Tznkai (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)

• I am standing for election as an at large member of the Audit Subcommittee. I am most recently a one of the 3 interim appointed members of the subcommittee, before which I was an arbitration clerk, as well as unofficial election clerk and current administrator. I wish to serve on the Audit Subcommittee again in order to help protect the privacy of editors and deal with distracting problems, so the people best suited to writing and maintaining an encyclopedia can do so. I am not a CheckUser or Oversighter and am thus able to bring useful perspective - as (to my knowledge) the only interm member planning on staying, I can provide some institutional memory. I take privacy seriously - and the requirements of good judgment seriously as well. If I am elected, I will hold CheckUsers and Oversighters to a high standard of good judgment, expecting them to be conscientious of the serious privacy needs others have.

Please describe any relevant on-Wiki experience you have for this role.

• Current interim member of the subcommittee, former Arbitration Committee clerk, current admin.

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

• I am proficient with computers and networking technology, (I can operate them and generally understand them, can run a traceroute, etc.) and like many I am the go to guy among family friends and colleagues for troubleshooting computer issues. I am not however, an expert (not a sysadmin, computer security specialist, cracker, or the like) in anyway shape or form.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

• CU and OS as a result of my interim appointment to the subcommittee, not a bureaucrat, steward, or OTRS team member.

Please put any questions you might have in this section.

Questions from Xeno

• Do you feel that members of the audit subcommittee should also be permitted to use the CU or OS bit for for "active duty" as would a regularly elected/appointed checkuserer or oversighter would in their regular course of duties? Why or why not?

  A: Yes, I believe they should be able to, although I have chosen not to use the tools except in narrowly defined "emergency situations" and reasonable exceptions. I believe fully that the core issue for the audit subcommittee is the good judgment, the reasonable discretion exercised by its membership. In my own judgment, I believe I have and would continue to serve best by not using the tools in an effort to maintain a certain distance from other functionaries, specifically those I should be watching. Another subcommittee member whose judgment and character I hold highly is of the opposite opinion, and uses the tools to good effect. I see both positions as reasonable. In the end, when you vote for against one of us, you're not voting for whatever positions we ascribe to, but to our good sense and character. Audit subcommittee members will have the tools - they will gain a significant amount of private and technical data even if they do not use them directly, and they should be elected with those concerns in mind.

• Do you agree to only use the checkuser/oversight bit as directly related to your duties as an audit subcommittee member or emergency situations where no other CU/OS is available (i.e. will you retain your 'personal policy' described here in the section prefixed with the statement "While serving on the Audit Subcommittee, I will not use the CheckUser and Oversight tools with certain exceptions")?

  A: Yes, although in the interests of full disclosure, I've also just now added in an exception for OS use on my own edits for testing purposes, and a clarification that my self imposed restrictions and exceptions on OS use includes the use of suppression. The "personal policies" I have written are just that, they reflect my personal beliefs on best practices, and I'm a proponent of having such things written out publicly, and if amended, for that to be done publicly. I reserve the privilege to make certain reasonable changes, which will be written on that same page and clearly noted as an update. For example if I create another alternate account (for testing purposes), I will update my personal policy to allow running a CheckUser on that account since it is still "mine."

Question from Mailer Diablo

• Thank you for stepping forward to volunteer for the role. Just one question. How would you deal with editors who attempt to find or/and exploit loopholes in the Checkuser/Suppression policies in a manner that go against the spirit of privacy and community well-being, and then use it to cry wolf?

The short answer is to investigate the breach, if there is one, correct it, if need be, and all in a low drama fashion. Generally the solution is to avoid arguing with these users, but simply to do what is right as far as the problem is, if there is a problem. Its hard to get more specific because of that case by case basis thing, but it usually comes down to addressing the problem (if there is one) separate from the complainant, but when the complainant is clearly angling for attention, to deny them that attention.

Question from SilkTork

• Would you give one example each of 1) appropriate use of CheckUser; 2) inappropriate use of CheckUser; 3) borderline use of CheckUser - and how you would view such borderline use; 4) appropriate use of Oversight; 5) inappropriate use of Oversight; 6) borderline use of Oversight - and how you would view such borderline use. SilkTork *^YES! 12:05, 2 November 2009 (UTC)[reply]

1. A check of an account that shows high familiarity with Wikipedia culture and personalities that is being used disruptively to make a point. 2. Checking an account you suspect to be a famous person to confirm your suspicion. (Barring further compelling reasons) Ch 3. Check of a vandal targeting the user doing the check. (In my case, an account editing random pages with TZNKAI SUCKS, for example) 4. Suppression of an outing attempt (Tznkai is an ugly woman named Jane Doe who lives on Drury Lane) (For the record, I am male, but I make no statements as to my attractiveness or proximity to The Muffin Man) 5. Suppression of an embarrassing but otherwise innocuous edit. (such as if I edited, I dunno, Sailor Moon some time ago) 6. Suppression of an attack vandal name, especially by the targeted name (Tznkai is a bad admin). The borderline cases I chose have two problems: one, not every vandal needs to be hunted down and all their traces obliterated to all views. I have no particular problem with the removal of vandal names from non-logged in user view (and the way the tools work now, all non-admins as a result), simply out of a sense of tidiness, but suppression of an edit from the view of all non-Oversight users is way over the top. The second issue is that tool users should restrain themselves from responding to attacks against themselves with checkuser, which violates privacy, and suppression, which is designed to protect privacy. These are not best practices but the damage done is relatively low, so it should be dealt with by the subcommittee promoting certain best practices, but without say, recommending removing tools.--Tznkai (talk) 00:48, 3 November 2009 (UTC)[reply]

Question from Emufarmers

• Will you promise to resign your CU/OS rights once you are no longer on the AUSC? You would still be free to seek CU/OS permissions through the normal process. (There is a thread about this, although the proposal there goes beyond what I'm asking.)

I had already stated my intention to do so at User:Tznkai#Personal_policies upon my appointment.

Questions from Cenarium

• Do you think the following are part or should be part of the Audit Subcommittee's written or unwritten responsibilities and would you do those ?

1. oversee the use of the oversight and checkuser tools by monitoring the checkuser and oversight logs
2. advise (through email) checkusers and oversighters on best practices, point out possible improvements in their use of the tools
3. verify that CU, OS and privacy related matters are properly handled in the functionaries-en mailing list

1. is already (as far as I'm concerned) part of the mandate of the subcommittee. I'm not sure if you're implying something systemic to be organized, but at the barest of minimums any member can and should respond to any questionable action they run across on their own initiative. The subcommittee is not a court at all, and if it was one, it wouldn't be one that can react only to motions, (I'm unaware of any actual court in the world that isn't able to act on its own initiative in some way or another anyway) As to 2., advice: I believe is technically outside of the borders of the mandate to advise except in response to an actual problem, but as I've said earlier, we are not a court, and I am in favor the subcommittee publishing the standards by which it intends to hold CU/OS use to. Finally 3., monitoring the Functionaries-en (and presumably checkuser and oversight lists) job is first off, incredibly dull, and second off, part and parcel of monitoring CU/OS in general.

• Suppose a checkuser or oversighter performs an edit which needs to be oversighted, for having added nonpublic information, what do you think should be done w.r.t. their CU/OS access ? Do you think this deserves a AUSC investigation and would you support as auditor to open one ? If not in general, then in which situations ? Please consider in particular a situation where the functionary was in dispute with the user concerned by the nonpublic information.

I'll answer the general question first and then move to the specific. As far as I'm concerned the audit subcommittee has a broad mandate to respond to problems concerning the CU and OS tool use and their users. This includes investigating and reporting to ArbCom whether a checkuser or oversighter has adequate judgment to be trusted with private data and the use of CU/OS permissions. The only place where this gets tricky is a "conduct unbecoming" issue, where an individual checkuser or oversighter is a total dick but is scrupulous in their respect for privacy and exercise of discretion. That is an area where I might defer to the full Arbitration Committee without comment from the subcommittee. In your specific example, you've raised two red flags: letting a personal conflict spill onto Wikipedia which is always problematic and irritating, and worse, managing provoke the fairly stringent oversight criteria. That goes to the sound judgment of a permission holder (rather, the lack of it) which is my primary concern with CU/OS.

• Suppose a checkuser or oversighter is found to posses an undisclosed alternative account (not previously known of ArbCom), used recently, what do you think should be done w.r.t. their CU/OS access ? Do you think this deserves a AUSC investigation and would you support as auditor to open one ? If not in general, then in which situations ? Please distinguish in particular between situations where breach of WP:SOCK clearly occurred, clearly did not occur, or is uncertain.

Again, there is a tricky borderline area between "indicative of poor judgment" and general "conduct unbecoming." To the extent that using an undisclosed alternate account can be an incredibly foolish idea, that goes to judgment. On the other hand many of the concerns people have about sock puppet accounts have more to do with general outrage about interpersonal behavior rather than relevant judgment calls. Generally speaking however, the more clear of a breach against established sock puppet policy, use of that sock puppet to pursue personal battles and things like that, the more likley that is indicative of poor judgment.

It bears reminding that the subcommittee does not take binding action on its own. We issue no injunctions, no blocks, no public warnings or admonitions. The subcommittee as it stands now, is structured to observe, investigate, report, and recommend. I see the benefits in making the subcommittee more independent, but I've also heard compelling arguments against it. My overall point, is that the audit subcommittee reacts to issues closely related to the use of tools - not to general problems of those who hold those tool. There are some people who are just too much of a jerk to have around, however qualified they are, but that is not the audit subcomittee's call to make.

I will probably not be available to answer further questions until sometime Sunday night, EST. --Tznkai (talk) 13:00, 31 October 2009 (UTC) Back now.--Tznkai (talk) 03:58, 2 November 2009 (UTC)[reply]