Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
I have to say that there is an unnecessary lack of transparency which seems to get worse. In or around May 2012 I emailed the audit committee on EN:WP to ask about checkuser run on my account and got a polite and informative reply. In or around May 2014 an identically worded query got a polite refusal. Note, incidentally that those who run checkuser are often working from the UK, and are quite likely under a legal obligation make this information available. On 3 August 2014 03:15, John Mark Vandenberg jay...@gmail.com wrote: On Sun, Aug 3, 2014 at 11:31 AM, Nathan nawr...@gmail.com wrote: .. I could be wrong, but it was my understanding that the logs are maintained indefinitely but the data is retained for only 3 months (i.e. the results of the check that is recorded in the log). The checkuser log are kept indefinitely, but it only records what usernames/IPs that were checked (i.e. the query), and the reason given by the checkuser for the check. It does not record the results of the query. That said, the sequence of checks run by a CU often creates a permanent record in the private CU log of an persons likely IP addresses. e.g. the log may contain a check on an account, with a reason given, followed by checks on IPs, with the same reason logged. -- John Vandenberg ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe -- Landline (UK) 01780 757 250 Mobile (UK) 0798 1995 792 ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
Contrary to an individual request for information (who did ABC) I guess that such a process question would be perfect for the ombuds committee (was this process correctly followed) or by extension the board. Lodewijk 2014-08-03 21:45 GMT+02:00 Richard Farmbrough rich...@farmbrough.co.uk: I have to say that there is an unnecessary lack of transparency which seems to get worse. In or around May 2012 I emailed the audit committee on EN:WP to ask about checkuser run on my account and got a polite and informative reply. In or around May 2014 an identically worded query got a polite refusal. Note, incidentally that those who run checkuser are often working from the UK, and are quite likely under a legal obligation make this information available. On 3 August 2014 03:15, John Mark Vandenberg jay...@gmail.com wrote: On Sun, Aug 3, 2014 at 11:31 AM, Nathan nawr...@gmail.com wrote: .. I could be wrong, but it was my understanding that the logs are maintained indefinitely but the data is retained for only 3 months (i.e. the results of the check that is recorded in the log). The checkuser log are kept indefinitely, but it only records what usernames/IPs that were checked (i.e. the query), and the reason given by the checkuser for the check. It does not record the results of the query. That said, the sequence of checks run by a CU often creates a permanent record in the private CU log of an persons likely IP addresses. e.g. the log may contain a check on an account, with a reason given, followed by checks on IPs, with the same reason logged. -- John Vandenberg ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe -- Landline (UK) 01780 757 250 Mobile (UK) 0798 1995 792 ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
Actually, Ombudsman Commission is not a secret police or Interpol. We have no any instrumentation of investigation, except access to checkuser logs and asking plaintiff and the checkuser for some details and then compare all this information. This is all we can do regarding investigation of cases of potential checkuser's abuses. We cannot force anybody to reveal information if he/she don't want to reveal. We can only ask. This is also not our duty to answer the questions such as who performed a check on whom and why. This is also not our duty to punish checkusers who might abused their privileges, although this is our duty to report it to WMF if we find that it indeed happened. As it is clearly defined: https://meta.wikimedia.org/wiki/Ombudsman_commission our duty is to investigate the cases of privacy policy violation and report it to the WMF if we find that it really happened or even if it might happened. So we did in this case, and the plaintiff was already informed about it. This is the end of the story from our POV. You may argue that there is a kind of hole in the system - I mean we investigate and report to WMF - than WMF should decide what to do - but there is no clear mechanism what MWF can do without hurting the local communities which elect their checkusers. Maybe the Ombudsman Commision should be somehow empowered to not only investigate and report, but also be able to perform some actions - such as Stewards can do - but it could change the Commission into some sort of super-ArbCom which I am not sure if it is good idea... Anyway - if the Commision had such power - it should rather be elected on meta (just like Stewards) and not appointed by WMF as it is now... 2014-08-03 22:31 GMT+02:00 Lodewijk lodew...@effeietsanders.org: Contrary to an individual request for information (who did ABC) I guess that such a process question would be perfect for the ombuds committee (was this process correctly followed) or by extension the board. Lodewijk 2014-08-03 21:45 GMT+02:00 Richard Farmbrough rich...@farmbrough.co.uk: I have to say that there is an unnecessary lack of transparency which seems to get worse. In or around May 2012 I emailed the audit committee on EN:WP to ask about checkuser run on my account and got a polite and informative reply. In or around May 2014 an identically worded query got a polite refusal. Note, incidentally that those who run checkuser are often working from the UK, and are quite likely under a legal obligation make this information available. On 3 August 2014 03:15, John Mark Vandenberg jay...@gmail.com wrote: On Sun, Aug 3, 2014 at 11:31 AM, Nathan nawr...@gmail.com wrote: .. I could be wrong, but it was my understanding that the logs are maintained indefinitely but the data is retained for only 3 months (i.e. the results of the check that is recorded in the log). The checkuser log are kept indefinitely, but it only records what usernames/IPs that were checked (i.e. the query), and the reason given by the checkuser for the check. It does not record the results of the query. That said, the sequence of checks run by a CU often creates a permanent record in the private CU log of an persons likely IP addresses. e.g. the log may contain a check on an account, with a reason given, followed by checks on IPs, with the same reason logged. -- John Vandenberg ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe -- Landline (UK) 01780 757 250 Mobile (UK) 0798 1995 792 ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe -- Tomek Polimerek Ganicz http://pl.wikimedia.org/wiki/User:Polimerek http://www.ganicz.pl/poli/ http://www.cbmm.lodz.pl/work.php?id=29title=tomasz-ganicz ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
On 03/08/2014, Richard Farmbrough rich...@farmbrough.co.uk wrote: I have to say that there is an unnecessary lack of transparency which seems to get worse. In or around May 2012 I emailed the audit committee on EN:WP to ask about checkuser run on my account and got a polite and informative reply. In or around May 2014 an identically worded query got a polite refusal. ... Thanks for sharing this Richard. This compares with my experience only ten days ago on Commons asking for basic transparency for CUs that may have been run against me https://commons.wikimedia.org/wiki/Commons_talk:Requests_for_checkuser#Transparency - I have yet to receive any information. As mentioned there, Wikimania will justifiably be absorbing many active volunteers' positive energies in the coming week, including mine, as I'll be wearing a red shirt too; so I will be taking this up again for the benefit of Commons contributors only after the conference. Perhaps we should compare notes at that time so that we take similar actions to help capture a wider community consensus for what is required in terms of transparency when CU rights are exercised on our main projects. PS Wikipedians may not have noticed my question to all AUSC candidates about this, there were pretty positive noises in favour of improved transparency. See http://en.wikipedia.org/wiki/Wikipedia:Arbitration_Committee/Audit_Subcommittee/2014_appointments Fae -- fae...@gmail.com http://commons.wikimedia.org/wiki/User:Fae Despite rumour to the contrary I am a Wikipedian http://en.wikipedia.org/wiki/User:Fae ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
On Sat, Aug 2, 2014 at 7:25 AM, John Mark Vandenberg jay...@gmail.com wrote: On Sat, Aug 2, 2014 at 7:25 AM, Nathan nawr...@gmail.com wrote: Are you able to specify which policy or statement entitles you to the information you request? I can find no basis for it in the privacy policy, the Meta checkuser policy or the checkuser page on Commons. Can you also outline for your audience what harm you believe you have suffered? Regarding policy, Russavia is claiming that the CU results were given to someone who wasnt a CU on Commons. In my experience sometimes that happens in cross-wiki investigations, but it should not be given to someone who isnt a CU anywhere, and it would be a very clear violation of CU policy for it to have been given to someone who wasnt WMF identified. It would be good if Russavia could clarify, and/or the OC could confirm, that the person who received the CU data was WMF identified at least. this is the policy? http://meta.wikimedia.org/wiki/CheckUser_policy i personally do not care about the russavia case in particular i must say. but i care about the (non-)care of persons having access to account data triggered by a bad policy. imo * checkuser usage must be requested traceable * checkuser usage must be done traceable * data retrieved via checkuser usage must not be given outside the persons authorized to have technical access right to this data anyway. rupert ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
On 2 August 2014 06:25, John Mark Vandenberg jay...@gmail.com wrote: On Sat, Aug 2, 2014 at 7:25 AM, Nathan nawr...@gmail.com wrote: Are you able to specify which policy or statement entitles you to the information you request? I can find no basis for it in the privacy policy, the Meta checkuser policy or the checkuser page on Commons. Can you also outline for your audience what harm you believe you have suffered? Regarding policy, Russavia is claiming that the CU results were given to someone who wasnt a CU on Commons. In my experience sometimes that happens in cross-wiki investigations, but it should not be given to someone who isnt a CU anywhere, and it would be a very clear violation of CU policy for it to have been given to someone who wasnt WMF identified. It would be good if Russavia could clarify, and/or the OC could confirm, that the person who received the CU data was WMF identified at least. I am guessing that Russavia has yet to hear how the CU on his account complies with the CU policy. There must be a valid reason to check a user. Was there a serious concern that Russavia was using alternative accounts in a prohibited manner? Was he vandalising? Hmm. https://en.wikipedia.org/wiki/Wikipedia:Sockpuppet_investigations/Russavia/Archive By May 2014 there were certainly suspicions on en.wikipedia that Russavia was socking. It would be fairly understandable if the relevant authorities on en tried to gather further information. If Russavia has a problem with this he is free not to use sockpupets on the English Wikipedia. -- geni ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
Hello, just a few remarks from the OC about this case. 2014-08-01 22:19 GMT+02:00 Russavia russavia.wikipe...@gmail.com: Hi all, On 27 May 2014 I received an email back from the OC which basically said that because no personal information was divulged, there was no breach of the WMF Privacy Policy. It also said that they would inform the WMF about the case, and if I had any further information on who released such information then I should contact them. Confirmed. On 6 June 2014 I heard back from the OC and they stated that my complaint was being forwarded to the Wikimedia Foundation and that they had been informed about the possible running of an unnecessary CU, in addition to the possible release of CU logs. Additionally, I was told that the OC would relay to me once they had it from the Board. Also confirmed. 1) There was indeed a leak of my CU data. An unknown Commons CU had indeed leaked my CU data to another person who was NOT a CU on Commons. The information given to this non-CU person included the very name of the person who ran the CU on me; information which was so sensitive to keep from me, but not sensitive enough that it was able to be shared with every Tom, Dick and Harry that wasn't me. I wonder why the OC never got any information about this from you. So would you please write us where that information comes from and what exactly happened? Thanks. On 2 July 2014 I was contacted by someone within Legal informing me that it was their understanding that the Ombudsman Commission has finished its investigation into this matter and has already communicated its decision to you. It had, on the basis of the information we got from you. We can obviously not base our decision on information that is not relayed to us, like that mentioned one section above. Given this, I am asking very publicly the following questions: * (1) on what grounds a CheckUser action was performed on my account on Wikimedia Commons? * (2) who requested that it be performed on Commons? * (3) who fulfilled the request? * (4) why is it acceptable for CUs to share actions related to my account with non-CUs whilst at the same time actively keeping this information from me? * (5) why are complaints such as this actively ignored by the WMF Board? (1) through (3) can only be answered by the Commons community. It is completely outside the OC's remit to answer this. @ (4): You might want to discuss this with the OC non-publicly. We are very interested in getting any available information about this. In general, you are right that it is not acceptable to share non-public information with non-CUs. However, it is acceptable to give CU information to stewards (who might not be CU on Commons), for example, under certain circumstances. Best regards, Thogo. (current member of the OC) ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
On Sat, Aug 2, 2014 at 1:25 AM, John Mark Vandenberg jay...@gmail.com wrote: On Sat, Aug 2, 2014 at 7:25 AM, Nathan nawr...@gmail.com wrote: Russavia said something nice to someone in 2013 on their retirement, and raised a formal complaint about an unknown CU's action in 2014. How are these related?? That a well respected CU has retired isnt a good reason for the OC to not investigate a complaint, especially if that CU data was passed around. It may make the investigation less fruitful, and it is a good reason for the outcome to be measured against the good done by the volunteer when they were active. Mistakes happen. Usually apologies follow, and that is the end of it, or maybe some lessons learnt bring about improvements to the system. -- John Vandenberg You're right, I misunderstood the timeline and thought Russavia had been aware of the issue for much longer. The key aspect of the complaint is whether the CU disclosed the information to the non-CU. Russavia is also demanding disclosure about the circumstances of the use of the tool; this demand is not supported by any relevant policy. ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
On 2 August 2014 09:17, John Mark Vandenberg jay...@gmail.com wrote: I'm guessing you mean June 2014, as the only earlier investigation was April 2013, which was a royal mess. No. The April 2013 check was extended beyond en. No reason not to extend it to commons. -- geni ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
Thogo, et al On Sat, Aug 2, 2014 at 3:58 PM, Thomas Goldammer tho...@gmail.com wrote: 1) There was indeed a leak of my CU data. An unknown Commons CU had indeed leaked my CU data to another person who was NOT a CU on Commons. The information given to this non-CU person included the very name of the person who ran the CU on me; information which was so sensitive to keep from me, but not sensitive enough that it was able to be shared with every Tom, Dick and Harry that wasn't me. I wonder why the OC never got any information about this from you. So would you please write us where that information comes from and what exactly happened? Thanks. I'm not sure I understand you Thogo. A steward contacted the OC about the leaking of my CU data to a non-CU, not me. The nature of Points 1 and 2 from my initial email were relayed to me by a member of the OC in a private conversation and that individual shall forever remain nameless, of course. I'm not sure how the OC, or anyone, expects me to give any information on an issue that I am not totally aware of, and never would have been aware of if it weren't for me being provided with full #wikimedia-steward-internal logs. I am happy to publicly replicate these unaltered and unedited logs if actually required. It had, on the basis of the information we got from you. We can obviously not base our decision on information that is not relayed to us, like that mentioned one section above. This is not what was told to me on email by the member of the OC who was liaising with me on email as a result of the complaint. Perhaps permission to release that email from the individual concerned will show others that the investigation was not over, but had instead been referred for investigation to the WMF based upon the CU in question having left all Wikimedia projects. Not sure if permission will be forthcoming given the person is no longer on the OC.[1] Given this, I am asking very publicly the following questions: * (1) on what grounds a CheckUser action was performed on my account on Wikimedia Commons? * (2) who requested that it be performed on Commons? * (3) who fulfilled the request? * (4) why is it acceptable for CUs to share actions related to my account with non-CUs whilst at the same time actively keeping this information from me? * (5) why are complaints such as this actively ignored by the WMF Board? (1) through (3) can only be answered by the Commons community. It is completely outside the OC's remit to answer this. @ (4): You might want to discuss this with the OC non-publicly. We are very interested in getting any available information about this. In general, you are right that it is not acceptable to share non-public information with non-CUs. However, it is acceptable to give CU information to stewards (who might not be CU on Commons), for example, under certain circumstances. Sorry, but I beg to differ here. It is within the remit of the OC to investigate issues of the abuse of the CU tool.[2] The tool is to be used to fight vandalism, to check for sockpuppet abuse, and to limit disruption of the project. It must be used only to prevent damage to any of Wikimedia projects. There is zero evidence that the check was done for any of these reasons, and hence it is a violation of the privacy policy and is absolutely within the remit of the OC. Furthermore, at this time it might be pertinent to add that in May 2014 when the issue was being quite openly discussed on IRC in #wikimedia-commons, a Commons CU at that stage stated that they had no idea why the CU was run. In July 2014, when the issue was again being openly discussed in the same IRC channel, the same Commons CU publicly stated that they were in possession of the full story (I know everything and I also know what's true and what's not, but I won't share with you and I know the whole story). This CU, given they are in possession of the whole story should be able to tell us publicly what vandalism, sockpuppet abuse or disruption I was involved in on Commons in April 2013 which necessitated the uber-secretive use of the CU tool on my Commons account; but NOT on other accounts on other projects. Given that at least one Commons CU has been able to get the full story in the short space of 2 months, I fail to see why the OC has been unable to get the same fully story and instead has publicly thrown its hands up in the air and claimed one thing, whilst privately I am being told something else completely different. Russavia [1] https://meta.wikimedia.org/w/index.php?title=Template:List_of_administratorsdiff=prevoldid=9055834 [2] https://meta.wikimedia.org/wiki/CheckUser_policy#Use_of_the_tool ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
On 2 August 2014 17:18, rupert THURNER rupert.thur...@gmail.com wrote: ... i personally do not care about the russavia case in particular i must say. but i care about the (non-)care of persons having access to account data triggered by a bad policy. imo * checkuser usage must be requested traceable * checkuser usage must be done traceable * data retrieved via checkuser usage must not be given outside the persons authorized to have technical access right to this data anyway. CheckUser usage is logged internally, Although the logs are not maintained indefinitely due to possible privacy issues. I believe from memory it's approximately three (3) months at the current stage. ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
On Sat, Aug 2, 2014 at 9:19 PM, K. Peachey p858sn...@gmail.com wrote: On 2 August 2014 17:18, rupert THURNER rupert.thur...@gmail.com wrote: ... i personally do not care about the russavia case in particular i must say. but i care about the (non-)care of persons having access to account data triggered by a bad policy. imo * checkuser usage must be requested traceable * checkuser usage must be done traceable * data retrieved via checkuser usage must not be given outside the persons authorized to have technical access right to this data anyway. CheckUser usage is logged internally, Although the logs are not maintained indefinitely due to possible privacy issues. I believe from memory it's approximately three (3) months at the current stage. ___ I could be wrong, but it was my understanding that the logs are maintained indefinitely but the data is retained for only 3 months (i.e. the results of the check that is recorded in the log). ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
On Sun, Aug 3, 2014 at 11:31 AM, Nathan nawr...@gmail.com wrote: .. I could be wrong, but it was my understanding that the logs are maintained indefinitely but the data is retained for only 3 months (i.e. the results of the check that is recorded in the log). The checkuser log are kept indefinitely, but it only records what usernames/IPs that were checked (i.e. the query), and the reason given by the checkuser for the check. It does not record the results of the query. That said, the sequence of checks run by a CU often creates a permanent record in the private CU log of an persons likely IP addresses. e.g. the log may contain a check on an account, with a reason given, followed by checks on IPs, with the same reason logged. -- John Vandenberg ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
On Fri, Aug 1, 2014 at 4:19 PM, Russavia russavia.wikipe...@gmail.com wrote: Commission, nor the WMF Board. Given this, I am asking very publicly the following questions: * (1) on what grounds a CheckUser action was performed on my account on Wikimedia Commons? * (2) who requested that it be performed on Commons? * (3) who fulfilled the request? * (4) why is it acceptable for CUs to share actions related to my account with non-CUs whilst at the same time actively keeping this information from me? * (5) why are complaints such as this actively ignored by the WMF Board? Thanks for your attention and reply. Russavia Are you able to specify which policy or statement entitles you to the information you request? I can find no basis for it in the privacy policy, the Meta checkuser policy or the checkuser page on Commons. Can you also outline for your audience what harm you believe you have suffered? Here's why I ask the second question: Following your breadcrumbs led me to only one CU, but I was puzzled to discover this comment from you on this users talk page let me say thank you from myself and the rest of the community for all the great work you've done on this project over the years. Puzzled because it was left several weeks after you say you filed a formal complaint. ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Unacceptable -- CheckUser abuse gone uninvestigated
On Sat, Aug 2, 2014 at 7:25 AM, Nathan nawr...@gmail.com wrote: Are you able to specify which policy or statement entitles you to the information you request? I can find no basis for it in the privacy policy, the Meta checkuser policy or the checkuser page on Commons. Can you also outline for your audience what harm you believe you have suffered? Regarding policy, Russavia is claiming that the CU results were given to someone who wasnt a CU on Commons. In my experience sometimes that happens in cross-wiki investigations, but it should not be given to someone who isnt a CU anywhere, and it would be a very clear violation of CU policy for it to have been given to someone who wasnt WMF identified. It would be good if Russavia could clarify, and/or the OC could confirm, that the person who received the CU data was WMF identified at least. I am guessing that Russavia has yet to hear how the CU on his account complies with the CU policy. There must be a valid reason to check a user. Was there a serious concern that Russavia was using alternative accounts in a prohibited manner? Was he vandalising? Hmm. CU's performing unwarranted CU investigations on users harms the entire project. This is especially true of regular contributors, as their CU data often provides a lot of information about their daily lives, and may 'reveal' real life connections with other contributors, sometimes very explicitly and other times it is vaguely and unwarranted suspicions are formed and rumours spread. Here's why I ask the second question: Following your breadcrumbs led me to only one CU, but I was puzzled to discover this comment from you on this users talk page let me say thank you from myself and the rest of the community for all the great work you've done on this project over the years. Puzzled because it was left several weeks after you say you filed a formal complaint. Russavia said something nice to someone in 2013 on their retirement, and raised a formal complaint about an unknown CU's action in 2014. How are these related?? That a well respected CU has retired isnt a good reason for the OC to not investigate a complaint, especially if that CU data was passed around. It may make the investigation less fruitful, and it is a good reason for the outcome to be measured against the good done by the volunteer when they were active. Mistakes happen. Usually apologies follow, and that is the end of it, or maybe some lessons learnt bring about improvements to the system. -- John Vandenberg ___ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
