|Please do not post any new comments on this page. This is a discussion archive first created in 2008, although the comments contained were likely posted before and after this date. See current discussion or the archives index.|
Deleting user names
I highly suggest at some point in the future changing policy to allow for one very specific hole to deleting user names: emergencies as deemed by the systems administrators. This concern stems from recent research in defeating CAPTCHAs. Properly motivated (i.e., with enough skill in math & programming experience to put to practice), an attacker could fairly reliably defeat the CAPTCHAs that are employed on most Wikimedia projects, therein bypassing the check against automated account registration. Therefore, I believe that should anyone try to use this as a form of attack, there should be in place the ability for the actual Wikimedia systems administrators to repair the damage by deleting the maliciously-added accounts outright. Otherwise, the attacker would have a viable long-term attack plan-- simply keep running the attack.
To clarify, I would like everything to remain the same, except that only systems administrators (i.e., the same people who are needed to permanently delete material even after Oversight) are able to delete user names manually. I feel that this is a safe amendment, because absolute worst-case scenario, there are still physical backups of any data deleted. However, if I'm overlooking something here, please definitely let me know, as I obviously want this change to be as conservative as possible while still maintaining the safety of the network. --slakr 00:28, 12 September 2007 (UTC)
- Systems administrators can already mass-remove this data through direct SQL queries. Nakon 03:20, 27 January 2008 (UTC)
Google Analytics @ fi-wiki
Moreover, since the code would be on MediaWiki:Copyright, it will capture every single visitor from the first pageview onwards, and there's no fair way to let users choose if they want their information recorded.
Any thoughts? MikkoM 12:29, 10 December 2007 (UTC)
- We reached a compromise allowing Analytics access only to people with CheckUser privileges. So the issue is resolved. MikkoM 13:09, 10 December 2007 (UTC)
- This issue is now resolved by removing Google Analytics. --Many 06:50, 11 December 2007 (UTC)
Releasing user info to third parties
"dependant" is misspelled
"dependant" is misspelled
My basic suggestions are:
My main suggestion is (1) so I'll concentrate on it.
Reasons for instituting a notification requirement
Apart from these general considerations, protecting the right to anonymous free speech on the internet is central to the core mission of the Wikimedia Foundation. The great majority of its users use pseudonyms rather than real names, as their user IDs. While these users need to behave responsibly when editing, WMF does have the responsibility to protect the privacy of these users against frivolous attacks via CyberSLAPP lawsuits. Fairness requires that registered users of WMF projects be notified in some way when their identifying info is being sought. To do otherwise has the potential for creating the atmosphere of fear and intimidation, that could have a substantial chilling effect and compromise the quality of the editorial process and the actual outcome of the WMF projects. CyberSLAPP lawsuits are being increasingly used as a tool of intimidation by big companies and by govermental entities (again, see ).
In the Village Pump discussion  one of the arguments made was that it is not so bad for WMF to release IP addresses of its users in response to a subpoena since then the buck is passed to the Internet Service Providers, who have greater financial resources and greater legal protections than does WMF in contesting subpoenas of this sort. I strongly disagree with this argument. First, I think that the primary responsibility in protecting free speech rights rests with the host of the content in question (in this case WMF) rather than with the ISPs. Second, many registered users do not use commercial ISPs but rather edit from computers belonging to some businesses, governmental organizations, military, educational institutions, etc. These entities may not be interested, and may not have the necessary resources, in contesting a CyberSLAPP lawsuit subpoena. Also, many IP addresses themselves provide too much identifying information.
Specific form of notification
The other possibility is a closed notification model where WMF would leave a message at the talk page of the user asking the user to contact WMF "about a legal matter", and then establish some kind of authentication protocol. I think that the open notification model is cheaper, simpler and more effective.
One of the posters in the Village Pump discussion noted that if a notification occurs, the fact that it occurred may also by subject to the discovery motion by a third party. Again, I don't see much harm if the third party in question does find out about the fact that an open notification occurred. If there is some legal downside in this, I'd like for the knowledgeble people with legal training to comment here.
- In a sense, an open notification model is fairly consistent with the current internal practices and principles of Wikipedia. Thus, all warning messages from Wikipedia administrators and other users, messages about blocks, messages from the Arbitration Committee, etc, are left at the affected user's talk page, where everyone, who happens to stop by, can see them. Most of the other information about the activities of a particular user, such as that user's contributions and a block log, are openly available as well. Regards, Nsk92 13:05, 10 March 2008 (UTC)
Rearding suggestion (2)
One possibility for a policy is that presumptively, all valid subpoenas will generally be complied with to the extent possible, with exceptions in extreme cases. This is certainly a cost-effective and efficient way of dealing with the issue (although I personally hope that a more discriminating approach is taken). It is possible that that is what the current de facto WMF practice is. If yes, then WMF users certainly deserve to know about it.
Another possibility is to say something to the effect that third party subpoenas are evaluated on a case-by-case basis and may be contested for public policy reasons if WMF feels that the underlying lawsuit is a SLAPP lawsuit. (or something like that).
Regards, Nsk92 18:32, 5 March 2008 (UTC)
- While it may be accepted by the board to allow individuals to be notified when a subpoena is received, there are situations where not only would informing the individual be irresponsible, but illegal. If we're going to request that the board modify a policy this fundamental, we should take that into account. ~Kylu (u|t) 16:16, 6 March 2008 (UTC)
- Yes, sure, I have absolutely no objections to adding some explicit provisors of the type "unless forbidden by law or a court order" or something like that. In fact, I would not mind even having a general exception provision of some sort stating that WMF may waive the notification requirement in exceptional circumstances. Regards, Nsk92 16:30, 6 March 2008 (UTC)
Another possible wrinkle
I suggest that a multistage method of contacting users be attempted. A special committee of users or admins akin to OTRS could be pressed into service to assist in this regard if it is deemed necessary. 1. users should be contacted by email if at all possible 2. If a user has elected to remove the ability for email contact from their account, or never activated it, some effort be made to obtain their email address from their associates and "friends" on WP. I have noticed that often if someone on WP needs to contact someone else who has disabled their email, they just contact the editor's friends on WP, and often someone has the email address, even if it is not generally available on the talk page. 3. If 1 and 2 fail, then put a bland notice on the user's talk page to contact the foundation through login at some special page.
Obviously some simple method of authentication should be adopted so the user sought would have some assurance that it really was the Foundation that wanted to contact him or her, and that the Foundation was reasonably sure that this was the user. The knowledge of the user's password might be deemed enough, or the user's password plus the answer to some "secret question" posed when the account is set up. Of course these measures can be defeated, but they are better than nothing. It is possible that in some cases the user could be contacted through their internet provider, but I would suggest that this be only considered in extreme circumstances and avoided if at all possible for a variety of reasons, including privacy considerations and causing more disruption, even to the point of discouraging users from contributing to WP at all. The importance of having an email account might be stressed when the WP account is established, and an option might be presented where a user could decide if the email account is available through the WP talk page, through the WP talk page and to the foundation, to the foundation only, or not available at all.
Also, putting a notice on the user's talk page might cause their WP friends to email them anyway.
Some of these measures require recoding a bit of software, so are mildly expensive. However there is no need to adopt the full solution immediately, but to set the full solution as a goal to implement eventually, as the software is modified. Less expensive stopgap methods can be adopted before a more extensive solution is available.--Filll 13:31, 8 March 2008 (UTC)
- Now that I think about it, I very much like your idea of a "secret question" that is a part of the user profile and is not publicly visible. Indeed, it can be used for a simple one-step authentication procedure when a user contacts WMF. This could make it unnecessary to provide any details about the lawsuit involved at the affected user's talk page, just a general brief message to contact WMF. Regards, Nsk92 19:34, 8 March 2008 (UTC)
- Now, regarding your specific suggestions. I very much like your idea of a technological solution (more on this below). I am not sure that trying to go through friends etc is a very practical approach. There are too many variables and subjective judgment calls involved here: who and how decides who is a friend of a particular user, etc, and what and how much to tell them. Also, as a practical matter, this approach would be more labor intensive and costly. I have no idea how many subpoenas for user info WMF receives monthly on average and how much resources they have in responding to them and handling various legal matters. That is why I would prefer a simple and cost-efficient approach.
- Regarding the specific suggestion for having an e-mail address, associated with the user account, with several degrees of availability, I like this idea. I do not know how feasible it is technologically and cost-wise, but I hope that WMF will look into it.
- In fact, another technological solution could potentially solve most of these problems, namely an equivalent of a "private message". Most discussion boards now have a private message feature when one user may send another user a private message not visible to others, and that the recipient can view from their user profile page. I don't know if it is possible to implement such a feature for WMF projects, such as WP, or if WMF would want to host such private traffic between its users. A more limited possibility is to only enable the private message feature for communications between the user and WMF.
- Ultimately, any of the changes discussed here would be an improvement over the status quo. Even if WMF decides, for the time being, to only provide notification by e-mail and only to those users who have e-mail addresses associated with their profiles, that would be much better than the current situation. Regards, Nsk92 15:01, 8 March 2008 (UTC)
- The absolute minimum that the foundation should do is to email users who have email turned on to let them know a subpoena has been filed by someone requesting their IP or any other information associated with their account. Naturally when the demand for info is from the U.S. government and the disclosure of the demand is illegal, that is a different matter. But for ordinary subpoenas there should be prompt notification, which apparently was not done in the recent case as discussed at Village Pump. 22.214.171.124 21:51, 9 March 2008 (UTC)
Users are not given fair/any knowledge of this policy
RE: "It is requested that this notice be translated and moved to the Wikimedia Foundation site, from which it is linked from the footer (MediaWiki:Copyright) of every page." Same text is at wikimedia:Privacy_policy. It looks like that should read MediaWiki:Privacypage --mikeu 19:05, 27 March 2008 (UTC)
Are login cookies attached to ip address, used to track click streaming etc, most sites do this and there fore i do not cnotribute nor accept cookies from them. I feel my clicks should never be an endorsement for any page or practice just beacause i was momentarily interested.
Wikiscanner warnings/ use of wikiscanning results on talk pages?
Rumor at Wikiscanner article talk page is there is a new one on the way to replace this outdated one. So two questions I'd like answers to and should be inpolicy here and at WP:harassment are:
- If one suspects people are editing from work to take out negative info about a person or other topic, is it acceptable to warn people on the talk page in general about existence of wikiscanning and that it has been used in past to reveal WP:COI partisans removing negative info on their employers. Frankly, I mentioned it generally once recently after noticed all the 2007 corporate edits on a certain law and suddenly most of the repeated Anon IP deletions of WP:RS material about the topic stopped. So guidance on whether to mention wikiscanning in general as a preventative measure when this kind of whitewashing obviously is happening would be helpful.
- I assume one cannot say editor XXX's edit against such and such info came from YYY Company/Activist group's IP that doesn't want that info in there. But since this material has ended up in the media, it's hard to keep it off talk pages. Clarifying the policies before new wikiscanner gets going would help. Thanks Carolmooredc 17:07, 10 November 2008 (UTC) Carolmooredc
INTEGRATION OF OTHER WIKIS
This is a wikiarticle of a caliber like I have never seen in wikipedia... It is a model article for wikipedia but unfortunately it is not even in wikipedia. This must change. http://www.psychwiki.com/wiki/The_Schachter-Singer_Theory_of_Emotion--Nonymous-raz 07:29, 20 December 2008 (UTC)