Oversight rights

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

Oversight rights

Jon Harald Søby
Recently, Tim enabled [[m:Oversight]] on all wikis (earlier it was
only enabled on en: and test:). En en: the situation is "under
control", as the Arbitration Committee handles and decides upon
requests about oversight status. For other wikis, however, there are
no policies on the matter, so we need to make one (since oversight is
about the same level as checkuser). My suggestion is that we should
use the checkuser requirements for oversight as well (e.g. more than
25 votes, 70%-80% support, at least two users meeting these criteria).
What do you think about this?

Also, I think a system should be established for stewards to perform
oversight globallt, much like [[m:RfCU]]. However, since requests for
oversighting will naturally be a lot more sensitive than requests for
checkuser information, I think that we should use a mailing list for
such requests, either using the existing oversight-l or stewards-l, or
creating a new mailing list, for example oversight-requests-l or
something like that, so that people can send their requests there, to
be handled by stewards. Does that sound like a good idea?

--
Best regards,
Jon Harald Søby

Website - http://www.alqualonde.com/
Wikipedia - http://no.wikipedia.org/wiki/Bruker:Jhs
MSN messenger - [hidden email]
Skype - jon.harald.soby
_______________________________________________
foundation-l mailing list
[hidden email]
http://mail.wikipedia.org/mailman/listinfo/foundation-l
Reply | Threaded
Open this post in threaded view
|

Re: Oversight rights

David Gerard-2
On 20/12/06, Jon Harald Søby <[hidden email]> wrote:

> Recently, Tim enabled [[m:Oversight]] on all wikis (earlier it was
> only enabled on en: and test:). En en: the situation is "under
> control", as the Arbitration Committee handles and decides upon
> requests about oversight status. For other wikis, however, there are
> no policies on the matter, so we need to make one (since oversight is
> about the same level as checkuser). My suggestion is that we should
> use the checkuser requirements for oversight as well (e.g. more than
> 25 votes, 70%-80% support, at least two users meeting these criteria).
> What do you think about this?
> Also, I think a system should be established for stewards to perform
> oversight globallt, much like [[m:RfCU]]. However, since requests for
> oversighting will naturally be a lot more sensitive than requests for
> checkuser information, I think that we should use a mailing list for
> such requests, either using the existing oversight-l or stewards-l, or
> creating a new mailing list, for example oversight-requests-l or
> something like that, so that people can send their requests there, to
> be handled by stewards. Does that sound like a good idea?


Possibly. [[:en:Wikipedia:Oversight]] is the page that explains how to
request oversighting.

Note that oversighting is only for material so sensitive that not even
admins on the wiki should be allowed to see it. We have over a
thousand admins on en:, so are at a stage where we need this. It's not
for vandalism, copyright violations, etc. - only for material that
could be personally dangerous to someone.

The en: oversighters already say "no" to a lot of requests from people
who want to remove their own silly past edits from the record, admins
who don't want to hand-check lots of boxes to delete one bad revision,
etc.

I suspect most wikis won't actually *need* oversight as yet - en:wp
gets maybe one or two actionable requests a day.


- d.
_______________________________________________
foundation-l mailing list
[hidden email]
http://mail.wikipedia.org/mailman/listinfo/foundation-l
Reply | Threaded
Open this post in threaded view
|

Re: Oversight rights

Jon Harald Søby
On 12/20/06, David Gerard <[hidden email]> wrote:

> On 20/12/06, Jon Harald Søby <[hidden email]> wrote:
>
> Possibly. [[:en:Wikipedia:Oversight]] is the page that explains how to
> request oversighting.
>
> Note that oversighting is only for material so sensitive that not even
> admins on the wiki should be allowed to see it. We have over a
> thousand admins on en:, so are at a stage where we need this. It's not
> for vandalism, copyright violations, etc. - only for material that
> could be personally dangerous to someone.
>
> The en: oversighters already say "no" to a lot of requests from people
> who want to remove their own silly past edits from the record, admins
> who don't want to hand-check lots of boxes to delete one bad revision,
> etc.
>

Yes, the guidelines for what to oversight seem pretty clear-cut, and
there shouldn't be any problems regarding that. The problems, as I see
it, is to whom, and under which circumstances, oversight should be
given.

> I suspect most wikis won't actually *need* oversight as yet - en:wp
> gets maybe one or two actionable requests a day.
>

Other wikis may still need it, but not the the extent that they need
oversight users, and that's where the (proposed) mailing list and
stewards come in.


--
Best regards,
Jon Harald Søby

Website - http://www.alqualonde.com/
Wikipedia - http://no.wikipedia.org/wiki/Bruker:Jhs
MSN messenger - [hidden email]
Skype - jon.harald.soby
_______________________________________________
foundation-l mailing list
[hidden email]
http://mail.wikipedia.org/mailman/listinfo/foundation-l
Reply | Threaded
Open this post in threaded view
|

Re: Oversight rights

Gregory Maxwell
In reply to this post by Jon Harald Søby
On 12/20/06, Jon Harald Søby <[hidden email]> wrote:
[snip]
> oversight globallt, much like [[m:RfCU]]. However, since requests for
> oversighting will naturally be a lot more sensitive than requests for
> checkuser information,
[snip]

This is almost off-topic because it doesn't impact the main point of
your post, we still do need a way of dealing with oversight requests,
but I think this needs to be said:

Oversight can, with great annoyance, be undone. Oversight's only real
risk is causing misleading attribution, but the same thing is true of
deletion so long as your standard of misleading is focused on casual
readers rather admins (as it should be).

The effect of an inappropriate release of checkuser data is an
irreparable loss of privacy. I wouldn't go so far as saying that a
carelessly performed checkuser could be life threatening, since if
your life is on the line over any websites ability to protect your
privacy thats your mistake.. but it is clear that often the result of
a mistake made with checkuser data can not simply be undone.

As such I don't think we should get in the practice of considering
oversight a more sensitive privilege than checkuser.
_______________________________________________
foundation-l mailing list
[hidden email]
http://mail.wikipedia.org/mailman/listinfo/foundation-l
Reply | Threaded
Open this post in threaded view
|

Re: Oversight rights

David Gerard-2
On 20/12/06, Gregory Maxwell <[hidden email]> wrote:

> The effect of an inappropriate release of checkuser data is an
> irreparable loss of privacy. I wouldn't go so far as saying that a
> carelessly performed checkuser could be life threatening, since if
> your life is on the line over any websites ability to protect your
> privacy thats your mistake.. but it is clear that often the result of
> a mistake made with checkuser data can not simply be undone.
> As such I don't think we should get in the practice of considering
> oversight a more sensitive privilege than checkuser.


The way we do it on en:wp is that the arbitration committee says who
gets either, and those with checkuser and oversight tend to be
arbitrators and ex-arbitrators.

That is: what Greg points out is true, but in practice if someone's
considered sufficiently trustworthy then they're likely to have either
job land on them.

(We tend not to have a lot of crossover between the
AC/checkuser/oversighter pool and the bureaucrat pool; I think only
Raul654 is both on en:wp.)


- d.
_______________________________________________
foundation-l mailing list
[hidden email]
http://mail.wikipedia.org/mailman/listinfo/foundation-l
Reply | Threaded
Open this post in threaded view
|

Re: Oversight rights

Jon Harald Søby
In reply to this post by Gregory Maxwell
On 12/20/06, Gregory Maxwell <[hidden email]> wrote:

> This is almost off-topic because it doesn't impact the main point of
> your post, we still do need a way of dealing with oversight requests,
> but I think this needs to be said:
>
> Oversight can, with great annoyance, be undone. Oversight's only real
> risk is causing misleading attribution, but the same thing is true of
> deletion so long as your standard of misleading is focused on casual
> readers rather admins (as it should be).
>
> The effect of an inappropriate release of checkuser data is an
> irreparable loss of privacy. I wouldn't go so far as saying that a
> carelessly performed checkuser could be life threatening, since if
> your life is on the line over any websites ability to protect your
> privacy thats your mistake.. but it is clear that often the result of
> a mistake made with checkuser data can not simply be undone.
>
> As such I don't think we should get in the practice of considering
> oversight a more sensitive privilege than checkuser.

I didn't mean that oversight is a more sensitive privilege, but that
the _requests_ for oversight are more sensitive. E.g. a request to ask
if user A is a sock of user B isn't sensitive, but a request to remove
a specific revision will be. If that is done in public on Meta, the
revision will be viewable by everyone until someone removes it. Hence
the suggestion about the mailing list, like it is done on en. But this
is probably a bit off-topic, you're right. ;-)


--
Best regards,
Jon Harald Søby

Website - http://www.alqualonde.com/
Wikipedia - http://no.wikipedia.org/wiki/Bruker:Jhs
MSN messenger - [hidden email]
Skype - jon.harald.soby
_______________________________________________
foundation-l mailing list
[hidden email]
http://mail.wikipedia.org/mailman/listinfo/foundation-l
Reply | Threaded
Open this post in threaded view
|

Re: Oversight rights

James Forrester-5
In reply to this post by David Gerard-2
David Gerard wrote:

> (We tend not to have a lot of crossover between the
> AC/checkuser/oversighter pool and the bureaucrat pool; I think only
> Raul654 is both on en:wp.)

To which the obvious point is that "trust" has many flavours - people
trusted legally (say, I dunno, our legal counsel? :-)) might well not
have that much trust with the community - and, sadly, vice versa. :-(

Here endeth the off-topic-ness. Hopefully.

Yours sincerely,
--
James D. Forrester
Wikimedia : [[W:en:User:Jdforrester|James F.]]
E-Mail    : [hidden email]
IM (MSN)  : [hidden email]
_______________________________________________
foundation-l mailing list
[hidden email]
http://mail.wikipedia.org/mailman/listinfo/foundation-l
Reply | Threaded
Open this post in threaded view
|

Re: Oversight rights

Sean Whitton (Xyrael)
In reply to this post by David Gerard-2
http://en.wikipedia.org/wiki/Special:Listusers/checkuser reveals five
people who have b'crat and checkuser :)

Just a side note for those who are interested.

On 20/12/06, David Gerard <[hidden email]> wrote:

> On 20/12/06, Gregory Maxwell <[hidden email]> wrote:
>
> > The effect of an inappropriate release of checkuser data is an
> > irreparable loss of privacy. I wouldn't go so far as saying that a
> > carelessly performed checkuser could be life threatening, since if
> > your life is on the line over any websites ability to protect your
> > privacy thats your mistake.. but it is clear that often the result of
> > a mistake made with checkuser data can not simply be undone.
> > As such I don't think we should get in the practice of considering
> > oversight a more sensitive privilege than checkuser.
>
>
> The way we do it on en:wp is that the arbitration committee says who
> gets either, and those with checkuser and oversight tend to be
> arbitrators and ex-arbitrators.
>
> That is: what Greg points out is true, but in practice if someone's
> considered sufficiently trustworthy then they're likely to have either
> job land on them.
>
> (We tend not to have a lot of crossover between the
> AC/checkuser/oversighter pool and the bureaucrat pool; I think only
> Raul654 is both on en:wp.)
>
>
> - d.
> _______________________________________________
> foundation-l mailing list
> [hidden email]
> http://mail.wikipedia.org/mailman/listinfo/foundation-l
>


--
—Sean Whitton (Xyrael) [sean at silentflame dot com]
        Knowledge is power, but only wisdom is liberty.
_______________________________________________
foundation-l mailing list
[hidden email]
http://mail.wikipedia.org/mailman/listinfo/foundation-l
Reply | Threaded
Open this post in threaded view
|

Re: Oversight rights

Dominic-21
In reply to this post by Jon Harald Søby
Jon Harald Søby wrote:
> I think that we should use a mailing list for
> such requests, either using the existing oversight-l or stewards-l, or
> creating a new mailing list, for example oversight-requests-l or
> something like that, so that people can send their requests there, to
> be handled by stewards. Does that sound like a good idea?
>
>  
I think the mailing list as we've used it so far has been a good idea.
Any potential oversight request should have a list it can be brought to.
A global mailing list for all oversighters and stewards might be
convenient in that the stewards could be on it, too, and so it would be
an easy way to make sure all requests get to someone that can answer
them. We should probably just subscribe all oversighters and stewards to
the current oversight-l and update links to it to indicate it's global.
I don't know if any new oversighters have been made yet, but all the
current stewards could be subscribed immediately (Essjay is the list admin).

A potential problem is that frequently people sending mail to
oversight-l don't include links to the revision they're talking about,
or what's wrong with it, or much of anything at all, and now they will
probably not tell us what project they are referring to, either. But,
people will be people, and no amount of instructions will probably
change that. ;-)

Dominic
_______________________________________________
foundation-l mailing list
[hidden email]
http://mail.wikipedia.org/mailman/listinfo/foundation-l
Reply | Threaded
Open this post in threaded view
|

Re: Oversight rights

Aaron Schulz
In reply to this post by David Gerard-2
Indeed both are extemely important, and in some ways irreversible. Revealing checkuser data cannot be undone, and while someone with root could reverse the oversight revision moving, leaking this information could result in serious personal information being "out there", which cannot be reversed. Checkuser and Oversight are more or less on the same "level".

Though oversuse of ovesight is more annoying than seriously damaging, its still is a good way to waste developer time and should strongly be avoided, as abuse can raise questions about the judgement of someone who has that priviledge. I've already wrote a patch (bug 8131) to add diffs to Oversight to help make watching over its use easier.

David Gerard-2 wrote
Possibly. [[:en:Wikipedia:Oversight]] is the page that explains how to
request oversighting.

Note that oversighting is only for material so sensitive that not even
admins on the wiki should be allowed to see it. We have over a
thousand admins on en:, so are at a stage where we need this. It's not
for vandalism, copyright violations, etc. - only for material that
could be personally dangerous to someone.

The en: oversighters already say "no" to a lot of requests from people
who want to remove their own silly past edits from the record, admins
who don't want to hand-check lots of boxes to delete one bad revision,
etc.

I suspect most wikis won't actually *need* oversight as yet - en:wp
gets maybe one or two actionable requests a day.


- d.
_______________________________________________
foundation-l mailing list
foundation-l@wikimedia.org
http://mail.wikipedia.org/mailman/listinfo/foundation-l
Reply | Threaded
Open this post in threaded view
|

Re: Oversight rights

Sam Korn
In reply to this post by Sean Whitton (Xyrael)
On 12/20/06, Sean Whitton (Xyrael) <[hidden email]> wrote:
> http://en.wikipedia.org/wiki/Special:Listusers/checkuser reveals five
> people who have b'crat and checkuser :)
>
> Just a side note for those who are interested.

Incidentally, I'm pretty sure that all those people got given their
oversight/CU rights (not !voted) after their bureaucrat rights
(!voted).

Whatever that implies.

--
Sam
_______________________________________________
foundation-l mailing list
[hidden email]
http://mail.wikipedia.org/mailman/listinfo/foundation-l