Archive 5 Archive 7 Archive 8 Archive 9 Archive 10 Archive 11 Archive 15

No more excuses

Risker, Jclemens and other apologists for the sorry status quo, it is time for you to step down. If you can't be part of the solution, get out of the way. Your mail software is inadequate for the job. Rather than risk further injury to third parties, you must shut it down and take it offlne now. Then, you need to make a list of our requirements and we will find a suitable replacement technology. This might take a little time, but if you stop fighting the people who want to fix the problem, you might find that there are people around here who can find, install and upgrade a suitable piece of open source software. Have an open mind. Jehochman Talk 23:12, 1 July 2011 (UTC)

I agree, but what confuses me is that we should all be on the same side. It's in the Arbs' interests not to have this stuff floating around, especially Arbs who live in the UK with its draconian libel laws. It's the interests of the discussed not to have it retained. It's in the Foundation's interests not to be linked to a legal and ethical hot potato. It's in the community's interests to have an ArbCom that does most of its business onwiki, with fair and efficient private discussions where absolutely necessary. So, please, as Jehochman says, if we could stop fighting and act on those shared interests, there would be progress. SlimVirgin TALK|CONTRIBS 23:18, 1 July 2011 (UTC)
Jehochman, you're entitled to speak your mind, but your calls for reform are ill-considered. ArbCom cannot compel the WMF to do anything; my predecessors have been griping about the software for years, and it hasn't been fixed yet. We can't run a pilot on a non-WMF site, we can't install software on a WMF server for our own use, we can't... you get the picture. When it comes to a decision with "continue with the status quo" versus "radically restrict ArbCom's ability to function, indefinitely, in the hopes that a new solution will magically materialize", the decision is not as clear-cut as you suggest. First, of all the damage that can possibly be done, the vast majority of it has been done. Nothing we can do now can be reasonably expected to prevent the eventual leaking of everything damaging that has not yet been leaked--all indications are that the entire list archives were compromised. If you want to vote all of ArbCom out and install new arbs, that's your right--but the new arbs won't be able to do anything any faster. We have no budget, no hardware, no server access rights, nothing of the sort, and all that a new ArbCom can do is harass the WMF or resign en masse in protest. I'd love to have a better institutional memory facility than the archives--I could probably write a set of specs that would not only meet but exceed your security expectations, but I have no way to get those specs implemented. You term me an 'apologist' for pointing out the reality that ArbCom is entirely dependent on the WMF for our technology support; I think 'pragmatist' is a far better label. I am not a politician, and yet was nevertheless elected to ArbCom. If I tell you I can't make a difference, it's because I speak plainly and have six months' perspective on what ArbCom can and cannot do. If you'd rather elect a sycophant next election who will say pretty things and be just as ineffective, be my guest. Jclemens (talk) 23:41, 1 July 2011 (UTC)
Jclemens, the list administrator only needs to delete the list. That's it. Just stop cold turkey. Then you all tell WMF you need suitable list software and suggest they ask for help. I've built complex software (e.g. https://codeguard.com) and would be happy to volunteer my expertise. This is a problem that would easiy be solved if only people would just make a little bit of effort. Now, if you would please stop disrupting the discussion with walls of text, We might make progress. If you really feel unable to help, please resign and let somebody else have a try. Maybe the whole committee ought to resign. That might force WMF to finally deal with the issue. Your honor is at stake. You shouldn't serve in a position unless you can fulfill your obligations. clearly you have all failed to keep confidences entrusted to you. Either you have to fix this situation, or else resign. Jehochman Talk 23:58, 1 July 2011 (UTC)
... And how are we supposed to conduct ArbCom business without the list? Just set up a Google Group? Or maybe a Yahoo group? Where's the institutional memory going to reside? You can feel free to discuss Reichstag-climbing antics, but part of the reason I stood for election was that I'd rather stick around and try and actually fix problems, rather than implementing closing-the-barn-door measures that hinder our ability to discharge our elected responsibilities. If I could delete the hacker's illegitimate copies of the mailing list archives along with our own, we'd be having a different conversation--but given that nothing we do on this end makes a difference to that situation, I'm hard pressed to see the urgency in deleting a mailing list. Oh, and my honor is not at risk, nor is my resignation on the table. For what it's worth, several of the other arbs are all in favor of deleting the archives in their current location, and moving them elsewhere, which I see as somewhere between security theater and rearranging deck chairs. The archives may well be deleted from their current location in the near future, but the risk profile won't substantially change. Once there's a change that makes a difference on the table, you better believe I'll support it. Jclemens (talk) 00:23, 2 July 2011 (UTC)
Another change would be to make sure Arbs don't talk about editors unnecessarily, don't use real names if it can possibly be avoided, don't discuss medical conditions and other sensitive issues, don't engage in sockpuppet investigations and blocks that can be left to others. What the list shows is a lot of micromanaging, which causes extra work and stress for the Arbs. Admins, CUs, oversighters, and editors who specialize in SPI can handle most of the stuff we see being discussed on the Arb mailing list, which would leave the Arbs free to focus on arbitration. That would make the mailing list content less problematic. Would you support that? SlimVirgin TALK|CONTRIBS 00:44, 2 July 2011 (UTC)
I agree that even on a confidential list people should be discreet. But one the purposes of a confidential list is to discuss sensitive issues that shouldn't be discussed in public, including medical conditions and real identities. Let's not go so far with restrictions that we impede the necessary work of the ArbCom to settle behavioral problems on Wikipedia with a minimum of fuss.   Will Beback  talk  01:05, 2 July 2011 (UTC)
But it's not confidential because (a) every year the committee invites more people to view its archives; and (b) it retains the archives in a way that's not secure. And even if it were confidential, can you have discussions like that with a minimum of fuss with so many people on the list? It's human nature for people to want to add their views and their bit of information, and therein lies the danger.
The list needs a strong moderator with a whip. Maybe there's a job here for Taxwoman after all. :) SlimVirgin TALK|CONTRIBS 01:16, 2 July 2011 (UTC)
Many people have commented on issues concerning the retention of material in archives, and issues of access to whatever is kept from old cases. The number of people on the list is also a legitimate issue. But I think that we need to give the ArbCom the tools they need to settled disputes which include sensitive information, and a confidential mailing list or something like it, is necessary.
For example, let's say someone writes to the ArbCom to complain that a prominent and controversial academic is making non-neutral edits regarding his theories and his opponents. We don't want to out the editor so the discussion needs to be confidential. How could they discuss it without, at least once, mentioning the editor's purported real name? Or let's say an editor who'd been acting strangely tells the ArbCom that he's been taking pain medication and that explains his behavior. How can they evaluate that defense without discussing it confidentially? Maybe a once-a-week conference call for issues to sensitive to put into emails? Maybe small sub-committees that work off-list and report back to the whole committee without getting into unnecessary details? There are many possible solutions that don't require the ArbCom to stop discussing sensitive issues off-Wiki.   Will Beback  talk  01:29, 2 July 2011 (UTC)
Why would we write to the arbitration committee about that? It isn't about arbitration. It would be more appropriate to send it to an admin or functionary, or to a group of two or three admins/functionaries if it's difficult to deal with, and have it discussed quietly that way.
The arbitration committee has set itself up as a mini-government, and that has led to these difficulties. If we would allow admins to administrate, SPI specialists to handle sockpuppets, functionaries to handle CU and oversight issues, as well as sensitive identity and COI issues, then the arbitration committee could concentrate on the thing they're elected to do, and we wouldn't have these sensitive matters piling up in one mailing list. SlimVirgin TALK|CONTRIBS 02:08, 2 July 2011 (UTC)
Perhaps so, but that involves questions of scope and authority which would need considerable input from the community, and may concern the just-approved ArbCom policy. Perhaps a multi-pronged effort is needed: one to deal with email security, another to deal with archive retention and access, and a third to deal with best practices for dispute resolution.   Will Beback  talk  02:13, 2 July 2011 (UTC)
We have a fundamental problem with these committees, and the secrecy and lack of responsiveness. Just one example: I noticed in April an odd use of oversight during an ArbCom case that I was involved in. I knew what the post said, and it seemed innocuous. I couldn't find out who had done it or why, so I filed a complaint with the Audit Subcommittee, all good people, outlined my concerns, and asked what the complaints procedure was. I received an acknowledgment, and a request for permission to forward it to the functionary. No explanation of the complaints procedure. I said yes, and asked who the subject of the complaint was. A week later another email telling me enquiries were continuing. No explanation of the procedure, no reply to my request for information about who I was complaining about. That was April 14, and since then nothing.
I know that other Wikpedians have similar stories going back years. What causes it? The people on the committee are good people as individuals. Something not good happens to Wikipedians when they gather under these secret umbrellas. James Forrester (I believe) set up the mediation and arbitration committees as equals, and I think we ought to return to that model, without this sense of secret governance. Then if we really do need a secret committee for sensitive things, we could have a Difficult Cases Committee, devoted to those issues. SlimVirgin TALK|CONTRIBS 02:43, 2 July 2011 (UTC)
Slim, this looks like the sloppy desk filing system: urgent stuff on top, middle priority in the pile, and low priority at the edge of the desk where it falls to the floor and gets swept away. Then to give the appearance of being organized the contents get transferred to a filing cabinet in color coded folders. When people work that way the tactful thing to do is nudge them now again about the specific thing you want. It just puts them on the defensive to ask probing questions about the big picture. Durova412 04:16, 2 July 2011 (UTC)
This sense of secret governance, as you put it, exists far more in the mind of the beholder than in the reality. The reality is that over the past couple of years the committee done much to increase transparency and decentralising.  Roger Davies talk 04:19, 2 July 2011 (UTC)
Did you not read the example I gave above? I don't know who I'm complaining about, I don't know what the complaints procedure is, I don't know whether it's ongoing, and if it's not, I don't know what the outcome was. SlimVirgin TALK|CONTRIBS 04:23, 2 July 2011 (UTC)
SlimVirgin, I've just checked the AUSC mailing list archives, and I see that you are correct that a response was not sent. One was drafted, however, and I have asked that one of the community members vet the drafted response and then send it forward to you. Risker (talk) 04:30, 2 July 2011 (UTC)
Perhaps there is some use in the archives, after all ...  Roger Davies talk 05:05, 2 July 2011 (UTC)
Sticks of dynamite have some use. That doesn't mean I should keep them around the house. Jehochman Talk 05:10, 2 July 2011 (UTC)
Absolutely, but if you need to use them from time to time, there's no sense in storing them on another continent.  Roger Davies talk 05:20, 2 July 2011 (UTC)
A locked shed some distance from the main dwelling would be a good compromise. Jehochman Talk 05:24, 2 July 2011 (UTC)
Indeed, though of course if local kids succeeded in stealing your dynamite then I bet some here would want to know why it hadn't been stored in Fort Knox.  Roger Davies talk 05:47, 2 July 2011 (UTC)
Which is why you minimize the amount of dynamite, and minimize the number of keys in circulation. ;-) Jehochman Talk 05:51, 2 July 2011 (UTC)
Re: secret governance, I think it interesting that among the things the WR leaker has chosen not to get into in great depth are the committee's private squabbles. That omission--to which I attribute no particular motive, since we generally dispute in polite and boring terms--tends to favor the impression of ArbCom as some sort of monolithic governing-and-gossip club, when the reality is that we're 18 smart, opinionated, dedicated individuals with 18 separate perspectives on how to handle whatever is put to us. Jclemens (talk) 05:16, 2 July 2011 (UTC)
From the selection of what's been leaked, it seems like the leaker is more interested in uncovering dirt about ordinary editors who have been discussed on the list than they are in attacking the arbitrators themselves. I think this supports the idea that the contents of the list were leaked by an arbitrator, rather than stolen by a hacker. If a hacker wanted to harm miscellaneous ordinary editors, there would be many more effective ways of doing that; whereas if they wanted to attack ArbCom, they would have released e-mails that focused on the arbitrators rather than on ordinary editors. On the other hand, the selection of what was released seems completely consistent with what would be expected if an arbitrator wanted an underhanded way to attack editors whom they couldn't sanction using the normal processes. --Captain Occam (talk) 21:26, 2 July 2011 (UTC)
There's no question in my mind that the true motives of the leaker may be exactly as they appear, or they may be tailored to appear exactly as you say. Wikipedia has no shortage of smart people with variable ethics well-read in spy literature. I strongly doubt that it's an arb, though. There's nothing particular to have provoked any of us to do this, although more than a few committee members' nerves have been frayed in the ensuing aftermath. Jclemens (talk) 00:08, 3 July 2011 (UTC)
If there was something that provoked an arbitrator into doing this, would the other arbitrators necessarily know about it? I didn’t think that ArbCom kept that close a watch over the lives of all its members. Was ArbCom aware of something in particular that had provoked Kelly Martin, when she leaked the contents of the mailing list in 2009?
Something else to consider is that if it was an internal leak, the arbitrator who leaked the e-mails isn’t necessarily the same person posting them at Wikipedia Review. It may be that an arbitrator shared the contents of the mailing list with a friend who wasn’t an arbitrator, under the assumption that it wouldn’t be shared any further than that, and then the person with whom it was shared decided to post it publicly. That’s how it would have gone if there was any substance to the complaint in February about an arbitrator sharing CheckUser data. --Captain Occam (talk) 01:33, 3 July 2011 (UTC)
Given that the archives are rather difficult to work with and it would take at least one extra step to get them, I've ruled out the possibility of accidental leak as far as my own thinking about this incident, but I'm sure it's possible. Jclemens (talk) 02:08, 3 July 2011 (UTC)

Oversighting during this discussion?

Could someone explain?

  1. (cur | prev) 00:07, July 2, 2011 SlimVirgin (talk | contribs | block) m (→No more excuses: formatting (getting hard to read))
  2. (cur | prev) 23:58, July 1, 2011 Jehochman (talk | contribs | block) (→No more excuses: really, no more excuses -- deal with the problem or resign)
  3. (cur | prev) 19:09, July 1, 2011 Cool Hand Luke (talk | contribs | block) (192,662 bytes) (→All information becomes public sooner or later: Jehochman, I largely agree.)
  4. (cur | prev) 19:08, July 1, 2011 (Username or IP removed) (edit summary removed)

I assume number 3 was to deal with whatever number 4 was. But what happened to 1 and 2? SlimVirgin TALK|CONTRIBS 03:19, 2 July 2011 (UTC)

Personal information of an individual, which has not been released onwiki, was included in a post. This was redacted. All edits between the insertion and the removal of the personal information must be suppressed in order to remove the privacy violation. Risker (talk) 03:38, 2 July 2011 (UTC)
Okay, thanks. SlimVirgin TALK|CONTRIBS 03:53, 2 July 2011 (UTC)
I accidentally called an Arb by their very unoriginal first name instead of their handle. For instance, my name is Jonathan, as many people know, and people occasionally call me that on wiki instead of Jehochman. I wish certain Arbs cared about the rest of our privacy as much as they seem to cherish their own. Jehochman Talk 05:03, 2 July 2011 (UTC)
I suppose the reason that people know that your name is Jonathon is because you tell them so prominently on your user page. Similarly, it doesn't take too much detective work to establish that my first name is Roger :)))  Roger Davies talk 05:12, 2 July 2011 (UTC)
Roger, Roger. Jehochman Talk 05:14, 2 July 2011 (UTC)
[1]Baseball Bugs What's up, Doc? carrots→ 09:09, 2 July 2011 (UTC)
Ah ... indeed Roger ... now on the spelling of that last name. :) — Ched :  ?  08:59, 2 July 2011 (UTC)

Question

Can someone just answer this for me because it could be important. If one singular Arb's ordinary personal email account had been hacked, could all this leaked information have been accessed? Giacomo (talk) 21:19, 2 July 2011 (UTC)

Yes, if they had not deleted the email they received giving them a password for the mailing list and archives. With that password, anyone could access and download the archives. Alternatively, if an Arb accessed the archives from a public computer and forgot to log out, that could also give someone else access. SlimVirgin TALK|CONTRIBS 21:27, 2 July 2011 (UTC)
Do we have a date for the most recent leak? Giacomo (talk) 21:29, 2 July 2011 (UTC)
The first leak was on June 23. The leaker continued to have demonstrable access until after CHL or Coren (forget which) posted to the mailing list to tell them about the leak on June 23 or 24. That email was the most recently dated leak. I believe the leaker set up his WR account on June 21 at 6:54 am UTC , so the breach probably took place just before that. SlimVirgin TALK|CONTRIBS 21:39, 2 July 2011 (UTC)
  • Oh that's my theory kaputted then. All the leaks I have seen on WR have been quite historic, I thought it could possibly be from a hacked Arb account from a few months back. Giacomo (talk) 21:50, 2 July 2011 (UTC)
The breach could have occurred a long time ago, but there would have to have been continued access until June 23/24 (the most recently dated leak). And for some reason no desire to start leaking the material before that date. SlimVirgin TALK|CONTRIBS 21:52, 2 July 2011 (UTC)
Well an Arb's email was hacked a few months ago, I realised it when the esteemed Arb began trying to sell me viagra; I emailed him to negotiate a better price; he said his account had been hacked and that was the end of the story. I'm sure the Arbcom know all about it. I'm not sure of the exact dates because I deleted the email in case it was a virus, anyway it hardly seemed important at the time. I only remembered it recently because a nephew left his account open in an Australian internet cafe and he suddenly began trying to sell me vigra too - why do these people think I need viagra? Giacomo (talk) 22:02, 2 July 2011 (UTC)
Don't worry, brother. They think I need Viagra too. ;) Durova412 00:43, 3 July 2011 (UTC)
It was actually mine (more like the password was guessed), but it wasn't the email I was using for Arb business (shortly after I was elected,but before I was subscribed to any lists I realized that the sheer volume of emails on arbcom-l and other lists would completely drown a email address that was already 6,000 or so deep), so I created another gmail address strictly for arb business. The old email address never received any of the passwords or anything that would allow it to do so... and about three hours after it sent out the first wave of spam, my brother, who builds computer networks for a living, was screaming at me, and everything got changed :) SirFozzie (talk) 22:18, 2 July 2011 (UTC)
Spammers seem to be able to (appear to) send spam from email addresses without gaining access to the accounts. No idea how, but I've received spam from quite a few Wikipedia accounts over the years. They offer me mortgages for the most part. SlimVirgin must look as though she doesn't need any more excitement. SlimVirgin TALK|CONTRIBS 22:23, 2 July 2011 (UTC)
Are you implying that the name "Giacomo" sound like a tired old man in need of assistance? Giacomo (talk) 22:27, 2 July 2011 (UTC)
  • Same thing happened to me a few months back. Didn't have control of my account, but the FacebookConnect or Yahoo bridge feature let someone send about ~1,500 emails from my account. Lucky I caught it midway through and changed the password or it would have sent out 15,000 emails. MBisanz talk 22:39, 2 July 2011 (UTC)
  • Well that's that then, some other direction will have to be searched. Giacomo (talk) 22:41, 2 July 2011 (UTC)
As I said above, I think the direction that ought to be searched at this point is whether an arbitrator deliberately released these e-mails. The selection of what’s been leaked, the fact that there does not appear to be any evidence that an arbitrator’s e-mail account used for Wikipedia has been compromised, and the fact that there have been issues in the past with arbitrators giving out private information; all of these things seem to point more towards a deliberate leak than to a hacking event.
Of course, if that’s what happened, it might be difficult to identify who was responsible for the leak unless they voluntarily come forward. --Captain Occam (talk) 23:20, 2 July 2011 (UTC)

Update

This is to update the community on major actions that have been taken over the past week since the unauthorized release of private mailing list material was first identified. This message highlights only key issues and is not an exhaustive list of actions that have been taken.

We thank the community for its continuing patience as we continue to work through this unfortunate situation to mitigate the potential for a recurrence of this unauthorized release of information. Risker (talk) 03:33, 2 July 2011 (UTC)

Transferring the archives to the ArbCom wiki is a very bad move, in my view, because it will make them easier to read (I assume), and the wiki is just as insecure. Plus, it doesn't remove the "poisoning the well" feature, which is the major problem outside unauthorized access.
Also, do you know when and where there will be an announcement about the leak so that editors who don't watch this page or WR will learn about it? SlimVirgin TALK|CONTRIBS 04:04, 2 July 2011 (UTC)
Transferring the archives? Seriously? This old house of straw is no good, let's build one of sticks. → ROUX  04:11, 2 July 2011 (UTC)
It may not be perfect but think it through. Do you really want the only place where arbitrators can look up back stuff to be Wikipedia Review?  Roger Davies talk 04:15, 2 July 2011 (UTC)
Bwahahaha.... Well played, sir. Wish I'd thought of that comeback first. Jclemens (talk) 04:21, 2 July 2011 (UTC)
(edit conflict)Of course not. The superior solution, if the archives must be kept (and I think there are just enough arguments in favour of doing so), is for them to be archived to a machine under WMF control and not accessible online. Transferring the archives to another format which is just as insecure is more or less the definition of security theatre. → ROUX  04:24, 2 July 2011 (UTC)
Well, given the fact that not a single arbitrator has non-internet access to any WMF server (which I believe is an appropriate security measure on the part of WMF), whatever value the archives currently have is eliminated by making them inaccessible. By moving them to the arbwiki in a readable format, we can chop through the 85-90% of useless material and delete it from there, and properly organize what little remains. This is labour intensive, but probably would need to be done at some point anyway if we are able to persuade the WMF to obtain better software that will permit us to do this without unreasonable use of volunteer time. Risker (talk) 04:47, 2 July 2011 (UTC)
(ec) A significant portion of the community doesn't want you to keep on looking up old gossip about them, material that the subjects have no access to or a chance to correct. I'm surprised that Arbs from Europe, where there's a strong data-protection culture, don't respect the force of that argument. SlimVirgin TALK|CONTRIBS 04:22, 2 July 2011 (UTC)
Quite apart from the absence of proof that arbs "keep on looking up old gossip", as you so pejoratively put it, this gossip thing is looking more and more like one of those irregular verbs. You know: "I raise legitimate concerns", "he speculates", "they gossip". There's a fine line between legitimate concerns poorly expressed and wild speculation with inconclusive diffs. The arbitration case pages are stuffed full of examples, in some cases, running to tens of thousands of words.
Second, on the data protection front, I actually strongly believe people should have the right to answer what is said about them which is why I wrote it into the new policy. However, there are exceptions and the idea that an anonymous screen-name is entitled to the same human rights as a real publicly identified person leaves me utters puzzled. This, it seems to me is part of the problem here. What is this Wiki? A cyber-kingdom inhabited by cyber-citizens or is it primarily a website devoted to building an encyclopedia?  Roger Davies talk 05:04, 2 July 2011 (UTC)
I think the short answer to your question is that it's a MMORPG that acquired far too much power and influence than is healthy for anyone, on all sides. But you can't make that problem go away by saying you just wanted to kill Orcs (or more apropos, Trolls). -- Seth Finkelstein (talk) 06:17, 2 July 2011 (UTC)
You jest, but there is something to be said for Devil's Advocate and countervailing power. -- Seth Finkelstein (talk) 04:26, 2 July 2011 (UTC)
Of course :)  Roger Davies talk 05:04, 2 July 2011 (UTC)
My own $0.02: I've been following this discussion, and have been very pleased to see arbitrators taking this issue seriously, and actively engaging with the community to keep us informed. The steps being taken look to be appropriate, and I, as a member of the community, am satisfied with both the ongoing actions being taken, and the proposed solutions. Thanks very much for the updates, and please continue to keep us in the loop! --Elonka 15:45, 2 July 2011 (UTC)
Adding $0.01 of my own, I agree entirely with Elonka. I increasingly get the feeling that some of the more strident complainers in this talk are doing nothing but repeating themselves tiresomely. --Tryptofish (talk) 18:02, 2 July 2011 (UTC)
You are both correct that sycophancy isn't worth much. If you grow tired of the conversation, feel free to ignore it. Jehochman Talk 18:57, 2 July 2011 (UTC)
Actually, there's a big difference between sycophancy and criticism of the critics. If it makes you feel any better, I don't think that you were being either strident or tiresome (at least not until that last comment!). --Tryptofish (talk) 18:01, 3 July 2011 (UTC)

Another question

Is there anything undisclosed so far on WR that you would expect to have been leaked that was in the files? We are all aware, because we are reading WR, that the leaker is now responding to requests rather than posting unilaterally, but are there topics/individuals that the ArbCom is aware of not being released, and if so are they of any import into determining the method of the break in security? Obviously, if you need to kill me because of the security implications of my question my real identity involves the initials DG. LessHeard vanU (talk) 00:00, 3 July 2011 (UTC) Um, obviously I am not expecting any detail on what has not yet been published - just whether some stuff remains to be potentially aired. LessHeard vanU (talk) 00:16, 3 July 2011 (UTC)

Not that I'm aware of, however I wasn't familiar with all the leaked material simply because I hadn't looked at that much from before I joined ArbCom. PhilKnight (talk) 00:35, 3 July 2011 (UTC)
I have been trying to think of who it might be based on what has been released and what proportion of it, contrasting to what is left unreleased. Casliber (talk · contribs) 01:03, 3 July 2011 (UTC)
There are literally thousands of threads that contain such messages as "Hey guys, please vote on XX"; "We need more comments on the request for amendment about YYY"; people advising their colleagues of holidays, breaks, or other reasons they won't be around (in fact, I think one of the earliest threads is about someone going on holiday); tons of unblock requests and their responses; and similarly boring stuff. This sort of stuff makes up the majority of the archives. Risker (talk) 02:01, 3 July 2011 (UTC)
The most surprising thing so far about the leaks is how few surprises they have contained. Short Brigade Harvester Boris (talk) 02:14, 3 July 2011 (UTC)
Agreed, but don't underestimate the value of "officially" confirming what everybody-already-knows. -- Seth Finkelstein (talk) 03:00, 3 July 2011 (UTC)
It's not actually surprising, SBHB: day to day ArbCom business is singularly boring as a rule. Sometimes delicate, sometimes urgent, but rarely interesting to look at from the outside. I'm guessing that's why the leaks haven't yet generated offers for a treatment. — Coren (talk) 04:58, 3 July 2011 (UTC)
Actually, even the day to day business of outright dictators "is singularly boring as a rule". I once heard a talk from someone who studied literal Soviet Kremlinology, and he remarked about how much of it was just basically corporate management, made much worse by the fact that the members didn't want to delegate anything. Not that I'm comparing ArbCom there, but even ruling (part of) the world is an amazingly tedious job. The leaks here have been presented in a timing and format which has been stupefying. But I believe a more savvy selection and presentation could have generated some interest. -- Seth Finkelstein (talk) 05:48, 3 July 2011 (UTC)
At which point, let me be the first to invoke Godwin's law and refer to the banality of evil :)  Roger Davies talk 05:52, 3 July 2011 (UTC)
Well, making the trains run on time requires a lot of messages about train schedules :-) -- Seth Finkelstein (talk) 11:04, 3 July 2011 (UTC)

Community policy / discussion / reaffirmation of Arbcom email policy

I think that it may be of value to take the meta-discussion about what Arbcom's mail archives should contain and for how long to a centralized venue for community discussion and reaffirmation.

I don't personally know that removing old data is a good idea - Institutional memory is required for long running disputes and longstanding problems - but there seems to be considerable dispute over what the underlying policy should be, what the value is of retained data versus risks and privacy concerns, etc.

Thoughts? Georgewilliamherbert (talk) 02:48, 3 July 2011 (UTC)

Georgewilliamherbert, if you've been following along, right now the Mailman mailing list software made available to us by the WMF is either "archive/no archive"; no ability to manage the archives in any way, shape or form other than to delete or keep. We've urged the WMF to make software changes at various times, most recently in April of this year, and have done so again as a result of recent events. It is a holiday weekend in the US, and WMF staff are not available for big-picture discussions like this. The conversation so many people want to have is just going to have to wait for a bit while issues are assessed, current risks are mitigated, and future options can be developed. This is not something that is going to be completely "fixed" for a while, and I have no doubt that there will be periodic information shared with the community. Risker (talk) 03:22, 3 July 2011 (UTC)
I have been following along; I would like to separate out "technical means" - which I understand are not up to Arbcom per se - and "community mandate / policy" - which the community here and Arbcom can certainly refine, define, or reaffirm.
If the community were to mandate a change that was not immediately technically feasible then the WMF and Arbcom obviously wouldn't have to wave a magic wand and make the impossible happen, but it could define what the community wanted done as the technical situation was evolved.
If the community reaffirms the existing policy to generally keep archives then no change is required other than the security tightening going on.
I am not advocating a change. I'm advocating having a centralized discussion to lay out the issues clearly, develop a consensus on what's best for the Encyclopedia, project, community, Arbcom, etc.
I personally prefer keeping, but I am seeing the edges of community refutation of that longstanding policy, and I'd rather have an out in the open honest discussion and consensus about it rather than have everyone wondering if there really is remaining support for them. Georgewilliamherbert (talk) 03:31, 3 July 2011 (UTC)
I'm sorry Georgewilliamherbert, but the technical issues are a core component here, and they are entirely within the domain of the WMF. The community also does not have within it the power to dictate that individual arbitrators must use certain technology when carrying out their roles, as has been suggested by some commenting here. The community is justifiably concerned that there was theft of data that included both private and confidential information. There is not sufficient information at this point for any discussion to take place. The community will be kept updated as new information becomes available. Risker (talk) 03:57, 3 July 2011 (UTC)
Saying the technical issues are "entirely within the domain of the WMF" isn't altogether correct. You have plenty of leverage to sway Jimbo/WMF if you think the technical changes are important enough. Short Brigade Harvester Boris (talk) 16:16, 3 July 2011 (UTC)
We have a nuclear option that every time we use, the WMF can say "Sorry, we can't/won't do it" and then we'd HAVE to resign. So it's not a tool to be used casually or easily. Risker has spent the last few weeks working with the WMF to try to see what is possible (and isn't that what politics at whatever level is, the art of the possible?) SirFozzie (talk) 16:18, 3 July 2011 (UTC)
There are a number of strong options short of mass resignation, and in fact mass resignation isn't even your strongest option. For example, it's likely that at least one of the 18 people on Arbcom knows how to write a press release (filling in the details is left as an exercise for the reader). Of course, you are correct in first giving Jimbo/WMF the opportunity to do the right thing of their own free will. Short Brigade Harvester Boris (talk) 16:36, 3 July 2011 (UTC)
Mass resignation is not a serious option, nor is making a statement to the press. (Doesn't anyone remember the Colbert Report?) And why would anyone think that Jimbo has any more ability than any other member of the Board of Trustees to investigate software options, determine which options can run on the existing platforms, allocate and schedule funds as well as hardware, software and staffing resources? These are operational issues that require the time and knowledge of the WMF technical staff, as well as those who can help to assess the "human" end of things. We are all in this together, and options are just at the very earliest stages of development. It is not going to be a quick fix; anyone who has ever worked in a large IT-based environment knows that even small "fixes" can consume significant resources, and careful analysis of systemic impacts is part of the assessment process. Yes, the decisions about software are ultimately in the hands of the WMF. But the lines of communication are open right now, and this matter is being taken seriously on a very large number of levels there, just as it is here. Each group has its limitations. Risker (talk) 17:38, 3 July 2011 (UTC)
Your statement regarding Jimbo is an obvious red herring which does not merit a serious response. I am beginning to sense the all-too-human reaction to serious and difficult problems, which is to think of all the reasons why something can't be done. Short Brigade Harvester Boris (talk) 18:40, 3 July 2011 (UTC)
Well, I'm not the one who brought Jimbo into the conversation, but meh. SBHB, we know this needs to be fixed. We also know that it is going to take some time, and it's better to be honest about that than it is to create false expectations within the community. It is a serious and difficult problem, and I have never seen a serious and difficult problem that got completely fixed in just a few days. We have an entire community who works on the theory of crowdsourcing; I have to admit I'm surprised that nobody's tossed a list of potentially suitable publicly available software onto this page. I have no doubt there are open source programs out there that would be good, but I know I don't have the technical skills to review and assess them. Maybe some of the other people watching this page do. Risker (talk) 19:33, 3 July 2011 (UTC)
Perhaps you've had no suggestions because it's unclear what the purpose of this mailing list is. Is it to allow secure communication between individual editors and ArbCom? Or is it to enable secure communication between ArbCom members? Right now it appears to be doing neither well, but they're functions that ought to be separated. Malleus Fatuorum 19:46, 3 July 2011 (UTC)
Are you aware of any solution, Malleus, which would allow both? Right now, email from the list sets reply-to to the list itself, so that when an editor emails arbcom, the arbs can discuss the merits of the request without losing threading--i.e., you can see the original email, plus any other arb comments, all in one email thread. Jclemens (talk) 20:04, 3 July 2011 (UTC)
My point was that the functions need to be separated, not combined. So far as secure communication between ArbCom members is concerned then VPN seems like a natural solution. Isn't there an ArbCom wiki? Is it only accessible via VPN? This isn't so much a "should we use this software or that software" issue it's a security issue. Malleus Fatuorum 20:07, 3 July 2011 (UTC)
You're right, it's a security issue, but the two are intertwined. What is needed is a system that feeds externally received emails in, permits all those with access to discuss them, and then respond with a reply (ideally using a "system" return address rather than one's personal email address, as is the current situation). Ability to add attachments would also be useful, as would some form of "tracking" mechanism so that it is easily determined which tasks/threads are complete (especially valuable for unblock requests) or to permit scheduling of specific activities. I know these features are available in various commercial products, but we do need to consider the WMF mission as well, which strongly emphasises open source software wherever possible. Risker (talk) 20:19, 3 July 2011 (UTC)
Get behind a VPN. The software issue is secondary. Malleus Fatuorum 20:30, 3 July 2011 (UTC)
Err, what? If an arb's account was hacked, the VPN would have done almost nothing for anyone. It would have required the attacker to proxy through their system into the VPN to access the archives, beyond what was stored. Is there any VPN implementation these days which prevents split tunneling? I know the users I was responsible for hated it, because it made it impossible for them to print to their local TCP/IP printers when connected to the corporate VPN... and "Get a bloody USB cable" was not perceived as a user-friendly response... Jclemens (talk) 21:26, 3 July 2011 (UTC)

Make public everything that has been leaked

I understand that it is not practical to email everyone who has had contact with ArbCom. Then we have the following problem. WR is not going to release everything what they have today or tomorrow, so you never know if some information concerning you is going to appear there next week, next year, 5 years form now, or perhaps never. If it were just information that you have communicated yourself to ArbCom, you could still deal with that by simply pretending that this is now in the open and taking appropriate measures. However, ArbCom members may have been discussing you and then you don't know what they have written about you.

Then if it is indeed not possible to disclose information privately via email to all concerned, the next best thing is to make everything public. E.g. one can put everything in one or more (compressed) files and upload that on Wikimedia. It's far better to have to deal with anything that is in there now than to find out some years later that people have been discussing you for some time on some websites on the basis of information about you that may not be correct (what the Arbitrators say about you may not be correct, or it may be presented out of context by people leaking it). Count Iblis (talk) 16:07, 3 July 2011 (UTC)

I'm sorry, this is a ridiculous idea. What's out there is bad enough, but you want to turn the trickle into a flood.. Let me say it clearly. This is NOT going to happen. SirFozzie (talk) 16:09, 3 July 2011 (UTC)
Have to agree with SirFozzie here. It may seem like a good idea at first glance, but there is no way the community would support this. The Cavalry (Message me) 18:40, 3 July 2011 (UTC)
I have to agree with the Count, the reality is Malice only has the power because we made them secret in the first place. I am a realist though I know its not going to happen but I think count makes a valid point. The Resident Anthropologist (talk)•(contribs) 18:44, 3 July 2011 (UTC)
The one thing that argues against this proposal is that Malice and the WR admins have been willing to redact some of the material that had the most potential to damage real people. If it were just the ArbCom at risk of public embarrassment, then it would be a different conversation, but as long as Malice and the WR admins are willing to protect the people we care about (if not our own privacy, oh well), then there's no defensible reason to do this. Jclemens (talk) 19:01, 3 July 2011 (UTC)
The leaker on WR presumably is not the one who stole it from the ArbCom list, so this information may also appear elsewhere. Then I think one could make this public here and still protect the privacy of people involved to some degree by using some program that removes the real names and email addresses in the message headings. This won't fully protect the privacy of everyone but it would go a long way toward this. The involved people then know everything about how they are discussed, so they can take whatever measures they think are needed. Count Iblis (talk) 22:08, 3 July 2011 (UTC)
So your solution to the possibility that some harm-causing stolen email might surface in the future is for us to willfully release it now? No, this is not the route we will take. –xenotalk 23:56, 3 July 2011 (UTC)
Sorry Count Iblis, there are all sorts of privacy bits and pieces sprinkled all through the archives (buried amid a stack of boring mundane posts as pointed above). This makes no sense. Casliber (talk · contribs) 00:30, 4 July 2011 (UTC)

Malleus: If you went and told seventeen or eighteen people that you barely know your real name, you can't possibly expect it to remain private. If your e-mail address is john.doe@workplace.com and you use it on a mailing list, it's expected that the information is no longer completely private. It's not as though it's all that difficult to register a different e-mail address (and in fact many people have).

I understand that you never e-mailed the list directly, so this isn't directly relevant, but it'd be reasonable to say the same policy applies to individuals, as they can and demonstrably have forwarded e-mails to the list without redacting any information.

There are ways to mitigate the risks of a leak and I still don't have a very clear idea of how this leak occurred, but I don't think people who used a revealing e-mail address or other information on the Internet via unencrypted e-mail are blameless here. My reading of some of your comments seems to put blame solely on one side, and I don't think that's fair. (Now awaiting another lecture from Risker on the use of the word "blame." ;-) --MZMcBride (talk) 07:34, 4 July 2011 (UTC)

Well "Roger" if you want to operate an "encyclopedia" able to be "edited anyone" one has to expect "anyone" to edit it - doesn't one? The project happily takes and uses the work of "anyone" (such as myself) to promote itself (my work has certainly been on discs etc) it either needs to say "This is the project anyone can edit so long as they realsie they count as nothing" or it needs to grow up and get real. Secret files on individuals are always a bad idea and in all civilized countries they are illegal. I am quite sure that the Arbcom file are full of references to me, one only has to look at WR to see the most recent and ludicrous (do you never think how silly you all sound?). I really don't see what can be so secret and vitally important about people called "Coren", "Fred" and "Clinically Dead" discussing someone called "Giacomo." I'm afraid you are all starting to beleive the fallacy of your own importance. I raised this matter in the Arbcom election of 2010, no satisfactory answer was given then and none is provided now. Because I choose (wisely as it turns out to protect my anonymity) does that mean I must surrender my human rights - or do you think I am inhuman and a horse? Giacomo (talk) 20:31, 3 July 2011 (UTC)
I think you need to be watching out very carefully for that horse's head on your pillow. Malleus Fatuorum 20:37, 3 July 2011 (UTC)
Don't worry Malleus, I eat kittens for breakfast! The fact is that the Arbcom have built an illicit house of secrets and then they have allowed it to fall like a house of cards into the hands of God knows who and yet are still scrambling to catch the cards in a 12 force gale and rebuild it. It's ludicrous. Giacomo (talk) 20:48, 3 July 2011 (UTC)
Nice analogy. Malleus Fatuorum 20:54, 3 July 2011 (UTC)
Interesting image, dunno how appropriate it is though. None of the current committee had anything to do with building this incidentally.  Roger Davies talk 20:59, 3 July 2011 (UTC)
Cop out! Giacomo (talk) 21:01, 3 July 2011 (UTC)
Hyperbole.  Roger Davies talk 21:05, 3 July 2011 (UTC)
  • I am dissapointed Roger, that the Arbcom feels the justifiable anger of the community is just "hyperbole." The fact is the Arbcom have not been careful with their files and caused an immense amount of distress and anguish to many. It may be better if they adopted a little humility. Many of us wish the Arbcom to desist accumulating secret information on us all. You may do well to respect that position. Giacomo (talk) 21:10, 3 July 2011 (UTC)
  • Please don't pretend you speak for the community. He was responding to one editor. I don't see a community enraged anywhere. RxS (talk) 21:52, 3 July 2011 (UTC)
Most of the community doesn't know about this, RxS. This page only has around 400 watchers, and that doesn't mean they are actually watching it. And most don't read WR. But I think it's clear that most Wikipedians would prefer not to have people keep secret files on them—which they have not seen and which may not be accurate—and particularly not make them available to new Arbs every year, and retain them in a way that isn't secure. Anyone who would want that for themselves would not be rational. SlimVirgin TALK|CONTRIBS 23:48, 3 July 2011 (UTC)
@SV, obviously the situation is not ideal, and thinking upon it, probably some degree of comments made on the list were better made on wiki. But there are serious issues for which privacy is very warranted - users with mental health issues, child protection and legal ones, plus some sort of institutional memory for the next orchestrated attempt at mischief. Given where wikipedia is, it will be only a matter of time before the next Poetlister, EEML, scibaby etc. There are very clearly checks and balances here and no solution is ideal. Casliber (talk · contribs) 00:36, 4 July 2011 (UTC)
Please don't mischaracterise this: I'm describing your firebrand style of rhetoric as hyperbole. All it succeeds in achieving is polarising rather than resolving. You have no idea at all what the individual views of individual arbitrators on this are but in your enthusiasm to make a point you are make sweeping statements about all of them, past and present.  Roger Davies talk 21:21, 3 July 2011 (UTC)

Roger, you seem you be the only person here, who does not realise that if we all want to know the "individual views of individual arbitrators" we just pop over to WR and have a look. Now were I you, in such a hole, I would stop digging. Giacomo (talk) 21:27, 3 July 2011 (UTC)

More hyperbole, I'm afraid. Can you please make a stab at answering the question? If you don't know, just say so :)  Roger Davies talk 21:31, 3 July 2011 (UTC)

Oh dear, you seem to be labouring under the misaprehension that it's me and the community who should be answering the questions. I don't think at present at Vote of No Confidence in the Arbcom would serve anyone well, but I am very much less than thrilled to see your pointless and insulting interrogation of me plastered all over WR together with my former email address. That you have made yourslelves look even more stupid is to be deplored. Now Roger, a little less arguement and little more humility might just save all your skins. Giacomo (talk) 21:45, 3 July 2011 (UTC)

I have no recollection of my ever asking you any questions, let alone "engaging in a pointless and insulting interrogation". For the record, I am angry and horrified about the data theft but that does mean that I will automatically accept whatever is thrown at me, especially if certain allegations are exaggerated, inaccurate or misplaced. Now, to return to my question, what is my position on retention of private data? If you don't know, just say so.  Roger Davies talk 22:04, 3 July 2011 (UTC)
Roger, it might be helpful if you and all the other Arbs made public statements about your positions on the retention of private data, so we don't have to play the guessing game with all of you. DuncanHill (talk) 10:33, 4 July 2011 (UTC)
I agree it would be useful if Arbs would post their individual stance on the matter (CoolHandLuke has commendably done so above). It's delicious irony that in response to problematic use of off-wiki discussions, the Arbs discuss possible solutions off- instead of on-wiki! TotientDragooned (talk) 16:13, 4 July 2011 (UTC)
Having ArbCom sanction the violation of my own privacy, convict me of conduct which I did not do by "finding" me to have responded to alleged "canvassing" Emails which because of personal circumstances I had not actually read—checking Wikipedia check several times a day, personal Email once every week or two—I have zero sympathy here. PЄTЄRS J VTALK 23:28, 3 July 2011 (UTC)

Roger Davies, to address directly your query "What rights does an anonymous screen name ...", I would contend that is looking at it from the wrong angle for two reasons: 1) Often the screens names do end up being linked to a real-life identity at some point, and 2) We also are talking about people who use their real names. In specific, the material leaked already includes many insults and personal attacks on a named journalist. Now, perhaps that's life, and it's only to be expected. However, I don't think it's unreasonable to then wonder who else might be treated similarly. I don't put this in legal terms. But factually, it's not just an issue of screen names. -- Seth Finkelstein (talk) 03:55, 4 July 2011 (UTC)

Seth, what are the Data Protection Act implications for UK citizens storing and recording personal data in a searchable database? Would they be considered data controllers, and would they be in breach of the Act by virtue of uploading data onto servers in a foriegn jurisdiction? John lilburne (talk) 08:05, 4 July 2011 (UTC)
I raised this matter in the 2010 Arb elections [2]. I was not happy with the answer then and I'm even less happy with it now. It seems that British Arbs are happy to circumvent their own laws, and they are probably on very sticky ground. Giacomo (talk) 08:23, 4 July 2011 (UTC)
I'm not surprised. Are AC members data controllers or data processors? ChaseMe had it back to front. WMF isn't the organisation that is determining what is kept or what is processed it is the AC members that do that. WMF are simply providing the data processing facilities. What AC does is on its own initiative, and its members are most likely personally exposed to liability. John lilburne (talk) 08:40, 4 July 2011 (UTC)
IANAL - I Am Not A Lawyer. And even where I've studied legal topics, my interests were the Digital Millennium Copyright Act, and free-speech issues. So I can't tell you how the Data Protection Act applies here, if it even does. Sorry, that's the sort of question that should be answered by a specialist in that law. -- Seth Finkelstein (talk) 11:43, 4 July 2011 (UTC)
Anyone is welcome to hack through it at the Information Commissioner's website, but basically if Wikipedia were UK based, it would be exempt, as it is a not for profit organisation and all the activity concerns individuals who might loosely be described as members. The only proviso is that information should not be retained about individuals who have ceased to be members. This would apply to onwiki information also (should there be any that falls into the category of personal data), but of course only applies to personal data - ie information that allows you to identify someone in real life. Elen of the Roads (talk) 12:16, 4 July 2011 (UTC)
You'd be very lucky to fall into the not-for-profit exemptions which are very narrow. Plus the exemption is only on the requirement for notification it is not an exemption from the 8 principles. Afdditionally the EU data commissioner has declared that IP address are personal data. John lilburne (talk) 12:44, 4 July 2011 (UTC)
I don't have to fall into anything - the WMF which is the only legal entity which could possibly constitute the data controller, and I don't work for them. It's all theoretical anyway as far as the committee are concerned - it is the Foundation's data store that was thefted, and that's the big target to aim at - not just how to stop it happening again, but - and this is where reference to the principles would actually be really helpful - is it reasonable for the organisation (the WMF) to maintain years and years worth of this information.Elen of the Roads (talk) 14:23, 4 July 2011 (UTC)
I suspect that the WMF and the AC are two separate entities, otherwise the WMF would be responsible for the actions of the AC, and they have set things up so that they are not. Also I do believe Mike Godwin was telling the AC in the message of "Mon Nov 30 00:48:36 2009", that members could find themselves personally liable for their actions. John lilburne (talk) 14:54, 4 July 2011 (UTC)
Arbcom is not a legal entity (either in US or UK law, so I'm assuming that's fairly general). There's nothing that can be sued or prosecuted in the concept of "arbcom", it couldn't enter into a contract for the supply of goods and services, or hire someone, or take out an injunction. Anyone wishing to sue "arbcom" for say defamation, would actually have to sue the members individually - so an individual member would be personally liable if they defamed someone. "arbcom" also cannot be responsible for the mailing list in any legal sense, however as it was WMF owned technology on WMF owned servers, and the WMF is a legal entity which can be sued or prosecuted, they would be the immediate target in my opinion. Elen of the Roads (talk) 16:10, 4 July 2011 (UTC)
Elen, I think you're fooling yourself here. Both within the leaks themselves and in some of the responses to it here on the wiki, the mantra has been that "arbcom (and/or its members) is independent, and does not represent the WMF". The WMF would probably be obligated to respond to subpeonas for correspondence and the identities of the committee's members, but unless they clearly say so somewhere in some sort of contract with you, they're under no obligation to defend you. Given the sort of things you sometimes have to deal with, insisting upon such a contract would be a very wise thing to do, IMO. --SB_Johnny | talk 16:20, 4 July 2011 (UTC)
That is the point YOU are personally liable not any organisation, not the WMF, but each of you individually. Groups become corporate entities in order to obtain some protection for their members, currently you are all out on a limb.

Because it is not a legal entity, individual members of an association are responsible for their actions, even if carried out on behalf of the association. However, if an association appoints a committee to act on its behalf, that committee may be jointly liable for the actions of one of its members.

John lilburne (talk) 16:30, 4 July 2011 (UTC)
Also as you have a role in control over others, banning, sanctions, you may find that other responsibilitiesw fall upon you.

If an association is able to exercise control over its membership, then it has a legal obligation to exercise this control according to the principles of natural justice (see: Natural justice). A breach of natural justice may be actionable in private law (e.g., breach of Contract) or, in some cases, by way of Judicial Review. However, it has to be noted that the courts are reluctant to entertain judicial review actions against associations that are not run or funded by the state.

John lilburne (talk) 16:30, 4 July 2011 (UTC)
I find it fascinating that no-one has even bothered to read my remarks below about FOI - everyone's busy trying to imagine circumstances in which I could be sued or prosecuted. Do have fun, won't you. Elen of the Roads (talk) 16:41, 4 July 2011 (UTC)
All we are saying is get independent advice wrt to liability. Note that it isn't just organisations that are subject to the DPA individuals can be too. You can collect whatever data you want about some one for personal use, unfortunately the use here isn't strictly personal. John lilburne (talk) 17:06, 4 July 2011 (UTC)
I wouldn't "find it fascinating" that no-one bothers to read your comments Elen. I'd rather take it as evidence that most of the community is rather bored with your tedious and regularly ill informed, pretentious and self important commentary. The fact you seem so suprised no-one cares what drivel you spill out is surely your own problem? Pedro :  Chat  20:55, 4 July 2011 (UTC)
I might also mention that pathetic little stabs like "do have fun, won't you" are singularly unimpressive. I assume you speak for the whole of ARBCOM when you ridicule editors in this way? If so then all current arbitrators should be removed post haste. If not then you should be removed post haste. I imagine your colleagues cringe everytime they see you adding comments (actually I don't imagine - I have it on good authority most do) Pedro :  Chat  21:05, 4 July 2011 (UTC)

Also to comment on Giano's Freedom of Information observation. I am in sympathy here - in most (all?) EU countries, it is possible to make a request to see all the information an organisation holds on you, and to make a request to see all the information the organisation holds on a particular subject (other than personal data about other people). So one could ask to see "all the discussions concerning me" or "all the discussions about this matter" and expect to receive all the paperwork (with personal data on other parties redacted). While the FOI law only applies to public bodies, and the data subject law only applies to organisations that are required to register, if Wikipedia really did want to be the sort of visionary community that apparently lay behind its creation, it should consider enacting both of these, and modifying the way its committee works accordingly.Elen of the Roads (talk) 12:23, 4 July 2011 (UTC)

  • As I understand UK law, all material downloaded/uploaded from/to a British computer, situated in Britain, is subject together ith its uploader/downloader to British law. Saying: "Well Jimbo said it would be OK", "NewYorkBrad is fine with it" and "No legal threats are allowed" will not be accepted as an excuse in any European court. It's my opinion that Arbitrators situated outside of the USA should consult their lawyers as to their precise legal situation in the event of a challenge. I suspect they will find legal opinion is divided, but will come down heavily on the side of caution. So the risk and choice is their's to make. Giacomo (talk) 18:30, 4 July 2011 (UTC)
  • If I were an Arb, especially an Arb in the UK, I'd be pushing to have this material deleted, for all the obvious reasons. If a group of Wikipedians were to join together to take legal action, there is no way the Foundation would or could defend it. Think about the stories. Wikimedia is keeping secret files on its users—material often supplied by anonymous or pseudonymous users—some of it containing highly personal information, some of it defamatory or just insulting, which (1) it won't allow those users to see or correct, (2) it refuses to delete, and (3) it retains in a non-secure fashion so that it keeps leaking out and being published. And (4) every year it authorizes more pseudonymous people to read and download the material, thereby increasing the risk of (3), and poisoning the well internally against the users the files discuss. SlimVirgin TALK|CONTRIBS 19:08, 4 July 2011 (UTC)
  • Could they not just ban you all? That's legal threats. Merrill Stubing (talk) 19:28, 4 July 2011 (UTC)
  • I don't see anyone in this thread saying "I will sue YOU"; I see a lot of discussion of theoretical risks by a bunch of non-lawyers. Jclemens (talk) 19:35, 4 July 2011 (UTC)

"......by a bunch of non-lawyers"????? really??? That's in your secret files too is it? our occupations. Giacomo Returned 21:31, 4 July 2011 (UTC)

I'm sure all the UK Arbs will find that very re-assuring and soothing to know. Giacomo Returned 22:22, 4 July 2011 (UTC)
  • Would you be willing to be quoted in The Register saying that? (I'm serious!). -- Seth Finkelstein (talk) 19:15, 4 July 2011 (UTC)
  • I was told in an office communications seminar some years ago to treat what I write in emails as if I was willing to have it read by the entire world, because email is so unsecure. I don't always follow this maxim, but it is true, as recent events have made clear. Everyone should not treat email with a presumption of privacy and security. It just isn't there. Emails that outsiders want to read will continue to get accessed and released. If ArbCom wants to have more security with its communications, they probably should use messaging on Facebook or communicate by voice over Skype. Cla68 (talk) 02:05, 5 July 2011 (UTC)

Stupid solution due to stupid software

It is impossible to delete part of archives, so my suggestion is to:

  1. create mailing list "Arbitration Committee, year 2011"
  2. post vital data from old list
  3. remove access for everybody in old list

in year 2012

  1. create mailing list "Arbitration Committee, year 2012"
  2. post vital data from "Arbitration Committee, year 2011"
  3. remove access for everybody in "Arbitration Committee, year 2011" list

etc

Bulwersator (talk) 21:16, 3 July 2011 (UTC)

Problem; define "vital data"? Ironholds (talk) 23:25, 3 July 2011 (UTC)
The data which arbitrators need for "institutional memory" of previous problems (I'm quoting the need and justification for keeping data made by arbitrators). This is a solution which may be workable, so lets discuss making it work. Geometry guy 23:58, 3 July 2011 (UTC)
I think the general idea, of compartmentalizing the archives and restricting access to old material, is sensible. I'm not sure whether or not this is the best way of doing so, or even if it's workable as proposed, but I think it's a good strategy to consider.   Will Beback  talk  00:55, 4 July 2011 (UTC)
The WMF will continue to work with volunteers? I haven't seen them asking us. Or are the dta subjects not considered suitable people to be asked what should be done with their data? DuncanHill (talk) 18:59, 4 July 2011 (UTC)
Would more funds and manpower allocated to systems security by the WMF have helped prevent this from happening? Cla68 (talk) 02:00, 5 July 2011 (UTC)
Yes. A security review would have identified gaps between actual and best practices. There were simple, inexpensive fixes that could have been done before, which are being done now. Jehochman Talk 02:38, 5 July 2011 (UTC)

Arbitration Policy

Wikipedia:Arbitration/Policy says that arbcom will "resolve matters unsuitable for public discussion for privacy, legal, or similar reasons". It should now be apparent that since arbcom doesn't know how the leak occurred, cannot be sure the security hole is plugged, continues to transmit emails and passwords in plaintext, and now disclaims any representations of confidentially for messages to the mailing list (as well it should), arbcom can't handle issues "unsuitable for public discussion". The policy should be revised to indicate that this sort of thing should be resolved by contacting the WMF, retaining legal council, ignoring the issue, or leaving the project, as appropriate, given the high probability of future submissions to the arbcom mailing list being plastered all over Wikipedia Review and other unseemly locations. 71.131.18.216 (talk) 03:56, 4 July 2011 (UTC)

Shell Kinney retirement

See also: WP:ACN#Shell Kinney resigns / WT:ACN#Shell Kinney resigns

Just a heads-up that Shell appears to have retired altogether from Wikipedia today [3]. I'm sure many will agree that this is a great loss. Good luck to Shell in whatever she's planning to do in future. Prioryman (talk) 19:39, 4 July 2011 (UTC)

Wikipedia Review Tarpit

There may be another "confidential" archive containing personal or derogatory information about Wikipedia editors: the Wikipedia Review Tarpit, the 300 Club, and other confidential areas. It could be a problem waiting to happen, and one which would affect many of the same people as has the ArbCom leak. Perhaps people with accounts in both places who are concerned about respecting the privacy and human dignity of others could make similar efforts there. For example, it'd be helpful if admins there make sure that there isn't excessively personal information about editors in the confidential archives.   Will Beback  talk  02:24, 5 July 2011 (UTC)

R.e. security going forward

It has been some time since the leak, and I apologise if I have missed a clear declaration, but can I ask: has the source of the leak been discovered yet. There is no need, if you do not wish, to publicly explain the source - but to know it has been discovered would be good.

If it has not been discovered (as I suspect, reading back) I am highly concerned that you are still continuing to use the current compromised systems. We are now within my area of (reasonably extensive) expertise so prep for a mini-lecture. If you know something has been compromised but are not yet sure how the system is still compromised. No matter what steps you have taken, no matter how unlikely it is for any security hole to be open, not considering the system still compromised is a hugely problematic approach.

I understand, from all of the discussion, that some of the Arbs are not the most technically minded, and I level no blame at anyone for continuing to use these systems. But if you are still using those systems; please stop right now.

The fundamental approach to any security breach is to assume everything is compromised and then positively assure the security of each segment in steps. Have you have professional security help here? I understand Tim and others have worked to help secure the system, this is good - do any of them have experience in re-securing systems? I suspect so, and it would be good to have reassurance that they do.

To be clear on my stance here (as someone watchin in the wings); this issue is not in the slightest bit resolved until a) the leak is positively identified and secured, b) professional/semi-pro security help is enlisted to secure the systems or c) the arbs move to a new system.

Apologies if the leak has been found and filled, I missed it in the archives if so. --Errant (chat!) 23:54, 7 July 2011 (UTC)

The source of the leak has not been found. I know that is being looked at the highest levels in both the WMF and ArbCom. But we are not remaining on the current system, either. We are working with the WMF to change, upgrade and fix the situation that we find ourselves in. While I do not want to get into too much technical detail (it's above my payscale in both the action plan and how it works), just to provide an example, we have disabled archive downloading, and to access any archives that remain (what exactly we are keeping is being worked out) currently requires us to work directly with a WMF person to get secure access to the archives (no longer are passwords sent in plaintext emails, for example) Things are moving forward, and will continue to do so. SirFozzie (talk) 00:39, 8 July 2011 (UTC)
As SirFozzie says, the source has not been found; leads that were thought to be highly suggestive have since proven to be false trails. By this time, I think every arbitrator has wiped their hard drives and reinstalled their systems (or if they haven't, they should have, Jehochman is right that even top-of-the-line security software can miss things), so even a thorough forensic inspection of everyone's computer would be pointless. There are several plausible theories as to how this happened, none of which could be proven to any degree of certainty. To clarify what SirFozzie has said above, all arbitrators have been assigned (or will be assigned) new passwords that do not depend on regular emails to be transmitted. Risker (talk) 07:33, 8 July 2011 (UTC)
By this time, I think every arbitrator has wiped their hard drives and reinstalled their systems; this is a pleasing step, and I am sorry that it's had to come to that, I know what a pain it is! Thanks for confirming that these systems are no longer in use :) that sets my mind at rest. --Errant (chat!) 13:47, 10 July 2011 (UTC)
In all fairness, this is not entirely accurate even if substantially correct. A better way to put it might have been that "every arbitrator took measures to ensure that their computer or infrastructure are not compromised". It would have been quite impossible for me to use the wipe-and-reinstall route; here is my own status (as I emailed the rest of the committee):

All of my mail archive, including all messages stored from privileged mailing lists and all incoming and outgoing email, are stored on a server on an encrypted filesystem -- and only that server -- and I am the only user authorized to access any of it.

No access to that mail system is possible without end-to-end encryption, it is entirely under my exclusive control, and has extensive audit logging to a [different] server that is not internet-accessible. I have inspected those logs and can say with certainty that there has been no access to any part of it from any unauthorized user.

The only four devices from which that mail can be accessed are under my immediate and exclusive control: a computer at home, my iPhone, my iPad, and my workstation at work. The fourth is the only one over which I do not have physical control at all times (it sits in a restricted and secure area at the [workplace]), but I have exclusive operating system control over it and there is no indication that it has ever been tampered with.

None of those four devices are passively Internet reachable, and the two general purpose computers are secured to standard well beyond industry best practices.

Since I have been made aware of the data theft, I have extensively monitored and recorded all network communication to and from those devices over a period of five days. During that interval, there was no communication in or out that was not accounted for by normal device operation. Given my regular security audits and the highly secure operation of those devices, I am confident that none of them have been compromised.

— Coren (talk) 14:17, 10 July 2011 (UTC)

But before the email archives are deleted

I wonder if I'm the only one who has had this thought -- & I had it probably too late for it to be acted on. Putting aside all of the concerns expressed above, the archives of these mail lists should be saved, because they tell part of the story of Wikipedia in an objective form. Years from now historians will want to investigate the rise (& perhaps fall) of Wikipedia, & will be grateful if they have the emails of the ArbCom to fill out the picture. And they will be most grateful if it is in the form of a complete archive whose chain of custody can clearly be traced to the original, & not the copies kept by individuals. Concerns of privacy can be handled simply: the copy will be transferred to a research library or similar institution under an embargo that the contents can not be accessed for, say, 25 to 50 years from now.

But at this point, I doubt anyone is interested in preserving history -- & despite what anyone might say, the creation of the first digital encyclopedic is a historic event. Many who have spoken on this matter have been concerned about the loss of privacy & embarrassment to various individuals, & won't be satisfied until the files have been deleted, the hard drives reformatted & shredded. And maybe they have been already. But I hope someone will have the foresight -- & the courage -- to place a copy of this record where posterity can judge us in our own words. Warts & all. -- llywrch (talk) 04:53, 8 July 2011 (UTC)

I've made this precise argument, actually. But all that will be lost if these archives are deleted is the assurance of chain of custody--after all, who knows HOW many copies of the entire archives are now floating around the Internet? Jclemens (talk) 04:57, 8 July 2011 (UTC)
I had not thought of this, but Llywrch makes an excellent point. As someone who teaches history and is in the process of getting an advanced degree to work in the field--or at least is trying to!--I would strongly encourage the sort of scenario described by Llywrch. I don't know for a fact, but I think it would be rather easy to transfer a full, official digital archive over to the collection of a research library or some similar institution. Indeed there would probably be a number of archives that would be thrilled to have it. Embargoing it for 30 years or so would, I'm sure, be no problem at all. And I think the chain-of-custody issue is a real one--future researchers might be (really should be) reluctant to utilize partial and/or untrustworthy archives floating around on random web sites. Something which comes directly from officials with the Wikimedia Foundation would be much different.
The only possible concern, and it could be a very real one, is that there would be identifying info which some people would still not want in public even 30 years from now, often in e-mails that were sent with the expectation of privacy. I'm not fully clear on what the ethical or other implications of that issue might be.
But I very much agree that, whatever the future of this project, it is far more historic than we often like to think--even those who are appalled by Wikipedia would probably begrudgingly admit that--and it will continue to be studied for a number of years to come. Luckily most of the history of the project is available in the accessible-to-all history pages, but obviously there is a lot that happens off-wiki which has also shaped how the project has developed (too much to my mind, but whatever). Not only for this issue but also in general, it would be good if the Foundation were thinking in those terms and determining ways to make off-wiki information accessible to future researchers, to the extent that this is possible. (Note: if such an archive were set up at a research institution, it could eventually take not only "official" en.wikipedia records, but also private records of individual editors, mailing lists (e.g. the EEML and the other similar lists which undoubtedly exist, and the like (maybe even material from sites critical of Wikipedia, such as Wikipedia Review). Folks might not want those sort of private correspondence available to the public now, but they might like the idea of researchers being able to look back at them around 2045 or so. Just something to think about.) --Bigtimepeace | talk | contribs 06:16, 8 July 2011 (UTC)
Relax, they aren't going to be deleted, I'm fairly certain of that. It would be impossible to delete all the copies in circulation, some obtained illegitimately but many quite within scope. One thing that people fail to realise is that the "archives" as they have existed on Mailman are nearly impenetrable as they have no search function attached to them, so arbitrators have appropriately downloaded them and in some cases transformed them into something useful, if for no other reason than to skip over the dross. (Technically, the act of looking at them "downloads" them, I have been advised by our technical colleagues, so *any* time someone legitimately read them, they were downloading them.) Only a very few of us have learned the history of the Committee well enough to have a reasonable chance of finding things without intensive work. It *is* very unfortunate that this theft occurred, as it has clearly been deliberately used to inflict pain on people. Risker (talk) 06:32, 8 July 2011 (UTC)
Well to my mind that's good that records will be kept, though as I said I think it would be useful to have an "official" set of records, so to speak, rather than just a bunch of copies in circulation. I have absolutely no understanding of how your mail system or any of these other things work in technical terms, but as you redo your system and figure out what to do with old records, I would hope that a tertiary (or maybe lower) point to bear in mind is preservation in some format of these records for future research (and that might well include the "dross," as we really cannot say what will be interesting to future researchers--someone might just want to track the rising workload of ArbCom over the years in which case a lot of raw data would be useful).
Obviously this is not remotely the central issue here and I'm certainly not suggesting we should worry more about future researchers than the privacy of current editors, but since you are taking stock of the overall situation and since it has been brought up I hope some thought can be given to this point. --Bigtimepeace | talk | contribs 06:47, 8 July 2011 (UTC)

To clarify and make sure this doesn't happen accidentally - where is the proposal to delete all the archives and who has both the power and desire to do it? II | (t - c) 01:20, 10 July 2011 (UTC)

Archive release after X years

Here's an interesting idea that has been rattling around my head recently... that we implement a new policy that releases Arbcom internal email material after X number of years (say, 2 years). Similar to the public disclosure of governmental material in the "Real World". Reasoning:

So the proposal I had was to appoint a regular (yearly) committee [nothing exciting, it could largely be volunteer based] to run through the archives from two years previously and prepare them for release - removing particularly confidential information or private email addresses, for example. Then these logs could be provided publicly.

The advantage here is that it puts a little pressure on private discussions to retain decorum. It removes suspicion (or, I suppose, proves it :)) relating to Arbcom motives. And so forth.

Obviously it might be impractical (and potentially "unfair") to adopt this policy in retrospect (and complicated, given the state of the current mailing list). But it should be possible for Arbcom to begin to use yearly mailing lists in future, if this is agreed upon as good policy., and releases could begin as early as 2013. --Errant (chat!) 10:24, 14 July 2011 (UTC)

I've worked under UK Freedom of Information rules since it came it, so the idea of releasing nonpersonal data is not a problem, however I think resource might be an issue as there might need to be a good deal of work to remove personal data. Any volunteers would have to disclose their identity to the WMF, and the community would probably want a significant say in who they are. I would rather propose a system whereby the committee itself is required to release its documentation (and prepare it for release) when it makes a decision (or when anyone asks for it), and have the Ombudsman act as an independent party if there is doubt as to the accuracy of the record. I don't think anyone else on the committee will agree with me though, as it is hard to persuade people it can work. --Elen of the Roads (talk) 10:48, 14 July 2011 (UTC)
I too had been thinking of something along the lines thay Errant suggests, however, I suspect that released files with sections of inked out text would give rise to more speculation and accusation than is healthy. I do think that unless a case involves an illegal activity or a minor it should be openly discussed. I also beleive there would be alot less illegal activities (an accusations thereof) if the perpetrators knew that the information was going straight to the police. Regarding Demiurge's question above "do we need an employed health professional?" No we don't, but we do need employed and qulaified person/persons to evaluate whether an editor needs an email suggesting they visit their doctor, or an email telling them that their details have been passed to the police, and if in doubt forward their detals to the police and let them interview and decide. Giacomo Returned 10:58, 14 July 2011 (UTC)
Whatever is adopted, some people will always cry foul; but I take your point. With that said, I'd suggest that the process could drastically favour openness over privacy. And the idea of having it outside audited by a cross section of trusted editors would hopefully allay concerns over hushing up critical stuff. --Errant (chat!) 11:19, 14 July 2011 (UTC)
Or, alternatively, require committee members to mention when voting what they've looked at relevant to the case. ie "Evidence pages and workshop only", "Evidence plus 2011 archives", "Evidence plus background material in July 2005 archives" etc. That might be a much simpler way to achieve a degree of transparency.  Roger Davies talk 11:03, 14 July 2011 (UTC)
Practically, there is an issue about open discussion anywhere where only certain parties are actively involved in making the decision - there can be a lot of chatter that distracts from the process. If the community accepts that Arbcom has the decision making function in something, then there must come a point when Arbcom must discuss the decision among themselves, and it is harder to manage this onwiki (not impossible, just harder - the community will have to accept a discussion page that they cannot edit). That's why I'd prefer a requirement to disclose all decision discussions at the time of the decision. Elen of the Roads (talk) 11:09, 14 July 2011 (UTC)
@Roger: that doesn't really solve the substantive issue, here, for me where disparaging remarks are being made about editors behind their backs. It is only reasonable for those remarks to be made public as they are made between an elected group of people.
@Elen; I'd suggest that a reasonably strong effort is made to have the information audited by a cross section of editors, to allay any concerns about the material being released. There are plenty of identified editors in good enough standing to do this. Perhaps another way to work this is to structure it like a FOI request - so individuals can make specific requests for information (on a spectrum we pre-define) and the Arbs must then prepare that information, under audit, for release. Not quite so "open" but still an interesting positive step forward.
The difficulty there, of course, is setting a sensible limit on how broad requests could be. For example "All discussion of X editor" might be a little too broad - but restricting it to "all email relating to X arbitration case" may mean emails about individuals that are unrelated to a specific case are never known about. A lot of the Freedom Of Information stuff (at least done by investigative journalists) amounts to fishing for data. --Errant (chat!) 11:27, 14 July 2011 (UTC)
@ Errant X: Trust me on this one. The vast bulk of disparagement is by non-arbs, either in the form of sincere but misguided private concerns, or outright character assassination. The ethical concerns raised here and previously are: (1) no knowledge of the material by the accusee; (2) no right of reply or correction by accusee; (3) the stuff lingering indefinitely in archives and thus being further disseminated.
About your idea of an auditing body to prepare for release, you realise, of course, that the more people who have access to this stuff; the greater the chance of it being leaked ...  Roger Davies talk 11:40, 14 July 2011 (UTC)
Trust me on this one.; which I am certainly happy to do. On the other hand, some editors aren't (and with reasonable justification). But if this is the case then releasing communication does no harm and increases openness/accountability in a great way. you realise, of course, that the more people who have access to this stuff; the greater the chance of it being leaked; if the point of the exercise is to release the emails.... :) But, regardless, we would have two years (if my suggestion meets with approval) to figure out an effective way to minimise any risk - perhaps to build tools which lets us work effectively on the mailing list material with carefully controlled access & release. --Errant (chat!) 12:11, 14 July 2011 (UTC)
We may be talking past each other here :) Releasing only arbitrator correspondence will create a weird and artificial context. For instance, a significant proportion of ArbCom's correspondents use email as a Bocca di leone, which over time may well have a two-people-saying-it-is-gossip;-three,-a-statement-of-fact effect. Discouraging private incoming correspondence certainly dampen down the scope for internal discussion of it. But these are social/cultural changes ...  Roger Davies talk 13:11, 14 July 2011 (UTC)
Oh, and just to make things crystal clear, I would be happy with Elen's suggestion about disclosure at end of case, particularly if it was coupled to a use of archives disclosure by individual arbitrators.  Roger Davies talk 13:22, 14 July 2011 (UTC)
Yes, I agree that is a problem to consider. I don't think it is insurmountable. I also missed Elen's last point r.e. releasing case discussions; I too agree this is a sensible idea and a good first step. Can I suggest the Arbs discuss this internally ASAP so we could start to implement it as Arbcom policy in as short a time as possible? --Errant (chat!) 13:40, 14 July 2011 (UTC)
This might be an interesting idea going forward, but the fact is that past emails were written under the expectation that they never be released. Changing that expectation after the fact creates any number of privacy issues. Jclemens (talk) 14:12, 14 July 2011 (UTC)
Indeed. That has already been acknowledged above, no?  Roger Davies talk 14:15, 14 July 2011 (UTC)

The leaks have made Reddit.

FYI: http://www.reddit.com/r/wikipedia/comments/il581/wikipedia_has_secret_ecourt_with_confidential/

Currently tracking #1 in the Wikipedia section for hotness. Merrill Stubing (talk) 23:41, 9 July 2011 (UTC)

  • I think the current strategy is "ignore it and hope it all blows over". Which, objectively, seems not a bad tactic in this case, as the relatively few nuggets of valuable wheat are obscured by the immense amount of chaff -- Seth Finkelstein (talk) 03:10, 10 July 2011 (UTC)
    • Part of the reason this is a good strategy is that our principal worry regarding the data theft is the dissemination of private information of third parties who mailed the list, and bringing further attention to that information does everyone a disservice. The rest is inside information on how sausage is made, which may be oddly fascinating to a minuscule number of editors and ex-editors with an obsession about ArbCom, Jimmy or general Wikipedia bureaucracy but that have absolutely no value or interest to anyone sane in the grand scheme of things. — Coren (talk) 14:47, 10 July 2011 (UTC)
      • The initial postings were indeed eyes-glaze-over boring. But some of the later items had aspects which were significant, and negative, to understanding the culture of Wikipedia. I probably shouldn't go into details here. But this event is turning into a interesting little case study of what becomes a story, and what doesn't (i.e. how do you know what doesn't get reported?) -- Seth Finkelstein (talk) 15:45, 10 July 2011 (UTC)
        • I agree on the last bit (about what does and doesn't get reported), but it is difficult to draw definitive conclusions even from something that appears negative. It could be quite likely that a fresh round of correspondence the next day (maybe in a different thread, not found or posted by the hacker/leaker) would put things in a different light. Unless you are prepared to ask those that took part in those conversations, you won't know whether the full context is there in what you are reading. There is stuff being posted from times when I wasn't subscribed to the list that makes me raise my eyebrows, but my reaction is tempered by knowing that what is being posted is probably not the whole story, and knowing that you have to ask those involved to get a real feel for what is going on. Carcharoth (talk) 16:06, 10 July 2011 (UTC)
          • Again, I don't want do specifics here, but there are several posts, or small exchanges, which are, err, "interesting" in themselves (i.e. stand-alone). -- Seth Finkelstein (talk) 17:26, 10 July 2011 (UTC)
From what I can tell, that thread at Reddit, and the comments, seem to perpetuate misunderstandings about Wikipedia and also seem to be claiming that ArbCom and the existence of its private mailing list is secret (it's not, only the contents were confidential, at least until the recent hack/leak). As I've said before, to get a real handle on what goes on (and how the overall approach of arbitrators has varied over time), you need to sit down and read the entire archives from start to finish (or at least continuously for several weeks), and I doubt anyone has time for that. Carcharoth (talk) 15:59, 10 July 2011 (UTC)
I would say there's different levels of comprehension. The above is making the perfect the enemy of the good. -- Seth Finkelstein (talk) 17:26, 10 July 2011 (UTC)
Sure, but Carcharoth's point is well taken that there seems to be confusion over whether the existence of such a list was a secret (it never was) or the deliberations themselves were known to exist (they were). If one has ever been part of a governing board that has to deal with personalities like ArbCom does, then the contents of the archives are really not surprising. Jclemens (talk) 22:43, 10 July 2011 (UTC)
Indeed that thread has misconceptions, I agree. But I would also say there's value between the difference of "not surprising" and "confirmed in direct, quotable, words from high-status Wikipedians". -- Seth Finkelstein (talk) 22:59, 10 July 2011 (UTC)
As in everyone with any nous could guess what went on in Harold Wilson's beer and sandwiches meetings with senior trade unionists, but it would still be hugely interesting to see transcripts...? There is always that interest, isn't there. "Who actually knew which ones of them was reporting back to Special Branch? Did it ever come out in these discussions?" etc. Elen of the Roads (talk) 23:19, 10 July 2011 (UTC)
Sort of. There's currently an interesting example being discussed. -- Seth Finkelstein (talk) 22:59, 12 July 2011 (UTC)
Well, it certainly explains why Giano feels the way he does about arbitrators. 23:18, 12 July 2011 (UTC)Elen of the Roads (talk)
It does not even begin to cover why I feel the way I do. There ar still too many names on that list active on Wikipedia today. It is obvious that the rot began/begins at the top, just look at the rubish Jimbo sprouts and all the Arbs rush to beleive - implying that I liken pople to Goebells and Hitler and should be blocked for it - not one of the bastards refutes that. It is worse than appaling. No doubt they are hoping that we shall soon foget about this and it will all blow over and they can go back to chatting, maligning and libelling on their secret list uninterupted once more "I have decided Giano has three eyes and the mark of the Devil on him" "Yes Jimbo, certainly Jimbo how high shall we jump Jimbo.." The only reason that i did not get a long block for exposing them was because the community already knew too much, and that is a good thing and the way it shoul be from now on. Do away with this horrible list that they have so abused. Let the office and those qualified deal with pedos, stalkers and the mentally ill etc and confine the Arbcom to on site discussions and disputes.Giacomo Returned 06:18, 13 July 2011 (UTC)
I beg the committee not to ignore the spot-on statement Let the office and those qualified deal with pedos, stalkers and the mentally ill etc and confine the Arbcom to on site discussions and disputes simply because Giano is the person making it. Short Brigade Harvester Boris (talk) 03:45, 14 July 2011 (UTC)
I'll third that. Next time someone emails the Committee with a complaint about someone stalking, spreading child porn, or making threats, forward the emails directly to the Foundation without comment and notify the original sender that the Foundation has been notified. Put all that in the Foundation's lap. Make them do everything they should be doing for the project. Cla68 (talk) 05:17, 14 July 2011 (UTC)
It's a great idea, but the practical politics are a little more complicated than that. There are certain legal fictions, and social fictions too, revolving around the idea of the Foundation as a mere service provider. In every pragmatic sense, it is a publisher, but it can never formally acknowledge that, due to wanting to escape liability . What you're advocating is essentially that they recognize their management responsibilities. They won't want to do it. And that doesn't have anything to do with who suggests it. It has to do with, basically, the incentives to take benefits for oneself but transfer losses onto others. You're essentially advocating a work-to-rule ArbCom protest. It'd be impressive if it ever happened, but I'm skeptical they'd take the backlash it would involve. -- Seth Finkelstein (talk) 05:42, 14 July 2011 (UTC)
Here is what I would do if I were The Committee:
  1. Notify the Foundation that we will be forwarding all editor complaints dealing with potentially criminal activity. Ask the Foundation for the name and business contact information for their representative who will be handling the complaints.
  2. If the Foundation declines to name a point of contact, or otherwise hems-and-haws, simply start forwarding all such complaints, and give the original senders the business contact information for Sue Gardner and/or Jimbo Wales and tell them those two are handling the complaint.
  3. Ignore any emails or phone calls from the Foundation that protest the actions.
The Committee should take a stand on this, otherwise, Shell Kinney's resignation won't have the impact on improving things around here that it should. Cla68 (talk) 05:52, 14 July 2011 (UTC)
The key words there are "take a stand". Much easier said than done. Many things should happen, but won't. -- Seth Finkelstein (talk) 06:08, 14 July 2011 (UTC)
I remember an ex-US congressman telling a graduate class I was taking that people take a stand when they are, "Mad as Hell and can't take it anymore." I hope that's the situation here. Cla68 (talk) 06:21, 14 July 2011 (UTC)

Short Brigade Harvester Boris, let me assure you that this issue is already being addressed directly with the WMF; as far as many of us on the Arbitration Committee are concerned, Giano and many others are singing to the choir. However, a bit of historical perspective will be helpful in explaining how these things wound up in the lap of Arbcom to start with.

Back before 2008, Wikimedia was run out of an office with about half a dozen employees whose primary objective was receiving donations and keeping the servers running. There literally was nobody to deal with these sorts of things. At the same time, between 2006-2008, Wikipedia suddenly grew in popularity, size and editorship at an exponential rate. As could be expected, when there is this large a group of people participating in an enterprise, some of them are going to be bringing some pretty serious baggage with them. Some of these issues were handled in some manner by the commmunity, but not without harm; and more and more of them got referred to Arbcom because they were behavioural issues, and sometimes involved admin permissions and so on. To this day we see remnants of the longstanding community philosophy that almost anyone should be able to edit, and only Arbcom was able to put in place longterm solutions. Remember, the WMF had exactly one employee tasked to addressing community needs for every project of the WMF until just over a year ago. We were it. Not that Arbcom really wanted the job — but it wasn't getting done any other way. So, bans on "stalker" types were enacted, decisions were made on how to deal with paedophile advocates, ad hoc processes were in place to try to find local admins to notify law enforcement for threats of violence and self-harm, and arbitrators were often called upon to talk mentally unstable users down from the precipice and point them to some help (and at least reduce the harm they were doing to the project) with as little fanfare as possible. Requests for assistance in dealing with these issues were generally quite firmly rebuffed by the WMF, although I do know that a professional opinion was obtained about addressing stalker-type behaviour that extended beyond the confines of the project; that opinion was widely cited for several years to basically boil down to "ignore them as best possible".

It is only in the past 6-12 months that the WMF has put in place its Community Department, and has had enough staff to start considering taking over some of these issues. For some months now, all threats of harm and self-harm have been referred to them. (That doesn't mean Arbcom doesn't get a ping: if someone needs to be desysopped it is still coming to us, for example.) A proposal for global banning of certain types of problem editors has been proposed by a member of the WMF board; one of the categories under discussion is paedophile advocacy. (Please folks, go comment!) The WMF has also shown a willingness to listen and consider some of the other issues that have been raised here; please see User talk:Mdennis (WMF) for some recent commentary.

Cla68, most criminal activity is referred to the WMF already; however, many of the issues that Arbcom has been addressing aren't really criminal in nature. Paedophile advocacy isn't criminal in most jurisdictions, for example; nor is being mentally ill. And sometimes it's hard to tell the difference between someone who's just burning out and someone who's got serious mental health problems. But now that there are actually some people on the WMF end of the line, they've made it clear that they're willing to listen. We aren't all the way to where everyone will be happy yet, and there is still much to talk about (a not-insignificant portion of our community would be pretty strongly opposed to WMF staff blocking people or removing permissions without some kind of community oversight, for example — consider how indignant people get now with comparatively unexplained "contact Arbcom" blocks). But a lot of the obstacles that have been in the way of Arbcom divesting certain issues are now growing smaller. I hope that many of you who have commented on these pages recently will continue to participate in the conversation. Risker (talk) 06:40, 14 July 2011 (UTC)

Not to derail this excellent argument, but as a follow-up for anyone who doesn't follow links to reddit, the thread has already died out, as people run into the obvious issue of not having a handy Who's Who in Wikipedia around. Also, please see the enormously empty search results in Google News. Archaeo (talk) 23:43, 13 July 2011 (UTC) Also noting that I am one of the little people and I do feel extremely badly about how all this has panned out for everyone involved. Archaeo (talk) 00:01, 14 July 2011 (UTC)
a not-insignificant portion of our community would be pretty strongly opposed ... Isn't the correct response to that: tough, suck it up! It is very easy to be opposed to something when one doesn't have any responsibility for the resulting outcome. John lilburne (talk) 07:01, 14 July 2011 (UTC)
I don't know, John lilburne. It seems to me that in recent weeks we've also been pummeled for taking exactly that attitude on some issues - in some cases by the same people who are calling for these changes. Risker (talk) 07:09, 14 July 2011 (UTC)
One has to confront the drama head on. What might have worked 5 years ago certainly doesn't work now, instance the 'cults' issue, pending changes, image filtering. Because it always has to be debated, and as two or more camps exist nothing gets decided, because there is never any agreement. It all just gets deferred to next weeks drama. The site needs clear leadership along the lines of "This we will not put up with", "This we are prepared to support and defend in the name of the WMF" The nobody is home, and it is all the responsibility of individuals, is a cop out. As Seth says above that the WMF isn't a publisher is a fiction. John lilburne (talk) 09:16, 14 July 2011 (UTC)

Risker, you are still not adressing the fact that most Arb cases and editors do not need to be discussed in secret. Just reading the rubbish and lies said by Arbs and Jimbo about me currently on various WR threads prove this beyond all reasonable doubt; these lies were beleived and thus influenced other Arb's decisions concerning me. Such utterences would have been immediatly refuted on Wikipedia even if the liars concerned had dared to say them. How often are other editors secretly maligned leading to misscarriages of justice? There is no reason why most evidence and judgements cannot be made in public. Anything that is illegal or requires a heath care professional should not be in thehands of the Arbcom anyway, but in the hand of those with the necessary qualifications and experience. Finally, I am not impressed by how certain other Arbs and former Arbs, having been exposed, seem to have gone to ground on this and left you to carry the can.Giacomo Returned 08:42, 14 July 2011 (UTC)

There are, as you rightly say Giano, many ethical issues arising out of use of mailing lists. Whether the political will currently exists to identify and effectively address these is quite another matter.  Roger Davies talk 09:34, 14 July 2011 (UTC)
A rather tangential point to your main concerns here, Giano, but does it follow from this that the Foundation would need to employ a healthcare professional for dealing with such matters? --Demiurge1000 (talk) 09:08, 14 July 2011 (UTC)
Maybe not, but can you find another quasi-judicial body (outside of the tinpot banana republics) where the unelected head of state, pops into the judges' private chamber libels and slanders the accused and then attempts to influence the outcome and sentencing when he happens not to like the accused? Anyhow, the Arbcom should not be dealing with anything requiring such secrecy, as I have said all illegal activities should be referred elsehwere and the shutters should come down. It's not the Arbcom's place to be dealing with criminals, but reporting them to the relevant authorities. Giacomo Returned 15:16, 14 July 2011 (UTC)
Equally, I've never heard of a quasi-judicial body where anyone can turn up off the street and make a speech of indeterminate length on any tangentally related subject. Nor where anyone has free rein to say whatever they like about the judges, not matter how scandalous, irrelevant or inflammatory, without fear of contempt hearings.  Roger Davies talk 15:28, 14 July 2011 (UTC)
  • Ah, but that suggests that you are starting to beleive your own press and exaggerate your credentials and position, the judges are not judges, but elected politicians, they are there by popularity not necessarily merit or experience. They are answerable to an electorate and like all politicians fair game when needing a rotten egg. Regarding the "anyone can turn up off the street and make a speech of indeterminate length" I could not agree with you more, I have been saying this for years. If you look at almost every Arb case it's the same boring and verbose people yappeting on. Do you see me often on arb cases prattling away? No. The peanut gallery like les tricoteuses want marching up to the guillotine themselves. Giacomo Returned 15:36, 14 July 2011 (UTC)
  • Ah, but it doesn't. I'm just picking up your ball and running with it but let's not let accuracy get in the way of a good bit of mud-slinging :) On the other hand, if you approached me as a person - instead of as an enemy of the people/disciple of the anti-Christ etc - you'd probably find we share quite a few opinions about what ought to be reformed.  Roger Davies talk 15:50, 14 July 2011 (UTC)
  • I'm afraid Roger, whether you or I share opinions is not really relevant; it's clear from all the leaks that the arbcom regards me as Public Enemy Number 1. As a result of the leaks; it's hard to see the Arcom as anything more than damaged goods, some of you may have changed, some may still be there, but I doubt very much that the mindset and pattern of behviour has changed one jot - I assume the God-King is still ejaculating into conversations? The leaks regarding you all discussing my alleged, but non-existant breach of the sacred wiki rather confirmed that there is a limited ability to see past personal grudges and spite. What I find so interesting in these debates here is that people feel the Arbcom has to agree to change before it can be changed - I see things rather differently. The Arbcom and Jimbo ceased to intimidate me years ago, I suspect many others will now feel the same way - I'm not even sure it really matters what the Arbcom decides or does now because it now looks to be in sealed exhibition curio case of its own making and there it looks set to remain as an antiquated museum piece - part of wikipedia's past history. Perhaps it can save itself - looking at its past deliberations, I doubt it.Giacomo Returned 16:19, 14 July 2011 (UTC)
  • Sorry to disappoint, but I don't think anyone, least of all ArbCom, regards you as Public Enemy #1 :) It is also fair to say that Jimmy doesn't comment very much at all.  Roger Davies talk 16:42, 14 July 2011 (UTC)
  • I'm sorry Roger, but the leaks published so far, don't support your view. Perhaps when Jimbo vs Bishzilla Chapter II is published it will document Jimbo conducting the Arbs in a rousing chorus of "For Giano's a Jolly good Fellow." If so, I will happily appologise to you and never say a cruel word about the arbcom again. Giacomo Returned 18:51, 14 July 2011 (UTC)
  • Do you think we can agree, just among ourselves, to call them cherry-pickings instead of leaks?  Roger Davies talk 19:02, 14 July 2011 (UTC)
I don't know - you're th one who has read them all in their original glory - are you sayimg that the chorus of "For Giano's a Jolly good Fellow" has been edited out? Giacomo Returned 19:05, 14 July 2011 (UTC)
That would certainly be one explanation :)  Roger Davies talk 19:10, 14 July 2011 (UTC)
Giano, I can't say for sure anything about the contents of the archives before I started my term, but I can unequivocally say that the more recent posts are definitely cherry-picked. We don't spend a lot of time talking about who we dislike and tittering like—I don't know, titterers? The makeup of this ArbCom is far removed from tranches of years past, and I think it's appropriate to say that few would stand behind all the thoughts and comments of our past colleagues. Der Wohltemperierte Fuchs(talk) 19:15, 14 July 2011 (UTC)
This is getting stupidly off subject and Giano centred rather than the community. I have posted my thoughts here. Giacomo Returned 19:24, 14 July 2011 (UTC)
Roger, your language bothers me. Fear of contempt hearings? WP already has a No Personal Attacks policy to cover the worst comments. The lesser ones, can't you-all just ignore them or resign? - I thought the frequent, understandable burnout from such things contributed to the decision to increase the number of Arbs? WRT to verbage swamping of cases - there are arbitration word limits (sometimes enforced) and a walled-in Proposed Decision page (well-enforced). Just establish another walled-in Arb-only case discussion page. I can't imagine it would meet with much outcry at this point.
It seems to me there was an assumption here - 'To be an effective administrative group, we have to be able to vent to each other sometimes.' How about venting to your significant others or one-on-one instead. Novickas (talk) 17:24, 14 July 2011 (UTC)
You have left me behind on this one, I'm afraid. You're saying that my jocular examples of how arbitration isn't a judicial process trouble you because they demonstrate my desire to turn it into one?  Roger Davies talk 18:21, 14 July 2011 (UTC)
I was referring to your post above, "Equally, I've never heard of a quasi-judicial body where anyone can turn up off the street and make a speech of indeterminate length on any tangentally related subject. Nor where anyone has free rein to say whatever they like about the judges, not matter how scandalous, irrelevant or inflammatory, without fear of contempt hearings." It didn't read as jocular to me. (Maybe Arb members' jocularity should be reserved for interactions with significant others and one-on-one communications). I would really like to see more judicial behavior since so many of us take this site so seriously. When NYB was running for arb in 2007 I asked him to compare WP's judicial system with the US system. [4] His response was reasonable but ...the WP judicial system is now, or maybe always has been, a strange hybrid where judicial language, including Latin-language legal terms, is mixed with WP norms and WP polite fictions ('Wikipedia is not a battleground') and there is a jumble of conflicting goods wrt to anonymous editing vs. outing vs. COI. I strongly endorse Giano's motion to move the responsibility for the really troubling matters to the Foundation, accompanied by a dedicated on-wiki, Arb-only discussion page for each case. And would it not be helpful to discourage editors from the idea of writing to this list to appeal their sanctions? - I realize this is often accompanied/justified by personal info, but maybe it would be better to just routinely - in a kindly and courteous way - discourage and decline such requests. Novickas (talk) 19:31, 14 July 2011 (UTC)
I must admit, I agree with a lot of what Giano said. I have found the job of Arb is not as described. I expected - as Giano expected - to spend most of the time investigating for myself what happened in a dispute, and drawing my own conclusions based on the outcome of that investigation. But if you look at the dispute process, it is geared only to identifying editor policy breaches (an arb colleague said recently that their preferred form for evidence is "breach of WP:ABC [diff], breach of WP:DEF [diff]"). It doesn't actually resolve disputes, its focus is sanctioning disruptive editors. The result of this, I feel, is that the Arbcom mail inbox is full of editor FOO making basically defamatory accusations against editor BOO, editor JOE asking weekly to have their sanctions lifted because Arbcom "has not understood the full picture" etc. As far as I can see, unless you are making statements that involve sensitive personal data - ie that the individual has not and probably would not make public, such as info on their health, finances, sexual habits, or alleged criminal offences - or there is a risk that you could WP:OUT them, the allegations should be made in public and not in camera.
However, there is a surprising amount of stuff sent in that does fall into one or both of those categories, which then raises the question of the extent to which notice should be taken of it. If Wikipedia really is being exploited by Big Pharma, Scientologists or the GOP for their own ends, then one could argue that outing their representatives actually serves the interests of the project. But how significant is the private revelation that User:KNOB is actually Professor Foo, who is a leading expert on Mongolian Basket Weaving, and User:MINGE is actually Professor Boo, who used to be his student, was until recently his girlfriend, and is now attempting to unseat him from his position as Chair of Basket Studies on a charge of sexual impropriety. Elen of the Roads (talk) 10:11, 14 July 2011 (UTC)
Please continue with that line of thought, Elen, and see where it goes. I think you're on the right track. Cla68 (talk) 00:33, 15 July 2011 (UTC)
The right track here seems to require the creation of an entirely new governing structure for Wikipedia. I think the arbitrators come across as doing the best they can throughout the leaks, but there are serious structural problems that have been brought up in every single thread about this. Not to mention the Cults case or the Beta/Delta fiasco. Fixing the leaky list, at this point, is rearranging the deck chairs on the Titanic. Archaeo (talk) 17:58, 15 July 2011 (UTC)
Yes, I agree with Archaeo about what this has shown. Maybe not an entirely new structure, but some better definition of what does, and does not, get dumped on ArbCom. It looks as though too many different kinds of obligations have fallen to ArbCom by default, and it's just too much to ask of a single committee. --Tryptofish (talk) 21:03, 15 July 2011 (UTC)
I started WP:Government some time ago, I can use some constructive collaborators to make this an acceptable policy. Count Iblis (talk) 18:52, 15 July 2011 (UTC)
Iblis - comment as one interested in governances generally, not as an Arb- I wouldn't have started from there, and I wouldn't have got to your destination if I had. Wikipedia doesn't want a government - governments do things like raise taxes, start wars with other governments, and formulate public health policies. What wikpedia wants (seems to want) is only some means of resolving intractable disputes between the Blues and the Greens that are disrupting four dozen articles and turning up at WP:ANI every two days. (Scuse formatting errors, WikEd, which is normally reliable, seems to have gone out to a rave, and is doing really weird schizz) Elen of the Roads (talk) 21:46, 15 July 2011 (UTC)
So the "Titanic" comment takes it a bit too far, but it still seems necessary to point out that "resolving intractable disputes" works, with the system we have, at a glacial pace. Maybe that's the way people like it? These are obviously problems that go way beyond ArbCom, and I may just be preaching to the choir, but nonetheless; the committee, at least, has the opportunity to really change itself for the better in these extreme circumstances. We've seen how the system we have looks, inside and out, and I think even most Arbs are serious critics. Let's hope you guys take this chance to make a positive change. Archaeo (talk) 01:54, 16 July 2011 (UTC)

@Cla68 - apropos the Cults case request, I have suggested the following. Does this fit the sort of thing you are thinking of (bearing in mind this is a suggestion to arbcom, not a policy document) if AC really is the last rung in dispute resolution, we need to stop thinking of ourselves as Judge Judy, and start thinking of ourselves as Oprah. Let us say "the community has raised these concerns. We would articulate the case the community wants us to address thus" The Local Government Ombudsman for England and Wales works like this. Some complainants are used to presenting legal-type cases, but most submit four pages of general moaning, from which the Ombudsperson (they are all female at the moment I think) has to pick out something that falls within their remit and they can investigate.

Let us do this here. The community has the following concerns

  1. Cirt is a biased editor and a bad admin (crudely put, see RFC)
  2. "Outside forces" are gaming the pedia
  3. Involved persons are editing with a *significant* conflict of interest (not the obscure one in tree shaping, but the exact same principle - if they can get Wikipedia to contain the information, the masses with a reading age of below 15 years will believe it is the gospel truth)

Let us articulate two cases - one just involving Cirt and Jayen and direct parties in the normal manner, one asking for evidence of where (3) is happening. Outing evidence may be submitted privately, with the proviso that IT WILL BE SENT to the user named as a guilty party, so he or she can 'face his accusers' as the English law puts it, and so we are not making decisions without the parties seeing the evidence. When we have some evidence, we can decide how serious the problem is, and then decide what action is required.

arbcom is not a judicial body - it is a dispute resolution body - so my justification here is that we can see a big area of concern, lets do some research on the problem, and then decide what we need to put before the community as a possible resolution or the steps necessary for a resolution. Elen of the Roads (talk) 21:53, 15 July 2011 (UTC)

Elen, I think trying to define the scope of a case before it opens is a very good idea. I think the approach you propose above is fine. I suggest not being afraid to solicit feedback from the potential parties on your proposed scope before opening the case, then tweaking the scope as necessary before formally opening it. Once the case opens, I suggest allowing a wide range of evidence to be presented. If you don't consider some of the evidence, because you determine that it falls outside the case's scope, then be sure and say so in your decision, "Cla68's evidence was determined to be outside the scope of this case. We suggest that Cla68 engage in separate dispute resolution concerning the evidence he has presented" or something like that. Cla68 (talk) 22:59, 17 July 2011 (UTC)

Oral presentations

Interesting thought. Hard to co-ordinate, given that there are Arbs on four continents. And someone would have to transcribe, for the record. And I'm not sure how one would use diffs in an oral presentation. Elen of the Roads (talk) 11:46, 16 July 2011 (UTC)
As far as coordination, it probably would be difficult but it is still worth looking into, I think. Voice transcription is improving rapidly, e.g. Google Voice is transcribing voicemail messages - so we'd look into an automated technology and have a clerk or an ArbCom member do clean-up. Before making a presentation, one would assemble diffs and label them appropriately. Then they would be sent to the Committee, who would be expected but not required to read them (impossible to enforce). The ArbCom could then listen to a summary of this evidence and have time for questions. They could then do some deliberations orally, which in my experience is often much more efficient because there's an immediate feedback mechanism. Diffs could be referred to as "[username - diff number]", and ArbCom members could click on them as they listen to the presentations, since they would all be sitting at their computers. II | (t - c) 20:37, 16 July 2011 (UTC)


I see many benefits to this proposal, but even more problems. The most fundamental is that the usual practice in ArbCom cases is for evidence and views to evolve over the course of the case in response to further investigation, new parties or non-parties adding material, workshop proposals, etc. So a true summary of a party's positions and best evidence might not be possible until weeks after the opening of a case.
Perhaps a less radical and complicated way of achieving the same end would be to ask ArbCom members to ignore cases until the evidence and workshop phases are done. Then they could read the completed case, ask additional questions if necessary, and make their decision.   Will Beback  talk  01:59, 17 July 2011 (UTC)

Question from an arbitrator to members of the "community"

Understandable - given the role....we're a dispute resolution body, but also a conduct review body, we're not "govcom"...oh wait, what government exists on wikipedia...an evolving project which at times appears to be teetering on chaos with no precedent. Yes I feel it is like white-water rafting at times.Casliber (talk · contribs) 23:39, 16 July 2011 (UTC)
Just for the record, you are probably reading very old threads when you are seeing this. At present, only the sitting arbitrators plus Jimmy Wales (who hypothetically is the court of absolutely final appeal) have read and write access to the list. Just about any Wikipedian can email the list, and their message will be moderated through and usually replied to in some form, but they cannot read the list. This can sometimes lead to an extended exchange of emails. Former arbitrators were removed from the arbcom-L mailing list in January 2009, and a few of them remain on the functionaries-en-L mailing list along with checkusers and oversighters today. Risker (talk) 22:19, 16 July 2011 (UTC)
Agreed. This is an important point. When you see former arb X or random editor Y e-mailing ArbCom, you have to remember that that person only sees what they send and the replies they receive. In many cases, rather than people having influence by e-mailing the list, the response was along the lines of "why are they e-mailing us *again*?". Sometimes individuals did excessively e-mail the list and were told to stop. Trouble is, episodes like that are not being leaked on WR: (a) because that would not serve the agenda of those posting the leaks or requesting leaks; and (b) because there is far too much in the archives like this that gives proper context. As someone who was on that mailing list for two years, and who has access to my own copies of what was posted at the time, I can confirm that some of what is being leaked gives an accurate impression of how things were handled, but in other cases the leaks are giving misleading impressions. What is really needed is a complete analysis and deconstruction of the archives, rather than cherry-picked leaks. Essentially, ArbCom need to distill and condense the archives into publishable summaries. Several useful points would be that: (i) Jimmy Wales actually posts very little to the list; and that (ii) Some editors that think they were discussed all the time actually hardly got mentioned at all. Carcharoth (talk) 00:33, 17 July 2011 (UTC)
I'll concede we've used the list at times where we should have used pages on-wiki yes. Casliber (talk · contribs) 23:34, 16 July 2011 (UTC)
This seems to depend on the flawed assumption that a team of 17 marginally engaged people is better than a team of three who have ownership over the matter. That more bodies leads to better results. Have you seen the U.S. Congress? This isn't a reasonable assumption. Large bodies lead to balkanization, disinterest, and inefficiencies by both duplication and neglect. If you're a manager, and you want to get a task done, you don't send 18 people at the same top-level problem; you break the work down so that each team can know what's be checked and completed as their contribution to the whole.
I am certain that smaller teams with more responsibility and autonomy would work better and faster than the status quo. Rubber stamping is an unkind way of saying that we would reviewed and approve the summary of the subcommittee; nothing shameful about it. Cool Hand Luke 02:55, 17 July 2011 (UTC)
Wow, Cool Hand Luke, I've always agreed with you that 18 is too large a committee (certainly no arbitrator or former arbitrator supported a committee of that size, which should have told the community something). But I'm pretty disturbed that you're suggesting arbitrators are just phoning in their votes without reading the evidence. I've actually seen fairly little of that in the 2.5 years we've worked together, and I'd certainly hope that arbitrators who don't have time to do a case justice are flagging themselves as inactive for those cases. That's what I have always done when I know I can't properly digest a big case; otherwise, I've read every evidence page and clicked every link, and in some cases have read entire article/talk page histories. I figured that was why I was elected. I've actually seen zero evidence on the committee that a smaller dedicated team is any more effective than the larger team: BASC is a perfect example. If the arbitrators sitting on it are active and engaged, it works fairly well; if they're not, then it flounders terribly. It's all dependent on which individuals are involved. And yes, I also think that the lack of diversity in decision-making will have a very negative impact on the quality and consistency of the decisions. The community every year elects a very diverse committee for a reason, and we need to work with that diversity, not try to neutralize it. Risker (talk) 07:09, 17 July 2011 (UTC)
I did not say that we "phone it in," but it is true we tend to approve the work of the drafter. That said, I will express some skepticism that many arbitrators "read every evidence page and click[] every link" in some cases; the date delinking case, it was pointed out, totaled about 2.8 million bytes, with a word count about equal to the the length of Gone With The Wind. I believe it strains credulity to assert the all or even most arbitrators voting in that case read every scrap of it. I agree that small teams are no panacea, and certainly not without a method of holding them accountable. Cool Hand Luke 15:21, 17 July 2011 (UTC)
Growing the committee to 17 was a HUGE mistake, and it was based on a flawed RFC, that demanded a committee of 18 without taking into consideration what to do if electees received low support percentages. It should not have happened; we now have a larger and more marginal committee. SandyGeorgia (Talk) 03:05, 17 July 2011 (UTC)
I completely agree on committee size. I don't think the members are more marginal, but as a larger body, our productivity is worse. The committee was too big before, and Jimbo added more people based on the RFC and told us we could work more efficiently by figuring out some way to structure our work. Of course, there's not really a structure for creating a structure, and the talk on any issue is endless unless someone really takes ownership and pushes it to conclusion. I think now is a good opportunity to finally do it, and we should seize the moment. Cool Hand Luke 03:26, 17 July 2011 (UTC)
The reason I said that formalizing your deliberative processes might be more time consuming is because of the way I envisioned you going about it. Such as: The chief of a case assigns one task to each arb. For example, chief to Arb1, "So-and-so is alleging that Cla68 is an unmitigated jackass. Please check the evidence and report back on whether you think this is correct or not." Arb1 then checks the diffs, does some more exploring around on his/her own, perhaps asks Cla68, so-and-so, and other editors some inquisitive questions, then reports back on what he/she found to the full committee, complete with diffs and full reasoning. The rest of the committee questions Arb1 on the findings, and perhaps request some follow up actions by Arb1 if he/she can't answer all their questions. Once the rest of the committee accepts Arb1's findings on that point, it goes to a vote. Arb1 should have provided enough information that the rest of the committee can make an informed vote on whether Cla68 is an unmitigated jackass or not. The ones who agree with Arb1's conclusion will be well-enough informed by Arb1's research that it will not be "rubber-stamping." While Arb1 is investigating his point, the other arbs are investing their assigned points. That is delegation that should not weaken the ultimate result. Cla68 (talk) 07:50, 17 July 2011 (UTC)
This is the reason I supported having a larger committee, so that you could delegate in this way. A large, complex case, such as the last one I was involved in, I think would have benefitted from this approach. It's up to the case leader to divide the case up into sub-tasks that can be handled by, preferably one arb each. It's up to the case leader to ensure that the work returned by each arb fully answers each assigned question. It's up to the leader to then make a whole from the parts, if necessary, by asking the right follow up questions and assigning follow up tasks to complete the picture. Cla68 (talk) 07:59, 17 July 2011 (UTC)
Look at it this way, if Arb1 and Arb2 are each assigned to independently investigate two different aspects of an editor's conduct, if both return similar conclusions, then it gives more evidence that there might be some problems with the editor in question. If both arbs return different conclusions, then that's an answer in itself that can be used as the basis for follow up tasks and questions. The case leader helps interpret the results and guides the rest of the committee to exhaustively answering all the questions on the table. This is a better approach than what I'm seeing in some of the leaked emails in which the conversation goes something like this: Arb1- "Wow, all these editors are a bunch of wankers. But, which ones are the worst?" Arb2- "Well, Cla68 is definitely one of them, and so-and-so is almost as bad. So, those two at least should be on the list." I don't think this kind of approach will produce optimum decisions. Cla68 (talk) 08:14, 17 July 2011 (UTC)
I agree. This shows that independent views arising from different assignments is important. An individual Arbitrator should be good at putting his prior POVs aside, so there is litle to be gained by having 18 Arbitrators do the same thing. You may get group-think effects that makes things worse as Cla68 suggests. Now, as also others have pointed out, you can organize things so that only a smaller group of Arbs study the evidence in detail.
For a small case, you can think of 4 arbitrators split in two groups of two, for a large case perhaps 2 groups consisting of 3 Arbs. Each group looks at all the evidence and writes up a report. The two groups don't communicate with each other. You then get two reports obtained in completely independent ways. The two groups then read each other's report and then they discuss the issues where there is substantial disagreement on. Then the combined group writes up a new report based on the two old reports and the subsequent discussions. This is then given to the other Arbs. They read it, have discussions about it and if the arguments are settled, they can then discuss appropriate remedies.
In these discussions, the Arbs who were not part of one of the two groups can talk to the Arbs who were part of the groups, they don't have to look directly at the primary evidence themselves. While they can do that if they so choose, an important issue here is that the four Arbs who have studied all the evidence in detail, can put complicated issues in a proper context. So, if an Arb looks at the primary evidence and sees that Cla68 has been behaving badly, he/she can ask the group of four who wrote the report about this if the report paints a more favorable picture of Cla68. The answer could be that Cla68 was harassed some time earlier, which may not be easy to see.

This then makes the discussions about what remedies are most appropriate much more effective, because all the Arbs get a reasonably complete picture of the situation. It is then not necessarily true that all Arbs will agree with each other, because the same report can lead two people to get somewhat different pictures about the situation. Count Iblis (talk) 16:06, 17 July 2011 (UTC)


An amorphous 18-member committee is much less efficient than three 6-member committees with clear responsibilities. Is there a reason the Arbcom shouldn't be split up into smaller committees with clearly separate, better-definite scope and powers? For instance, there's no reason the people on the AUSC need to be the same people who are trying to resolve conduct disputes. Split management of higher permissions to a separate body. Similarly, empower checkusers to fully take over investigating off-wiki allegations of suckpuppeteering (and forward unsolicited allegations to checkuser-l instead of fielding them yourself). Delegate and separate powers. TotientDragooned (talk) 08:45, 17 July 2011 (UTC)
Agree with TotientDragooned about splitting the committee. I've written an essay - WP:ArbCom reform - about this. PhilKnight (talk) 09:00, 17 July 2011 (UTC)
Well, first off, we already do this. Three members on AUSC, three members on BASC (each of them rotating, so people don't get bored silly). Other groups for handling advanced permission issues (and until the WMF policy changes, this is an Arbcom responsibility), case management issues, managing incoming mail. Policy and procedure development/review is done by a few others. In other words - the only place where ALL of us have extensive activity is cases. Again, the biggest issue is people actually fulfilling their commitments. Checkusers *do* already handle the overwhelming majority of allegations of socking, unless it is directly related to a currently open case, or additional action may be needed (such as desysopping). Checkuser-L is a global checkuser list strictly for communication between checkusers on potential cross-wiki issues, and is not intended to be a dumping ground for all possible sockpuppetry allegations. Risker (talk) 09:11, 17 July 2011 (UTC)

Dealing with fallout and old disputes being reopened

There are several questions I have regarding the continuing fallout from these leaks and the drip-drip method by which they are being released, mainly related to how to handle the understandable hurt some people feel at reading what was said, and regarding disputes where old wounds have been reopened.

Mostly, I'm tempted to stick to what I said here, but I'm also seeing a need for ways to deal with fallout from this, both on a personal level (as a former arbitrator) and on a collective level (as regards the current Committee). In the hope that it might help, does anyone have any thoughts on the three questions I posed above, remembering that the publication of these leaks is likely to continue for months if not years? Carcharoth (talk) 01:19, 17 July 2011 (UTC)

In turn:
(1) What's done is done. Focus on structural reforms to improve things going forward.
(2) Unresolvable. How would we know if "additional context is needed"? The only people who would know are the committee members, and many of us believe (as confirmed by the leaks) that we cannot take their word at face value.
(3) See (1).
My two cents worth, subject to raising the debt ceiling. Short Brigade Harvester Boris (talk) 01:43, 17 July 2011 (UTC)
I don't think the threads are cherry-picked in the sense that they're unfair to arbitrators. They could have easily been edited that way, but they are not. Instead, they're cherry-picked in the sense that they are apparently responsive to specific requests, which often don't provide context for the events. I think that's a credible statement, even if you think I'm a liar by virtue of being one of "them."
All this said, I agree we should be working toward structural reforms. Cool Hand Luke 03:08, 17 July 2011 (UTC)
My views - mostly speaking from many years of (now former) activism, not Wikipedia.
(1) I intensely dislike the outcome which I think of as "Lie, smear, cover-up, and WIN!". That is if, someone lies, especially against someone else telling the truth, but it takes a while for it all to come out, the truth-teller is sometimes then told it's all ancient history, let's not revisit that old dispute, it's additionally wrong to want justice even though delayed. So the liar succeeded even when found out. Saying "move on" often is adding another injury to injustice at the hands of the powerful.
(2) I'm seeing this "cherry-picked" defense frequently. I do not think those words mean what they are used to mean. For example, in a court case, leaking a document revealing improper conduct from the prosecutor to the jury is not cherry-picking even though there are a huge number of other documents not shown where the prosecutor did ordinary boring dull standard legal filings. If something has been misrepresented or presented in a misleading way, then what defenses can be made are necessarily situation-specific.
(3) Yes, I think so (balance). Nothing is ever truly settled on Wikipedia, where hyphens-versus-dashes can generate mind numbing amounts of discussion. But on a relative basis, I don't think we've come anywhere near diminishing returns for explanations (as distinct from damage-control).
-- Seth Finkelstein (talk) 01:46, 17 July 2011 (UTC)
(1) Sure, I agree. If a genuine injustice has been done. But sometimes old disputes are reignited because some people don't like each other. My view is that the community and ArbCom will have the sense to recognise that sort of reheated dispute.
(2) I think you misunderstand what I am saying here. It is not just cherry-picking, but incompetent (or ignorant) searching and contextualising. Sometimes you have to have been there to really know where to look for the context. A simple example would be an arbitrator saying something one day in one thread, and then a new thread the next day raising the same matter (thread discipline was never a strong point) and that hypothetical arbitrator admitting a mistake and retracting what was said the previous day. If only the former thread is 'leaked', then that is an example of a misleading presentation being made.
(3) My concern is that even if a new discussion of certain matters took place on-wiki, people will mostly ignore any conclusions reached and still point to the older, leaked material, as the truth of the matter. In other words, those who see what they want to see in the leaks, will ignore any attempt to set the record straight (even if such attempts included apologies of some form). Even attempts to do the right thing often get twisted against people.
Anyway, the advice about speaking on such lists as if you are speaking in public is good advice. Though even then, it is quite possible to read what you wrote two years ago and cringe and think "what was I thinking when I wrote that?". Alternating with agreeing with other parts of what you wrote. All in all, a very strange experience. Carcharoth (talk) 02:24, 17 July 2011 (UTC)
(1) I think it's too easy for even well-meaning people to want to bury mistakes (and leave them buried). In activism, I have endured far too many dismissive sneers of EGO! (and worse) to have any confidence that this context is immune from that reaction.
(2) OK, perhaps I did misread you. Again, the problem is fact-specific. There's nothing to stop an arbitrator from going to a leak thread and posting "This is out of context, what additionally happened is ..." (that is, if they can bear upon their soul the unholy taint of posting to Wikipedia Review and having congress with the denizens therein, carrying the mark of membership forever more ...). They have more ability to rebut than others do in a reversed situation.
(3) Again, put it with the leaked material thread. Nothing's perfect, but I haven't even seen any apologies (and I think some are indeed warranted).
-- Seth Finkelstein (talk) 03:06, 17 July 2011 (UTC)
I don't know if you've noticed this, but most of us have WR accounts. Do you? Personally, I'm not interested in providing context for three year-old disputes that don't matter; that would send the incorrect signal that they do (see Carcharoth's point #1). Which apologies are needed? Cool Hand Luke 03:12, 17 July 2011 (UTC)
That was meant as humor, given the attitudes some Wikipedians have. I actually don't have a WR account, but for some complicated reasons I shouldn't get into in this thread. If you don't want to add context, I can see your reasons, but my answer applies to those who want to do so. I shouldn't detail here which specific apologies I think are needed, as that's likely to be highly contentious (but given Giano is already making his case in a different section above, I'll say I support it, in that he was treated improperly) -- Seth Finkelstein (talk) 03:24, 17 July 2011 (UTC)
No account? Golly, you must be one of those uptight BADSITES goons! (This is meant as humor, given the broken sense of it that some Wikipedians have, namely myself.)
As for Giano, I'll say that I agree he's been unfairly treated as a punching bag. There's no support for such an apology, I assure you, (and I think committee apologies are usually a bad idea anyway), but I will say that I personally apologize for not speaking up every time someone invoked his name during an unrelated dispute as if he were some sort of Wiki anti-Christ. I did try, haltingly, but I should have done better. I am sorry, Giano. Cool Hand Luke 03:38, 17 July 2011 (UTC)

On your three questions:

  1. I guess time will tell: I'm still curious to know how the arbs mangled one case extremely badly, although I don't expect any surprises when that case is eventually leaked-- most of us could tell what was (mis)driving the case. Hopefully y'all will handle it better than you did the first time around, when the goal appeared to be to silence editors who had evidence to present. I find it curious that anyone thinks, after all of this, that the arbs still have the authority to "tell people it is ancient history and they should move on". It seems the lesson hasn't been learned (humility).
  2. I don't understand why you need to ask this. If a case doesn't speak for itself, something's fishy in Denmark. Do you all have an extreme need to be liked? If so, you shouldn't be arbs. Why do you feel you need to set any record straight? A clean conscience is a good thing to live with.
  3. If you feel a need to set the record straight, you're in the wrong job. Have you ever seen how often I get beaten up for closing a FAC? Them's the breaks-- this line of questioning is a mystery to me. You weren't elected to be liked, and if you need to set something straight, then something's fishy. Every case I've seen (so far) is pretty clear wrt who messed up or not. Y'all didn't have secure communication and some of you said things you shouldn't have said: now live with it and don't make it worse by whining about your errors. Generally, you come across looking OK-- those who don't, won't be re-elected, life goes on. This is only the damn internet, for gosh sakes. SandyGeorgia (Talk) 03:16, 17 July 2011 (UTC)
Thanks for this. The responses from different people are not all the same, so I think the questions were worth asking. Here, I think your response to Q1 demonstrates why I was talking about setting the record straight (which may sound like I'm talking about the original decisions, but I'm actually talking about setting the record straight if people jump to the wrong conclusions based on leaks). If discussions regarding the case in question are leaked, you say you are curious to find out certain aspects of what happened. But what is to stop you or anyone jumping to the wrong conclusions, and when someone tries to speak up to correct this, being told "them's the breaks"? Admittedly (and I'm aware of the irony here), this is identical to the argument sometimes made when parties to a case lament that the arbs got it all wrong and reached the wrong conclusions.

The point I am (slowly) coming round to is that it would be better if there was some way for people to make FOIA-style requests (FOIA is freedom of information act) for e-mail discussion relevant to cases they were involved with to be disclosed (the fact that leaks have occurred makes this less likely to happen, but not impossible). This would have to be handled by a separate body, but would be preferable to people making requests on off-wiki sites. My personal standard, if I want to question something that gets leaked, would be to first ask the person/people whose e-mails were leaked and see what they have to say. Only then, depending on the response, would I think about drawing conclusions of any sort based on the leaks.

FWIW, I agree with Cool Hand Luke above that institutional apologies are unlikely (especially given the turnover in personnel and spans of time involved), but that apologies from individuals may help. I'm certainly prepared to apologise if anything I said was incorrect or crossed a line, or inaction or failure to follow through with something made it worse, but will only do so if I'm approached directly (i.e. talk page or e-mail), mainly because I don't have the time to follow this for much longer, and there are other things to be doing instead. Carcharoth (talk) 08:44, 17 July 2011 (UTC)

RfAR

Dear arbs, please clarify whether the issues raised in Wikipedia:Requests_for_comment/Cirt will be within the scope of the two cases proposed here. The allegations in the RfC/U were weighty; they included targeted use of Wikimedia projects to influence US election outcomes, advocacy, and a long string of BLP violations. I would particularly highlight the issue of promotionalism, as described at Wikipedia:Requests_for_comment/Cirt#Outside_view_by_DGG. Which, if any, of the proposed cases is designed to weigh the merit of these concerns and allegations? --JN466 22:25, 17 July 2011 (UTC)

Just as an observation here -
You and several others have written volumes on and provided volumes of evidence of alleged malfeasance by Cirt. There is currently something like a 2/3 majority of commenters there that have supported comments along the lines that Cirt may not be perfect, but that the evidence has to date been unpersuasive that it's malfeasance or personal bias to the actionable level.
I am slightly biased - and I put in a comment along those lines in the RFC. But you should consider the possibility that the community (and, evidently, Arbcom) have weighed the evidence there (which, by and large, meets or exceeds the evidence ususally presented in an Arbcom case proceeding) and find it wanting as being convincing evidence unambiguously supporting your conclusions.
I know you think there's a problem, and that's clearly a good-faith belief. You haven't convinced me, and haven't convinced a lot of other people. There would not (evidenced by comments) be enough support for a community sanction to proceed. I am sure Arbcom's members read and understood your implications. That they're not apparently adopting the case seems to indicate they don't feel that they're evidently actionable.
All this IMHO. I'm not on Arbcom, your mileage may vary, etc. Georgewilliamherbert (talk) 22:59, 17 July 2011 (UTC)
Just an aside. Georgewilliamherbert, this is exactly why people email the committee directly, so that they get a committee response rather than the response of someone else who already has taken a position on the matter. Perhaps you might want to bear that in mind. Risker (talk) 23:07, 17 July 2011 (UTC)
He could have posted on the case, on the talk page here, or emailed Arbcom; this page seems like the one where it's throwing it out somewhat for community comment rather than purely arbcom response. But your point's taken. Georgewilliamherbert (talk) 23:21, 17 July 2011 (UTC)
George, 18 people endorsed Wikipedia:Requests_for_comment/Cirt#Outside_view_by_DGG. The RfC/U as a whole was endorsed by 7 users, including User:B and User:Wikid77, who did not endorse any individual outside views. Macwhiz, whose initial view attracted the most supports (26), subsequently posted a substantially revised view: Wikipedia:Requests_for_comment/Cirt#Additional_view_by_macwhiz_on_how_Cirt_edits. He has just asked at RfAR that there should be a framework for addressing the concerns in the RfC/U. Both he and Tryptofish ("I've been watching these discussions, and for me the more recent evidence about BLPs in general is becoming more of a serious concern about Cirt's editing than was most of the earlier evidence ... --Tryptofish (talk) 20:53, 16 July 2011 (UTC)") have excplicitly stated on the RfC/U talk page that they revised their initial view upon further research. All in all, about 25 editors found significant concerns, so 2:1 is, I'm afraid, a substantial misrepresentation of the numbers involved. In addition, some of those who voted "no problem", like Bearian, did not even read the RfC/U: User_talk:Bearian#User:Cirt. Can you explain to me how Bearian could be 'not aware of the "adult entertainment company that a free-speech lawyer has a significant business interest in"' if he had read the RfC/U? --JN466 23:16, 17 July 2011 (UTC)
George's "2/3 majority" may not have been an accurate depiction of the opinions in the RfC, but at least he didn't try to say that you're obsessed with Cirt, accuse you of being part of a BADSITE's harrassment campaign, or ask you personal questions about your religious affiliation. Anyway, I agree that the scope of the case needs to be a little more clearly defined, then I think it will be ready to go forward. Cla68 (talk) 01:06, 18 July 2011 (UTC)
"...but at least he didn't try to say that..." Cla68 - are you trying to poison the well before the case even begins?   Will Beback  talk  01:23, 18 July 2011 (UTC)
Are you? Cla68 (talk) 01:26, 18 July 2011 (UTC)
I was asking a general question about how the ArbCom views evidence. Was that a problem?   Will Beback  talk  04:48, 18 July 2011 (UTC)
Yah well it amused me to note that you'd tried to drag me into that too. Why and for what reason is a mystery. I'll assume that the slurry spreader got broke. John lilburne (talk) 06:18, 18 July 2011 (UTC)

Okay, everybody, cut it out. Stick to preparing evidence within the word/link limits. Risker (talk) 06:24, 18 July 2011 (UTC)

Risker, some of us can't start collecting evidence because we have little idea of what the scope of the case is, or which disputes the ArbCom has voted to resolve. Could you please help?   Will Beback  talk  06:37, 18 July 2011 (UTC)
I'm not a partisan of any of this stuff (Cirt or the converse) and have definitely not spent any time on Santorum's article. Plus Cirt has OTRSed a file of mine and been a complete gentleman. IOW, all my contacts with Cirt have been positive. That said, I think the DYKed political campaign stuff was bad pool as was the template for stuffing links into the Santorum (term) article and some of the behavior in the leaked emails with SV and the like as well. And I thought the "savage the accuser" stuff was wrong. Felt like Clinton trying to say bad things about the prosecutor or Lance Armstrong trying to go after his accusers instead of up/down on the issue itself. Feels retributional. That said, I really don't want to mess with that wiki drama more than the little I've read and seen.
I would not support any kind of sanction because the guy is pleasant and does a lot of work. I just think some admonishment is about the right remedy. IOW validate the ethics of the project. Maybe mentoring with Malleus or Wehwalt (they each give me the impression of someone who can help an article even if the subject or the info is going the other way than their politics). I wouldn't support bans or the like. Would not support some sort of shoot the messenger punishment of people that brought the complaint. TCO (reviews needed) 01:45, 18 July 2011 (UTC)
Generally speaking, TCO, Arbcom waits until the evidence is in before proposing remedies. :-) Risker (talk) 02:38, 18 July 2011 (UTC)
Yes, maam!  :-) Just doing a little well poisoning. Don't drink.  ;-) TCO (reviews needed) 03:10, 18 July 2011 (UTC)

Just read the 3 Bisho-Jimmy threads (what a mess, for most of the parties). I would think the "motion" decision (at case acceptance stage?) does require making a decision before all the evidence is presented, no? But then I'm a newbie (don't bite me) and just think the whole system is too complicated and quasi-legalistic anyway. It's not even fun, juicy drama. What a downer. Off to read papers and make figures and write text.TCO (reviews needed) 18:37, 18 July 2011 (UTC)

Checkuser "will send my results to Arbcom"

Checkuser states he will run a test and report privately to Arbcom. [6] Is this sort of private process required or desirable?

Do we have a "communicate to Arbcom" addition!? Here is a process that exists and functions without needing Arbcom and the first thing that goes down is reflexive "share with Arbcom first". It doesn't make sense to the accuser, the accused, or Wehwalt.

I don't even get the big deal. So Mattisse has a long record of socking over the years. There was a lot juicier and dicier stuff in the WR leaks that the committee had to deal with. Do you really need to have this on the mailing list?  ;-)

TCO (reviews needed) 06:15, 21 July 2011 (UTC)

TCO, please go and read the SPI. Mattisse is under an Arbcom sanction at present, which is why results are reported to Arbcom. This is standard for Arbcom-sanctioned users who have a history of socking. As an aside, I'm the checkuser most familiar with Mattisse's editing style and pattern of socking, so it would be likely that someone new to doing a checkuser on her would request a consultation at minimum. Please give it a rest. Risker (talk) 06:26, 21 July 2011 (UTC)
1. Looks like it was not Mattisse. I am glad of that.
2. I don't understand the referal to Arbcom mentioned by Risker. Is this really how you want to do business, especially given discussions of handling even deliberartions out in the open? For that matter, the last test run didn't need some special Arbcom intervention. Also the CUs did not refer to a specific policy or the like "because it's Mattisse". And for that matter, why do you need to be involved?
3. There is something strange about the Smartyboots account. No user page content for a couple years and then puts up the sock template on her own page. [7]
TCO (reviews needed) 06:32, 21 July 2011 (UTC)
TCO, as has been explained already, Mattisse is currently the subject of an Arbcom sanction, in part because of her socking. You weren't around when that decision was taken, and you clearly haven't read it. Frankly, if not for the long history of socking from Mattisse, I think most checkusers would have declined your SPI request; what evidence you presented was indicative of other accounts that know what they're doing, not other accounts being Mattisse. I'm not going to worry about SmartyBoots either: you're the one who accused him of being a sock, so perhaps you need to mend some bridges there. Risker (talk) 06:40, 21 July 2011 (UTC)
I filed a CU because I was suspicious. It was done. It was negative. I did it in the open. Perhaps this is why people go back channel (in case they are wrong). I am glad Mattisse was not socking and will leave it at that.TCO (reviews needed) 06:50, 21 July 2011 (UTC)

Official Comment requested

[8]

Why was this covered up?

-Defying common sense again, are we? (talk) 17:19, 22 July 2011 (UTC)

Tell me whose sock you are first. --Elen of the Roads (talk) 17:54, 22 July 2011 (UTC)
He can't, he's editing from an open proxy which has since been blocked. The Cavalry (Message me) 18:12, 22 July 2011 (UTC)
Nice try, Chase, but it's not so easy to shoot this messenger.
And, no, Elen, I won't tell you. Do you know why? Because I know what will happen to this account regardless. Might as well not give you the satisfaction of putting a "This account is a sockpuppet of X" tag on my userpage.
So, back to my original question. Why was this covered up? -Defying common sense again, are we? (talk) 18:41, 22 July 2011 (UTC)
I'm sure we'll happily answer a user who isn't banned. The Cavalry (Message me) 19:29, 22 July 2011 (UTC)
Chase me, I sent a query to the functionaries list on 12 July. I received no answer until today, after that post had already been made on Wikipedia Review. Somewhere in the list's moderation queue is a question from me not dissimilar to that posed above. If all it takes is a request from a non-banned user, consider it requested. Delicious carbuncle (talk) 20:02, 22 July 2011 (UTC)
Spot on. Sorry to be a pain, DC, but I refuse to give people like User:DefyingCS any slack - personal reasons. As to your most recent email, we've received it and been discussing it - rather a lot has been going on behind the scenes. I'm not sure about your one on the 12th - I've just switched to using Outlook two days ago, and have yet to download my 20,000(!) emails since I opened the account last year. As a result, I'm a few days behind the times. I have my own opinions as to how I'd like to handle this, and have just about run out of patience with the parties involved, but given the rapidly changing situation and the fact that I don't know the entire history of the case, I'm waiting for one of the pre-2011 arbs to come online before I take any rash action. The Cavalry (Message me) 20:13, 22 July 2011 (UTC)
A quick response to this would be good to dispel any concern - there is already grumblings about the actions related to this matter. I am, myself, apathetic to accounts choosing to vanish and then sneak back under a new guise to edit constructively in the future. But in this case he has re-entered an area of dispute that is related to his leaving. Is the original account being restored per WP:RTV? This could be done fairly quickly I think, the account is clearly "in the open", publicly and by their own hand, so discussion can occur on wiki. :) --Errant (chat!) 22:24, 22 July 2011 (UTC)
The user in question wanted a fresh start, given that they were the target of off-site personal attacks linked to using their real-world identity on-site. The new account was still required to abide by the binding voluntary restrictions placed on the old account. We've been emailing the parties in this matter. Der Wohltemperierte Fuchs(talk) 00:55, 23 July 2011 (UTC)
I understand that there are probably discussions still taking place, but is David Fuchs' statement intended to be a response to any of the questions that have been raised? His version of this situation is misleading. The account of the user in question was vanished. WP:RTV states "The right to vanish is not a temporary leave or a method to avoid scrutiny or sanction, is not a "fresh start", does not guarantee anonymity, and may be refused if ever abused" (bolding in the original). Although the details are already out there for anyone to read in the link above, I do not wish to out anyone here so I will try not to be too specific, but if I recall, there are multiple sanctions in place on this account, from multiple ArbCom arbitrations, not all of them voluntary. I think it might be helpful if someone could confirm that basic fact to aid in future discussions.
Leaving aside the issue how reported off-site personal attacks relates to this case, my concern is this user's deceptive participation in dispute resolution processes. Without getting specific, the user misrepresented themselves and their knowledge of the issues and editors being discussed. It is unlikely that ArbCom members participating in the discussions were not aware of this, but even if that were the case, I alerted them to this possibility on 12 July. I am told that it was being discussed soon after, although I only received acknowledgement of receipt after earlier ArbCom discussion about this user were posted on Wikipedia Review. It would probably be helpful for ArbCom to address these points in order to dispel allegations of "cover-up" such as those above. Delicious carbuncle (talk) 15:45, 23 July 2011 (UTC)
What "cover up" is supposed to have taken place, exactly? As far as I know all sanctions migrated with the account, so I'm not seeing how RTV was abused in this case. Whether or not the account has actually violated those sanctions in regard to recent events is another matter entirely, and the reason we initially emailed the user before the leak you describe. I'm sorry if our response back to you was suspiciously-timed, but that's what happens when you're trying to coordinate responses based on other people's responses. Der Wohltemperierte Fuchs(talk) 15:50, 23 July 2011 (UTC)
You would have to ask the sockmaster of the account who posted the cover up allegation above what they meant by that. I am merely pointing out some of the things that ArbCom may wish to address. I did not mean to suggest that the timing of ArbCom's response to me was suspicious, only to make clear that the issue was being discussed before the leak of earlier ArbCom discussion of the same user was posted on Wikipedia Review. Based on past experience, I was not expecting a response at all. Delicious carbuncle (talk) 16:10, 23 July 2011 (UTC)
David, are you speaking for ArbCom here or just on your own behalf? I'm perfectly happy to address your points, but I'd like to know that this is the official statement before I put the effort into it. Delicious carbuncle (talk) 21:27, 23 July 2011 (UTC)
Official ArbCom statements have votes attached to them. They are rare.
However, ArbCom members are generally aware of this issue and, if they do disagree, apparently do not disagree enough to say so. Myself, I think there are a number of reasons one could argue that RTV was abused, and I wish it had not been used, but there was a decision to allow editor to continue editing under an account not connected to his or her real name. Cool Hand Luke 03:02, 24 July 2011 (UTC)
CHL is correct. In cases of such appeals by users whom we aren't all immediately familiar with (note that the Scientology case preceded my time on the committee), we tend to go along with the one or more familiar arbs' unanimous articulated opinion, be it for or against the appeal. I'm not seeing how putting it to a formal vote would have resulted in any different outcome, though it might have resulted in earlier detection of these issues. Jclemens (talk) 15:05, 24 July 2011 (UTC)

As I think is obvious by now, I formerly edited using the account at User:Vanished user 03. I am not involved in any of the editing disputes on any of the articles mentioned in the RfC/U - almost all of which I had never heard of before, let alone edited. I will not be making any further comment on the matter and if any comments concerning it are posted to my user talk page by anyone other than an ArbCom member they will be summarily deleted. I also dedicate my most recent DYK contribution to Delicious carbuncle for reasons that should be obvious. Prioryman (talk) 23:39, 23 July 2011 (UTC)

Because you think whale penises are delicious? Delicious carbuncle (talk) 23:44, 23 July 2011 (UTC)
Prioryman, were you caught socking within hours of invoking RTV? Committee, if this is so, why was this editor not presented to ANI or other appropriate venue for a discussion on whether an indefinite community ban was warranted? A more important question is, why is the treatment of editors in Wikipedia so inconsistent? Why are some editors blocked indefinitely so quickly, but editors like Prioryman can repeatedly break several of WP's core policies, including socking and lying about RTV, then quickly be given a "fresh start"? Cla68 (talk) 05:29, 24 July 2011 (UTC)
Users that falsely use WP:RTV is bad enough but if they do such a thing they should stay away from their previous editing issues - I take offense to this user,User:Vanished user 03 - User:L'ecrivant - User:Helatrobus - User:Prioryman who is an anti Scientology activist and old supporter of User:Cirt hiding under a secret new identity and attempting to keep User:Cirt's wikibomb DYK front page Santorium/Savage tags after even User:Cirt had done the decent thing and requested their removal. (towards the bottom of this section) - Wikipedia talk:Did you know/Archive 67#Removed some of my self noms - The fact that I should have to defend against their well known POV without the openness of their prior editing history is unfair and sneaky to say the least. The User also vigorously defended his fellow anti Scientology activist in User:Cirt's RFC user, all of which is exactly good reasons to return the user to his prior account - where his block history and his Arbitration restrictions are clearly visible. - Clams of harassment by the friends of a subject with a BLP that was edited in a less than fair way is also little mitigation - I see that as a what goes around comes around situation. Users like this act as enablers and support User:Cirt's WP:BLP AND WP:NPOV violations in his anti Scientology/anonymous group activism and should not be allowed to do it with a clean hands account. They, and User:Cirt should not be allowed to do it full stop. Off2riorob (talk) 10:48, 24 July 2011 (UTC)
User:Helatrobus? I'd support a block on the spot if that was the same user, but this user looks like it was editing from a different continent. Do you have evidence this was VU03? Cool Hand Luke 18:17, 24 July 2011 (UTC)
Only that the account came out of nowhere and was experienced and anti Scientology. I will remove it if you have eliminated it from any connection to this account. - struck - User:Helatrobus - Off2riorob (talk) 18:22, 24 July 2011 (UTC)
Having worked with ChrisO on the Inner German border FAC, I was certain that Helatrobus was the same editor, and supported the L. Ron Hubbard FAC and TFA nominations regardless, as it was good work (and Chris was allowed per ARBSCI to work on FA projects). I also assumed that Raul knew [9] [10] (and, frankly, that you knew). Other circumstantial evidence includes that both the Hubbard FA and other articles of Chris's were advertised in similar ways on forums.whyweprotest.net. [11] [12]. Note the reference to Sharron Angle in the latter. --JN466 04:57, 25 July 2011 (UTC)

Evidence length

This discussion directly applies to an open case, so has been moved to Wikipedia talk:Arbitration/Requests/Case/Cirt and Jayen466/Evidence#Evidence length. Please continue the discussion there. Hersfold (t/a/c) 16:07, 24 July 2011 (UTC)

Related question from an arbitrator to members of the "community"

True, but should outsiders have access to that debate and be able to influence it? Giacomo Returned 21:55, 16 July 2011 (UTC)
The private snark will simply move elsewhere. There is no reason to keep it along side the deliberation. Snark can be emailed between individuals. John lilburne (talk) 22:12, 16 July 2011 (UTC)
In answer to your questions, GWH, and admittedly basing this on my own read of the situation, about 80-85% of the workload is stuff that relates to onwiki matters: requests for cases, clarifications, amendments, actual cases. Most of that workload is the reading of evidence and related pages. Emails related to these issues are mainly along the lines of "go vote", "when will the decision be up", "can we close this?" and similar memory tweakers that are more likely to get a response if they show up in someone's inbox than if they're written on a wiki page. Sometimes there is floating of a trial balloon or the proposal of a motion in advance of posting to ensure that it's on target; it's a waste of everyone's time to post motions that wind up needing major tweaking, for example. The BASC work is technically off-wiki stuff because it comes in by email, and makes up another 5-10% of workload. It should be noted that there is some element of private or intensely personal information involved in about 20-25% of actual cases, although much more is sent to us without our request, and maybe 5-10% of the unsolicited information is considered relevant. The information can range from an extensive checkuser study of parties in a case where there has been a serious allegation of sockpuppetry (one I worked on took over 100 checks and many hours, with the net result that there was no evidence of socking despite some earlier CU results that suggested there had been) to details of personal relationships between editors, to individual editors explaining personal situations that are adversely affecting their ability to respond to the case (editors shouldn't have to provide extensive onwiki details about vacations, family trouble, or personal health, for both their own privacy and their own security). Some of this will be hinted at onwiki (by extending deadlines in deference to an editor, or with reference to "conflict of interest" or similarly generic information). I'd say at least half of the desysoppings involve personal information that is not appropriate to be discussed onwiki; there is a full and detailed discussion of the remainder. Only a tiny amount of the workload involves matters that are only suitable for private discussion; however, those discussions tend to be extensive. Arbcom is like any other human endeavour, so it should not be surprising that unusual situations draw more attention than the regular day-to-day work.

One of the challenges in keeping things onwiki is finding the balance between openness and effective time/work management. The same question posted to a colleague onwiki may take a two or three days to get a full response, usually with significant "interruptions" from other editors, while it may take only a few hours (with little or no "interruption") on the mailing list. That's simply because it's easier to check one's email than to log into Wikipedia, find the right page, make the edit, hope that the person to whom the question is directed will respond in a timely way (is it faster to leave a message on their talk page, or send an email with a link to the question?), check back regularly until there is a response, then read it and ask any followup question, etc. It's a tricky balance, but I think there is value in trying to do more of this sort of thing onwiki, even if it is on an "arbs only" page, to increase the ability of the community to understand why, for example, a remedy was added, or an additional finding posted to a decision. There's an example of a discussion that several of us participated in here, which took a couple of days to achieve a result (the addition of a discretionary sanctions proposed remedy). Given this was a case that was not being overwhelmed by discussion, it was workable on the talk page; however in a case where there are 10 or more active participants, this wouldn't be terribly workable. Another place where we can do more work is in actively using the "Questions to parties" section on the workshop page, to clarify or further adduce relevant evidence. An example of this is here. (Forgive me for using examples in which I've participated, they are from our two most recently closed cases and I knew where to find them.) Risker (talk) 21:08, 17 July 2011 (UTC)

Your comment above regarding speed efficiency of email notifications may be an effective argument for an open-reading closed-posting public arbcom mailing list, which is being discussed with the alternate of on-wiki scheduling discussions on the Cases page with regards to the Cirt / Jn case filing (for those not reading that page but following this here, look at the bottom of the Cases page to the two motions...). I understand the reasoning, and support the experiment of potentially trialing both to see how people feel they work in practice. Georgewilliamherbert (talk) 22:30, 17 July 2011 (UTC)
Yes, on the surface a mailing list sounds like a better idea. Practically speaking, though, it will not be reasonable to directly connect the emails to the case itself, and if the same list is being used for multiple cases, I've little doubt it will become a mishmash of threads and posts that mean little to the reader. Of the two, I would really rather do it onwiki, where it's a subpage of the actual case, and the arb-only discussions are directly linked to it. Risker (talk) 22:49, 17 July 2011 (UTC)
Is it possible to configure Wikipedia to send out email notifications every time certain watchlisted pages you designate are updated? Would that help with the latency discrepancy between email and wiki edits? TotientDragooned (talk) 21:57, 17 July 2011 (UTC)
This feature, which is relatively common on the smaller wikis, is specifically disabled on this project because the volume of email that would be sent would overwhelm the system structures. It's only recently been possible to receive email notifications if one's personal talk page is edited, as the systems have a little more flexibility and redundancy. I understand that some users have written scripts that notify them through some means of any edits relating to them personally (I believe the notice is sent to an IRC channel), but based on that I would assume someone could write a script that would email a notification of edits to a specific page to a small number of people (probably using the email this user feature). I don't think anyone associated directly with Arbcom has the coding skills required to come up with such a script, though. Risker (talk) 22:18, 17 July 2011 (UTC)
I commented in my answer to the first of Luke's question that I'd like to see more delegating, and so I read with interest what Risker said a few posts above, about checkuser. Overall, I think your (Risker's) analysis of how time is distributed makes sense to me, from what I've read. But I wonder about Committee members taking it on themselves to do so much investigation with respect to socking. Normally, members of the community can post SPI requests on-site. It's unclear to me why ArbCom would have to conduct separate SPIs in privacy. Why couldn't most of the CHUs be handled by checkusers who are not members of the Committee? Could the Committee request those checks on-Wiki, or, if not, privately, thus delegating the actual investigation to someone else, someone who is still well-trusted? --Tryptofish (talk) 19:56, 18 July 2011 (UTC)
In the case to which I referred, Tryptofish, there had been multiple SPIs carried out, with varying interpretations by different checkusers. I have no doubt they all did their jobs correctly; however, there is something of an art to interpreting checkuser data, and the results may show something quite different when looking at 10 users all at once than when looking at two or three. (I'll also point out that it's important that at least a few arbitrators/AUSC members be fully familiar with how the tools work, so they can adequately assess whether or not a checkuser is interpreting results irregularly.) The socking allegations were a central theme of that particular case; such situations are fairly rare. However, I don't think it would be inappropriate for an arbitrator skilled in reviewing CU data to at least recheck CU results that are an important element of a case. Recent example: the checkuser carried out in a current case that identified the person filing the case as the sock of a banned editor. I think the community would expect that such a finding would be verified by at minimum one technically qualified arbitrator who was familiar with prior information, as part of the decision-making process on how to best address this unusual finding. In reality, I suspect the majority of checkusering done by arbitrators is in relation to unblock requests that are at their last level of appeal, or as skills maintenance/non-arbcom related checks. Appointed checkusers are expected to carry out routine checks, and many of us will routinely request their assistance to address and/or review findings. Risker (talk) 20:33, 18 July 2011 (UTC)
Well, I'm looking at this from the perspective of whether ArbCom's workload can be made lighter, as well as better-defined (and I'm unencumbered by any knowledge of how CU actually works!). Can more of that be done by asking other checkusers to do it, perhaps by saying we have found out something that wasn't appreciated when you did the last check, so please go back and re-check, taking into account such-and-such aspect of the "art"? As for the scenario below, I'm glad that's not something that happens, because it shouldn't. Deals like that shouldn't happen, even if they are intended to be gentle, because it puts arbitrators into the position of human resource management. I'd like to see more focus on arbitration, not human resource management or investigation. --Tryptofish (talk) 20:51, 18 July 2011 (UTC)
My guess is that the script often goes something like,
AC: Admin X, you've been accused of socking using undisclosed accounts A, B, and C, based on checkuser evidence D. What do you have to say for yourself?
X: My computer was hacked; on day E I was suffering from illness F and couldn't possible have logged in to Wikipedia. On day G I was on-site as part of my work for corporation H and had no internet access. On day I I was flying to city J for a family reunion and so would have had an IP address that geolocates to J instead of what you see in evidence D.
AC: We don't buy it, but if you "resign" now we won't publish our findings on-wiki, and will continue to cover up the full extent of your socking should you decide to run for RfA or ArbCom in the future.
X: Deal.
Obviously this whole song-and-dance can't occur on-wiki due to the personal information involved, but I agree it's something the Checkusers should be trusted to handle themselves. TotientDragooned (talk) 20:23, 18 July 2011 (UTC)
TotientDragooned, since checkusers can't desysop anyone, any such findings have to be referred to Arbcom. And no, I wouldn't start having a discussion with anyone about hypothetical socking unless I'd verified the information myself (or perhaps had it verified by someone else who is accepting the same level of responsibility as I am). For the record, I don't think there's been a discussion that's come anywhere close to this "script" since I've been on the Committee, but others may have a different recollection. Risker (talk) 20:33, 18 July 2011 (UTC)

I would be fine with keeping the whole thing off-line (yeah eliminate the whole massive text-hole. Blows me away to see the "can't write an article" admins completely able to write verbosity full of researched diffs. Let's just yearly elect you all as admins, rename the admins moderators and yearly elect them, and then just roll like a normal web forum. We probably need one level above you (I guess single person, elected and not ness Jimmy...the girlfriend thing bugged me...made it look like he was corrupt.) If someone comes with a complaint, it's probably easier to just investigate it yourselves or ask the parties directed questions with private submission of responses rther than reading all that crap. Dick Feynman learned more at NASA by just directing questions for what he wanted to konw rather than allowing death by Powerpoint to be done to him.TCO (reviews needed) 20:09, 18 July 2011 (UTC)

@Seth - there does seem to have been a great deal of backroom dealing at certain times. I don't think I've seen it so much in my stint, but then that's only been a few months. I have seen a number of times where a decision has astonished the community, because the steps that led to it were out of sight, and so it seemed surprising, and the conclusion was reached that it must be due to 'powerful factions' or some such, whereas in at least some cases it was just inertia - everyone went with the first person to take it on. Having more of the discussion on-wiki would certainly help to dispel some of this, but I suspect there would still be some who would never believe it. Elen of the Roads (talk) 21:56, 24 July 2011 (UTC)
"Inertia" is the right word. It takes conscious effort to get anything done on a committee this large. Things in motion often stay in motion. Things at rest sit there. Cool Hand Luke 14:09, 27 July 2011 (UTC)
More