Privacy Policy & users abusing Check User Privilege

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Privacy Policy & users abusing Check User Privilege

EP TYPES
Take Notice:

User:Jpgordon (Arbitrator en.wiki) was granted Check User Privilege:

http://en.wikipedia.org/w/index.php?title=User_talk:Hipocrite&diff=132567106&oldid=132561129


Eptypes is a confirmed sock of [[User:Khunter]], [[User:Goingempty]],
[[User:Parker007]], [[User:Shines8]], and/or [[User:Paracit]].
--[[User:Jpgordon|jpgordon]] 00:22, 22 May 2007 (UTC)


User:Mackensen (Arbitrator en.wiki) was granted Check User Privilege:

http://en.wikipedia.org/w/index.php?title=Wikipedia%3ARequests_for_arbitration&diff=132589816&oldid=132586551


Hello {{user|Endgame1}}. --[[User:Mackensen|Mackensen]] 02:25, 22 May 2007
(UTC)

These 2 users have abused the check user privilege granted to them. There
was No Check User Request filed. They are supposed to only use their
privilege:

Wikimedia privacy policy

On Wikimedia <http://meta.wikimedia.org/wiki/Wikimedia> projects, privacy
policy <http://wikimediafoundation.org/wiki/privacy_policy> considerations
are of tremendous importance. Unless someone is definitely violating policy
with their actions (*e.g.* massive bot vandalism or spam), revealing their
IP, whereabouts or other information sufficient to identify them is likely a
violation.

CheckUser requires the level of confidentiality one would apply to our most
confidential user data.

The relevant section of the privacy
policy<http://meta.wikimedia.org/wiki/Privacy_policy>is:
 *Policy on release of data derived from page logs*  *It is the policy of
Wikimedia that personally identifiable data collected in the server logs, or
through records in the database via the CheckUser feature, may be released
by the system administrators or users with CheckUser access, in the
following situations:*

   1. *In response to a valid subpoena or other compulsory request from
   law enforcement*
   2. *With permission of the affected user*
   3. *To the chair of Wikimedia Foundation, his legal counsel, or his
   designee, when necessary for investigation of abuse complaints. *
   4. *Where the information pertains to page views generated by a spider
   or bot and its dissemination is necessary to illustrate or resolve technical
   issues.*
   5. *Where the user has been vandalising articles or persistently
   behaving in a disruptive way, data may be released to assist in the
   targeting of IP blocks, or to assist in the formulation of a complaint to
   relevant Internet Service Providers*
   6. *Where it is reasonably necessary to protect the rights, property
   or safety of the Wikimedia Foundation, its users or the public.*

 Wikimedia policy does not permit public distribution of such information
under any circumstances, except as described above.

*Information release*

Even if the user is committing abuse, it's best not to reveal personal
information if possible.

   - Generally, do not reveal IPs. Only give information such as same
   network/not same network or similar. If detailed information is provided,
   make sure the person you are giving it to is a trusted person and will not
   reveal it himself.
   - If the user has said they're from somewhere and the IP confirms it,
   it's not releasing private information to confirm it if needed.
   - If they're on a large national or international ISP (*e.g.* AOL,
   NTL, BT, Telstra) where they're one of millions of users, saying so is
   unlikely to be personally identifiable.
   - Revealing the country is generally not personally identifiable (*e.g
   .* "User:Querulous is coming in from the UK, User:Sockpuppet is coming
   in from Canada").
   - If you're in any doubt, give no detail.
_______________________________________________
foundation-l mailing list
[hidden email]
http://lists.wikimedia.org/mailman/listinfo/foundation-l
Reply | Threaded
Open this post in threaded view
|

Re: Privacy Policy & users abusing Check User Privilege

Brad Patrick
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

wtf?

EP TYPES wrote:

> Take Notice:
>
> User:Jpgordon (Arbitrator en.wiki) was granted Check User Privilege:
>
> http://en.wikipedia.org/w/index.php?title=User_talk:Hipocrite&diff=132567106&oldid=132561129
>
>
> Eptypes is a confirmed sock of [[User:Khunter]], [[User:Goingempty]],
> [[User:Parker007]], [[User:Shines8]], and/or [[User:Paracit]].
> --[[User:Jpgordon|jpgordon]] 00:22, 22 May 2007 (UTC)
>
>
> User:Mackensen (Arbitrator en.wiki) was granted Check User Privilege:
>
> http://en.wikipedia.org/w/index.php?title=Wikipedia%3ARequests_for_arbitration&diff=132589816&oldid=132586551
>
>
> Hello {{user|Endgame1}}. --[[User:Mackensen|Mackensen]] 02:25, 22 May 2007
> (UTC)
>
> These 2 users have abused the check user privilege granted to them. There
> was No Check User Request filed. They are supposed to only use their
> privilege:
>
> Wikimedia privacy policy
>
> On Wikimedia <http://meta.wikimedia.org/wiki/Wikimedia> projects, privacy
> policy <http://wikimediafoundation.org/wiki/privacy_policy> considerations
> are of tremendous importance. Unless someone is definitely violating policy
> with their actions (*e.g.* massive bot vandalism or spam), revealing their
> IP, whereabouts or other information sufficient to identify them is likely a
> violation.
>
> CheckUser requires the level of confidentiality one would apply to our most
> confidential user data.
>
> The relevant section of the privacy
> policy<http://meta.wikimedia.org/wiki/Privacy_policy>is:
>  *Policy on release of data derived from page logs*  *It is the policy of
> Wikimedia that personally identifiable data collected in the server logs, or
> through records in the database via the CheckUser feature, may be released
> by the system administrators or users with CheckUser access, in the
> following situations:*
>
>    1. *In response to a valid subpoena or other compulsory request from
>    law enforcement*
>    2. *With permission of the affected user*
>    3. *To the chair of Wikimedia Foundation, his legal counsel, or his
>    designee, when necessary for investigation of abuse complaints. *
>    4. *Where the information pertains to page views generated by a spider
>    or bot and its dissemination is necessary to illustrate or resolve technical
>    issues.*
>    5. *Where the user has been vandalising articles or persistently
>    behaving in a disruptive way, data may be released to assist in the
>    targeting of IP blocks, or to assist in the formulation of a complaint to
>    relevant Internet Service Providers*
>    6. *Where it is reasonably necessary to protect the rights, property
>    or safety of the Wikimedia Foundation, its users or the public.*
>
>  Wikimedia policy does not permit public distribution of such information
> under any circumstances, except as described above.
>
> *Information release*
>
> Even if the user is committing abuse, it's best not to reveal personal
> information if possible.
>
>    - Generally, do not reveal IPs. Only give information such as same
>    network/not same network or similar. If detailed information is provided,
>    make sure the person you are giving it to is a trusted person and will not
>    reveal it himself.
>    - If the user has said they're from somewhere and the IP confirms it,
>    it's not releasing private information to confirm it if needed.
>    - If they're on a large national or international ISP (*e.g.* AOL,
>    NTL, BT, Telstra) where they're one of millions of users, saying so is
>    unlikely to be personally identifiable.
>    - Revealing the country is generally not personally identifiable (*e.g
>    .* "User:Querulous is coming in from the UK, User:Sockpuppet is coming
>    in from Canada").
>    - If you're in any doubt, give no detail.
> _______________________________________________
> foundation-l mailing list
> [hidden email]
> http://lists.wikimedia.org/mailman/listinfo/foundation-l
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGUmST5txwQhyxnbIRAv2MAJ48NcFzuYE5jA0ik5XggxGT3fsd2wCggk+x
/ib975/X20yJoZAzQIZ1Hcs=
=ou2L
-----END PGP SIGNATURE-----

_______________________________________________
foundation-l mailing list
[hidden email]
http://lists.wikimedia.org/mailman/listinfo/foundation-l
Reply | Threaded
Open this post in threaded view
|

Re: Privacy Policy & users abusing Check User Privilege

Stephen Bain
In reply to this post by EP TYPES
On 5/22/07, EP TYPES <[hidden email]> wrote:
>
> These 2 users have abused the check user privilege granted to them. There
> was No Check User Request filed. They are supposed to only use their
> privilege:
>
> Wikimedia privacy policy...

Please come back after reading the privacy policy again.

--
Stephen Bain
[hidden email]

_______________________________________________
foundation-l mailing list
[hidden email]
http://lists.wikimedia.org/mailman/listinfo/foundation-l
Reply | Threaded
Open this post in threaded view
|

Re: Privacy Policy & users abusing Check User Privilege

Thomas Dalton
In reply to this post by EP TYPES
The fact that two accounts are used by the same person is not
information that can be used to identify a user, so it is not covered
under the privacy policy. There has been no violation.

_______________________________________________
foundation-l mailing list
[hidden email]
http://lists.wikimedia.org/mailman/listinfo/foundation-l
Reply | Threaded
Open this post in threaded view
|

Re: Privacy Policy & users abusing Check User Privilege

George William Herbert
In reply to this post by Brad Patrick
On 5/21/07, Brad Patrick <[hidden email]> wrote:
> wtf?

New user filed a Request for Arbitration on en.wp against a bunch of
admins and other longtime contributors.  Something smelled fishy;
someone ran a CU to see if it was a usual suspect long term abuser and
sockpuppeteer, it was, RfAr closed as disruptive annoyance and their
new account zapped to indef blocked.  Long term abuser and
sockpuppeteer apparently doesn't want to let it drop, believes they're
still wronged in this matter, wants to disrupt project more, finds
other mailing list, of perhaps more senior people.

Film at 11.


--
-george william herbert
[hidden email]

_______________________________________________
foundation-l mailing list
[hidden email]
http://lists.wikimedia.org/mailman/listinfo/foundation-l