Trillium, while I sympathise with several of the points you're making, the
Board has approved the current version of the policy. In light of this,
your insinuation that the Executive Director could simply alter the policy
to her liking seems somewhat far-fetched. Just because staff have not yet
implemented the new version doesn't mean they can just make it disappear.

Nathan, several suggestions have been made how identities can be confirmed.
The proponents of the now-enacted laissez-faire policy continuously suggest
that the Foundation would have had to reinvent the wheel here. However, all
sorts of organizations need to confirm the identity of individuals. Just
look at how banks do it. In Switzerland, you can make a copy of your ID and
have it certified by your post office, then mail it to the WMF along with
your signed confidentiality agreement. In Germany, companies use the
"PostIdent" process which the WMF can use as well (Austria has something
similar), or you go to a bank and have your signature certified. Canada
Post provides a verification service, etc. And what if there are countries
where no such process is available? What's the issue? These users can still
just copy their passports or IDs. The policy still makes sense if we can't
really be certain of the identity of some volunteers, and this could be
reviewed on a case-by-case basis. It's not like we're talking about an
inordinate amount of people here.

Pine, even if we were merely talking about retaining copies of IDs, the
argument misses that there is not only the potential case of volunteers who
intend to misuse the tools already at the time they are given access. Based
on experience from Wikipedia, the much more likely scenario seems to be
that users are indeed valuable community members when they get access but
later become frustrated / change their personality / ... and only then
start to make trouble. If their identity were confirmed at one point, this
would constrain them for all time to come.

On 29 June 2014 08:31, Pine W <> wrote:

> Trillium,
> I am having difficulty understanding how retaining copies of possibly
> forged identification documents helps anyone with holding accountable any
> rogue functionary or OTRS user. Can you explain that please? Surely someone
> who intends to misuse the tools will be smart enough to forge an
> identification document. Even in the United States, forging identification
> documents is not impossible, and the police occasionally catch people
> creating such documents.
> Pine
> On Fri, Jun 27, 2014 at 7:42 AM, Trillium Corsage <
> >
> wrote:
> > @Nathan
> >
> > You said "so if you want to argue that such users should be positively
> > identified, then please make some practical suggestions (which you have
> > conspicuously avoided doing so far). How should identities be confirmed?
> In
> > what circumstances should the ID information be disclosed, and to whom?
> > What, fundamentally, is the usefulness in collecting this information to
> > begin with? What are the use cases in which it is necessary?"
> >
> > It would be a good faith evaluation of the copy of the identification
> > document provided. There's no need to be quarrelsome about the practical
> > suggestions I've "conspicuously avoided." I did at least suggest a secure
> > filing cabinet and making use of a removable hard-drive. As to the
> precise
> > criteria by which an identification document is deemed "good enough," I'd
> > suppose those would be developed on a good faith basis by the action
> > officer. Nobody is depending on perfection by that individual. The
> > principle would be that the document appears genuine, has the minimum
> > elements settled on by the policy (name, age, address, possibly other
> > elements). If the document is in a foreign language, say Swahili, and the
> > WMF person can't read that, I would think it would be a "do the best you
> > can" and file it by respective Wikipedia and username. None of these are
> > insurmountable obstacles. The answer to "this is hard" is not "well,
> let's
> > just stop doing it." The answer is "this is important, let's just do the
> > best we can."
> >
> > I have called for a basic examination of the document, not any
> > verification process. I'd suppose if the document looked suspect in some
> > way, then a telephone call or follow-up could be done, and that would be
> a
> > "verification," but I would expect that to be the exception, not the
> rule.
> > Again, these details would be settled by the hands-on person, not by me
> > attempting to write a ten-page standard operating procedure while Nathan
> > zings me with "what are your specifics" on the mailing list.
> >
> > "What is the usefulness in collecting this information to begin with?"
> > Well, I thought the premise here was obvious. It was obvious enough to
> > those that crafted the previous policy in the first place. It establishes
> > some level of accountability to those individuals accorded access to the
> > personally-identifying information of editors. Personal accountability
> > encourages acting with self-control and restraint. With apologies to the
> > other person that responded, anonymity encourages a care-free and
> > unrestricted handling of that data, and in fact to some of these people
> it
> > indeed yields a MMORPG (multimedia online roleplaying game) environment,
> > and they will do whatever they want, because they are free from
> > accountability.
> >
> > The other key aspect of usefulness is to the rank and file editors. They
> > will feel better knowing that if some creepazoid or cyberbully starts
> going
> > over their IPs, and of course Googling and otherwise sleuthing for more
> on
> > them, that at least the WMF knows who they are, and the rank and file
> > editor potentially has some recourse if it finally comes to it. So I say
> > the usefulness there is treating editors right and furnishing a safer
> > environment for them, in which they are not so exposed to anonymous
> > administrators.
> >
> > Thank you for your response.
> >
> > Trillium Corsage (by the way although "Trillium" is a type of flower, I
> am
> > in fact a dude. So please use male pronouns if it occurs to you. It was
> > just an email address I picked sort of randomly and then I ran with it as
> > pseudonym).
> > _______________________________________________
> > Wikimedia-l mailing list, guidelines at:
> >
> >
> > Unsubscribe:,
> > <>
> >
> _______________________________________________
> Wikimedia-l mailing list, guidelines at:
> <>
> Unsubscribe:,
> <>
Wikimedia-l mailing list, guidelines at:

Reply via email to