Privacy violations by a Checkuser in the block log, a permanent record, WP community supports outing in a classist way Options

[AB]

See this log.

You will note several occasions when IP addresses were blocked as
sock puppets of particular users, thereby outing the IP addresses
of those users. There were also occasions when pseudonymous
accounts were blocked as sockpuppets of legal names, thereby
outing the real names of those pseudonyms.

From this, we can conclude that the WP community as a whole does
not actually oppose outing. They are simply classist - they protect the
privacy of those with higher rank while sadistically violating the privacy
of those with lower rank. (As disclaimer, I am sure there are many
members of the WP community who do not agree with the community
as a whole on this.)

[SirFozzie]

Actually, it's really a catch-22, If we DON'T mention who it is in the block log, and say "Sockpuppet" or "Checkuser-proven sockpuppet" not only is there no transparancy in the process, but we get clobbered with accusations that it's not reaaaaaaaaaaaaaaallly a sockpuppet or proven by checkuser, but just blocking folks we don't like.

And the real name thing is a subset. If someone is proven to be a sockpuppet of the account Joe Schmoe (Joe's real name was used for an account).. can we get by just by saying "Sockpuppet of a Real-Life name account?" or would we get called on that as well?

[Lar]

AB, what do you suggest be done in future, in view of what SirFozzie points out?

I want to be sensitive to privacy concerns and yet at the same time be as transparent as I possibly can be, without impeding the efficiency and efficacy of checkuser investigations. That gives you at least three different competing things that pull in different directions.

I'm open to suggestions. I suspect there is no perfect answer but improvements are welcome.

[dogbiscuit]

Actually, it's really a catch-22, If we DON'T mention who it is in the block log, and say "Sockpuppet" or "Checkuser-proven sockpuppet" not only is there no transparancy in the process, but we get clobbered with accusations that it's not reaaaaaaaaaaaaaaallly a sockpuppet or proven by checkuser, but just blocking folks we don't like.

And the real name thing is a subset. If someone is proven to be a sockpuppet of the account Joe Schmoe (Joe's real name was used for an account).. can we get by just by saying "Sockpuppet of a Real-Life name account?" or would we get called on that as well?

I appreciate the dilemma. The catch is only introduced by the inconsistency of the Wikipedia policy, which is that everyone can edit anonymously unless we decide you are abusing the system where we then can reveal this information.

Wikipedia does not state this explicitly. I don't think I would have a problem with that, except that it is clear that there is a strong belief that some of those trusted with this information cannot actually be trusted. I'm not sure I even have a problem with that: the simple answer is that if your privacy is important to you, don't edit Wikipedia.

It has been made clear, with the attitude to Tor (not TOR!!!!) that it is not acceptable to hide your identity from Wikipedia, yet I think there are now plenty of people who are so distrustful of the powers that be that they do not understand why that should be the case. Yet, it is also clear that there are those who operate within Wikipedia who see it as their right to hide and appear to be sock puppetting or meet puppeting and are taking advantage of their privileged position to hide their actions. Yet, it is incredibly difficult for those not in the system to fight that abuse.

The solution is simple - real identities and live with it (some people will not use the system, some people will abuse the system anyway), or anonymous and live with it (sockpuppeting and the like - you can adapt). Don't kid yourselves that Wikipedia has sufficient trustworthiness to allow it to be the guardian of that information that allows a middle ground.

[GlassBeadGame]

AB, what do you suggest be done in future, in view of what SirFozzie points out?

I want to be sensitive to privacy concerns and yet at the same time be as transparent as I possibly can be, without impeding the efficiency and efficacy of checkuser investigations. That gives you at least three different competing things that pull in different directions.

I'm open to suggestions. I suspect there is no perfect answer but improvements are welcome.

All Checkuser drama is a function of allowing pseudonymous editing. Require IRL identities for editors and you protect the public, especially BLP victims, and avoid the drama. AB won't like this, but it would produce an atmosphere that many others would be willing to participate. Perhaps allowance could be made for editors living under repressive regimes or other well founded fears. Those users might be permitted to use proxies and operate under pseudonyms. They would be unlikely to take the form of "Armed Blowfish,""SirFozzie" or even "GlassBeadGame" as the whole point would be to be discrete. The decision related to this limited use of pseudonyms should be placed in the hands of a trusted third party, and not the "community."

[Docknell]

AB, what do you suggest be done in future, in view of what SirFozzie points out?

I want to be sensitive to privacy concerns and yet at the same time be as transparent as I possibly can be, without impeding the efficiency and efficacy of checkuser investigations. That gives you at least three different competing things that pull in different directions.

I'm open to suggestions. I suspect there is no perfect answer but improvements are welcome.

This set of IPs is interesting

http://en.wikipedia.org/wiki/Wikipedia:Lon...use/HeadleyDown

Clearly HeadleyDown comes from

24.147.97.230
Massachusets
66.176.129.11
Miami
80.189.81.19
London
203.186.238.160
Hong Kong
62.25.106.209
London
And so on

HeadleyDown is ubiquitous? In fact, it looks like FT2 is identifying anyone and everyone in disagreement with NLP, zoophilia promotion and anti-pedophilia. Its not so much an outing of socks, rather an outing of FT2's admin abuse.

[Jonny Cache]

This set of IPs is interesting:

Wikipedia:Long Term Self-Abuse/HeadleyDown

Clearly HeadleyDown comes from:

24.147.97.230 — Massachusetts
66.176.129.11 — Miami
80.189.81.19 — London
203.186.238.160 — Hong Kong
62.25.106.209 — London
And so on

HeadleyDown is ubiquitous? In fact, it looks like FT2 is identifying anyone and everyone in disagreement with NLP, zoophilia promotion and anti-pedophilia. Its not so much an outing of socks, rather an outing of FT2's admin abuse.

Some people have trouble dealing with the possibility that they may have more than one nemesis.

It's what Kant might have called —

«Unifying The Manifold Of Dissensuous Oppressions» («UTMODO»)

Jon Awbrey

This post has been edited by Jonny Cache: Sat 5th January 2008, 6:44pm

[SirFozzie]

it could also be open proxies or TOR proxies, but I do agree with you.

[AB]

Actually, it's really a catch-22, If we DON'T mention who it is in the block log, and say "Sockpuppet" or "Checkuser-proven sockpuppet" not only is there no transparancy in the process, but we get clobbered with accusations that it's not reaaaaaaaaaaaaaaallly a sockpuppet or proven by checkuser, but just blocking folks we don't like.

And the real name thing is a subset. If someone is proven to be a sockpuppet of the account Joe Schmoe (Joe's real name was used for an account).. can we get by just by saying "Sockpuppet of a Real-Life name account?" or would we get called on that as well?

AB, what do you suggest be done in future, in view of what SirFozzie points out?

It's only a problem because the WP community and checkusers
are so prideful that they cannot accept that they are not infallible,
that innocent people get blocked sometimes, and for that matter,
that there may be good reasons (ethically) for sockpuppetry.

I can guarantee you they are not infallible. There are no foolproof
methods of identifying sockpuppets. IP addresses do not
correspond 1:1 to human beings,* writing analysis is even more
fuzzy, and they aren't experts at it. At best, its probabilistic, but
their pride blinds them from being aware of that. One would think
confessions, at least, would be reliable, but when a confession can
be the only way to get unblocked, are they really so reliable?

Innocent or guilty, its still a privacy violation. The consequences of
outing can be severe, and a semblance of an encyclopaedia isn't
enough to justify that. Preventing certain types of sockpuppetry is
a WP rule, not a higher ethical principle. And, if innocent, that's salt
in the wound, since it is also defamation.

The solution, then, is to drop all pretence of justice. No privacy
violations, no defamation, just block because 'it's our site and we
feel like blocking you'. And don't make the block logs public - it's
no one's business, too many people think WP has good judgement,
when in fact it's judgement is so bad it doesn't even know it has
bad judgement, so it is necessary to hide the block log to protect
the reputations of the blockees. Hell, most sites do not publish
their block logs - they just block people at whim. It works fine.

WP needs to stop pretending to be the High Court of the Internet
and just admit they block people on whims. That would be honest.

* Checkuser yields imperfect results. IP addresses simply do not correlate 1:1
to human beings, or even computers. Reasons for this include:

• Dynamic Host Configuration Protocol - IPv4 addresses are limited in quantity,
  and IPv6 is not catching on. So, rather than needing an IP address for each
  separate client (where a client may be a computer or a NAT, as explained later),
  an Internet Service Provider (ISP) only needs enough IP addresses for the number
  of clients that are online at one time. The automated nature of Dynamic Host
  Configuration Protocol (DHCP) also makes it convenient. Note that there are
  different degrees of dynamicness - an IP address is assigned for a limited but
  adjustable period of time, and a DHCP server may or may not try to give a client
  the same IP address as it had before (note that there are ways of getting the DHCP
  server to give you a new IP address). Dial-up tends to be highly dynamic.
• Overloading or overlapping network address translation (NAT) - This is another
  solution to the IPv4 address scarcity problem. Basically, multiple clients share the
  same IP address, with a router converting packets sent to that IP address to packets
  sent to various local IP addresses, and vice versa. This can be done at multiple
  levels - a household, a school, library, or business, or even an entire ISP.
• Shared computers - internet cafes, libraries, families. Note that a group of computers,
  at an internet cafe for example, are quite likely all behind the same NAT anyway.
• Things change. People switch ISPs.
• Do anonymising proxies - both closed and open - even need to be listed?

Chances are, you are either behind a NAT of some size, have a dynamic IP address,
or, quite likely, both.

[AB]

All Checkuser drama is a function of allowing pseudonymous editing. Require IRL identities for editors and you protect the public, especially BLP victims, and avoid the drama. AB won't like this, but it would produce an atmosphere that many others would be willing to participate. Perhaps allowance could be made for editors living under repressive regimes or other well founded fears. Those users might be permitted to use proxies and operate under pseudonyms.

What, you mean Citizendium?

I like Citizendium far better than WP. Saying up-front you want
real names is far better than pretending to allow pseudonymity,
only to ban, out, and send violent thugs after people just for
trying to protect their privacy. I refuse to edit Citizendium, but
neither have I heard of them hurting anyone, so I have nothing
against them. No need for Citizendium to make exceptions - as
long as they don't pretend that 'anyone can edit', it's fine, really.

The main point is - it must needs be voluntary disclosure of a
person's personal information, not forceful disclosure by WP (or
anyone else, but how can WP expect others to respect their
contributor's privacy when they themselves do not respect
their contributor's privacy?).

This post has been edited by AB: Sat 5th January 2008, 9:36pm

[Lar]

It's only a problem because the WP community and checkusers
are so prideful that they cannot accept that they are not infallible,
that innocent people get blocked sometimes, and for that matter,
that there may be good reasons (ethically) for sockpuppetry.

I would ask you not to lump everyone into the same bucket.

I am a CU and I don't think I'm infallible and I accept that I do make mistakes, and appreciate them being brought to my attention, I'd like to think fairly gracefully (although maybe not?). Further I think it's important to try to correct mistakes once discovered wherever possible. I think you'll find Allison is of a similar mindset.

CU is an imperfect tool and bad blocks do happen. You'll never hear me say that CU proves anything in particular, only that it supports/indicates/corroborates etc. I do think it's a useful tool just the same though as long as one is aware of its limitations.

The main point is - it must needs be voluntary disclosure of a
person's personal information, not forceful disclosure by WP (or
anyone else, but how can WP expect other's to respect their
contributor's privacy when they themselves do not respect
their contributor's privacy?).

The WP privacy policy is written to try to disclaim that there may be situations in which information is disclosed. At least that was my read of it. It may not be clear enough on that point and perhaps could stand rewriting.

I don't edit pseudonymously, my identity on line is tied pretty tightly to my real life identity so I may not be the most suited to understanding the privacy needs of those who edit anonymously but I try very hard to respect them wherever possible.

I have an ID at Citizendium but I have not as yet contributed anything significant there. I think it's an interesting experiment but there are too many other differences from WP for it to be a good test of just pseudo vs real... multiple variables and all that.

[AB]

It's only a problem because the WP community and checkusers
are so prideful that they cannot accept that they are not infallible,
that innocent people get blocked sometimes, and for that matter,
that there may be good reasons (ethically) for sockpuppetry.

I would ask you not to lump everyone into the same bucket.

You want I look at your log, too?

I see you have also violated people's privacy by blocking IP
addresses as sockpuppets of a particular user.

I am a CU and I don't think I'm infallible and I accept that I do make mistakes, and appreciate them being brought to my attention, I'd like to think fairly gracefully (although maybe not?). Further I think it's important to try to correct mistakes once discovered wherever possible.

As I explained, sockpuppetry detection is probabilistic, never
certain. If you have enough evidence, it is not a mistake to
say the person is probably a sockpuppet. The mistake part
comes in when you say probably is definitely. And if you
don't think these user names and IP addresses are definitely
sockpuppets, not just probably, then why are you violating
their privacy and calling them sockpuppets? You might be
outing and defaming people who haven't done anything
wrong. Why not play it safe and block them for some reason
that won't damage their privacy or reputation?

The main point is - it must needs be voluntary disclosure of a
person's personal information, not forceful disclosure by WP (or
anyone else, but how can WP expect other's to respect their
contributor's privacy when they themselves do not respect
their contributor's privacy?).

The WP privacy policy is written to try to disclaim that there may be situations in which information is disclosed. At least that was my read of it. It may not be clear enough on that point and perhaps could stand rewriting.

The WP privacy policy? 'What the text giveth, the fine print
taketh away.' Please, drop the legal speak and talk ethics.

Outing people can have many negative consequences,
including enabling threats of violence. Sure, you don't need
to know who someone is or where they are to threaten
them, but it's certainly difficult to make a believable threat
of violence against someone you have no clue how to find.

Do you think threats of violence against banned users are
acceptable? Or is sockpuppetry on some website claiming
to be an encyclopaedia worse?

This post has been edited by AB: Sat 5th January 2008, 9:38pm

[guy]

Some people have trouble dealing with the possibility that they may have more than one nemesis.

An example I've noted before is List of Czech and Slovak Jews. This should be a list of all Jews from the Czech and Slovak areas, just as say List of French Jews is a list of all Jews from France. User Kazakhstan rocks (= Antidote) deleted loads of names because he decided that they were somehow not Czech enough. Several people opposed him and were all blocked as socks of Runcorn. At least one was in America; Runcorn allegedly used secret tunnels to go under the Atlantic. And Acalamari reverted to Antidote's version, although it is clearly wrong.

[AB]

Some people have trouble dealing with the possibility that they may have more than one nemesis.

An example I've noted before is List of Czech and Slovak Jews. This should be a list of all Jews from the Czech and Slovak areas, just as say List of French Jews is a list of all Jews from France. User Kazakhstan rocks (= Antidote) deleted loads of names because he decided that they were somehow not Czech enough. Several people opposed him and were all blocked as socks of Runcorn. At least one was in America; Runcorn allegedly used secret tunnels to go under the Atlantic. And Acalamari reverted to Antidote's version, although it is clearly wrong.

And, of course, when they're wrong, and yet they publicly
state their blocking reason, as it seems they always do,
it's defamation.

Supposing, theoretically, that WP blocked people in a
human manner. No privacy violations, no defamation or
any other reputation damage, no harm period, other than
simply preventing the person from editing. No justice,
necessarily, but no pretence of it either, just blocking
people because it's their website and they can do as
they wish with it. Then it would not be good for people to
circumvent their blocks. Not an ethical issue or anything
important like that, just a matter of courtesy, respecting
WP's right to control access to their site.

And, if people's honour as good netizens wasn't enough,
then I guess they would have to rely on their supposedly
superior sockpuppetry detection methods. But I think it
would be enough, in many cases.

However, when WP violates someone's privacy, or defames
someone, then that person henceforth owes WP absolutely
nothing, not even refraining from circumventing their blocks
or bans.

By violating privacy and defaming people, WP makes
sockpuppetry perfectly honourable.

(Disclaimer: Honourable is not the same as wise. Just
because it may be honourable for you to sockpuppet does
not mean it is necessarily wise to do so.)

P.S. All Jews? Even Jon Do no one cares about? That sounds
rather creepy. Not to mention, reducing people just their
ethnicity and religion is rather demeaning. I would prefer the
entire lists were deleted.


This post has been edited by AB: Sat 5th January 2008, 10:37pm

[guy]

P.S. All Jews? Even Jon Do no one cares about?

Obviously not, only ones who have, or should have, articles on Wikipedia.

[AB]

P.S. All Jews? Even Jon Do no one cares about?

Obviously not, only ones who have, or should have, articles on Wikipedia.

Well, we might disagree on who 'should have' an article on WP.
I'm all for deleting all BLPs, or at least limited them to only ones
other encyclopaedias have written about. That would solve
many, but not all, of WP's privacy violation and defamation
problems.

[guy]

Well, we might disagree on who 'should have' an article on WP.
I'm all for deleting all BLPs, or at least limited them to only ones
other encyclopaedias have written about. That would solve
many, but not all, of WP's privacy violation and defamation
problems.

Look at that list, and see how many are BLPs.

[AB]

Well, we might disagree on who 'should have' an article on WP.
I'm all for deleting all BLPs, or at least limited them to only ones
other encyclopaedias have written about. That would solve
many, but not all, of WP's privacy violation and defamation
problems.

Look at that list, and see how many are BLPs.

About eleven.

[SomeRandomAdmin]

This set of IPs is interesting

http://en.wikipedia.org/wiki/Wikipedia:Lon...use/HeadleyDown

Clearly HeadleyDown comes from

24.147.97.230
Massachusets
66.176.129.11
Miami
80.189.81.19
London
203.186.238.160
Hong Kong
62.25.106.209
London
And so on

HeadleyDown is ubiquitous? In fact, it looks like FT2 is identifying anyone and everyone in disagreement with NLP, zoophilia promotion and anti-pedophilia. Its not so much an outing of socks, rather an outing of FT2's admin abuse.

HeadleyDown is a fairly well-established compendium of socks, meatpuppets and editing from proxies, and his/their MO is fairly obvious once you get to recognize it. There's a current kerfuffle on an article which has hit AN/I a number of times which is almost certainly one of his/their playgrounds. (And not an NLP, zoophilia or pedo article )

[AB]

and his/their MO is fairly obvious once you get to recognize it.

Remember what I said earlier about the WP community being
so prideful that y'all cannot accept that you are not infallible?
You are proving my point.

An MO gives you a probability, nothing more. It cannot ever
give you certainty. What's more, there isn't any way to do a
statistical study of how accurate, what probability it gives
you, since there is no way to be 100% sure (well, other than
meeting everyone in person, which would prove 0% accuracy).

Did it ever occur to you that multiple people in the world share
the same goals, the same modes of operation? You may as
well just write policies against whatever modes of operations
you don't like, and block people for violating those policies.
That would be far more honest, non-defamatory, and it would
put the ridiculousness of blocking someone for having a
particular mode of operation out in the open. However, if you
want to be ridiculous, that's your right. Defamation? That's
not a right.


This post has been edited by AB: Sun 6th January 2008, 7:50pm