Thanks for spending time on this issue Danny. Rather than discussing the value of blocking open proxies, it is worth focusing on the use case and justification for ensuring that users with reasons to protect themselves when adding content to Wikipedia and other Wikimedia projects can be provided with easy to understand and reliable methods to do so, even while most open proxies remain blocked.
The specific use case we have is how to train and advise both new and existing volunteers editing from African countries or states with laws that criminalize queer people and who have been subjected to death threats, threats of reporting them to the police and blackmail, because they were editing queer and human rights topics regardless of whether they identify as LGBTQ. Most of our community will agree that our values of providing open knowledge projects "that anyone can edit" ought to be a priority over other practical considerations. I'm sure you can imagine how difficult it is to provide safe and secure events, or how to advise on ways for non-technical volunteers to keep themselves safe while relying on mobile connections and public wifi. An easy and quick way to provide all good faith volunteers the means to be allowed to create an account, or a legitimate anonymous sock account if their main account has been connected to their real life identity, that can edit through open proxies, without having to out themselves by emailing stewards they don't know, having this logged on a database or archived group email list that may leak or be targeted by state actors, or risk messaging local administrators for help who may themselves be openly hostile against queer content in their language wikipedia. A reliable process would be welcome as part of a set of guidelines we or the WMF can provide to volunteers and ask projects to support that ensure users understand how to protect themselves. In recent meetings with our queer volunteers contributing from locations where being reported to authorities as LGBTQ could result in imprisonment or a death penalty, tell us that in their personal networks they know of three times as many Wikimedians that would like to edit queer content but do not feel safe doing so. Let's at least document this use case, and provide better solutions than expecting users to be so brave they are prepared to risk threats of outing or prosecution to just edit a Wikipedia article in their language and instead help all contributors to put their personal safety first. On Sat, 30 Apr 2022 at 01:03, <dh...@wikimedia.org> wrote: > > (cross-posted from > https://meta.wikimedia.org/wiki/Talk:No_open_proxies/Unfair_blocking#Help_from_WMF) > > Hi folks, I'm DannyH from the Wikimedia Foundation. I manage the product > teams that build Contributor Tools -- Community Tech, Campaigns, CheckUser > improvements and sockpuppet detection, moderator tools on mobile web, and the > new incident reporting system. > > I've been reading all of these conversations, and I'm concerned about the > people on both sides of the issue -- the admins working to keep the projects > safe from bad-faith people, and the good-faith people who are being blocked > because of someone else's rangeblock, or because they're using default > network proxy features that they're not aware of. > > This problem is getting attention within the WMF. Foundation folks are really > concerned about what we're hearing on Wikimedia-L and in this discussion, > especially because there seem to be systemic issues that are specifically > making things harder for new users in Africa. I've got the opportunity right > now to assign people to make software changes to help solve this problem, > which is great. But now I'm trying to figure out what those software changes > could be, and I don't have a clear answer yet for what that should be. > > So if you don't mind, I'd like to run through what I think the main points > are, and a list of possible directions that a solution could take, and then I > would love it if you could help me figure this out. > > Here's what I understand about the problem: > > * Open proxies are a vector for harassment and vandalism. Bad-faith long term > abusers use them to disguise their IP and evade detection. The projects > automatically block open proxies that they know about, to discourage the > bad-faith vandals. > > * There's been a big increase in proxy blocks since July 2021 on English > Wikipedia (and Oct 2021 on Spanish WP), because ST47ProxyBot has been getting > trustworthy outside data to help identify open proxies. > > * The use of open proxies on the internet is rising, partly because people > are becoming more concerned about their privacy. Apple has introduced iCloud > Private Relay, which is disguising people's IP — this is currently in beta, > but will probably become the default. Google is working on a similar project. > Our system of using IPs to identify block vandals is gradually breaking down, > and there will probably be a point when IPs just won't be useful anymore. > > * There are a lot of good-faith users, including first-time contributors, who > are getting caught in these blocks. For some people, that's an annoying > inconvenience; for many others, especially brand new people, it drives them > away completely. > > * There appears to be a systemic issue with how some African ISPs deal with > IP addresses, which is creating a lot of collateral damage in places where > campaign organizers are trying to introduce new users to wiki contribution. I > saw one person mention that the problem was especially bad in Ghana and Benin. > > * The messages that people get when they're blocked are confusing, especially > for new people. They only get the message after they've made an edit and are > trying to publish, which is very frustrating. > > * The solution for individuals is to request an IP Block Exemption, which can > be either local or global, depending on whether the block is local or global. > The local/global distinction is very confusing for people who are trying to > make the request, and the whole process is difficult. > > * Each request has to be processed by hand, and the system gets backed up. > It's possible to get unblocked quickly if you know the right person to email, > but a lot of people just fill out the request, and then wait for who knows > how long. > > * It's possible for admins/stewards to get overwhelmed by the number of > unblock requests. > > That's a cluster of many different problems, so now I'm trying to figure out > which problems we could actually make progress on. > > Possibilities include: > > * Mitigate the harm coming from open proxies, so we don't need to > automatically block them > > * Understand the difference between a "dangerous" open proxy (which bad-faith > people are actually using) and a more "innocent" proxy (which is just blocked > because we know it's a proxy), and then treat them differently. (If it's > possible to make that distinction.) > > * Make the messages to good-faith people more helpful and less frustrating > > * Make the unblock request process easier/faster/more friendly for the people > making requests > > * Make the unblock request process easier for the people responding, so they > can process them faster (or involve more people who can help) > > * Make it easier for good-faith people to get some kind of automatic exemption > > * Make it easier for campaign and editathon organizers to whitelist their > participants > > * Adapt the system better to the reality of African ISPs — figure out what > the problem is, and treat those ISPs differently > > That's a lot, and it's not clear to me what the path forward should be. Can > folks help me out? What did I get wrong here, or what did I miss? Thanks in > advance for your help. > > DannyH (WMF) > aka Danny Horn, Director of Product Management, Contributor Tools > _______________________________________________ > Wikimedia-l mailing list -- wikimedia-l@lists.wikimedia.org, guidelines at: > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and > https://meta.wikimedia.org/wiki/Wikimedia-l > Public archives at > https://lists.wikimedia.org/hyperkitty/list/wikimedia-l@lists.wikimedia.org/message/3YXRPJOOJNESFYGR2WF3LCT54TFUHBM7/ > To unsubscribe send an email to wikimedia-l-le...@lists.wikimedia.org _______________________________________________ Wikimedia-l mailing list -- wikimedia-l@lists.wikimedia.org, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/wiki/Wikimedia-l Public archives at https://lists.wikimedia.org/hyperkitty/list/wikimedia-l@lists.wikimedia.org/message/X3RNVM6OZF3GHYVAFNQ2K5ZJATFBQHSO/ To unsubscribe send an email to wikimedia-l-le...@lists.wikimedia.org
