Talk:Ombuds commission

Latest comment: 25 days ago by Legoktm in topic Statement by the Commission (case 2022/199)
SpBot archives all sections tagged with {{Section resolved|1=~~~~}} after 3 days and sections whose most recent comment is older than 60 days.

Statement by the Commission (case 2022/199)Edit

This is crossposted from Commons Admin Noticeboard (permalink).

The Commission has approved this explanatory statement of its decision in Case 2022/199.

Background to the CaseEdit

Policy prohibits checkusers from publicly confirming a user's IP address. Concerns were referred to the Commission about two occasions on which Fitindia (talk meta edits global user summary CA) publicly confirmed an IP address. While investigating, additional concerns emerged about the general accuracy of Fitindia's checks.

DecisionEdit

Fitindia's access to non-public personal data was removed globally for 1 year. Fitindia's Commons checkuser permission was removed. Access can be regained at any time by the usual procedure, following the expiry of the data access removal period. This decision was approved by 7 votes to 1.

Reasons for DecisionEdit

LinkageEdit

Connecting users to their IP address may have severe consequences. Financial, social or personal risks may be taken when publishing information to a Wikimedia website, or even when engaging in misuse of the website.

Whilst the Privacy, Access to nonpublic personal data and Global CheckUser Policies permit confirmation of the connection between a user and IP addresses, this should only be done in the exceptional circumstances provided under the policies. The required practice was summarised in our November 2022 statement to checkusers: IP addresses are to be blocked without specifying the sock-master.

AccuracyEdit

Checkusers must at all times meet a high standard of accuracy. Even occasional errors will require intervention by the Commission, if these suggest a checkuser lacks the necessary skill in using the interface. In straightforward cases of concern about accuracy, the Commission is likely to employ measures short of removal of permissions, such as suspension of access pending further training.

CulpabilityEdit

The Commission consulted Fitindia during its investigation and took into account Fitindia's apology. Fitindia was, at the time of the infractions, an inexperienced checkuser. Checkusers can receive training from peers, but training is not mandatory. Checkusers in practice are afforded a high degree of independence. These factors can combine to mean that inaccurate practice goes uncorrected or unjustified confirmation of a user's IP address goes unnoticed.

The Commission recommends a review of the onboarding protocol for checkusers.

The Commission notes Fitindia's full cooperation with our investigation and long record of service. The decision to remove non-public data access should be seen as a temporary measure, intended (inter alia) to ensure that Fitindia refamiliarises themselves with the privacy policies. The decision to revoke checkuser access should be seen as requiring Fitindia to resubmit themselves to community scrutiny. Neither decision is intended to be punitive, nor to indicate that Fitindia will never again be suitable to volunteer for this or other roles. It can be appropriate in a community of volunteers to show compassion for mistakes.

Faendalimas (talk) 23:14, 8 May 2023 (UTC) Chair Ombuds CommissionReply[reply]

Thank you for proactively providing a public statement on this. Legoktm (talk) 01:08, 10 May 2023 (UTC)Reply[reply]
Return to "Ombuds commission" page.