Re: [Wikimedia-l] Access to Private Information Policy: How Long Will This Be Left a Question Mark?

[Tim Starling]

On 13/04/15 00:12, Trillium Corsage wrote:
> On 25 April last year, the board of trustees approved, in a
> non-public and scantily-documented meeting, a policy that accords
> Checkuser and Oversight and other statuses to "community" members
> appointed by a community process with essentially a mere two
> requirements: provide an email address, and assert that you are 18
> or over. Name, address, NOT required. Is this truly an adequate way
> to protect the privacy interests of all those that edit Wikipedia?
> Well, I don't think so, but my purpose right now is to try to
> eliminate the ambiguity of what is actually occurring at this
> time.

I was not involved in the development of this policy, either the
original one or the current iteration. So what follows are my
independent, unofficial thoughts on the issue.

I don't know what identifying people with checkuser permissions is
meant to achieve, when they are not liable for a breach of the privacy
policy. I can understand requiring identification for Board members,
who have legal responsibilities. But what is the point of having a
photocopy of a CheckUser's passport when there are no conceivable
circumstances under which you would give that photocopy to police?

Maybe the idea is that if a CheckUser publically doxes someone for
some petty purpose, such as revenge, then the victim may subpoena
identifying records from the Foundation as part of a suit against the
CheckUser. Note that I have done my fair share of troll hunting, it
occupied quite a bit of my time between when I first got shell access
in early 2004 and when I introduced CheckUser in late 2005. I have
publically discussed identifying information of logged-in users. I
never heard any credible theory on how my actions at that time might
have created legal liability. Surely, if there was such a legal
remedy, trolls would constantly threaten to use it.

I think that the most important practical measure we can take to
protect users' privacy against CheckUser is to regularly audit the
CheckUser logs. We should also work to improve their auditability. The
logs have hundreds of entries of the form:

* AdminUser got IP addresses for Spambot10255787 (Investigating spam)
* AdminUser got users for 11.22.33.44/16 (Investigating spam)

What auditor is ever going to do another CheckUser request to make
sure that 11.22.33.44 really was an IP address used by
Spambot10255787? How can we tell if AdminUser was interested in
11.22.33.44 for some other reason? Linked log entries should probably
be explicitly annotated by the software.

-- Tim Starling


___
Wikimedia-l mailing list, guidelines at: 
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Access to Private Information Policy: How Long Will This Be Left a Question Mark?

[James Alexander]

On Sun, Apr 12, 2015 at 10:37 AM, Pine W  wrote:

> Trilium,
>
> My understanding is that the new policy is now active, meaning that
> identification documents are not required for checkusers and oversighters.
> I believe that identification documents are still required for WMF Board,
> FDC, Board Elections Committee, and Board Audit Committee appointments.
>
> Can you explain what it is that worries you about this change in policy for
> checkusers and oversighters?
>

tldr: It isn't rolled out yet, however I'm hoping to do so during my free
moments over the next month as we set up the election.


Actually, the policy is not yet active for anyone and identification is
still required from checkusers and oversighters. Because of logistical
(including that we needed to have a tool for the sign off and some
adjustments to the confidentiality agreement itself to ensure it made more
sense) and resource (both the lawyers involved and the CA staff have been
slammed for the past year) issues the speed moving forward has been
incredibly slow. The confidentiality agreement text has final approval from
meta now (I haven't updated meta but I will early this week), at this point
the only thing left is for translation of the agreement and for me to write
up the announcements the teams who are affected and then notify them. That
will start the 3 month time window and I hope to do so very soon. The
upcoming board election is my number one priority, however this is my 2nd.

There is no doubt that we would have preferred to have finished this long
ago at this point. However in the end the combination of figuring out
exactly how to do the agreement and just finding time to do the necessary
steps prevented us from going forward how we wanted too. We had to make
quite a few compromises from how it was originally envisioned technically
both throwing out the original idea of a unique tool to do it (in favor of
using Phabricator legal pad) and not being able to do everything we
originally expected in Phabricator. For better or worse the people
responsible for the rollout on both the Legal and CA side are also some of
the most over scheduled members of those teams during the past year and so
the speed of advancement hasn't been what we'd like because other
responsibilities had to take priority given that the existing policy was
still in place.

James Alexander
Community Advocacy
Wikimedia Foundation
(415) 839-6885 x6716 @jamesofur
___
Wikimedia-l mailing list, guidelines at: 
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Access to Private Information Policy: How Long Will This Be Left a Question Mark?

[Trillium Corsage]

Very strange response, Oliver. I guess I'll take it one step at a time. 

1) Well into the email I certainly "critiqued" Philippe for shredding the 
identification documents, but it is a step too far to say I "attacked" him.

2) That he (and you) goes by his real name is a rightful aspect of his WMF (a 
public charity) employment. Yes, I strive to protect my online privacy and 
speak here from an obvious nickname or pseudonym. While I limit my statements 
to what I think is reasonable, I don't think I'm obligated to disclose my 
identity as he must. I also have never sought the ability to block others or to 
access their IP etc. information on Wikipedia, which would be a good argument 
that I identify.

3) Am I in the grip of a "paranoid fantasy" that Philippe Beaudette "controls 
the WMF's board of trustees?" No, I spoke only of the one matter. But okay, in 
that specific matter I gave him credit for forcing the board to change the 
access-to-private-information policy. While drawing pay, he flouted and defied 
the prior WMF policy. It's a matter of record that WMF Legal's Michelle Paulson 
was alarmed by this and brought it to the attention of the board, which then 
strongly impliedly endorsed Beaudette's actions by changing the policy. I dunno 
if he could similarly move the board on policy he's not intimately involved 
with implementing, I'd say not. 

Okay, then.

Trillium Corsage


12.04.2015, 17:20, "Oliver Keyes" :
> Have you considered that you might get a better response to your messages
> if you - and this is just an idea drawn of idle whimsy, here - not spend
> quite so much of them on an extended trip off the reservation in order to
> attack and critique someone under their real name in public while hiding
> any identification of who you are? While we're discussing privacy, here.
>
> Seriously: you've spent a lot of this email indulging in the paranoid
> fantasy that Philippe controls the board (he doesn't. One way you can tell
> is that they don't wear sweaters literally everywhere :p).
>
> If we're asking questions we've already seemingly made our minds up about,
> and prefacing them with lots of grumping, let me get in on this - exactly
> what response do you expect? How do you think your claim of a Philippe
> Occupied Government enhances the utility of your message and the value a
> reader takes from it?
>
> On Sunday, 12 April 2015, Trillium Corsage  wrote:
>>  I'm writing to get an answer (from anybody at the WMF) on the status of
>>  the WMF's policy access to private (i.e. IP, Browser, etc.) information.
>>  Each day thousands of people edit Wikipedia and deserve to know what
>>  measures, if any, are taken to avoid divulging to the wrong sort of people
>>  this sensitive information about them.
>>
>>  On 25 April last year, the board of trustees approved, in a non-public and
>>  scantily-documented meeting, a policy that accords Checkuser and Oversight
>>  and other statuses to "community" members appointed by a community process
>>  with essentially a mere two requirements: provide an email address, and
>>  assert that you are 18 or over. Name, address, NOT required. Is this truly
>>  an adequate way to protect the privacy interests of all those that edit
>>  Wikipedia? Well, I don't think so, but my purpose right now is to try to
>>  eliminate the ambiguity of what is actually occurring at this time.
>>
>>  One source of this ambiguity is the edit of the WMF's James Alexander (
>>  
>> http://wikimediafoundation.org/w/index.php?title=Access_to_nonpublic_data_policy&action=historysubmit&diff=98029&oldid=95071)
>>  on 6 June, in which he wrote: "This policy has been replaced by a new
>>  [[m:Access to non public information policy|Access to non public
>>  information policy]], which was approved by the Board of Trustees on 25
>>  April 2014. However, this policy remains in force until the new processes
>>  mandated by the new policy are put into place. A future announcement will
>>  be made to those affected before the new policy goes in effect." It's now
>>  the future (and after nine months, quite so), so what is the policy?
>>
>>  The old policy mandated that those seeking the accesses fax or secure
>>  email a from of identification. Casual and rank-and-file Wikipedia editors
>>  were repetitively told that the checkusers and oversighters etc. were
>>  "identified to the WMF." This was incredibly misleading because the
>>  practice of Philippe Beaudette was to shred and otherwise destroy the
>>  identifications after marking the noticeboard. It is apparent to any
>>  plain-spoken individual, I think, that you can't tell people that those
>>  granted these accesses are "identified to the WMF" when you have shredded
>>  the documents and all that is left (except in Mr. Beaudette's memory) is a
>>  checkmark by a username on a noticeboard. It wasn't a semantic dodge
>>  predicated on the definition of "identified," rather it was in my opinion a
>>  smoke-screen. Mr. Beaudette felt lo

Re: [Wikimedia-l] Access to Private Information Policy: How Long Will This Be Left a Question Mark?

[Pine W]

Trilium,

My understanding is that the new policy is now active, meaning that
identification documents are not required for checkusers and oversighters.
I believe that identification documents are still required for WMF Board,
FDC, Board Elections Committee, and Board Audit Committee appointments.

Can you explain what it is that worries you about this change in policy for
checkusers and oversighters?

Thanks,

Pine
___
Wikimedia-l mailing list, guidelines at: 
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

[Wikimedia-l] Access to Private Information Policy: How Long Will This Be Left a Question Mark?

[Trillium Corsage]

I'm writing to get an answer (from anybody at the WMF) on the status of the 
WMF's policy access to private (i.e. IP, Browser, etc.) information. Each day 
thousands of people edit Wikipedia and deserve to know what measures, if any, 
are taken to avoid divulging to the wrong sort of people this sensitive 
information about them.

On 25 April last year, the board of trustees approved, in a non-public and 
scantily-documented meeting, a policy that accords Checkuser and Oversight and 
other statuses to "community" members appointed by a community process with 
essentially a mere two requirements: provide an email address, and assert that 
you are 18 or over. Name, address, NOT required. Is this truly an adequate way 
to protect the privacy interests of all those that edit Wikipedia? Well, I 
don't think so, but my purpose right now is to try to eliminate the ambiguity 
of what is actually occurring at this time.

One source of this ambiguity is the edit of the WMF's James Alexander 
(http://wikimediafoundation.org/w/index.php?title=Access_to_nonpublic_data_policy&action=historysubmit&diff=98029&oldid=95071)
 on 6 June, in which he wrote: "This policy has been replaced by a new 
[[m:Access to non public information policy|Access to non public information 
policy]], which was approved by the Board of Trustees on 25 April 2014. 
However, this policy remains in force until the new processes mandated by the 
new policy are put into place. A future announcement will be made to those 
affected before the new policy goes in effect." It's now the future (and after 
nine months, quite so), so what is the policy?

The old policy mandated that those seeking the accesses fax or secure email a 
from of identification. Casual and rank-and-file Wikipedia editors were 
repetitively told that the checkusers and oversighters etc. were "identified to 
the WMF." This was incredibly misleading because the practice of Philippe 
Beaudette was to shred and otherwise destroy the identifications after marking 
the noticeboard. It is apparent to any plain-spoken individual, I think, that 
you can't tell people that those granted these accesses are "identified to the 
WMF" when you have shredded the documents and all that is left (except in Mr. 
Beaudette's memory) is a checkmark by a username on a noticeboard. It wasn't a 
semantic dodge predicated on the definition of "identified," rather it was in 
my opinion a smoke-screen. Mr. Beaudette felt loyalty to the privacy of the 
administrators, and evidently none to the common editors whose IPs and so forth 
he was exposing to them.

The immediately above is not necessarily a criticism of the old policy, which 
taken at face value strongly implies that the WMF keeps the identifications on 
file, on a secure computer, or in a physical safe. It's rather that Mr. 
Beaudette operated for years in open defiance of the policy. To his credit 
though, apparently he impelled the Board to rewrite the policy in a manner 
corresponding to his actions.

BUT MY QUESTION NOW is: "What is the status of the policy?" For example English 
Wikipedia just got three new checkusers: Bbb23, Callanecc, and Mike V. What 
information were they required to provide? Proper documents, or merely an email 
address and assertion that they are over 18?

Trillium Corsage

 

___
Wikimedia-l mailing list, guidelines at: 
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Access to Private Information Policy: How Long Will This Be Left a Question Mark?

[Oliver Keyes]

Have you considered that you might get a better response to your messages
if you - and this is just an idea drawn of idle whimsy, here - not spend
quite so much of them on an extended trip off the reservation in order to
attack and critique someone under their real name in public while hiding
any identification of who you are? While we're discussing privacy, here.

Seriously: you've spent a lot of this email indulging in the paranoid
fantasy that Philippe controls the board (he doesn't. One way you can tell
is that they don't wear sweaters literally everywhere :p).

If we're asking questions we've already seemingly made our minds up about,
and prefacing them with lots of grumping, let me get in on this - exactly
what response do you expect? How do you think your claim of a Philippe
Occupied Government enhances the utility of your message and the value a
reader takes from it?

On Sunday, 12 April 2015, Trillium Corsage  wrote:

> I'm writing to get an answer (from anybody at the WMF) on the status of
> the WMF's policy access to private (i.e. IP, Browser, etc.) information.
> Each day thousands of people edit Wikipedia and deserve to know what
> measures, if any, are taken to avoid divulging to the wrong sort of people
> this sensitive information about them.
>
> On 25 April last year, the board of trustees approved, in a non-public and
> scantily-documented meeting, a policy that accords Checkuser and Oversight
> and other statuses to "community" members appointed by a community process
> with essentially a mere two requirements: provide an email address, and
> assert that you are 18 or over. Name, address, NOT required. Is this truly
> an adequate way to protect the privacy interests of all those that edit
> Wikipedia? Well, I don't think so, but my purpose right now is to try to
> eliminate the ambiguity of what is actually occurring at this time.
>
> One source of this ambiguity is the edit of the WMF's James Alexander (
> http://wikimediafoundation.org/w/index.php?title=Access_to_nonpublic_data_policy&action=historysubmit&diff=98029&oldid=95071)
> on 6 June, in which he wrote: "This policy has been replaced by a new
> [[m:Access to non public information policy|Access to non public
> information policy]], which was approved by the Board of Trustees on 25
> April 2014. However, this policy remains in force until the new processes
> mandated by the new policy are put into place. A future announcement will
> be made to those affected before the new policy goes in effect." It's now
> the future (and after nine months, quite so), so what is the policy?
>
> The old policy mandated that those seeking the accesses fax or secure
> email a from of identification. Casual and rank-and-file Wikipedia editors
> were repetitively told that the checkusers and oversighters etc. were
> "identified to the WMF." This was incredibly misleading because the
> practice of Philippe Beaudette was to shred and otherwise destroy the
> identifications after marking the noticeboard. It is apparent to any
> plain-spoken individual, I think, that you can't tell people that those
> granted these accesses are "identified to the WMF" when you have shredded
> the documents and all that is left (except in Mr. Beaudette's memory) is a
> checkmark by a username on a noticeboard. It wasn't a semantic dodge
> predicated on the definition of "identified," rather it was in my opinion a
> smoke-screen. Mr. Beaudette felt loyalty to the privacy of the
> administrators, and evidently none to the common editors whose IPs and so
> forth he was exposing to them.
>
> The immediately above is not necessarily a criticism of the old policy,
> which taken at face value strongly implies that the WMF keeps the
> identifications on file, on a secure computer, or in a physical safe. It's
> rather that Mr. Beaudette operated for years in open defiance of the
> policy. To his credit though, apparently he impelled the Board to rewrite
> the policy in a manner corresponding to his actions.
>
> BUT MY QUESTION NOW is: "What is the status of the policy?" For example
> English Wikipedia just got three new checkusers: Bbb23, Callanecc, and Mike
> V. What information were they required to provide? Proper documents, or
> merely an email address and assertion that they are over 18?
>
> Trillium Corsage
>
>
>
> ___
> Wikimedia-l mailing list, guidelines at:
> https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
> Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
>  ?subject=unsubscribe>



-- 
Sent from my mobile computing device of Lovecraftian complexity and horror.
___
Wikimedia-l mailing list, guidelines at: 
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Recognition of Wikimedia Community Brazilian Group of Education and Research

[Leigh Thelmadatter]

Welcome!  Im definitely interested in what you all are doing!

> Date: Sun, 12 Apr 2015 06:28:49 -0500
> From: ma...@wikimedia.org.ve
> To: wikimedia-l@lists.wikimedia.org
> Subject: [Wikimedia-l] Recognition of Wikimedia Community Brazilian Group of 
> Education and Research
> 
> Dear all,
> 
> The Affiliations Commitee has approved the recognition[1] of the 
> Wikimedia Community Brazilian Group of Education and Research as a 
> Wikimedia User Group. The focus[2] of this new group is the integration 
> of the Brazilian and Lusophone academic community into the Wikimedia 
> movement, thus supporting the development of new projects, research, 
> contests, events and other activities.
> 
> Please, join us in welcoming the newest member of the family!
> 
> Parabéns e tudo de bom!
> 
> Carlos
> 
> 1: 
> https://meta.wikimedia.org/wiki/Affiliations_Committee/Resolutions/Wikimedia_Community_Brazilian_Group_of_Education_and_Research_-_Liaison_approval,_April_2015
> 2: 
> https://meta.wikimedia.org/wiki/Wikimedia_Brazilian_Group_of_Education_and_Research/User_Group_Proposal
> 
> ___
> Wikimedia-l mailing list, guidelines at: 
> https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
> Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 
> 
  
___
Wikimedia-l mailing list, guidelines at: 
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

[Wikimedia-l] Recognition of Wikimedia Community Brazilian Group of Education and Research

[maorx]

Dear all,

The Affiliations Commitee has approved the recognition[1] of the 
Wikimedia Community Brazilian Group of Education and Research as a 
Wikimedia User Group. The focus[2] of this new group is the integration 
of the Brazilian and Lusophone academic community into the Wikimedia 
movement, thus supporting the development of new projects, research, 
contests, events and other activities.


Please, join us in welcoming the newest member of the family!

Parabéns e tudo de bom!

Carlos

1: 
https://meta.wikimedia.org/wiki/Affiliations_Committee/Resolutions/Wikimedia_Community_Brazilian_Group_of_Education_and_Research_-_Liaison_approval,_April_2015
2: 
https://meta.wikimedia.org/wiki/Wikimedia_Brazilian_Group_of_Education_and_Research/User_Group_Proposal


___
Wikimedia-l mailing list, guidelines at: 
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,