User:Discasto/Pelayo Calderón/Third mail to the OC on Pelayo Calderón

Dear friends,

thank you for taking the time to analyze the case I brought to your attention. I do know it's holidays season in the Northern hemisphere and therefore, answers cannot be so agile. However, I have to say that I deeply disagree with your rejection of my complaint. Let me summarize my arguments in the following paragraphs.

I'll start by your last statement. You suggest to sort this issue out in my local wikipedia. However, as I stated in my previous mails (I guess), I can't edit in such project (see here). My talk page is blocked, I can't send emails (see here) and whenever I post my unblock requests in the Spanish Wikipedia Village Pump, my messages are deleted on the grounds that I must ask for unblocking through my talk page, which I can't edit (see here). At the same time, the SVU board at the Spanish Wikipedia is indefinitely semi-protected (on any grounds, see here), so that it's not possible to request for clarification as an IP address. As one of your members is an admin in the Spanish Wikipedia (Alhen), he can clarify this. However, I'll go back to this matter afterwards.

You state that you can't find any violation of the Privacy Policy in the complaint I have filed. Maybe I didn't explained it very well. I'll try to make it clear. After complaining in meta to some of the checkusers in the Spanish Wikipedia, one of them finally admitted that the verification (and alleged match) was carried out by using so called "antecedentes" (historical data) (see this: 'Existen antecedentes y los datos que arroja el análisis checkuser permiten llegar a esa conclusión': "There are historical records and the checkuser analysis allows us to reach said conclusion"). They have also separately admitted that they have a wiki where they, in a totally hidden (where in the meta website is it described?) and uncontrolled way, store checkuser information. According to this, la Fundación pone a disposición de los CU de todos los proyectos una wiki privada, que supervisan y usan también los stewards, donde se conservan datos de los titiriteros más habituales ("as a convenience, the WMF provides a private wiki to the checkusers of all the projects, overseen and used also by stewards, where the private information of the most usual sockpuppeters is stored").

Well, it seems that according to Bernard's and Montgomery's statements that the verification carried out by the former was done by using historical private user information that is stored, without the knowledge of the community and without any WMF statement. First of all, the mere existence of such "private wiki" IMHO severely violates the terms of the WMF retention guidelines: "Personal information: After at most 90 days, it will be deleted, aggregated, or anonymized". So, while the meta website states that personal information is not kept for longer than three months, the fact is that such information is kept, by other means, forever and without any control (at least, the Checkuser tool keeps an access log, but a wiki does not have, by its own nature, any read log). The Privacy Policy FAQ falsely states also that "For example, information that can be accessed by the CheckUser tool is deleted after three months". It's not really serious to claim a restrictive and logged access to checkuser information while, once such information has been extracted, it's stored, queried without any control and kept forever. Moreover, even if you argument that the data retention guidelines are not part of the Privacy Policy, the fact is that the Privacy Policy clearly states that storage of user information is only done to prevent violations of the Terms of Use. And I must emphasize violation of Terms of Use are the only argument to store user information. Evading a block is not, in itself, a violation of the Terms of Use (especially if you consider the circumstances in which my ban was carried out, without any support from the community, you can read it in here; mind that Bernard was the admin that, contraposing the majority vote of the community, invented an unanimity rule not to unblock me). An additional element, that I bring to your attention just because both me and most of the checkusers are based in the European Union, is the legal status of such private wiki. At least in the European Union (see here, for instance here, the way my personal data is handled is totally illegal. I do know that both the WMF and the infrastructure is based in the USA and follow its legislation. I don't think either that such data management practices is acceptable, especially as they're kept hidden from the community.

You should analyze the whole situation of the Spanish Wikipedia, a project without block policy, without arbitration committee, without a community-based process for handling permanent bans (in my case, the only time the community was allowed to have a say about my ban, it supported me being unblocked), with admins being also the checkusers, and finally routinely breaching the privacy policies by storing without control or overseeing checkuser information literally for years. And again, I must emphasize that such storage is only valid in very critical cases: violations of the Terms of Use. In the Spanish Wikipedia, it's simple for a group of rogue admins to unlawfully ban a user for good and afterwards to prevent unblock (and eventually edition) by storing personal information (and I must say that nobody has been able to charge me with Terms of Use violations). As I can't even request my unblock, I simply edit (and I haven't ever denied my editions, as they're definitely useful, see here)

The additional issue that worries me much is the apparently narrowing scope of the Ombudsman Commission. If you go to the meta page on Checkusers, it states clearly that "Complaints of abuse of CheckUser or privacy policy breaches may also be brought to the Ombudsman commission" (mind the 'or'). Your charter says the same: "The ombudsman will take charge of investigating cases of privacy policy breach or checkuser abuse..." (again, notice the 'or'). In fact, one of the Checkusers in the Spanish have told me to file a complaint with the OC if I disagree. Moreover, as some of you are German-speaking people, you could easily verify in here that wikipedians in the German Wikipedia are encouraged to file a complaint with the OC not only as the result of an alleged privacy policy violations, but also for checkuser abuse. I don't think that what's valid for German wikipedians is not valid for Spanish ones. Thus, the Ombudsman Commission (otherwise it wouldn't be an ombudsman) is also in charge of protecting wikipedians from checkuser abuse. In spite of that, you keep on refusing to protect rank and file wikipedians and intend to deal only with alleged violations of the privacy policy (also existing in this case, as verbosely explained in the previous paragraph). As I'm definitely not Pelayo Calderon, the mere fact of a checkuser stating that there is a "straightforward relationship" with me is a plain lie and therefore a clear abuse. And I must state that the OC is the only one that can investigate the issue. The checkusers in the Spanish Wikipedia (one out of them has already recognized that the verification result was just one of the possible outcomes, that's it, there's at most an inconclusive match) do not have the slightest incentive to admit rogue or, at least, careless verifications. If so, who could assure that previous "straightforward" relationships were actually so.

Finally, going back to the first item in my argumentation, and according to one of the checkusers in the Spanish Wikipedia (see here), I don't have any rights (y en lo que se refiere a es.Wikipedia no tienes ningún derecho al estar expulsado: "with regard to the Spanish Wikipedia, you don't have any right, as you've been expelled"), as I've been permanently banned and, therefore, never mind if I'm assigned a sockpuppet wrongly (¿Crees de veras que un títere más o un títere menos podría revertir tu situación?: "do you think that a sockpuppet more or less is relevant?"). As you can understand, that sort of statement by a checkuser is simply not acceptable, as it shows clearly a lack of respect that any checkuser with such a responsibility should show.

To sum up, what I'm asking to the OC is what follows:

  • Investigate the abuse I'm reporting by:
    • Comparing my editions in the Spanish Wikipedia with those of such Pelayo Calderón. According to Bernard and somehow to Montgomery, there is a straighforward relationship. That cannot be true, as any independent verification could prove.
    • Clarifying to the community in the Spanish Wikipedia that the alleged match is, at most, an unconclusive match. It's up to the admins to decide whether such unconclusive match is enough or not, but no to the checkuser themselves, especially considering the clear grudge of the admin-checkuser Bernard against me. A CU verification is a technical matter based on technical evidences that has to be handled in a quite careful way, as there are persons' privacy and reputation at stakes. Bernard is clearly not proceeding in such a way.
    • Removing @Bernard: from the checkuser office as he's clearly coming out with an untrue conclusion.
    • Comparing my editions anywhere in the Wikimedia projects with those of Pelayo Calderón to double-check that there is no actual relationship.
    • Removing @Montgomery: from the checkuser office as a checkuser cannot state that a rogue checkuser verification result is OK provided that the user that is assigned a sockpuppet is permanently banned.
  • Clarifying the status of the uncontrolled storage of user information carried out by the checkusers in the Spanish Wikipedia.

And that's all. I'd appreciate a quick response as the checkuser information will expire.

Finally, I'll publish in meta the mails I'm sending to you (not the responses, obviously). It would provide an extra level of transparency, which I think it's good.