Wikipedia talk:Confidential evidence

This is an archive of past discussions. Do not edit the contents of this page.

This page was nominated for deletion on 2007-12-17. The result of the discussion was closed as defective.

From discussion at

Draft only - comments and improvements welcomed. FT2 ^{(Talk | email)} 19:45, 20 November 2007 (UTC)[reply]

I would suggest that the person assembling the secret evidence not be the one who issues the block. The blocking administrator should be a person not involved in any dispute with the editor being blocked not should they have been involved in assembling the information. To do otherwise is to create the appearance of being the prosecutor, judge and jury. JodyB _talk 21:07, 20 November 2007 (UTC)[reply]

Concur, see below. FT2 ^{(Talk | email)} 21:14, 20 November 2007 (UTC)[reply]

After the block is placed, a notice naming the person assembling the evidence and the persons reviewing and approving the block are to be listed under their own signatures. JodyB _talk 21:08, 20 November 2007 (UTC)[reply]

Concur, see below. FT2 ^{(Talk | email)} 21:14, 20 November 2007 (UTC)[reply]

Considered:

• Wikipedia:Evidence presented in secret (long; may never have been "presented")
• Wikipedia:Evidence in secret (better)
• Wikipedia:Secret evidence
  (short but "secret" carries negative overtones?)
• Wikipedia:Confidential evidence (neutral but less intuitive?)
• Wikipedia:Sensitive evidence (I like this one most I think) —Preceding unsigned comment added by FT2 (talk • contribs) 21:48, 20 November 2007 (UTC)[reply]

Thoughts? FT2 ^{(Talk | email)} 21:14, 20 November 2007 (UTC)[reply]

Update - "secret" as in "secret evidence" carries a pejorative tone, tending to imply drama, rather than simply a need for privacy or other concerns. FT2 ^{(Talk | email)} 21:59, 20 November 2007 (UTC)[reply]

I think "Sensitive evidence" best describes the reasoning for keeping such evidence secret. It is secret because it could cause vulnerabilities in someone, ie sensitive.

1 != 2 22:21, 20 November 2007 (UTC)[reply

]

I like confindential evidence. though sensitive is ok, also. --Rocksanddirt (talk) 00:18, 21 November 2007 (UTC)[reply]

Further to JodyB's comments above, try this:

-- Process-- Administrative sanction actions should not be imposed by a person involved in any dispute with the editor being blocked or involved in assembling the secret information. This is to avoid the appearance of being the prosecutor, judge and jury. In the case of emergency, a short term block which does not relate to secret evidence may be used, to allow time for proper review. After sanctions are imposed, a notice naming the person assembling the evidence and the person(s) reviewing and approving the block are to be listed under their own signatures. If communal consensus so decides, a review by a mutually agreed independent administrator (who may be an arbcom member) may be requested, to state whether they feel the matter was justified and appropriate, and whether reasonable doubts exist.

Strongly Support this section The section below. Administrators gathering the evidence shouldn't be imposing blocks, since this would be about as non-transparent as possible. --Bfigura ^(talk) 21:42, 20 November 2007 (UTC)[reply]

Slight modification below from me. JodyB _talk 21:45, 20 November 2007 (UTC)[reply]

-- Process-- In all but presently occurring vandalism, blocking based upon secret or confidential information occurs only after prior review. In such cases, block as usual for the vandalism. Blocking should not be imposed by a person who assembles the secret evidence. This is to avoid the appearance of being the prosecutor, judge and jury. After blocking is imposed, a notice naming the person assembling the evidence and the person(s) reviewing and approving the block are to be listed under their own signatures. The person blocked retains all usual rights of appeal.

Striking my comments above. I think it's important to clearly make the point that the evidence needs to be reviewed and endorsed before the block is imposed. I also would suggest rewording the first sentence to

In all cases, blocking based upon secret or confidential information occurs only after prior review

After all, if there's ongoing vandalism, a block can be issued for that without the need for confidential evidence. (Thus including this as an exception seems to open up the process to harm). --Bfigura ^(talk) 22:28, 20 November 2007 (UTC)[reply]

I'm fine with that. What I was trying to do was separate the immediately occurring, ongoing vandalism from the secret review. Of course, that's really a separate issue that would be handled differently. JodyB _talk 00:25, 21 November 2007 (UTC)[reply]

One fairly basic point that appears to have been missed in at least one case recently. When evidence is circulated cofidentially, agreement of reviewers has to be evidenced by them actually commenting in agreement. Absence of comment does not indicate agreement or disagreement, it may very well indicate that the recipient of the circulated evidence has either not yet read it or not yet investigated themselves and come to a conclusion.

Agreed. That's why we suggest each reviewer adding themselves to the block notice to evidence that review. Since the person assembling the evidence would not do the blocking, someone else would have to have reviewed, blocked and accepted responsibility for doing so. JodyB _talk 00:27, 21 November 2007 (UTC)[reply]

This proposed policy is poorly worded and full of loopholes. It contains much wording such as "They are expected to use -- and expected to be able to demonstrate -- independent advice was sought and reasonable good faith employed, in case of review." Such awkward phrases mean nothing as they require nothing. Instead policy should avoid all such ambiguity -- use wording instead like "must use" and "must demonstrate." The entire document should be retooled with an eye to avoiding such gaping loopholes. The proposal also contains too much expository text which can be wikilawyered. Maybe if a succint policy is given in bold and for any accompanying expository text it is made clear that it is elucidation rather than the policy itself. Quatloo (talk) 22:38, 20 November 2007 (UTC)[reply]

An expectation isn't necessarily a loophole. The significance is that failure may be considered a lack of judgement, or one more in a series of lack of judgement, and lack of confidence in their judgement may be ultimately, a problem for an administrator. The issue here isn't that they must do this without fail; it's that they are expected to, and if they slipped up without a good basis or thought, then their judgement is called into question, which is actually the underlying concern. That's why it's drafted that way. Good question though. FT2 ^{(Talk | email)} 22:53, 20 November 2007 (UTC)[reply]

This proposal is an excellent beginning towards a good guideline. Removing the guidance so it can be turned into a policy would ruin it. WAS 4.250 (talk) 23:17, 20 November 2007 (UTC)[reply]

Even policies have explanatory text and guidance comments -

WP:BLOCK for example). So no need to worry. FT2 ^{(Talk | email)} 00:21, 21 November 2007 (UTC)[reply

]

Quatloo, this is all of about three or four hours old. Of course it needs work and retooling. There is no problem making it more succinct. However, explanation of some degree is evident in every policy and while some can probably be dropped, some needs to stay. JodyB _talk 00:31, 21 November 2007 (UTC)[reply]

A few comments on the current proposal:

If there is a question how to handle a matter like this, it should be referred to the Arbitration Committee (or an uninvolved Arbcom member) for advice, as the representative body best placed to advise on confidential matters that may have disclosure concerns. For matters specifically related to oversight and checkuser issues, those two lists may be suitable instead.

• Referring things to a single member typically results in nothing but extra work in trying to collate bunches of emails; we generally consider such matters en banc anyways. Asking the Committee as a whole to begin with would save us some work.
• The CheckUser and OverSight lists aren't particularly well-suited for reviews of this sort, as they're not en:wp-only lists.

Disclosure of non-public evidence relevant to a decision can be requested for examination by any bona-fide arbcom member, oversight, or checkuser user. An involved individual should nontheless recuse if this would show good judgement , and such evidence should not be circulated on the relevant email lists.

• Are there non bona-fide ArbCom members?
• I'm not sure what the point of trying to prevent discussion by the Committee as a whole would be; and, in any case, it's not at all clear whether this policy can legitimately prohibit the Committee from operating as it feels necessary.

Kirill 22:43, 20 November 2007 (UTC)[reply]

The purpose for stating "or an uninvolved member" comes from slow external experience of arbcom communications at times in the past. It seems to be the case that as with most groups, some arbcom members are very responsive, others may not always be so (to external email). Mailing to the list itself may be perceived to require consensus by all/most of arbcom, a slow process, whereas often all thats wanted is one reputable independent and experienced person who can be trusted with the confidential evidence, and who will check it and say "yep, thats fair (or not), and here's my advice". So there is a fair case that it might pay to allow individual arb members to check such concerns rather than requiring the list as a whole to be involved. Maybe that's not how it works -- but it seems to be a perception of some editors.

The concern about lists and exclusions comes from thinking through, what if the confidential information relates to an arb member. Perhaps one day there'll be a concern that an arb member has engaged in serious misconduct (for example). In such a case, should we require the evidence be sent to arb-l? Should it be presumed that a user will feel safe to report it, if they worry it might go direct to arb-l, to be read by the person concerned (and maybe reacted to, as they fear)? Maybe we should reassure them it can be sent to any arb member they feel safe with, first, and won't go onto the arb list if it would worry them to do so? Those kind of concerns and allowances were in mind in that item. It really does need arbcom to advise and daft what's required, but something had to be written first in the draft, to allow discussion. Meantime, those kinds of considerations for users who may feel themselves in a "tough spot" of who and how it might be passed around, were the basis of the draft wordings.

As for the rest, fairly well agreed. Individual checkusers and oversighters not the list, and "non bona fide" can be killed :) FT2 ^{(Talk | email)} 23:03, 20 November 2007 (UTC)[reply]

There's nothing wrong with contacting inidividual Arbitrators, so long as people understand that what they're getting is private advice from a fellow Wikipedian (who happens to be an Arbitrator), not an official mandate from the Committee. In particular, we tend to look quite dimly on people claiming that the Commitee told them to do something when most of the Committee hasn't even been asked. The onus is on the person asking to go through official channels if they want an official response.

As far as exclusions go, confidential evidence of serious misconduct on the part of the Committee would probably go directly to Jimmy anyways. I doubt it's worth writing a general policy around such degenerate cases. Kirill 23:18, 20 November 2007 (UTC)[reply]

Agree to both. The bottom line is almost, consult with someone reputable. Whether arbcom or a specific arbitrator, but if you're going to claim "nobody can see the evidence, its a secret!" then it's your job to find someone trustworthy and independent who can verify the need, and the fairness, and the interpretation, and then one should do so in good faith, get good advice, and act with careful thought.

So for review and advice purposes, Arbcom (as a committee) is fine, but an individual arb member would work just as well too (and may be perceived as more approachable and faster on the response). The purpose is around "arranging for general communal reassurance that the matter has been reviewed by someone very experienced, or more than one person, who is prepared to say so, and that the matter is valid and fair according to [multiple?] independent people". Or something to that effect :) FT2 ^{(Talk | email)} 23:59, 20 November 2007 (UTC)[reply]

Note - "who to contact" now fixed per Kirill's suggestions. FT2 ^{(Talk | email)} 13:30, 21 November 2007 (UTC)[reply]

Wasn't Esperanza decentralized because of lack of transparency, or that was part of the reasons anyway? Wouldn't this be exactly the same thing again?

This is much different subject than Esperanza. Thanks This is a Secret ^account 00:03, 21 November 2007 (UTC)[reply]

EZ was killed because it ended up as a clique within Wikipedia, with its own bodies, own organizations, own agenda and subculture, which led away from its aims as a "self help group" to a situation where it was perceived people were thinking of themselves as "Esperanzans" instead of editors. That was the problem. (See: Wikipedia:Miscellany for deletion/Wikipedia:Esperanza, especially the close by Mailer Diablo, and the nomination by Dev920)

The situation here isn't that. No extra bodies are proposed, no subcultures. Evidence has always been allowed in camera - for example over half of checkuser requests, many BLP subjects with concerns, and an unknown number of arbcom submissions, are made by email. This proposal is simply deciding how we want to handle it, when someone feels some other editor's doing Bad Stuff on the wiki or some such, but the evidence is sensitive and they don'tr want to cause problems or aren't sure how to approach it. In some cases users have been blocked and then told "I'm not telling you why". The vast majority it was probably quite sound... but no real norms exist to help ensure good practice.

So this is just a page to decide, now it's a current issue - how do we want to handle the situation where part of the evidence in some conduct or dispute case, isn't really for public. And that's a situation that has happened, and will happen, so its no bad thing to decide with more consensus, how we expect it to be handled. FT2 ^{(Talk | email)} 00:10, 21 November 2007 (UTC)[reply]

Perhaps we could make clear what exactly the words "acted upon", in the nutshell (Evidence that is not publicly available can be presented, and acted upon, in certain unusual cases), or in the proposed guideline itself? Perhaps something like "blocking or otherwise restricting the actions of an editor"? Otherwise (particularly when the "background" box is removed, as I assume it will be eventually) this guideline is a bit mystifying to those unfamiliar with Wikipedia. ("Confidential information" for lawsuits? Firing an employee? Reverting all of an editor's prior edits?)

I realize that experienced editors know that there isn't much that Wikipedia can do to an editor other than revoke sysop privileges, restrict editing and/or block or ban an editor, but I'm hoping it's possible to spell things out a bit for less experienced editors who happen on this (not to mention trolls who want to cite the guideline as enabling Wikipedia to do anything to anyone on the basis of information that isn't made public. -- John Broughton (♫♫) 02:22, 21 November 2007 (UTC)[reply]

A "what actions or approaches might be relevant" note, that explains what can happen? Maybe as part of background? FT2 ^{(Talk | email)} 03:16, 21 November 2007 (UTC)[reply]

Would just like to add that I put in a negative vote for this proposed policy. If it can't be an open process then it can't be presented. There are many people in jail today (Jonathan Pollard being one of them) who are rotting due to "confidential evidence". I abhor this. Thus, I veto it (for whatever it's worth). Bstone (talk) 02:47, 21 November 2007 (UTC)[reply]

Maybe I'm misreading it, but I believe the proposal seeks to establish standards for how confidential evidence is used so as to minimize the chance of its misuse. Confidential evidence is already used in some arbitration cases, without any standard in place to govern its use. Arbcom will continue to make use of confidential evidence whether or not this proposal exists.--Father Goose (talk) 03:09, 21 November 2007 (UTC)[reply]

My reaction is the same as Goose's (if I interpret it correctly). We definitely don't want to disallow confidential evidence entirely. Do you feel that the standards outlined in the current revision of the proposal are too stringent? If that's a yay, stick around so we can balance it out better. =] — xDanielx ^T/_C\^R 04:28, 21 November 2007 (UTC)[reply]

I believe that if the evidence is too confidential to discuss in ArbCom then it's inadmissible. Jonathan Pollard's lawyer is not even allowed to see this "confidential evidence", but it is the crux of the Gov't claim against him. It would be wrong of me to abhor the use of such evidence in his case but not speak out against it here. Just my opinion and it looks like this evidence will already be used. Bstone (talk) 16:34, 21 November 2007 (UTC)[reply]

The issue is with evidence that would reveal personal information about a user. A recent ArbCom involved an email sent from one user to another which involved alleged threats. The email included personal information about the target of that threat. Should such a message simply be thrown out if the target does not want this personal information revealed? Would you support redacting the personal info? Finally, how would you reconcile the fact that an email (for instance) can't readily be verified "on-Wiki"? This is an instance where evidence would be considered by the ArbCom members, but not necessarily placed in the open for the community to view, due to privacy issues. -- Kesh (talk) 13:03, 22 November 2007 (UTC)[reply]

This was a private email sent from one person to another, both of whom who happen to be editors on wikipedia? In my opinion the only evidence which can be accepted is that which happens on wikipedia. Private emails are not sent through wikipedia. Thus, the email which you discuss is inadmissible. If threats are made, then it should be referred to the proper legal authorities. Bstone (talk) 04:03, 23 November 2007 (UTC)[reply]

Now and again I've seen cases where condiential evidence is mentioned, and it mystifies me as to why it needs to be kept confidential. One of the things I'd like to see included in the proposal is that a rationale should be offered whenever confidential evidence is used: "to protect <user's> identity" or the like. Ideally, it ought to be as specific as possible short of defeating the purpose of the condfidentiality; something like "for reasons of privacy" is pointlessly vague.--Father Goose (talk) 03:04, 21 November 2007 (UTC)[reply]

I think the standards of handling suggested, which include good cause, independent review, good and full communication, factual evidence, minimizing damage, non exaggeration, prompt clearing as able, and publication when possible, cover that rather thoroughly. Other proposals include the need for high quality review before any action can be taken, and the like. I think you'll find this one's going to be well and truly covered in whatever wording comes out. FT2 ^{(Talk | email)} 03:12, 21 November 2007 (UTC)[reply]

I think this is an excellent point that would help mitigate some of the potential harms of confidential evidence. FT2 has a point that it is (somewhat implicitly) covered to some extent within the existing sections. For now, I think I'll add another sentence to the Good and full communication bullet, in an attempt to make the point more clear. Feel free to discuss and/or change this if there's a better alternative. — xDanielx ^T/_C\^R 04:35, 21 November 2007 (UTC)[reply]

I support the effort to clarify where the correct parameters are and will abide by community consensus.

I also have a question: under the legitimate reasons section, involved parties are presumed to have a legitimate reason. That looks highly gameable. Let's say an editor stacked RFA votes using Exploit A, which was foiled by Sleuthing Skill B, and that B could be foiled by New and Improved Exploit C. What's to stop this editor from demanding the evidence, then coming back a few months later and implementing New and Improved Exploit C? For that matter, what's to stop any banned troll from picking up a sockpuppet, heading over to a location where an investigation is taking place, and insinuating himself or herself into the status of an "involved party" to get a look at the investigation?

That'd be the worst of all worlds, wouldn't it? The community wouldn't be able to see what's going on, but the people who most want to abuse Wikipedia would get free classes in How to Exploit Wikipedia Better. Durova^Charge! 04:50, 21 November 2007 (UTC)[reply]

Fair concern -- I think it has a place in the "why evidence may need to be presented confidentially" section, and will add it momentarily. — xDanielx ^T/_C\^R 05:18, 21 November 2007 (UTC)[reply]

Made two minor additions -- is that better? — xDanielx ^T/_C\^R 05:29, 21 November 2007 (UTC)[reply]

That seems reasonable to me. (Although I realize the question wasn't thrown my way :) --Bfigura ^(talk) 07:01, 21 November 2007 (UTC)[reply]

Just to confirm a subtle point that's not necessarily obvious on reading: "legitimate reasons" is not in the policy as a basis for demanding information. That's an important subtlety. They are a basis for determining when information should be considered in practice, as being "confidential". If you have a legitimate interest in a case, but you are not allowed to know the evidence - that's the

If I'm willing to tell everyone who has a half-decent reason for needing to know, what the evidence in case X was, and I tell the person involved, the others who might give evidence, any admin who wants to check it, then it's not "confidential". It's got all the review it needs, even if not * every * user has seen it. But the moment I tell some party who has a decent genuine reason to ask, "sorry, not telling you", that's when it needs to be treated as "confidential information" and the other provisions to protect users kick in.

Essentially it's an anti-trolling criteria: not everyone needs to know evidence (so preventing users who don't really have a good reason from seeing sensitive evidence isn't going to cause a major problem in terms of fairness), but all those with actual legitimate involvement or who habitually watch cases, do have a good reason (and not letting them know does mean that review is less effective than it might have been, and makes unfairness more possible).

If you post that the evidence is available to anyone who wants it, but you aren't going to say it publicly, and you do in fact make it available to those involved in the case, and all admins, and non-admins who watch ANI, then its not really "confidential" even if you didn't tell it to well known troll X or unknown dubious IP user Y or casually curious 300-edit user Z. It's going to get plenty of review by anyone who matters and wishes to do so, and anyone who wishes and has a good reason, can.

It's at the moment you make clear you're actually not going to tell it to some user who is involved, or has a legitimate interest either -- then you have to consider it as being "confidential" and you have to comply with these precautions and processes to ensure its fair and necessary.

That's the concept anyhow. FT2 ^{(Talk | email)} 13:05, 21 November 2007 (UTC)[reply]

May I ask a clarifying question? In the example below, the Joan of Arc Vandal was not a known troublemaker until I wrote up a report on him. This vandal had flown below the radar for two years. I'd like to see some room in the proposal for major problems that weren't known before. Or for gameable exploits that can't be closed on a technical level. Can you accommodate that? Durova^Charge! 16:09, 22 November 2007 (UTC)[reply]

It's already in there: "If the evidence is accessible to problem users, disclosing it might give them more insight on how to circumvent identification."

Does that cover the point you want? If not, what's the policy point you feel should be added? FT2 ^{(Talk | email)} 02:17, 23 November 2007 (UTC)[reply]

Thanks, sounds useful. Durova^Charge! 04:25, 23 November 2007 (UTC)[reply]

Rspeer's thoughts here are the same for a lot of people. This policy proposal makes it "legal" for Durova to keep doing "sleuthing", while retroactively justifying the method used to block !! in the first place. Therefore, I oppose the creation of this policy as it is essentially gaming the system.

rather, it is intended to clarify that such practices are authorized, but provide an organized way to guard against possible misuse of them. That's the very opposite of gaming the system: it's intended to prevent such gaming, and it would do so. Incidentally, I would be reluctant to increase the role of arbcom , when overload there is already a problem. The person most often providing confidential evidence has always offered to show it to any responsible WPedian, and has followed up on this. DGG (talk) 12:46, 21 November 2007 (UTC)[reply]

Then explain why I have not seen the entire evidence in my email inbox?

(Ni!) 12:48, 21 November 2007 (UTC)[reply

]

I understand the concerns about secret evidence and sleuthing. But please consider that sleuthing is here and has been here for a while. It's very unlikely that it will go away. Unfortunately, there has been nothing to prevent the creation and secret use of secret evidence. All we are trying to do here is provide some framework where such evidence will be reviewed before a block and to prevent the "sleuther" (if that's a word)from being the one who places the block. This changes the method of the block and under this proposed system what Durova did cannot be done. There is still some work to be done, but this proposal offers a greater level of protection than what we have now. Thanks. JodyB _talk 13:01, 21 November 2007 (UTC)[reply]

The thing is, this policy is going to end up one of two ways. One allowing secret evidence outside of channels that already use them (arbcom, oversight, and checkuser for the most part), the other banning the use outside of those channels. Sad thing is, I can also see this becoming a stalemate because there are people on both sides that think they're right and won't move (example: me, I'm not really afraid to admit it).

(Ni!) 13:12, 21 November 2007 (UTC)[reply

]

Better for you? FT2 ^{(Talk | email)} 13:20, 21 November 2007 (UTC)[reply]

Brings me to my second big concern, and probably the biggest one regarding this, what will happen in cases of abuse, it has to be similar to IAR in that it can't be fall back to block people for no publicly justifiable reason or similar (see where I'm going with that?)

(Ni!) 13:28, 21 November 2007 (UTC)[reply

]

No, I don't see where you're going. I assume you mean the abuse of this guideline? Remember that editors are expected to follow guidelines, and if they consistently fail to abide by them they could potentially be stripped of privileges, blocked, etc. If someone consistently blocks users using confidential evidence without consulting other experienced users, or without considering the faults of the information, or any other instruction included in this guideline, they could be sent to ArbCom and be stripped of administrative privileges, independent of the fact of the validity of the information. This would force them to send any evidence in the future to other neutral admins or the ArbCom for blocking. However, whether this guideline is sufficient to curb the Judge Dredd-type investigations is another issue still being discussed. - Mtmelendez ^(Talk) 14:30, 21 November 2007 (UTC)[reply]

I think people are being a little over-dramatic about confidential evidence. Durova has posted some samples of her detailed investigations, and many of us have seen others. The basic technique she uses is a careful lineup of all the contributions from all the possible parties. Her exceptional success in using this,is dues to her exceptional patience in the analysis. Sometimes evidence is truly confidential--anything that comes in my email is necessarily so, as are any details from checkuser, or anything that might disclose a real name. But most of the work is done without this.Let's not exaggerate the problem. 01:48, 22 November 2007 (UTC)

Would you mind posting a link to such analysis? So far, the only examples I've seen have been on the ANI

sub-thread (or the !! example), which probably isn't the most neutral source. The reason I'm asking is that while I've heard a number of editors who I respect state their confidence in such techniques, I'd like to to examine it for myself (assuming it's posted on-wiki somewhere). Best, --Bfigura ^(talk) 02:13, 22 November 2007 (UTC)[reply

]

If it's an analysis performed on publicly available information, there's no reason why the analysis itself must be confidential. Is that the case with Durova's investigations? I haven't heard any explanation as to why they must be kept confidential.--Father Goose (talk) 04:25, 22 November 2007 (UTC)[reply]

Not so. I have a good case in mind. I keep tabs on a well known vandal-warrior (

WP:DENY refers). Ive tracked him some years now. He's a habitual reincarnator with several community bans and at least two arbcom bans on his record. He has to be identified without checkuser due to his sock work. I do regularly identify his latest aliases -- about 60 of them so far since 2005. The first thing he'd do with any evidence I or others published would be to use it to prevent us doing so. I do discuss the evidence in depth with other trusted users - typically crats, and those who are also know him well - and I watch till I'm sure, sometimes weeks or months, but no... just because the page is public doesn't mean that how a "bad actor" was detected from it is also public. For this sneaky vandal and reincarnator, that comes under the heading of "not a suicide pact". FT2 ^{(Talk | email)} 06:17, 22 November 2007 (UTC)[reply

]

Kwsn, might you be persuaded to reconsider your opposition? Different editors have supported (implicitly or explicitly) some pretty different standards concerning permissibility of confidential evidence. I think the big problem with the status quo is that there's no central set of community standards, so outliers are free to act as they please (within reason). We can't satisfy everyone entirely, but with codified standards I think we'll see less extremity being pushed on both sides of the issue. If you feel the proposal doesn't currently reflect a balanced view of the community, I hope you'll stick around so that we can ensure that it does. I suggest that after the proposal has had some time to mature, we conduct a straw poll with options like "I feel the standards for using confidential evidence outlined in the current proposal are too lenient," and likewise for too stringent. — xDanielx ^T/_C\^R 03:57, 22 November 2007 (UTC)[reply]

I've been asked to give examples for this discussion. So I'll start with examples that are already public and work from there.

The first in-depth investigation I did is documented at User:Durova/Complex vandalism at Joan of Arc. A single individual had been disrupting articles on the topics of Catholicism, Christianity, homosexuality, and cross-dressing for two years. Occasionally he had gotten blocked, but he kept shifting accounts and tactics and exploited the untraceability of AOL accounts until that loophole got closed.

The Midnight Syndicate arbitration case is another good example: Wikipedia:Requests_for_arbitration/Midnight_Syndicate/Evidence#Evidence_presented_by_Durova. That was a business relationship turned bad in a gothic rock band.

The core of my method is to examine Wikipedia site history files. Most investigations are simple, but some rabbit holes are pretty deep. I may look through thousands of edits over scores of pages. Sometimes there's a smoking gun to be found: during the BooyakaDell investigation we had trouble getting a checkuser since the suspected sockmaster had been blocked for too long. So we looked at edit patterns. The suspected sockmaster, JB196, had disclosed his real name on his original account and wrote for some online publications. He liked to link to his articles and so did the new account. BooyakaDell claimed to be a fan of the real-life JB196. We spotted BooyakaDell citing the author by name on an article that had no byline.

JB196 has created over 500 sockpuppets. Obviously he isn't going to cite himself by name for an article that lacks a byline again. If the wikisleuths disclose every method we use to crack a case, then the people who set out to exploit Wikipedia will just get more skilled at it. Not a whole lot of people do this work. Have a look at what we're up against.

Thanks for working out clear parameters in the interests of the site. I'd like to know where the green zone is so I can respect the community's concerns while I do this work. Durova^Charge! 06:09, 22 November 2007 (UTC)[reply]

Thank you for being so forthcoming. - Mtmelendez ^(Talk) 10:35, 22 November 2007 (UTC)[reply]

Unusually, I think it matters; repost copy of my comment in a previous section. I do a lot of work with 'warriors'. I wrote previously (and its relevant here):

I keep tabs on a well known vandal-warrior (

WP:DENY

refers). Ive tracked him some years now. He's a habitual reincarnator with several community bans and at least two arbcom bans on his record. He has to be identified without checkuser due to his sock work. I do regularly identify his latest aliases -- about 60 of them so far since 2005. And the first thing he'd do with any evidence I or others published would be to use it to prevent us doing so. I do discuss the evidence in depth with other trusted users - typically crats, and the few admins and editors who also know him well - and I watch till I'm sure, sometimes weeks or months, but no... how a "bad actor" was detected is not always public. For this sneaky vandal and reincarnator, that comes under the heading of "not a suicide pact".

Hope this comment helps here, too. FT2 ^{(Talk | email)} 02:23, 23 November 2007 (UTC)[reply]

I mentioned this on

I think that's a given. Even if the evidence itself must remain confidential, ArbCom has to explain why they're making a block. It might help to explain that a specific piece of evidence was examined in a confidential manner, though. -- Kesh (talk) 13:16, 22 November 2007 (UTC)[reply]

I hope we all agree that there are some investigations for which it is not appropriate for the investigators to disclose every detail to the general public. The reasons are varied, and many are given above so I won't recount them. I hope we also agree that there has to be accountability for actions carried out. To a certain extent these are competing needs. So the practice up to now is that accountability has been achieved in a way that preserves confidentiality, and yet provides the check on rogue behaviour that is needed. The community places trust (or should) in ArbCom to be that check here at en:wp... and project wide, the board has created the m:ombudsman process to add accountability. I hope that this proposed policy, whatever the outcome, preserves these general notions, as they seem appropriate to me. ++Lar: t/c 16:07, 22 November 2007 (UTC)[reply]

See also

Wikipedia:Arbitration_policy#Transparency ++Lar: t/c 16:33, 22 November 2007 (UTC)[reply

]

I think that the arbitration committee is a perfectly satisfactory body to make the final judgment, but it serves best when it is asked to deliberate on evidence rather than undertake an investigation on its own. As such I think that confidential evidence should generally serve as a complement to an ordinary arbitration process rather than as the basis for a secret hearing. Christopher Parham (talk) 00:11, 24 November 2007 (UTC)[reply]

I think I represent a proper understanding when I say that most agree a block should not be implemented by the person assembling the confidential information/evidence. It seems that most agree that evidence should be reviewed before the block. But we have not answered the question of who is a reliable reviewer? Nor have we determined how many people should review the evidence before taking action. I am creating two subsections for that discussion. JodyB _talk 17:01, 22 November 2007 (UTC)[reply]

I'm answering up here because I can't separate the two sub-questions. There are two reasons for a review. One is political: to say that the detective and any other reviewers are uninvolved parties and that the circumstances justify keeping the evidence confidential. I agree with the general sense that this should be an ArbCom member. The other reason for review is to confirm that the evidence is compelling and justifies a block of the proposed length. This review may take more time, and given the burden already placed on ArbCom members I see no reason for any of them to get involved at this level of detail. It could be done by any administrator. Finally, a fourth person (neither the detective or either reviewer) should actually apply the block. This person need not have access to the original evidence, but would act on the statements of the others.

To minimize the possible appearance of impropriety, the detective should not ask specific individuals to take on the necessary roles, but should post notices (either the ArbCom mailing list or the admin noticeboard, as appropriate) indicating that s/he is working on a case with CE and requires assistance. If possible, this notice should include a description of the case (e.g., vandalism of Joan of Arc or vandalism by sockpuppets of User:Puppetmaster).

I'm not worried about raising the bar too high--I don't see this happening often enough for that to be an issue.

There's one other thing that just crossed my mind, keeping the Pollard case in mind. Should the accused have any rights here, such as being able to ask for additional review by an administrator of his/her choice? Matchups (talk) 12:58, 23 November 2007 (UTC)[reply]

The accused editor retains all the usual rights for appeal. Nothing is taken away from him. This seeks to simply prevent one person blocks based on unreviewed evidence. After blocking he can request the block be lifted and state his case. JodyB _talk 13:58, 23 November 2007 (UTC)[reply]

I agree, but perhaps this needs to be made more clear. After all, what happens if someone uses confidential evidence to block someone as a sock of a banner user, then revert the comments of said user? --Bfigura ^(talk) 14:59, 23 November 2007 (UTC)[reply]

On second thought, since the comments would be on the users talk page, a reversion is probably unlikely unless someone is really abusing unblock requests. Best, --Bfigura ^(talk) 15:10, 23 November 2007 (UTC)[reply]

Who is a reliable reviewer?

Certainly ARBCOM members would be reliable in my mind. Are there others? JodyB _talk 17:01, 22 November 2007 (UTC)[reply]

Bureaucrats and stewards are possibilities, they have a mandate of trust from the community.

talk) 23:03, 23 November 2007 (UTC)[reply

]

Or people who work with the OTRS as well This is a Secret ^account 23:08, 23 November 2007 (UTC)[reply]

A reliable reviewer is an admin who will actually dig in and get their hands dirty in the evidence, while also looking independently for evidence that the facts are different than what was suspected. Admins have the necessary level of trust. Any more trust than that is not needed, what is critical is the serious consideration of all evidence, not just that presented confidentially.

GRBerry 03:33, 24 November 2007 (UTC)[reply

]

I would argue for at least two in addition to the person assembling the evidence. Is that enough? JodyB _talk 17:01, 22 November 2007 (UTC)[reply]

I'm somewhat afraid that if we raise the bar too high then peer review might become too much of a perfunctory process. One could imagine IRC conversations taking the form of "I'm gonna block this sock-troll-SPA, k?" / "Uh ya okay". I think one genuine review would be better than several of those. I think (somewhat tentatively) that 1-2 would be reasonable as a minimum, but would be reluctant to support something higher (again, keeping in mind that this is a minimum). Other thoughts? — xDanielx ^T/_C\^R 00:22, 23 November 2007 (UTC)[reply]

I see what you mean and I do not disagree. But remember, these reviewers will have to sign with the block so, hopefully, people will take the review serious. JodyB _talk 00:26, 23 November 2007 (UTC)[reply]

Aye, hopefully that will help. I just hope that predispositions don't play too big a role -- I've always thought that to be an issue with Template:Unblock. — xDanielx ^T/_C\^R 02:09, 23 November 2007 (UTC)[reply]

Won't it actually being the reviewers imposing the block, if we use the process outlined in the above section? (Where it states that the person accumulating the confid. evidence shouldn't be the person imposing the block). Best, --Bfigura ^(talk) 05:20, 23 November 2007 (UTC)[reply]

Oh, yeah. — xDanielx ^T/_C\^R 07:44, 23 November 2007 (UTC)[reply]

Agreed, having a reviewer place the actual block (or take other administrative action) is the best check and balance to ensure a serious review.

GRBerry 03:36, 24 November 2007 (UTC)[reply

]

One of the provisions mentioned is "If the evidence is accessible to problem users, disclosing it might give them more insight on how to circumvent identification." Are we clear that this is really an important concern? In the most recent circumstance, the only insight I could see that a "problem user" might glean is that new accounts which know wiki-markup and know their way around Wikipedia might raise suspicion that that user has edited before under another username or as an IP. While I've never attempted to set up a sleeper account, my guess is that anyone who does would probably take this into account. Have there been other situations where investigative techniques alone (rather than privacy concerns in the evidence) are really so compelling and powerful that the need to keep them secret is more important than the need for transparency? JavaTenor (talk) 00:36, 24 November 2007 (UTC)[reply]

Well, given the present situation only, I would probably agree. But I envision this proposal as being created to avoid a future situation which we might not foresee at the moment. If there is a situation in which confidential evidence is a part, we will at least have a policy in place to properly deal with it. Regardless of the reason -- privacy or investigative techniques -- we need to be prepared to handle the material well. - JodyB _talk 00:44, 24 November 2007 (UTC)[reply]

I think this should go. There is nothing useful to be gained from keeping techniques for discovering abuse secret, and the potential for abuse and escalation of drama is vast. Zocky | picture popups 03:48, 25 November 2007 (UTC)[reply]

See comments above. At least one major sock-vandal who engages in sneaky damage, and probably others, are identified through experience of their previous aposts. The exact evidence is usually compelling. But in such cases security by obscurity is the only means that exists. So yes, as a practical measure I am personally, very clear as to the need and risk. See comment above on this. FT2 ^{(Talk | email)} 13:08, 25 November 2007 (UTC)[reply]

Two Classes of Info

There also seem to be two classes of confidential information here: information that's truly private (names, identities, checkuser info, etc.), and information we'd like to keep out of the hands of deliberate disrupters. Is there any truly compelling reason that the second class of information needs to be held so close to the chest (i.e., ArbComm)? Couldn't it be emailed on request to individual users that the assembler has some level of trust in? I think this is somewhat close to how things are currently done, and I'd prefer this policy not hint that its okay to restrict pseudo-confidential information to ArbCom, just to keep it out of the hands of vandals. Perhaps some language like:

Information that would can be released without harming the privacy of members of the community should be available by private email to trusted editors, on request. Trust may be defined by those assembling the evidence. Editors who ask for such information should be prepared to respect the confidentiality of the information, and not distribute it without permission. This process in no way alleviates the need for a prior review of the evidence by ArbCom before blocks should be issued.

Thoughts? --Bfigura ^(talk) 02:45, 24 November 2007 (UTC)[reply]

I can't imagine that we would restrict the dissemination of information that the assembler wishes to make public unless it violates aleady existing restrictions (your class one material). If they wish to divulge their methods then that's sure fine by me. -JodyB _talk 02:52, 24 November 2007 (UTC)[reply]

Right, my concern is that our current Review section implicitly limits reviews to arbcom / checkuser / oversight. While I can certainly imagine cases where that restriction would be necessary, I'm not convinced it would need to be present in all cases. (And I don't think it should be hard to tell whether such restriction is needed, although I could be wrong, since I'm none of the above :) Best, --Bfigura ^(talk) 05:29, 24 November 2007 (UTC)[reply]

Jody,as I understand your argument is that there has not yet been any case where disclosure of investigatory methods would actually require confidential information? In that case, what are we discussing? It would seem we have no need for this entire policy, there being no actual situation not covered by checkuser--and we could therefore simply terminate the discussion. DGG (talk) 06:51, 24 November 2007 (UTC)[reply]

No DGG, not at all. In the most recent case we had a investigator who wanted a block and wanted to keep her techniques secret. I am sure there have been other such cases too and even more certain others will follow. Without commenting on the need for secrecy in this recent case, I would say we must have something in place to provide guidance should it occur again. I think this proposal, or something akin to it, it necessary. All I am saying to Bfigura above is that the person assembling the evidence can make his techniques public if he wishes. - JodyB _talk 13:08, 24 November 2007 (UTC)[reply]

This proposal doesn't add much at all really. It states that the user will disclose to "trusted editors". That is, presumably, editors the person trusts (since no further list of "people who must be trusted" is given). But that doesn't help. Of course a person with evidence will disclose it to someone they themselves trust. The issue here is disclosure to indepdendent reviewers that allow the community a measure of trust. This wording just says that essentially, they will show the evidence to the (few/very few?) people they'd have decided to show it to anyhow. FT2 ^{(Talk | email)} 13:13, 25 November 2007 (UTC)[reply]

For example, users can @ ArbCom instead of posting evidence.... -- _{Piotr Konieczny aka Prokonsul Piotrus | talk} 05:00, 24 November 2007 (UTC)[reply]

Sure. Such users shouldn't be going around and blocking based on such evidence though, without ArbCom getting involved and doing the block (as we learned from the !!/Durova thing). --Bfigura ^(talk) 05:26, 24 November 2007 (UTC)[reply]

Yes, this seems to be the simplest option. If you don't want to share your evidence, send it to ArbCom. Version 3 seems much the best. Tim Vickers (talk) 23:06, 27 November 2007 (UTC)[reply]

I'm not comfortable with ArbCom handling secret evidence when keeping such evidence secret is unwarranted. There are certain classes of information that are inherently sensitive (personal information, generally). I accept keeping such information private and allowing ArbCom to use it if it is pertinent to a case. But "secret conclusions" drawn from non-secret information are wholly unacceptable, whether they are reviewed by ArbCom or not. So I endorse Version 3, provided it is not altered or interpreted to allow something other than inherently sensitive information to remain secret.--Father Goose (talk) 23:38, 27 November 2007 (UTC)[reply]

See also "KISS" below. Rklawton (talk) 23:27, 27 November 2007 (UTC)[reply]

I'd propose saying that the only two agencies justified in acting on secret evidence are 1) The Board and 2) The Entirety of the Arbcom. Secret evidence cannot be reviewed, so this really boils down to: who do we, as a project, trust to the extent that we cede any right whatsoever to review their actions?. Individual admins, and even fairly large subsets of admins clearly do not meet this criteria. Honestly, left up to me, I would prefer Arbcom not even be able to act on secret evidence, but that might not be feasible.

Also remember-- if secret evidence is needed to prove a case, than there is no active disruption going on. There shouldn't be any "emergency need" for immediate action based on secret evidence. Secret evidence is INCREDIBLY dangerous-- if anyone is going to do this, let it be arbcom and only arbcom. --Alecmconroy (talk) 13:19, 24 November 2007 (UTC)[reply]

At present, ArbCom does (and has in the past) act on confidential evidence. I'd be happy to continue that trend, and let them be the sole enforcers of confidential evidence. (Hopefully it would be so rarely used that this wouldn't prove a caseload burden). And I agree that if there's an emergency that necessitates immediate action, then a block should be made for disruption using public evidence (since if someone is being that disruptive, then there should be plenty of public evidence by definition). Best, --Bfigura ^(talk) 21:36, 24 November 2007 (UTC)[reply]

I agree with the need for rules regarding confidential evidence but I disagree with the approach taken here. I feel that this proposal is far too restrictive on the use of such evidence, and editorializes to an undue degree that such evidence should not be used. Rather than getting into a dispute over the matter, or making bold edits that are sure to be opposed, I have written an alternate proposal based on this one, at Wikipedia:Confidential evidence/alternate.

Before actually modifying or getting on the talk page there, could I please get some feedback about whether it's okay to make a fork like this? It seems to me to be the best thing to do under the circumstances. Unless there's a convincing objection I'd also like to notice the alternate proposal as well as this one to the village pump, the Durova RfC and ArbCom hearings, and any other appropriate places. (btw, to any administrator reading this, I initially created the proposal at the wrong place and then moved it to its present location - would you kindly delete that page?)

Thanks, Wikidemo (talk) 14:41, 24 November 2007 (UTC)[reply]

I would think it would be better to try and keep things in one place. Perhaps create a new section and put your proposals there. Otherwise, we end up chasing our tails over several pages. -JodyB _talk 15:41, 24 November 2007 (UTC)[reply]

My proposal would be that we replace the entire current proposal in favor of the one I wrote, or else reject it because it's unacceptable in its current form. About 70% of the verbiage would have to be deleted. I don't see any way to do this incrementally as edits to the current proposal. Wikidemo (talk) 16:19, 24 November 2007 (UTC)[reply]

You could, for example put a level 1 heading of "Original proposal" at the top and indent all other existing headings one level. Then add another level 1 heading of "Alternative #1" with your proposal underneath it. Think outside the box!

GRBerry 17:24, 24 November 2007 (UTC)[reply

]

I second that. I think it would simplify this whole discussion. In fact, I'm going to go copy it to this page now. --Bfigura ^(talk) 18:40, 24 November 2007 (UTC)[reply]

Personally I think the current proposal raises the standards slightly too high for use of confidential evidence, but I feel that alternate errs to far in the opposite direction. The alternative seems to convey a message of using confidential evidence is fine when there's a reason to do so, but such use should follow these (relatively strict) guidelines, instead of confidential evidence should be used only when there's a compelling reason to do so, and should follow these (relatively strict) guidelines. Well to be fair, the #6 consideration does say the opposite (limit use as much as reasonably possible), but I think it should be stressed more than it presently is in the alternate. Whatever regulations we come up with in this guideline will likely be underexaggerated to some extent by those who act on private evidence, as our

I agree with Wikidemo that Version 1 is currently more wordy then necessary, but I think Daniel's right in that the policy should be strict. We shouldn't sacrifice transparency unless there's a really strong need to. Best, --Bfigura ^(talk) 21:16, 24 November 2007 (UTC)[reply]

The new "alternative 3" seems to fit that bill, and it's short and sweet. I have no objection to that, so long as ArbCom is amenable to the task, has the bandwidth for this new function, and can act quickly (we can't wait the usual 2 weeks for ArbCom to decide if a disruptive sockpuppet should be blocked based on secret evidence).Wikidemo (talk) 00:37, 25 November 2007 (UTC)[reply]

• Instruction Jump as distinct from the more usual instruction creep. We have the situation of someone making two mistakes, both promptly corrected. AN/I seemed very capable of dealing with the situation under existing rules. DGG (talk) 00:27, 25 November 2007 (UTC)[reply]

What existing rules? (I mean that sincerely, not rhetorically - how would AN/I deal with decisions regarding secret evidence)Wikidemo (talk) 00:37, 25 November 2007 (UTC)[reply]

The issue here, to drive right to the heart of the matter, is whether Durova's investigative techniques should remain secret.

I personally must start with the assumption that investigative techniques do not need to be kept secret (unless they are wrongful, at which point any secrecy becomes a cover-up). The justifications I've seen so far have been that if the vandals knew what behavior got them in trouble, they would avoid it, and be even harder to spot.

Isn't this what we want? Does it matter if a so-called problem user is out there covertly doing non-problematic things? Do we need to act at all except when destructive behavior is spotted -- and is there some kind of destructive behavior that is somehow unidentifiable or irreversible unless secret techniques are used? Why can we not rely on transparent methods of investigation only? (Note that I consider checkuser an adequately transparent method of evaluating privileged information.)

Convince me that "secret investigations" are not dead, dead wrong. I don't care if lots of people are in on the secret as some sort of check against abuse. I have not heard a single convincing reason why they should be secret in the first place. Convince me. Convince everyone.--Father Goose (talk) 05:32, 25 November 2007 (UTC)[reply]

It sounds like you may not want to be convinced. Actually, there is nothing at all wrong or prohibited with secretly investigating someone. You do that every time you check their user page, talk page, edit history or log because you think something is fishy or you want to figure out who they are. You don't exactly tell them in advance that you're poking around or get permission, nor would you ever tell them you suspect them of something before you gather some information privately. So it's not the investigation, it's whether the information should be used as the basis for a block, ban, etc., and if it is, may it be kept confidential. Most security systems are not so robust that they can withstand a clever attack by someone who knows the detail of the system. Every police force has its plainclothes officers and undercover investigations. If we publicize the exact method used to rule in or out whether a user is the secret sockpuppet of another, it would become simple for someone to create a sockpuppet account that would evade detection. Wikidemo (talk) 09:38, 25 November 2007 (UTC)[reply]

Father Goose, this isn't about Durova except that Durova's episode pointed to the need for this proposal. Wikidemo is correct that confidential investigations take place routinely. We can pretend otherwise but it doesn't change that fact. What has happened should scream for the need for guidance. Whether this proposal is the right one I don't know. I think we are headed in a good direction. But as for me, I would prefer to be proactive rather than deluding myself into thinking this won't happen again just because we say so. There is nothing inherently wrong with confidentially studying editing patterns and commonalities to discover the troublemakers. What is wrong is willfully allowing these most recent events, with all the accompanying protestations, to occur and then doing absolutly nothing to prevent it in the future. I'd hope you would reconsider and help us draft a policy that contributes to the growth of Wikipedia. JodyB _talk 11:54, 25 November 2007 (UTC)[reply]

"...is there some kind of destructive behavior that is somehow unidentifiable or irreversible unless secret techniques are used..." if you allow that secret means "using knowledge that is not going to be explained publicly" then completely and utterly yes. I can confirm this, as can several others. There are indeed a number of destructive sneaky vandals and sock users, who are exceptionally damaging, and who would quickly swap one kind of highly damaging sneaky vandalism for another kind, or act to make their identification harder, if they were advised how their edits were to be identified. FT2 ^{(Talk | email)} 13:21, 25 November 2007 (UTC)[reply]

Now that the RfC and arbitration case are under way, I am satisfied that these specific troubling uses of confidentiality are being questioned on a broad scale. The earliest versions of this proposal contained the assumption that such uses were acceptible. It appears that the community at large does not share this assumption.--Father Goose (talk) 21:01, 26 November 2007 (UTC)[reply]

I fully support this proposal (that is the first version), and had recently considered initiating something like this myself. However, I am still a little uncertain of the concerns that users with second or multiple accounts would be gaining material potentially damaging to the project by the mere revealing of evidence because such evidence would enable them better to create a secret second account. I am quite naive as regards the damaging effects of users with second or multiple accounts, though my assumption is that this relates to block voting in order to push a certain point of view. My feeling is that if discussions on Wiki are locked into knowledge, reason and experience rather than tally counting, then we have less reason to fear users with multiple accounts. If a view presented in a discussion makes sense then it would make sense regardless of who presented the information, and that view doesn't get better or worse for being repeated. If a view presented in a discussion doesn't make sense or is harmful, then that view doesn't become less harmful by being reiterated by a handful of different accounts - regardless of who is behind the accounts. I am wondering, perhaps, if we didn't hand out guns then we wouldn't need to hand out bullet proof jackets and bandages. I'd like to see some tightening up of conclusions and decisions reached in discussions so that the incentive to create secret secondary accounts is lessened. SilkTork *SilkyTalk 10:25, 25 November 2007 (UTC)[reply]

Voting irregularity is only one of many possible problems arising from abusive sockpuppet accounts. Please take a look at

WP:SOCK and related pages for some others - disruptive editing while avoiding the consequences, gaming article edits, stirring up trouble by trolling, hiding COI editing, etc. Wikidemo (talk) 12:12, 25 November 2007 (UTC)[reply

]

In other news, people think secret evidence is allowed at any time? Well, just don't try to use secret evidence while I'm around... grrr! --Kim Bruning (talk) 01:43, 26 November 2007 (UTC)[reply]

I'm not sure there's any consensus here, much less to accept or reject. I'm removing the rejected tags. --Bfigura ^(talk) 01:47, 26 November 2007 (UTC)[reply]

For proposals: no consensus == reject.(and the odds of getting a consensus via the proposal method are astronomical). --Kim Bruning (talk) 02:09, 26 November 2007 (UTC)[reply]

I'd say it is more accurate to describe this as a set of related ideas than a proposal at this time. Marking as a proposal is more accurate than marking as rejected; marking as "several brainstormed drafts that may become a proposal" would be even better. Do we have a template tag for that?

GRBerry 04:03, 27 November 2007 (UTC)[reply

]

There is now. =] Feel free to modify it as appropriate. — xDanielx ^T/_C\^R 09:50, 28 November 2007 (UTC)[reply

]

Thoughts? FT2 ^{(Talk | email)} 03:18, 26 November 2007 (UTC)[reply]

I do not believe that this proposal is nearly strong enough. Even I can figure out how to game it, and I don't have the extra buttons. At a very minimum, I believe that all confidential evidence (i.e., that which is covered by the privacy policy or by OFFICE) bxvfgcgvęeing linked to an administrative action made by someone who is not acting on the basis of OTRS, oversight request or checkuser should immediately and without prior request be provided to the entirety of the ArbComm for review. Further, if there is a legal issue identified during the course of an investigation, this should be immediately and without prior request be sent to the Foundation and/or its legal counsel; this could include a proposed action plan. Individual editors and admins are not in a position to determine the best course of action in response to legal issues; law is often counterintuitive and well-meaning admins could place the Foundation in an untenable position unwittingly. Risker (talk) 03:29, 26 November 2007 (UTC)[reply]

Missing the point I think. Legal issues will always need referring to the office. We're mostly discussing textual evidence some people believe shows an editor is perhaps a problem. The underlying question we're trying to address is roughly:

"A block, ANI thread or sanction may be appropriate based on knowledge some user has. But if the community won't be able to see the evidence, then who will credibly and independently review it, and be able to confirm for the community without delay that the wiki-analysis is a good one, the evidence stacks up, the conclusion is fair, and the disclosure reasonable and honest?"

In other words, a flow like this:

Policy: Policy identifies a reasonable and trusted set of reviewers - could be crats, arbcom, oversighters (who see all information anyway), whatever. But a group of reviewers are identified to whom any user can safely submit non-public evidence for careful review. Process: User/users identify a problem, and form a view the evidence should not be made available to all to review. Evidence is sent, and reviewed Response comes back agreeing to action, and confirming how much of the evidence should be publicized (or how much should not be). It also contains a summary for the public record of the reviewer's opinion and a (sanitized) description of the nature of evidence. Action is taken by the user Simultaneously or immediately after, a post is made by the user explaining the matter (as normal). The user explains the matter fully, but they also append the reviewer's summary in full to their post, along with the reviewer's name, disclosing the advice and opinion given. The community now has a full description, by a named trusted independent crat/arb member/oversighter who has reviewed the non-public evidence and fully stated their view. They can also check the evidence was disclosed to the extent the reviewer stated. This meets the public need for valid good quality independent information on what has gone on. If there is still a problem or need for a 2nd review, a second review can easily be held by mutual agreement - you'd probably need a short discussion to pick someone from the same trusted set whom everyone is comfortable with, eg different arbcom member or oversighter (or arbcom if no agreement) but that's going to be easy.

This fairly simple schemata ensures that any action based on non-public evidence, has an credible independent review publicized at the same time as the action is taken, without fakeability, and with a clear public statement of what the reviewer thought and what evidence should be made public, and the option for a 2nd credible independent review to double check.

I don't think this is quite as gameable as you might have thought :) FT2 ^{(Talk | email)} 03:51, 26 November 2007 (UTC)[reply]

That is closer to a reasonable vision. Why not use this simplified version as the policy? It is the layers of complexity in the document on the project page that make it easy to game. Risker (talk) 04:04, 26 November 2007 (UTC)[reply]

I'd be tempted to specify oversight or arbcom (and possibly office??), plus crats if there is no oversight related issue, as our pool of valid reviewers. Any of these categories have the trust and standing to 1/ see anything anywhere on the wiki, private or not, 2/ review it competently, 3/ report credibly to the community on it. Plus if oversighters would be willing to be reviewers for such content, it helps avoid only burdening arbcom. Thoughts? FT2 ^{(Talk | email)} 04:17, 26 November 2007 (UTC)[reply]

This flow looks plausible.

GRBerry 03:59, 27 November 2007 (UTC)[reply

]

Thoughts on this one? FT2 ^{(Talk | email)} 05:22, 26 November 2007 (UTC)[reply]

Don't we need to specify that the block is placed by a reviewer and that the person assembling the evidence along with the reviewer are named in the block announcement? JodyB _talk 17:27, 26 November 2007 (UTC)[reply]

On reflection whats missing is a "this is the proposed sort of sanction" and the reviewer's comment on if it's okay or (if not) what would be. Provided the user doesn't get to choose an arbitrary sanction, that process is better. Policy proposal updated x 2. Nice "catch". FT2 ^{(Talk | email)} 08:18, 27 November 2007 (UTC)[reply]

Looks plausible. To Miscellaneous point #1 I'd add that later reviewers should receive a copy of the prior review. For requests prior to receipt, disclosure is sufficient, if feedback has been received then that feedback is also important for later reviewers.

GRBerry 03:59, 27 November 2007 (UTC)[reply

]

Shouldn't be needed. Suppose the user wants independent advice? The 2 reviewers (or the later one at least) knows of the other and has permission to discuss with them if they wish, without needing to ask# further. That should cover it, if they want to ask what advice was given, or confer, for example. FT2 ^{(Talk | email)} 08:21, 27 November 2007 (UTC)[reply]

In light of recent developments elsewhere, I wonder if it might be possible to add a clause to the effect that reviewers could include "any other person (not including admins) who are viewed as being knowledgable about either the procedures involved, or, less favored but still acceptable, the history of the content in question." I add this clause because it could be possible that for one or the other criteria selected above, it might be the case that the uninvolved party who would be possibly the first choice as a reviewer might be someone like, for instance, User:Yomangani, who seems to be trying to withdraw sysop priveleges, someone who has explicitly chosen not to be an admin but is otherwise trusted anyway, or any number of other reasons. They might be the best potential choices in cases where the actions in question deal with a particular subject, and the person most knowledgable about that subject is highly respected but isn't currently an admin for whatever reason, as an example. The involvement of such an individual generally shouldn't be seen as meaning an admin or two shouldn't also be contacted, though. John Carter (talk) 16:09, 27 November 2007 (UTC)[reply]

I'm not clear on the exact meaning of the Factual evidence paragraph of the Careful handling and judgment section. Wording: Factual evidence. The matters confidentially disclosed should be factual, based on evidence or strong likelihood, with flaws and questions disclosed as the matter progresses. Is this saying: Factual evidence. Any material that is not presented should be factual, based on evidence or strong likelihood rather than interpretation.? And if so, shouldn't this be saying: Factual evidence. Any material should be factual, based on evidence or strong likelihood rather than interpretation., regardless of the fact that the material is being withheld or presented. Or is the suggestion that speculation is acceptable as long as it is out in the open for people to openly discuss, but when the material is withheld that speculative evidence is not acceptable? SilkTork *SilkyTalk 13:23, 26 November 2007 (UTC)[reply]

This article focuses entirely on Confidential evidence in Wikipedia-related matters. When reading this on

Though the above question is the main question I think this page needs to answer, I want to point out that the above is not entirely distinct from what the page currently answers. Whistleblowing, or, more specifically, the use of confidential sources in the article space, is most likely to occur in Wikipedia-related matters. For example, thinks like the Essjay controversy could very well have presented difficult problems with confidential evidence. User:Krator (t c) 23:21, 26 November 2007 (UTC)[reply]

I don't see that as being an issue.

scoop - we'd wait for the media to publish the story, and then - if notable enough - we could create a suitably sourced article on the topic. SilkTork *SilkyTalk 08:13, 27 November 2007 (UTC)[reply

]

I believe an admin should be free to use secret evidence to warn, revert, or block as the admin deems appropriate. But... upon request from any other admin the admin with the secret evidence must turn it over to any requesting admin OR turn it over to arbcom (per v.3) OR recuse themselves from further involvement in the matter. Rklawton (talk) 16:20, 27 November 2007 (UTC)[reply]

Even simpler: No secret evidence. This is a complete turnabout from the days that "offwiki information does not have play onwiki". If you think something requires confidential evidence in the first place, there's something seriously seriously wrong. Sure, maybe it needs to be handled, but it should be handled like the exceptional case that it is. We don't need to make up new rules for this. (That and wikipedia is

1. Yes, KISS. A 3000 word guideline is absurd and unworkable. Editors will soon get to the point they have to engage WP attorneys and paralegals to decipher and manage all the WP legalish "Chapter X. Section LVIII. Article XYZ" arcana tucked all over wikipedia.
2. No, an admin collecting "secret evidence" should not also serve as enforcer. Admins should not act as both Detective and Judge. If one party thinks they have evidence, another independent admin (ie not their joined-at-the-hip IRC "best-buddy") should review it and make the call.
3. No, no editor should feel particularly "free to use secret evidence" against others to begin with. The most recent madcap admin "secret evidence" melodrama that unfolded reveals again how dumbfoundingly mental people can behave while caught in the pumped up thrills that come with "trading secrets".[1]
4. No claim to being privy to "evidence which must remain secret" should ever be sufficient justification for an admin action, nor from shielding the assessment process from the community. Again, the recent melodrama reveals that though admins deserve the benefit of
   WP:AGF
   when judging their motives, this does not mean they are granted carte blanche for their actions. No admin can be allowed to offer "you have to take my word for it" evidence against another editor.
5. "Secret evidence" should be limited to "keeping personally revealing information in the evidence secret". The methods used should not be any closely held secret. It's only by bringing these so-called "methods" out into the light can their true merits (or "lack of") be judged.

sigh -- Professor marginalia (talk) 18:50, 27 November 2007 (UTC)[reply]

First, admins act as detectives and judges every day. For example, if I see edits that look to me like a vandalism spree, I block the editor from editing for a duration of my choosing. Next, the approach I recommend enables methods to come to light but only to a trusted group (admins & ArbCom). If the methods fail to come to light, then the admin's actions can be undone. Rklawton (talk) 21:16, 27 November 2007 (UTC)[reply]

Reply: a) Vandalism sprees are not secret, hidden evidence

b) What explanation can there be why transparency is so valuable to most every aspect of the project, except in accusations against other editors? Why is "sealed evidence" adequate to accuse another editor? Isn't every editor due the same good faith as "trusted" admins, every editor who has contributed their time to this project also deserving of an opportunity to share evidence in their own behalf with the "trusted group"?

Hasn't the recent episode illustrated that a process just as you've described leads to "cliquish" us-vs-them rivalries, charges launched with the flimsiest of pretexts, admins operating like RPG players in melodramatic spy games, CYA cover-ups which leave the whistle blowers the job of setting things a-right, while the aggrieved are treated as trolls if they complain, and of course, brand new entertainment for the scandal mongers to revel in? Let's learn something in its wake. It's important to be constructive, but also it's important to be realistic. Hasn't the "process" you describe already shown much of itself? Doesn't it take more to persuade editors these methods have any value? The lesson should be that more scrutiny, not blind trust, is the better plan because people tend to rationalize all kinds of obvious improprieties so long as the lights are out, and then it gets embarrassing and super messy when grown-ups burst in to turn the lights back on. Professor marginalia (talk) 23:51, 27 November 2007 (UTC)[reply]

I don't disagree. However, I can imagine that there might be some situations where it is to everyone's advantage if certain damning evidence is not indicated on the page. For instance, if each of my million socks have a regretable tendency to use certain unusual words, it doesn't make a lot of sense to alert me to the fact that tendency has been noted, does it? The police regularly engage in keeping private certain potentially useless pieces of information to prevent false admissions of guilt, and I can see that doing the same thing here makes sense as well. However, I do think that having individuals, including ArbCom, admins, or anyone else who is particularly knowledgable about a given subject involved in such evidence gathering. I acknowledge that this can create difficulties, but think that, for at leat some information, it does make sense to not divulge the information used in some cases. I agree that only a very little such information should ever be kept private, and only at most a specific point or two in individual cases, though. John Carter (talk) 00:01, 28 November 2007 (UTC)[reply]