Voting is now concluded.

The current time is 01:46, 22 April 2024 (UTC).
Wikipedia Arbitration
Open proceedings
Active sanctions
Arbitration Committee
Audit
Track related changes
Background: Audit subcommitteeCheckUser and Oversight proceduresAudit Subcommittee procedures
Election sub-pages: Bugzilla - for reporting bugs and issues • Feedback - for comments and suggestions
The supervising arbitrator is Roger Davies and the technical administrator is Happy-melon.


The purpose of this election is to appoint the three non-arbitrator members of the Audit Subcommittee ("AUSC"). The sub-committee was established by the Arbitration Committee to investigate complaints concerning the use of CheckUser and Oversight privileges on the English Wikipedia, and to provide better monitoring and oversight of the CheckUser and Oversight positions, and use of the applicable tools.

AUSC membership is made up of three arbitrators selected by the Arbitration Committee, who serve six-month terms, and three at-large members elected by the community for one-year terms. All members of the Audit Subcommittee are identified to the Wikimedia Foundation, are given the Oversight and CheckUser permissions, and have access to the Functionaries-en, Oversight-l, and Checkuser-l mailing lists. They must also be at least eighteen years old.

Election process[edit]

Voting and appointment

Supervision and scrutiny

The role of the scrutineers is to ensure that the poll is conducted fairly and that the published results accurately reflect the computer-generated data. The scrutineers are all stewards: Erwin, Thogo, Mike.lifeguard, and Mardetanha.

Time line

Results

Reproduced from Wikipedia:Arbitration Committee/Noticeboard/Archive 5#AUSC election: results and appointments

The final votes for the AUSC Elections - held 00:01 30 October to 23:59 8 November (UTC) - are as follows:

Candidate Support Oppose Net Total Percentage
Dominic 195 67 128 262 74.43%
Jredmond 140 52 88 192 72.92%
Tznkai 182 85 97 267 68.16%
MBisanz 202 95 107 297 68.01%
Frank 96 93 3 189 50.79%
KillerChihuahua 126 136 -10 262 48.09%

A total of 370 editors voted, including one banned user whose votes were struck. The tallies above have been certified by email to ArbCom by the scrutineers, who will append their signatures below in due course.

  1. Results certified by: Erwin (talk) 09:16, 11 November 2009 (UTC)[reply]
  2. Results certified by: Mardetanha talk 22:45, 10 November 2009 (UTC)[reply]
  3. Results certified by:  — Mike.lifeguard | @en.wb 22:44, 10 November 2009 (UTC)[reply]
  4. Results certified by: --Thogo (Talk) 22:48, 10 November 2009 (UTC)[reply]

Appointment motions

1. That when appointing the successful candidates, a fourth is nominated as an alternate should any retire prior to the next election.

With thirteen arbitrators, seven is a majority.
Support: Carcharoth, Coren, John Vandenberg, FloNight, Newyorkbrad, Risker, Rlevse, Roger Davies, Stephen Bain, Vassyana and Wizardman.
Oppose: None.
Abstain: None
Not voting: Cool Hand Luke, FayssalF.

2. That Dominic, Jredmond and Tznkai be appointed to the Audit Subcommittee and that, because of the close vote, MBisanz be invited to serve as an alternate member.

With thirteen arbitrators, and three inactive, six is a majority.
Support: Carcharoth, Coren, FloNight, Newyorkbrad, Risker, Rlevse, Roger Davies.
Oppose: Stephen Bain, John Vandenberg.
Abstain: None.
Not voting: Wizardman.
Inactive: Cool Hand Luke, FayssalF, Vassyana.

3. That, while noting that seven voting members prevents deadlocks and that the subcommittee will have a majority of directly elected members, the Arbitration Committee recommends that the Audit Subcommittee determine its own procedure with regard to voting rights of alternate members.

With thirteen arbitrators, and three arbitrators inactive, six is a majority.
Support: Carcharoth, Coren, FloNight, Newyorkbrad, Rlevse, Roger Davies, Stephen Bain.
Oppose: None.
Abstain as AUSC members: John Vandenberg, Risker.
Not voting: Wizardman.
Inactive: Cool Hand Luke, FayssalF, Vassyana.

For the Arbitration Committee,  Roger Davies talk 21:38, 10 November 2009 (UTC)[reply]

Belated support for items 2 and 3. Newyorkbrad (talk) 21:48, 10 November 2009 (UTC)[reply]
Votes updated accordingly.  Roger Davies talk 22:01, 10 November 2009 (UTC)[reply]
Archived discussion


Candidates[edit]

Dominic

Dominic (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)
  • Hello. I am Dominic (formerly Dmcdevit), a former arbitrator, CheckUser, and oversighter, and current administrator and OTRS respondent.

    I have years of experience with using both of the tools in question, without a lot of controversy. I remember before there was a CheckUser or oversight, was one of the first users given each of them, and hopefully I have even helped to train new CheckUsers and oversighters over the years. In Audit Subcommittee inquiries, I can offer this experience in dealing with sensitive matters, as well as expertise in cases where interpretations of CheckUser results may be relevant.

    My feeling is that the Audit Subcommittee is about investigating the conduct of holders of sensitive information, and not alleged privacy violations themselves, which should be referred to the Ombudsman Commission. As a former CheckUser and oversighter, I have been involved in the issues that the Audit Subcommittee deals with for a long time, and I have put a lot of thought into how how the tools should be used and who should have them. (One feeling I have is that they are far too common. Our policy on removing inactive users is too lax and in the past we have added new ones without regard to actual necessity.) I understand that the Audit Subcommittee is still a new body, and I think can help it develop procedures and standards. 250 words is not much, so feel free to ask me questions.

Standard questions for all candidates

Please describe any relevant on-Wiki experience you have for this role.

  • I had CheckUser and oversight for several years. I was also an arbitrator. As such, I have been trusted with confidential data for quite a while, and have dealt with sensitive matters and performed investigations of abuse before. I feel that I can offer a thoughtful approach to the role of auditor, aided by my experience and familiarity with the issues that are involved.

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

  • I have a degree in Latin American history and have never done any programming. ;-) That said, I have the most CheckUser experience among the candidates, and I think my experience as a CheckUser speaks for itself. I started out clueless, but abundantly cautious. After learning from the best and years of experience, I am confident with my ability to interpret CheckUser results, deal with rangeblocks, open proxies, and all the stuff that goes along with CheckUser. My experience with CheckUser is one of the primary reasons I could help AuSC. Dominic·t 03:07, 29 October 2009 (UTC)[reply]

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

  • Not currently, but I am a former arbitrator, identified to the WMF, and have had CU on en.wp and en.wikt, and OS on en.wp. I have OTRS access (info-general, info-en (full access), and Sister projects). Dominic·t 03:07, 29 October 2009 (UTC)[reply]

Questions for this candidate

Question from NuclearWarfare
  1. I believe that one of the reasons you resigned was because your perceived lack of time for Wikipedia in the upcoming months. Has your situation changed enough so that you believe you will have time for AUSC work?
    Before talking about myself, I will note that a heavy workload is not a major issue with the AuSc, as it is with ArbCom. I think the statistics at Wikipedia:Arbitration Committee/Audit Subcommittee/Reports agree with this assessment. I would not consider joining if I did not believe I would be active enough for the job. I think my past as one of the most active arbitrators in my tenure, and one of the most active CheckUsers and oversighters historically show that if I commit to doing a particular job, I will take that commitment seriously.

    My previous resignation was not about my free time per se, but rather my activity level. I believe only accounts which use CheckUser and oversight actively enough to need them should have them any any particular time. These tools give an account access to sensitive information, and so that is why I decided not to have those flags when I was not putting them to good use. Our current CheckUsers and oversighters do a good job, and are sufficient in number. I do admit that my level of editing activity is less than the average candidate. My low activity level was because I have recently been involved in a lot of moving and traveling (and am currently out of the country). I am, however, nearly always reachable, and will have much more normal activity for the foreseeable future. Dominic·t 03:07, 29 October 2009 (UTC)[reply]

  2. You were active as a CU and OS until just a month or so ago. Do you feel that it is appropriate for you to handle AUSC, given your recent activity in the area?
    It is not clear to me what in particular you think could be of concern, but I do not really think that CU and OS activity is relevant in this regard. If you are concerned there are still potential complaints that could be made about actions I took previously, I think any complaints regarding a sitting auditor should probably be referred to ArbCom. If the concern is that I am too close personally to some of the people who may need judging, I think that will occasionally be true for any potential auditors, not just ones who have had the same flag at one point, and I promise that, as I have done in the past, I will recuse wherever I feel my neutrality is compromised. Dominic·t 03:07, 29 October 2009 (UTC)[reply]
Question from Majorly
Questions from Xeno
Question from Mailer Diablo
Question from SilkTork
Question from Emufarmers
Questions from Cenarium
  1. oversee the use of the oversight and checkuser tools by monitoring the checkuser and oversight logs
  2. advise (through email) checkusers and oversighters on best practices, point out possible improvements in their use of the tools
  3. verify that CU, OS and privacy related matters are properly handled in the functionaries-en mailing list
    1. Monitoring logs is certainly within the remit of AuSc, but I would caution that it is not realistic to expect that 6 people can be on top of all of the thousands of log entries. So while auditors may monitor logs, their primary role is in responding to complaints.
    2. Auditors may informally offer opinions and advice when asked (like all functionaries) and perhaps even settle a question about good practice, but I don't think it's generally a good idea to give unsolicited recommendations or instructions in an official capacity. For example, I was strongly in disagreement with this arbitration remedy, which was so nonspecific that it ended up being vaguely accusatory, casting doubt on all CheckUsers, while accomplishing nothing, since no CheckUser should ever need to be reminded to abide by the privacy policy.
    3. In terms of monitoring func-en, I would point out that the same issues exist regarding monitoring versus responses to complaints that I noted in the first answer. The general question of including func-en conduct in AuSc's mandate is an interesting one. It makes sense to say consider members of func-en to be a third group of users whose conduct may be investigated upon a complaint to AuSc. func-en is a private discussion list for where private information, including that gained from CheckUser or oversight use, is often included. As such, it is similar to CheckUser and suppression in that a group with access and authority would be needed to investigate complaints. So, hypothetically speaking, I am willing to have AuSc be responsible for complaints about it, but I am not sure if I have ever heard of a complaint that would fit this description, so I won't make any guarantees before I know what it might involve. Dominic·t 00:39, 5 November 2009 (UTC)[reply]

Comments

Frank

Frank (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)
  • I believe I have shown the judgment, experience, and maturity necessary for these very sensitive tasks. Those who know my work will, I think, generally agree I'm a low-key, drama-free guy, although I suspect I've been around here long enough that there may be some who will disagree. I have the real-world experience to handle both the technical aspects and the perceived stress, and I have the on-wiki experience to know what to do and when to do it. Thank you in advance for your consideration; questions and comments are welcome and will be given my sincere attention, as I do with all my efforts around here.

Standard questions for all candidates

Please describe any relevant on-Wiki experience you have for this role.

  • I've been an active editor since early 2008 (registered since 2006) and an administrator since July 2008. The two areas I've spent the most time in are biographical articles and deletion of articles, particularly CSD. Some of the biographical articles fall under WP:BLP policies (Bill Bradley, Frank Lorenzo, Delano Lewis, Marcia Fudge, and Richard Ravitch, for example) and some do not (Farrah Fawcett, Leroy Grumman, and, just recently, Allie Beth Martin - a new article). Regarding deletion, it is a "necessary evil" around here; in order to be considered a serious resource, we must have standards and they must be kept up. After more than 3500 deletions, I think I have a pretty good track record; a glance at my last 500 deletions shows they are overwhelmingly still red. The ones that are no longer red links generally either now meet criteria for inclusion or are redirects elsewhere. In both areas, I think I've been able to very accurately enact community policies, and I hope to be able to do that in additional ways.
  • How do these relate to AUSC? I think the issues associated with WP:BLP track closely to privacy issues of (and, alas, abuses by) both editors and functionaries, and I think that understanding and implementing CSD criteria (particularly WP:COPYVIO and G10) are also related. We need to be mindful that Wikipedia is literally by, for, and (largely) about real people, and that as a result, the way it is managed can have effects on all of those people: its editors, users, and subjects.

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

  • I have long experience with data analysis in general. I've been a spreadsheet and database guru of sorts for years, and I've also at times been a web-hosting provider using the Apache web server. I'm certainly "geeky" and experienced enough to understand the technology behind HTTP requests and how people might try to avoid detection. I'm very familiar with IP subnetting, ssh, text-based browsing, remote X, Remote Desktop, multi-tasking, proxy servers, the concept of "sticky" sessions regarding web applications, public shared IPs, spoofing, log files, and tools for examining log files. I'm aware of the items that are generally logged with http requests and why they are important. I'm also aware that use of both Checkuser and Oversight permissions is logged and documented, which strikes me as a good thing.
  • On a related note, in my professional life, I am using the Mediawiki software in a (non-public) system which requires me not only to have editing capability (and explain it to others), but also to be the administrator of the system. I won't pretend it is nearly as large or complex as Wikipedia, of course, but I do have some insight into how the system itself works from the inside out.
  • Having said all that, I expect that a member of the AUSC will be expected to analyze the results of others' actions regarding this technical information more so than be expected to generate it directly, but I'm not intimidated either way.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

  • I hold no permissions beyond those of an administrator on this wiki.

Questions for this candidate

Please put any questions you might have in this section.

Questions from Xeno
Question from Mailer Diablo
Question from SilkTork
  1. Appropriate CU: Credible evidence of socking, as in any number of discussions/debates such as AfD or RfA. "Credible" would include sudden appearance of opinions from infrequently-used accounts, or accounts that don't ordinarily frequent the particular venue. Often these are first tagged as single-purpose accounts or "this account has made few or no other edits outside this discussion". I'm not saying that these are automatically sufficient, but they're a start. Other clues that would lend further credibility would be if the accounts started showing up mid-way through a debate, if they all seemed to reference the same opinion ("...per XXXXX"), or if they showed a high correlation of page editing with the suspected account(s).
  2. Inappropriate CU: Any type of fishing expedition. These often show up as a user feeling like s/he is being "attacked" or tag-teamed. I'm not saying that such cases aren't good candidates for CU, but I don't assume they automatically are just because several people are on the opposite side of a debate. This is similar to AIV; people sometimes report users at AIV without warning (or sufficient warning) just because they are upset about one edit; sometimes it's a content dispute and sometimes the "vandal" is truly a new editor and the "vandalism" isn't obviously so. We have to have proper judgment as to what is appropriate; CU is the same way.
  3. Borderline CU: Obviously this is the toughest to determine in advance. I guess one example is the accusation that a well-respected user (possibly an admin) is either a sock or a sock-master. Yes, there have been some well-publicized cases these last few months - and I think (without getting specific as I said above) that all of them were borderline at the outset. So my position (if even called upon in such a case, which I doubt I would be as an AUSC member) would be to examine closely before digging in. Another similar example is the equally absurd cases where an editor is accused and simply laughs it off; I saw that recently as well. But the key is: many of them are laughed off initially - even though some turn out to actually be socks. So, wrapping up this section: borderline is along the lines of RfAs that are near the perceived discretionary range, or editors who show up in a debate that has the ((notavote)) template at the top. Just because something unusual happens doesn't automatically mean it's the result of socking; more judgment must be applied.
  4. Appropriate OS: Personal information provided by a user, especially one who is or appears to be a child, is completely appropriate to oversight. The argument can be made that since only admins can view deleted pages, that a deletion by itself is sufficient. However, there's a reason OS exists, and we unfortunately are aware that admins can behave inappropriately just like anyone else, so the case where people post inappropriate information is an easy one. This can be about themselves or others, such as in WP:OUTing another editor (which needn't specifically have to do with outing).
  5. Inappropriate OS: When a person claims that something is "wrong" because they know it differently than what reliable sources report, they might make OS requests to remove information. This might be medical or other personal information (lovers, sexual orientation, place of residence, prior legal troubles supposedly "sealed"). We can't remove everything that is (or might be) negative just because someone "knows" it isn't correct.
  6. Borderline OS: I'm pretty sure this is far less likely to occur. I personally feel like no harm is done by removing information that others might deem borderline. There's nothing that would stop it from being replaced if it were deemed appropriate after all. I don't know what harm is done by exercising a little caution here. Having said that, I doubt my participation as an AUSC member would be likely to venture near any borderline cases.
Question from Emufarmers
Questions from Cenarium
  1. oversee the use of the oversight and checkuser tools by monitoring the checkuser and oversight logs
  2. advise (through email) checkusers and oversighters on best practices, point out possible improvements in their use of the tools
  3. verify that CU, OS and privacy related matters are properly handled in the functionaries-en mailing list
    A: I'm not big on creating policy on the fly. In general, I think all three of the things you list could be within the purview of the AUSC, but are not necessarily. I view the committee as having a limited scope: when ArbCom calls, the committee answers. If ArbCom assigns one or more of those tasks as a regular part of its requests, then that's fine with me.

Comments

Jredmond

Jredmond (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)
  • Hello, everyone.

    For those of you who don't know me, my name is Jim Redmond, and my username is Jredmond. I've been an admin on the English Wikipedia since July 2005, a member of the volunteer response team since February 2006, an administrator on the OTRS interface since February 2007, and an admin and bureaucrat on the private OTRS wiki since it was created in November 2007. My identity has already been confirmed with the WMF office.

    During the day, I work as a system and network administrator in an academic research environment. Previously, I did the same sort of work for a large local non-profit organization.

    As a member of the Audit Subcommittee, I hope to help resolve complaints quickly, effectively, discreetly, and with an appropriate level of decorum. Our primary goal here on Wikipedia is to create a good, neutral, and well-sourced encyclopedia. I'd like to help good editors get back to that work as soon as possible.

    I look forward to any questions, comments, or concerns you may have for me. Thank you for your time.

Standard questions for all candidates

Please describe any relevant on-Wiki experience you have for this role.

  • I have been an administrator here for over four years. In that time, I've done everything from RC patrol to BLP cleanup, and while I can't go into great detail I have been involved in a number of oversight-related cases through my work on the volunteer response team.

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

  • For the past ten years, I have worked in system and network administration. A signifiant portion of my current job deals with management of my department's public and private address spaces and with investigation of suspicious accesses.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

  • I am an administrator on the OTRS system, and consequently hold administrtor and bureaucrat rights on the private OTRS wiki. I have run (unsuccessfully) for steward, but have not pursued advanced rights on any other WMF wikis.

Questions for this candidate

Please put any questions you might have in this section.

Questions from Xeno
Question from Mailer Diablo
Question from SilkTork
  1. An appropriate use of CheckUser: Confirming that two or more vandals or spammers share the same IP address space.
  2. An inappropriate use of CheckUser: Using CheckUser information to harass a user who has been involved in an edit war.
  3. A borderline use of CheckUser: Releasing CheckUser information to someone claiming to be a law-enforcement official without first trying to verify that claim. Remember, on the Internet nobody knows you're a dog, so it's important for users with the CU bit to confirm credentials before handing out private details. The exact details of my response would rely on the exact context of the case, of course, but in general I'd be inclined to remove the bit for a period of time.
  4. An appropriate use of Oversight: Removing unsourced allegations of a heinous crime, like rape or murder, from a biography.
  5. An inappropriate use of Oversight: Removing well-sourced material that does not violate copyright or disclose private personal information.
  6. A borderline use of Oversight: Removing heinous-crime allegations from a BLP when those allegations are only tangentially mentioned in a reliable source or only mentioned in an unreliable source. In potential-libel cases, I'd rather the oversighter err on the side of caution until a better source can be found.
Does this list answer your question? - Jredmond (talk) 18:40, 2 November 2009 (UTC)[reply]
Yes. Your borderline responses are very good - you give examples, and give your view on how you would respond. That is exactly what I wanted. SilkTork *YES! 11:53, 4 November 2009 (UTC)[reply]
Question from Emufarmers
Questions from Cenarium
  1. oversee the use of the oversight and checkuser tools by monitoring the checkuser and oversight logs
  2. advise (through email) checkusers and oversighters on best practices, point out possible improvements in their use of the tools
  3. verify that CU, OS and privacy related matters are properly handled in the functionaries-en mailing list
  1. Oversee tool use by monitoring logs? It never hurts to browse logs (says the sysadmin), and intense log-monitoring should be the first step in any investigation, but routine deep scouring is overkill.
  2. Advise on best practices? I would upon request, and when the improvements would help that person avoid any potential misuse. Since the AUSC would be policing use of the tools, though, friendly-but-unsolicited advice could easy be misinterpreted as dogma even when not meant that way.
  3. Verify that matters are handled properly on functionaries-en? Yes, this is well within the scope of the AUSC.
  • Ultimately, this will depend on intent (which, I know, is extremely difficult to divine). An investigation and a temporary suspension of bits would be appropriate in every case, but the permanent removal of bits should only be necessary in the event of malicious or spiteful disclosure. In your particular example, I would tend towards removal of bits, though I'd also need to know more details about the case.
  • If the alternative account is clearly maintaining or improving the wiki, encyclopedia, or editing community - the legitimate uses listed on WP:SOCK qualify here - then there is no need (IMHO) for an investigation or formal sanction. Beyond that, it would be appropriate to suspend bits pending investigation, and to remove them permanently if the alt-account had been used to damage the wiki, encyclopedia, or community.

Comments

KillerChihuahua

KillerChihuahua (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)
  • I have the requisite technical experience for this position; I believe I also have the maturity and temperament for it. I pledge to remain conscious of and respectful to the concerns of privacy; not to misuse any access granted me; and to remain open to feedback and constructive criticism. I will remain neutral inasmuch as my human nature will allow, and where neutrality may be difficult, to recuse myself.

Standard questions for all candidates

Please describe any relevant on-Wiki experience you have for this role.

  • Five and half years on en.Wikipedia; admin since January 2006. I have been involved with the development of a number of policies, and have a strong understanding of them. Two years with OTRS, fulfilling a number of requests which often involve dealing with information of a delicate or private nature.

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

  • I have 15 years in Datacomm / IT / SW development, 8 of that with an eLearning company specializing in randomly generated content for certification examinations; my roles over my time in that company involved working with all aspects of that with the exception of the eCommerce module, which naturally would have been of no benefit here. My extensive experience with relational databases and in dealing with strongly protected content (our clients were largely fortune 500 and guarded the exams for technical certification closely) have given me ample experience with both the technical and the privacy aspects of this role.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

  • No other permissions. I am OTRS; I have access to the Quality, Permissions, and Info queues.

Questions for this candidate

Please put any questions you might have in this section.

Questions from Xeno
Question from Mailer Diablo
Question from SilkTork
Answer:
  1. Appropriate use of CheckUser: Checking for technical evidence of sockpuppetry given due cause, often via a sock investigation
  2. Inappropriate use of CheckUser: Fishing is explicitly prohibited, but this must be examined with care, as what appears to be fishing may in fact have valid rationale - strong circumstantial evidence which is not immediately appartent, for example
  3. Borderline use of CheckUser: Marginal evidence of sockpupptry might be considered marginal; this would be a judgment call. How would I view it? Depends on how marginal, and whether it were a habit or an exception.
  4. Appropriate use of Oversight: To suppress outing of non-public personal information or clear libel. Copyvios are mentioned in the policy but generally speaking are not oversighted.
  5. Inappropriate use of Oversight: Suppression of anything which does not fit the criteria for appropriate. Most specifically, suppression of wiki-specific activities and postings in order to protect the oversighter or a friend of an oversighter.
  6. Borderline cases of Oversight: I cannot think of any clear cut borderline examples. Perhaps libel might be borderline. Again, I cannot tell you how I would view it because it would depend upon the specifics of the case.


Question from Emufarmers
Questions from Cenarium
  1. oversee the use of the oversight and checkuser tools by monitoring the checkuser and oversight logs
  2. advise (through email) checkusers and oversighters on best practices, point out possible improvements in their use of the tools
  3. verify that CU, OS and privacy related matters are properly handled in the functionaries-en mailing list
Answer: I will do what is required to correctly carry out my duties auditing. This may or may not include any of the above mentioned items, but I very strongly doubt it will contain advising per your item #3, and I feel it would be inappropriate in most cases. Generally speaking, I anticipate informing the ArbCom of findings, and allowing them to determine the best course of action. If however you are speaking of responding to general queries for advice from individuals, of course I am always available to help if I can.



Comments

MBisanz

MBisanz (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)
  • Hi, my name is Matt and I have been editing Wikipedia for several years now. In that time I have consistently pushed for greater accountability and participated in a wide range of activities in both content creation and policy debate. Further, I am mindful of the responsibility that comes with access to private data, being an administrator for over a year and having access to OTRS and Internal WMF-wiki. One principle I think that is paramount in AUSC members is that they avoid using CU/OV access in order to avoid the appearance of impropriety. If selected, I pledge to avoid using the tools in non-emergency situations in general and in emergency situations when another user or steward can be found who can perform the task. I am open to any questions individuals may have with regard to my editing and maintain a rather open policy as to my own personal information in the interest of informing others as to any factors they may find important to know with regard to my editing.

Standard questions for all candidates

Please describe any relevant on-Wiki experience you have for this role.

  • Former SPI clerk, advanced understanding of policy and historical context. I am the one who suggested AUSC use pivot tables to present statistics more regularly and can make charts, graphs, etc. Also helped write the global rights policy and help maintain the MediaWiki:Robots.txt file. And I am responsible for the creation of the Wikien-bureaucrats mailing list for privacy related renames.

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

  • See User:MBisanz/Infobox for more details. I do serve on the WMF audit committee and am a former accountant, so I have an understanding of the concepts of professional skepticism, confidentiality, and document review.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

  • En.Wiki Admin and Bureaucrat, Commons Admin, Meta Admin, WMF-wiki access, Internal-wiki access, OTRS info-en(f), permissions, photosubmissions, Sisterprojects, and DAL queues, administrator of the Clerks-l and DAL mailing lists. Already identified to the Foundation.

Questions for this candidate

Please put any questions you might have in this section.

Questions from Xeno
Question from Mailer Diablo
Question from SilkTork
  • 1)A WP:SPI.
  • 2)Checking someone you just reverted on an article you got to FA.
  • 3)Checking someone who has just threatened to kill themselves; I'd view it positively if the information was then communicated to the WMF Office and dimly if the check was done for random interest.
  • 4)Removing an IP of someone who accidentally logged out.
  • 5)Removing a post from someone who thought it will embarrass them later.
  • 6)Removing a post of someone who you nominated for RFA; I'd view it dimly since OVs should avoid the appearance of bias.
Question from Emufarmers
  • Yes, I agree to resign them when I am no longer an AUSC member, unless I have acquired a permission to them under an alternate claim (such as a CU/OV election) in the interim.
  • So you might run for CU/OS while you're still on the AUSC? That doesn't strike you as problematic? Would you resign from the AUSC if you were granted CU/OS through that process? —Emufarmers(T/C) 08:31, 4 November 2009 (UTC)[reply]
  • No, AUSC doesn't monitor CU/OV elections or vet candidates, so there is no overlap there. And if granted the tools while on AUSC, I would simply not use them until the expiration of my AUSC term, similar to how Thatcher has acted. MBisanz talk 06:30, 6 November 2009 (UTC)[reply]
Questions from Cenarium
  1. oversee the use of the oversight and checkuser tools by monitoring the checkuser and oversight logs
  2. advise (through email) checkusers and oversighters on best practices, point out possible improvements in their use of the tools
  3. verify that CU, OS and privacy related matters are properly handled in the functionaries-en mailing list
  • I was under the assumption that given the private nature of the logs, periodic review by AUSC was an implicit part of the duties of investigating misuse of the tools, so I don't see an issue with #1. AUSC is an abuse investigation body, not a best practices commission. Much like an accountant, if AUSC discovered a way in which CU/OV could be used more efficiently in the course of its investigations (say such as an IP range database), it should disclose that to the CU/OV, but it should not actively seek out techniques. For #3 that is really an Ombudsman duty, since I take it you mean a breach of a privacy related matter through the tools, which is not an AUSC duty as AUSC deals with violations of polices located on enwp, Ombudsmen deal with violations of policies located on wmf/meta-wiki (yes, I know the current AUSC page says we deal with violations of WMF policy, but I read that more broadly to mean we deal with violations of the privacy policy by referring to the Ombudsmen, since they are the ones empowered by the Board of trustees to act.)
  • I would need more context here. I remember one instance of an editor who had stopped using his real name onwiki, but still used it on IRC, and a person who visits IRC infrequently didn't know this an casually mentioned it onwiki, thereby requiring oversight. I would support such a review if there was an indication of malice or intent to harm on the part of the trusted user and when deciding such a review would look at subsequent actions taken by the trusted user in deciding what to recommend to arbcom.


  • As stated on the AUSC page, AUSC reviews the CU/OV privileges and positions, therefore as it would not review something such as a checkuser violating 3RR (unless they also used CU), it should not review issues of sockpuppetry, unless there is an indication the CU/OV tools were used to aid the socking (oversighting a mistaken edit, rejecting an SPI, etc). Arbcom handles all behavioral disputes of that nature and it isn't within AUSC's remit to expand into their jurisdiction as it does not relate to the privilege or position directly.


Comments

Tznkai

Tznkai (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)
  • I am standing for election as an at large member of the Audit Subcommittee. I am most recently a one of the 3 interim appointed members of the subcommittee, before which I was an arbitration clerk, as well as unofficial election clerk and current administrator. I wish to serve on the Audit Subcommittee again in order to help protect the privacy of editors and deal with distracting problems, so the people best suited to writing and maintaining an encyclopedia can do so. I am not a CheckUser or Oversighter and am thus able to bring useful perspective - as (to my knowledge) the only interm member planning on staying, I can provide some institutional memory. I take privacy seriously - and the requirements of good judgment seriously as well. If I am elected, I will hold CheckUsers and Oversighters to a high standard of good judgment, expecting them to be conscientious of the serious privacy needs others have.

Standard questions for all candidates

Please describe any relevant on-Wiki experience you have for this role.

  • Current interim member of the subcommittee, former Arbitration Committee clerk, current admin.

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

  • I am proficient with computers and networking technology, (I can operate them and generally understand them, can run a traceroute, etc.) and like many I am the go to guy among family friends and colleagues for troubleshooting computer issues. I am not however, an expert (not a sysadmin, computer security specialist, cracker, or the like) in anyway shape or form.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

  • CU and OS as a result of my interim appointment to the subcommittee, not a bureaucrat, steward, or OTRS team member.

Questions for this candidate

Please put any questions you might have in this section.

Questions from Xeno
Question from Mailer Diablo
The short answer is to investigate the breach, if there is one, correct it, if need be, and all in a low drama fashion. Generally the solution is to avoid arguing with these users, but simply to do what is right as far as the problem is, if there is a problem. Its hard to get more specific because of that case by case basis thing, but it usually comes down to addressing the problem (if there is one) separate from the complainant, but when the complainant is clearly angling for attention, to deny them that attention.
Question from SilkTork
1. A check of an account that shows high familiarity with Wikipedia culture and personalities that is being used disruptively to make a point. 2. Checking an account you suspect to be a famous person to confirm your suspicion. (Barring further compelling reasons) Ch 3. Check of a vandal targeting the user doing the check. (In my case, an account editing random pages with TZNKAI SUCKS, for example) 4. Suppression of an outing attempt (Tznkai is an ugly woman named Jane Doe who lives on Drury Lane) (For the record, I am male, but I make no statements as to my attractiveness or proximity to The Muffin Man) 5. Suppression of an embarrassing but otherwise innocuous edit. (such as if I edited, I dunno, Sailor Moon some time ago) 6. Suppression of an attack vandal name, especially by the targeted name (Tznkai is a bad admin). The borderline cases I chose have two problems: one, not every vandal needs to be hunted down and all their traces obliterated to all views. I have no particular problem with the removal of vandal names from non-logged in user view (and the way the tools work now, all non-admins as a result), simply out of a sense of tidiness, but suppression of an edit from the view of all non-Oversight users is way over the top. The second issue is that tool users should restrain themselves from responding to attacks against themselves with checkuser, which violates privacy, and suppression, which is designed to protect privacy. These are not best practices but the damage done is relatively low, so it should be dealt with by the subcommittee promoting certain best practices, but without say, recommending removing tools.--Tznkai (talk) 00:48, 3 November 2009 (UTC)[reply]
Question from Emufarmers
I had already stated my intention to do so at User:Tznkai#Personal_policies upon my appointment.


Questions from Cenarium
  1. oversee the use of the oversight and checkuser tools by monitoring the checkuser and oversight logs
  2. advise (through email) checkusers and oversighters on best practices, point out possible improvements in their use of the tools
  3. verify that CU, OS and privacy related matters are properly handled in the functionaries-en mailing list
1. is already (as far as I'm concerned) part of the mandate of the subcommittee. I'm not sure if you're implying something systemic to be organized, but at the barest of minimums any member can and should respond to any questionable action they run across on their own initiative. The subcommittee is not a court at all, and if it was one, it wouldn't be one that can react only to motions, (I'm unaware of any actual court in the world that isn't able to act on its own initiative in some way or another anyway) As to 2., advice: I believe is technically outside of the borders of the mandate to advise except in response to an actual problem, but as I've said earlier, we are not a court, and I am in favor the subcommittee publishing the standards by which it intends to hold CU/OS use to. Finally 3., monitoring the Functionaries-en (and presumably checkuser and oversight lists) job is first off, incredibly dull, and second off, part and parcel of monitoring CU/OS in general.


I'll answer the general question first and then move to the specific. As far as I'm concerned the audit subcommittee has a broad mandate to respond to problems concerning the CU and OS tool use and their users. This includes investigating and reporting to ArbCom whether a checkuser or oversighter has adequate judgment to be trusted with private data and the use of CU/OS permissions. The only place where this gets tricky is a "conduct unbecoming" issue, where an individual checkuser or oversighter is a total dick but is scrupulous in their respect for privacy and exercise of discretion. That is an area where I might defer to the full Arbitration Committee without comment from the subcommittee. In your specific example, you've raised two red flags: letting a personal conflict spill onto Wikipedia which is always problematic and irritating, and worse, managing provoke the fairly stringent oversight criteria. That goes to the sound judgment of a permission holder (rather, the lack of it) which is my primary concern with CU/OS.
Again, there is a tricky borderline area between "indicative of poor judgment" and general "conduct unbecoming." To the extent that using an undisclosed alternate account can be an incredibly foolish idea, that goes to judgment. On the other hand many of the concerns people have about sock puppet accounts have more to do with general outrage about interpersonal behavior rather than relevant judgment calls. Generally speaking however, the more clear of a breach against established sock puppet policy, use of that sock puppet to pursue personal battles and things like that, the more likley that is indicative of poor judgment.
It bears reminding that the subcommittee does not take binding action on its own. We issue no injunctions, no blocks, no public warnings or admonitions. The subcommittee as it stands now, is structured to observe, investigate, report, and recommend. I see the benefits in making the subcommittee more independent, but I've also heard compelling arguments against it. My overall point, is that the audit subcommittee reacts to issues closely related to the use of tools - not to general problems of those who hold those tool. There are some people who are just too much of a jerk to have around, however qualified they are, but that is not the audit subcomittee's call to make.

Comments

I will probably not be available to answer further questions until sometime Sunday night, EST. --Tznkai (talk) 13:00, 31 October 2009 (UTC) Back now.--Tznkai (talk) 03:58, 2 November 2009 (UTC)[reply]

Invitation to participate in SecurePoll feedback and workshop[edit]

Interested editors are invited to participate in the SecurePoll feedback and workshop. SecurePoll was recently used in the Audit Subcommittee election, and has been proposed for use for the upcoming Arbitration Committee election at this current request for comment (RFC). Your comments, suggestions and observations are welcome.

For the Arbitration Committee,
Dougweller (talk) 09:05, 12 November 2009 (UTC)[reply]

Categories