckUser mailing list, I am familiar with the type of discussions that take place. In that, I consider myself fairly knowledgeable of proxy detection and have often offered my assistance with such matters. I also hold CheckUser privileges on commons, and should the matter be cross-wiki I could provide my assistance there. Tiptoety talk 19:35, 18 May 2010 (UTC)
- Comment/Question from Max Rebo Band, I wonder if there isn't something underlying in the "election promise" that "My personal philosophy is that if I am unsure, hold off and ask for a second opinion." - when you appear to have been one of a handful of administrators on Wikimedia Commons who sipmly deleted dozens of images you found personally distasteful because they contained nudity this past month, without a proper channel such as a Deletion Request. I notice many of those images have been restored by other administrators, often because they were in fact on use in WMF projects, indicating you likely did not "hold off and ask for a second opinion". Examples would include File:Anelina Stretching.jpg, File:G0001.jpg, File:Camila Tavares making a handbra.jpg and File:Ashley Taking a Shower 15.jpg. I guess my concern is that your taste for "unilateral action without consensus" seems demonstrated for deleting images...how do you allay the concern that you may approach our privacy policy the same way when seeking to unmask sockpuppets? I notice that you were criticised for "misrepresenting" the fact you were in fact a Police Officer with the Multnomah County Sheriff's Office in your second failed Request for Admin, and admitted it yourself in your third Request. This does raise severe privacy concerns for me, when Law Enforcement is now seeking the ability to ascertain the actual identities of pseudonymous editors on WMF.Max Rebo Band (talk) 04:15, 20 May 2010 (UTC)
Oversight candidates
Arbitrarily0 (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)
Greetings all! Call me anything! I've been volunteering here at Wikipedia for a couple of years now (as an administrator since 2009). I reside in the Eastern Time Zone and am an OTRS and ACC volunteer. Being a gnome-elf hybrid of sorts, I suppose I have few major wiki-achievements to make you aware of. Low elf-esteem and gnome-good puns aside, oversight is nothing to laugh at. The responsibilities involved in dealing with oversight requests are immense. Handling real-world personal information is an interminable responsibility, very different from regular editing. As a trustworthy, honest, and helpful Wikipedian, I would be honored to extend my services to Wikipedia by helping protect the personal information of others. Thank you for your consideration, but more importantly, best regards!
Comments and questions for Arbitrarily0
- Questions from HJ Mitchell
- If you are granted Oversight access, how do you think that will affect you as an editor and an administrator and do you think that will (or should) affect the way that other editors interact with you? I hope that
- With the exception of the extra time taken to handle suppression requests, I do not see that bearing the oversight responsibility would or should affect my regular editing. Oversight is simply an expansion of volunteering in Wikipedia's background, and therefore I would hope that other editors would still feel perfectly comfortable in their interactions with me, the same as if I was an anonymous user.
- Do you feel it's important for oversighters to reply to email requests to inform the requester of the action you've taken or not taken?
- Although not required, I do feel that it is important for oversighters to respond to their requesters in most cases. In addition to being a courtesy, a response can also help the requester learn why or why not their request was handled, allowing them to make more accurate requests in the future.
- Question from Keegan
I know it is asked in the questionnaire:
- How will you be willing to respond to saying no to a request, and will you actively do it?
- Unfortunately, declining requests is something that almost every administrator is forced to be familiar with, so doing so kindly is evermore important. Much of my personal experience in this area comes from handling permission requests and requests for undeletion (for example, developing Template:Afdund), where roughly half of the requests are declined. As outlined in the question above, declined unsuited good-faith requests are often best accompanied by a reply to the requester both as a courtesy, and in order to help focus their future requests.
- Questions from Trackinfo
- I just looked at your most recent 500 contributions. Almost all of them were red links from articles--other people's work--you deleted. I hope that was not done Arbitrarily, pun intended. How do you reconcile your work, which appears just to subtract from Wikipedia on a wholesale basis, vs all the other candidates who appear to make edits to try to improve Wikipedia? How will you being granted new, additional power serve to improve the Wikipedia project?
- Hiya! I think there might be a slight misunderstanding. Of my last 500 contributions, especially those throughout April, I've spent some time working on the daily articles for deletion backlog. I can assure you that none of my deletions (probably around 1/3 to 1/2 of my closures), if this is what you're referring to, were done arbitrarily. Rather, I hope that my work in this area helps show my dedication towards making accurate and policy-based decisions—the same dedication I would put forward to the responsibilities of oversight.
- Question from Zzuuzz
- Other than attempts at outing, what types of revisions should be hidden from administrators?
- While outing specifically refers only to the posting of another person's personal information, the scope of oversight is a bit larger. Revisions containing non-public personal information (including information accidentally self-published, such as an IP address), libelous/defamatory information (especially pertaining to living-person biographies), and logged attack names all fall under oversight's discretion.
- Question from JamieS93
- How much experience with submitting oversight requests, discussing usage of the tool, etc., have you had? Because you've only been an admin for six months, I wanted to hear an overview (from you personally) of your OS-related experiences.
- This is a very good question, which I am glad was brought up. Whether by random chance or just plain bad/good luck, I've never witnessed an unhandled oversight situation. That said, I have kept an active interest in oversight developments and its related discussions since before my request for adminship. While I am certainly not a candidate who is most experienced in oversight requests, if you do consider me, please consider me for my passion to learn and help, and my trustworthiness which I hope my past work conveys.
- Question from Happy-melon
- All CheckUsers and Oversighters are members of the functionaries-en mailing list, a forum for discussion and co-ordination of privacy-related issues which affect any and all areas of Wikipedia. What qualities and perspectives would you bring to such discussions?
- Before starting active communication on the mailing list, I think I would spend some good time following the discussions between veteran members, in order to better learn the intricacies of the process. That said, I also think that fresh new perspectives can be very helpful, and that my collaborative experiences in real-life as well as throughout Wikimedia projects might make a good addition to the team.
Beeblebrox (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)
Well, where to begin? I made my first edit as a registered user in July 2007, and passed my second attempt at RFA in August of last year. My editing is spread out fairly evenly throughout the week, I usually at least check in and make at least a few edits every day. I also recently started uploading images to Commons under this same name, and I have an account at Meta. As part of the purpose of this election is to find oversighters in under-represented time zones, I should mention that I live on the Kenai Peninsula of Southcentral Alaska, which is considered UTC-9 in winter, UTC-8 during daylight savings time. (which is an absurd concept in a part of the world that at this moment is getting fifteen and a half hours of daylight each day) In my time as a vandal fighter and subsequent step up to admin status, I have many times seen personal information posted to Wikipedia. Sometimes it is done maliciously, and sometimes out of doe-eyed ignorance of the ways of the larger world and the fact that there are some very bad people out there. I have always endeavored to remove such information as quickly as possible by editing the page or deleting and restoring it without the information, and have requested and received help from the oversight team on a few occasions.
In my real life I have some very similar duties. As the owner of a small business, I have personal information regarding my coworkers (I've never liked to think of myself as the boss, we work as a team) including their criminal and driving records. I am also privy to sensitive information regarding our clients, up to and including their home addresses, medical and mental health conditions, medications they take, when they come and go and who they are with when they do so, and sometimes other details that I don't need or want to know. I have to keep all this information to myself, and make sure my coworkers do the same, and have been pretty successful at doing so for the past nine years. In 2000, I also worked for the United States Census Bureau as an enumerator, a person who goes door-to-door finding people who did not fill out a census form and convincing them to fill one out right there on the spot with me. Obviously, this entailed a lot of sensitive information about my neighbors, which I had to listen to, record for posterity, and then forget all about it and never mention it anyone lest I be fined thousands of dollars and thrown in jail. So I'm pretty darn comfortable with keeping other people's personal information to myself. I'm glad we are not in competition with one another in this process because there are only six candidates and oversight can use all the help it can get. Best of luck to my fellow candidates. Beeblebrox (talk) 19:29, 7 May 2010 (UTC)
Comments and questions for Beeblebrox
- Questions from HJ Mitchell
- If you are granted Oversight access, how do you think that will affect you as an editor and an administrator and do you think that will (or should) affect the way that other editors interact with you?
- When I became an admin it was a huge change for me. It altered the way I spent my time on Wikipedia more dramatically than I'd ever anticipated. However, oversight is basically just a more powerful admin tool that has to be used more cautiously than the others. Other than taking up a bit of the time I currently spend on dealing with other admin matters, I don't think it will change my actual editing all that much. It shouldn't effect my interactions with other users at all, except that I will probably use email more often in order to minimize the exposure of confidential information.
- Do you feel it's important for oversighters to reply to email requests to inform the requester of the action you've taken or not taken?
- In most cases the person requesting the action should be able to tell what action has been taken, but it only takes a moment to shoot off an email to let them know what happened. I have gotten such emails when I have requested oversight in the past and it was good to know for sure that my concerns had been addressed by someone, so I think I would do the same in most cases.
- Question from Keegan
I know it is asked in the questionnaire:
- Q. How will you be willing to respond to saying no to a request, and will you actively do it?
- last answer first: I would actively do it. Sometimes admins get requests that they don't really want to deal with, and they don't respond, figuring the user will find some other admin to do it. I admit I have done this myself on occasion, but the whole point of this process is that there isn't necessarily someone else around who can handle it, so a clear yes or no response is always warranted. As for saying no, I have plenty of experience both here and in the real world doing that. I get some very odd requests sometimes at my job from people who want me to stretch the definition of what I do to fit what they want me to do. The important thing is to make sure the person understands why their request is being denied, as opposed to just saying "no" and not even commenting on it, and not to be insulting or dismissive, to let them you did review the matter before coming to your decision..
- Question from User:zzuuzz
- Other than attempts at outing, what types of revisions should be hidden from administrators?
- Well, some people "out" themselves without even realizing it. Often these are young children who don't realize that there is no such thing as "setting your profile to private" over here, and that they really shouldn't be posting their phone number, what school they go to, etc on here. With all the furor right now over "thinking of the children" oversight is one area that does just that, they just do it quickly and quietly. Other things to look for are libelous material or usernames, and certain types of extreme vandalism or copyright violations. Apparently there are also occasional requests from users who accidently edited while logged out in such a manner that their ip address could be linked back to them, and requests from the "front office" to remove material that could cause legal problems for the Foundation. While admins in general are considered a trusted group of users and can probably handle seeing such things and not blabbing about it, we have seen more than once that there are some who don't show their true colors until after they've gotten the bit, and there is a real potential for real life harm caused by such a person if they had access to sensitive confidential information.
- Question from Happy-melon
- All CheckUsers and Oversighters are members of the functionaries-en mailing list, a forum for discussion and co-ordination of privacy-related issues which affect any and all areas of Wikipedia. What qualities and perspectives would you bring to such discussions?
- Since I deal with privacy issues in my real job as well, I think I would bring a pragmatic, real world approach and perspective to such conversations. Since those discussions are closed I don't know that such a perspective is currently missing from them, but more of the same couldn't hurt. We need to be cognizant of the fact that Wikipedia is not Las Vegas, what happens here does not necessarily stay here. Indeed there are entire websites devoted solely to discussing what goes on here, and there have been instances where users attempted to use information they got from Wikipedia to threaten or harass people in the real world. Although powerful tools such as are granted to oversighters should not be used lightly, they also should not be used timidly if there is a need for them.
LessHeard vanU (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)
Hiya.
I am Mark James Slater, resident in the United Kingdom, 50 years old and a father of two, and a husband. I have edited from this account since March 2006, previously as an ip for a couple of months, and have been an administrator since May 2007. I have 3 alternate accounts, of which only LHvU (talk · contribs) has any substantive edits.
I have put my name forward for consideration for the responsibility of Oversight, since I feel it falls within my competence and preferred role within the project. I am no longer the content contributor that I was, and am now firmly orientated toward commentary and advice, interpretation and implementation of policy and guideline, and combating vandalism and disruption to the community. It is this last aspect I feel I could usefully expand by being able to assist in the removal or suppression of content that violates WP:Oversight. I put myself forward as someone who would be scrupulous in application of the policy and where there is any area of doubt of leaning to the side of suppression - since such material may be reintroduced if found appropriate, whereas violations that remain may create serious damage to the project or members of the community - who would, however, initially be content to assist and participate with my colleagues while familiarising myself with the responsibility. As ever, as far as the particular standards of the role permit, I would seek to be accountable for my actions.
With regard to the last, I would necessarily amend my Caveat to permit people to contact me with possibly sensitive information with confidence. While my antipathy toward IRC remains, I am contactable upon Skype, Windows and Yahoo Messenger, as well as my Wikipedia email and talkpage. I would be available most weekday evenings and over the weekends, as I have previously been with my editing. I would close by further noting my participation at Wikipedia Review, although I would be unwilling to recommend that environment as a communication option.
I was pleased that the ArbCom saw fit to allow me to proceed to this stage in the process, and I am content to allow the members of the community to pass their judgement on my fitness to assume the responsibility of Oversighter. So... Let's get started.
LessHeard vanU (talk) 19:48, 7 May 2010 (UTC)
Comments and questions for LessHeard vanU
- Questions from HJ Mitchell
- If you are granted Oversight access, how do you think that will affect you as an editor and an administrator and do you think that will (or should) affect the way that other editors interact with you?
- I am quite sure that the Oversight responsibilities will effect my editing (as in article editing) minimally; it is now so small a part of my contributions that even if it stopped then the net result to the project would not register. As an administrator, I think it will mostly be an extension of my anti-vandal / countering disruption work I already participate in and therefore not. If the requests were in the form of removing personal information relating to the requester, then that is also an extension of my responsibilities in helping editors, of which I have had some experience.
Should it effect me (or any applicant, for that matter)? No, we should all be mature and experienced enough to encompass the responsibility otherwise we should not have asked to be considered and likely would not have been confirmed by ArbCom.(Nothing like reviewing other candidates responses to realise one has missed the point of the question...) I very much doubt having these flags would improve peoples perceptions of me. I cannot believe, also, that someone who would have contacted me previously in an admin or editor capacity would not do so because I were an Oversighter - and quite rightly.
- I am quite sure that the Oversight responsibilities will effect my editing (as in article editing) minimally; it is now so small a part of my contributions that even if it stopped then the net result to the project would not register. As an administrator, I think it will mostly be an extension of my anti-vandal / countering disruption work I already participate in and therefore not. If the requests were in the form of removing personal information relating to the requester, then that is also an extension of my responsibilities in helping editors, of which I have had some experience.
- Do you feel it's important for oversighters to reply to email requests to inform the requester of the action you've taken or not taken?
- Yes. If I, or another, has used a flag then a "thank you" is the least we can give to someone who took the time to point out such a serious violation. It has been my experience as a reporter to receive such confirmations. If a request has been refused, I think it more important in order to explain why; so that the policy is better clarified and the misunderstanding of it not repeated, and that the reporter is encouraged to contact an Oversighter next time they think they see an appropriate incident. Lastly, of course, a response declining a request may elicit a reply that provides more context relating to the original request which may then result in the request being granted. Communication in all events is essential.
- Question from Keegan
I know it is asked in the questionnaire:
- Q. How will you be willing to respond to saying no to a request, and will you actively do it?
- I would be willing because it is - or should be - part of the remit of the role to communicate as clearly as possible the reasons why a decision is made, so that a better understanding of the policies ensues when a request is declined. On that basis, and the reasons given within the answer to HJ Mitchell's second question above, I most certainly would.
- Question from User:zzuuzz
- Other than attempts at outing, what types of revisions should be hidden from administrators?
- Outing is covered by bulletin point 1. of Wikipedia:Oversight#Policy, regarding the disclosure of private information that is not readily discoverable. As I see it is part of a duty of care toward individuals that disclosure of such information, whether deliberately or accidentally exposed, should be restricted to potentially as few persons as possible. In the same way, points 2. and 3. are more in regard to the limiting of exposure of content, including administrators, in an effort to reduce the liability of the project. Simply, the fewer people who have had access to such material, whether they viewed it or not, equates to less potential damage.
The use of Oversight tools to hide username violations, and to remove serious vandalism, from administrators is policy. As administrators habitually deal with serious vandalism, and often hardusername block accounts, and are already trusted members of the community I might wonder what circumstances might arise where sysops should be unable to view such content, but... if instructed to oversight or suppress such instances then that is what I would do.
- Outing is covered by bulletin point 1. of Wikipedia:Oversight#Policy, regarding the disclosure of private information that is not readily discoverable. As I see it is part of a duty of care toward individuals that disclosure of such information, whether deliberately or accidentally exposed, should be restricted to potentially as few persons as possible. In the same way, points 2. and 3. are more in regard to the limiting of exposure of content, including administrators, in an effort to reduce the liability of the project. Simply, the fewer people who have had access to such material, whether they viewed it or not, equates to less potential damage.
- Questions from JamieS93
You mention that "possibly sensitive information" is the only reason you would override your caveat ("I shall consider that the sender has waived any claim of privacy...").
- Q. Please expound specifically on what types of cases you would consider under the umbrella of "claim of privacy", and which cases you would disregard that.
- Any email I would receive as part of the role of Oversighter would be exempt from my caveat - I will make the necessary alteration to make that clear should I be one of the successful candidates, and upon confirmation that the WMF are satisfied with my bona fides. The caveat as worded is something I feel necessary to enable me to better perform the task of sysop, and was written specifically for that purpose.
- Q. Because you are "not bound" by privacy requests, does your caveat mean that you are willing to repost or provide copies of conversations with others against their will? Do you see merit to keeping certain (perhaps not blatantly sensitive) email communication private, or no?
- Last point first; people have entrusted me with sensitive information by email - and this is the first and possibly the only time I have noted that fact. Nothing I have received has made me consider divulging the contents. I will also say that I have been notified by a couple of people commenting they will not provide certain information because of my caveat, and again it is only in this context that I mention it. The first point is that by contacting me via off Wiki under notice of my caveat means that I do have their permission to disseminate the contents of such messages, and thus it cannot be against their will. That is the entire raison d'etre of the caveat. It is also the reason why I would amend it in such a way so that I would be able to perform the task of Oversighter, should I be granted that position of trust, without compromising the privacy of the reporter, the subject or any other individuals involved.
- Q. Do you think your caveat, even if it gets amended, may interfere with others' trust in you as an oversighter? Why or why not?
- Well, since it would be amended were I to be granted the communities trust to undertake the responsibility I am unable to answer what difference the current styling would make to peoples perception. In an amended form - and I am confident I can do so unambiguously - the answer is no. It would clearly define the different expectations regarding privacy and non-disclosure in relation to the separate roles of Oversighter and sysop. In the former, I would only release such information as is required to enable me to undertake the role of Oversighter to persons with the same or greater obligations to confidence than me. In the latter, the status quo would remain.
- Comment Good questions. I had been anticipating something, and these were well considered and constructed. LessHeard vanU (talk) 19:56, 10 May 2010 (UTC)
- Well, since it would be amended were I to be granted the communities trust to undertake the responsibility I am unable to answer what difference the current styling would make to peoples perception. In an amended form - and I am confident I can do so unambiguously - the answer is no. It would clearly define the different expectations regarding privacy and non-disclosure in relation to the separate roles of Oversighter and sysop. In the former, I would only release such information as is required to enable me to undertake the role of Oversighter to persons with the same or greater obligations to confidence than me. In the latter, the status quo would remain.
- Question from Happy-melon
- All CheckUsers and Oversighters are members of the functionaries-en mailing list, a forum for discussion and co-ordination of privacy-related issues which affect any and all areas of Wikipedia. What qualities and perspectives would you bring to such discussions?
- Qualities? Hmmm... I suppose I would consider myself an effective communicator, in that I can usually convey my point of view comprehensively (if not always succinctly). I think I have the ability to both comprehend and absorb other points of view, although you may need other peoples input toward that point. I certainly try to. I should think that my participation in a topic I am involved in would be consistent - I am unlikely to drop out before it is concluded. As for perspective, it would be as someone who is rather wedded to the ideal of transparency and communication. While I understand the nature of Oversight and Checkuser necessarily involves an expectation of privacy, I would possibly seek to present a pov that was orientated toward disclosure where possible so to test that the appropriate standards in the application of non-disclosure are maintained. I also regard myself as something of an "outside of the box" thinker, so I could be someone who may offer different options when discussing practice and policy application. Truth is, though, I have no idea of how the role, my presence on the mailing list, or any aspect might effect me - or the environment - should I be permitted to participate. I will simply be me, I suppose. LessHeard vanU (talk) 22:07, 12 May 2010 (UTC)
Valley2city (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)
Hi, I’m Matt (aka Valley2city) and I’m running for Oversight. I'm 26 and will be 27 by the end of the election. I have been a registered user on Wikipedia for four and a half years and an admin for fourteen months after a nearly unanimous RfA. After dabbling in many aspects of adminship I have found my niche working primarily with speedy deletions, and particularly with those that fall under criterion G10, aka Attack pages. While performing these duties I often come across information that needs oversight, such as phone numbers and social security numbers, and proceed to e-mail the OS list and then track down oversighters on IRC. Sometimes I get a relatively quick responses, and sometimes not, but there are not enough oversighters to guarantee that there will be an OSer online (hence my using IRC after e-mailing to see if any OSers are active). I have also worked with difficult cases, such as discovering that a terrorist had an active Wikipedia account immediately after he shot up a federal building in a deadly attack, as well as taking a leadership role in dealing with hard-to-keep-up-with high levels of vandalism due to talk show hosts recruiting their users to vandalize and disrupt Wikipedia. There are things that need oversight, and there are things which need revision deletion and there are things that just need to be reverted and I think I have the discretion to determine which needs which.
As I mentioned I am active on IRC and do a lot of coordination through there. I am also a volunteer of the OTRS response team in the English and Hebrew queues.
Off-wiki, as I have mentioned on my user page, I perform a sort of oversight in my daily life, as a mashgiach (a kosher supervisor) and as a rabbinical student. Whether checking if the contents of a box are kosher, if there is a mistake in a Torah reading or marriage document, or eliminating bread crumbs (with a flamethrower!), I am constantly scrutinizing things and thinking on my feet. I think that I can serve as extra set of eyes to give close scrutiny to things that need oversighting, not rash but still efficient. I might not be the most active administrator but this is definitely the department in which I focus my time both IRL and on-wiki.
NEW! Please note that as a religious Jew I do not use a computer during the Jewish Festival of Shavuot and therefore will not be online from Tuesday Evening Pacific Daylight Saving Time (Wednesday 2 AM-ish UTC) to 9 PM Thursday PDT (Friday 4 AM UTC). Additionally I will be celebrating my birthday with friends following the holiday and will probably be limited in my editing that night. I hope that you will understand if I don’t answer questions posed during this time until I emerge from the holiday and birthday celebrations Thanks, Valley2city‽ 00:48, 19 May 2010 (UTC)
- Shavuot Festival and Shabbat over. I'm now in it until the end. Valley2city‽ 04:42, 23 May 2010 (UTC)
Comments and questions for Valley2city
- Questions from HJ Mitchell
- If you are granted Oversight access, how do you think that will affect you as an editor and an administrator and do you think that will (or should) affect the way that other editors interact with you?
- Thanks for the questions. I don't think this will considerably affect what I do besides that it gives me the ability to act on the occasions that I find information that needs oversight. As I mentioned in my statement, I mainly deal with Speedy Deletions and so such information is something that I frequently come across and this will give me the technical ability to deal with it. As for the way others interact with me, I don't think that it will change much either. The much bigger change comes with becoming an administrator. Oversight happens to be a bit that is given to a select few administrators, people who already have earned the community's trust, and happen to have a legal requirement to identify themselves to the foundation. I think the only real difference is that when someone pings
!OS
on IRC, I'll get paged and I'll be getting a couple more e-mails. Valley2city‽ 04:08, 9 May 2010 (UTC)
- Thanks for the questions. I don't think this will considerably affect what I do besides that it gives me the ability to act on the occasions that I find information that needs oversight. As I mentioned in my statement, I mainly deal with Speedy Deletions and so such information is something that I frequently come across and this will give me the technical ability to deal with it. As for the way others interact with me, I don't think that it will change much either. The much bigger change comes with becoming an administrator. Oversight happens to be a bit that is given to a select few administrators, people who already have earned the community's trust, and happen to have a legal requirement to identify themselves to the foundation. I think the only real difference is that when someone pings
- Do you feel it's important for oversighters to reply to email requests to inform the requester of the action you've taken or not taken?
- Definitely. If someone took the time to e-mail OS then a simple "thank you for your vigilance" would be well-merited. As an OTRSer and as a human being I understand the importance of responding to e-mails to know that you are being heard. It doesn't have to be more than a sentence or two, but the thank you and perhaps a brief descriptor of how you've handled it or why you are not handling it might just brighten that person's day. Well, maybe not, but it probably couldn't hurt! Valley2city‽ 04:08, 9 May 2010 (UTC)
- Do you feel that your religious observances (and please don't take offence at my asking) might negatively affect your availability and ability to act as an oversighter?
- I don't take offense and thank you for the question, for it was also raised at my RfA. My religious observances would necessitate that I be offline for the duration of the Sabbath once a week as well as the restrictive days of the Jewish Festivals (Rosh Hashanah, Yom Kippur, Sukkot, Passover, and Shavuot). Though this does mean I am gone one day a week (or on the rare occasion of Festivals two or three days total), I find that, if anything, my batteries are recharged to face the coming week. I think it's great to have one day off to avoid burn-out both in real life and on-wiki. Speaking of which, I'm feeling very refreshed right now coming out of Shabbat. Valley2city‽ 04:08, 9 May 2010 (UTC)
- Question from Keegan
I know it is asked in the questionnaire:
- Q. How well will you do saying no to a request, and will you actively do it?
- Hey Keegan, I was about to go to sleep and did one last check of the questions and I noticed this question creeping up on other candidates' sections so I figured it was only a matter of time before I got asked. I have to say "no" to requests on a regular basis. When users make requests for rollback or other permissions, sometimes I grant it, but sometimes I can't grant it, whether I've determined they are not ready or have shown themselves to be untrustworthy. But when I do have to say no, I try to be as cordial as possible. Relevant diffs include [1] [2] [3] [4]. Valley2city‽ 08:09, 9 May 2010 (UTC)
- Question from User:zzuuzz
- Other than attempts at outing, what types of revisions should be hidden from administrators?
- Sometimes outing is unintentional, such as when it is self inflicted ie, when an established user accidentially edits while logged out and the edit is personally identifiable. There is also situations where a revision should not exist even in the deleted-but-undeletable form, or mandated by the Office (in cases of libel and copyvio). Rather then leaving the risk of legal action or other issues in these situations, it's policy that these things be obliterated instead of undeletable or viewable by admins. I want to add that there is a reason that OSers and CheckUsers have to identify themselves to the WMF whereas admins don't. It goes beyond trust, something which we hopefully have for all our admins, and into legal responsibility. Valley2city‽ 19:25, 9 May 2010 (UTC)
- Question from Happy-melon
- All CheckUsers and Oversighters are members of the functionaries-en mailing list, a forum for discussion and co-ordination of privacy-related issues which affect any and all areas of Wikipedia. What qualities and perspectives would you bring to such discussions?
- Coordinated responses are very useful on matters in which you shouldn’t run in, guns blazing. I know all about dealing with privileged information and how to coordinate a response. As someone who is going to be clergy this is something I take very seriously. In order to be able to cope with the information that is thrown at you, you need a few allies, such as other colleagues, members of the clergy whom you can trust and with whom you can talk about cases you don’t know how to deal with. We need to protect privacy as much as possible but also be able to discuss how to handle it. I also think I will learn a lot watching the more complicated cases unfold and be able to put in my own two cents as I originally did on the admin channel on IRC. By taking it all in I quickly learned the ropes. My thoughts collected, I think I have a lot I can contribute. Valley2city‽ 17:11, 13 May 2010 (UTC)