Wikipedia talk:Oversight/Archive 7

This is an archive of past discussions. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page.

Screenreader users sometimes choose to be presented with a list of links separate from the page, with only the link text leading to the URL. With that in mind, "as described here" to lead to another page looks like poor wording because of the ambiguity of "here". (Even in context, it's not immediately clear whether "here" refers to the link target or to the page the link text is embedded in.) Would there be consensus in rewording for clarity, eg by making the whole note read "Note: The suppression team does not respond to threats of harm. [[Wikipedia:Responding to threats of harm|Report a threat of harm to yourself or to others]]."? The Crab Who Played With The Sea (talk) 21:25, 14 November 2022 (UTC)

I have reworded to make it more clear there is a link there, and where it points. Primefac (talk) 09:53, 15 November 2022 (UTC)

Hi there. On 10 February, I was erroneously blocked by administrator Daniel Case, who subsequently reverted the block: https://en.wikipedia.org/w/index.php?title=Special:Log&type=block&page=User:Bastun

After a request from administrator Alison, he subsequently RevDel'ed the block, and requested oversight of the block, but then reported that it couldn't be oversighted and shouldn't have been RevDel'ed, and reversed that. (See https://en.wikipedia.org/wiki/User_talk:Bastun#Block )

As I have been editing here for over 15 years without a block, and had a clean block record until now, I am obviously not happy about this.

Note also the provisions of the EU's General Data Protection Regulations. Included in the seven principles of GDPR are two that are very relevant: a) the requirement for *Accuracy* (and the consequent right to have incorrect information amended or deleted!); and b) the principle of Accountability (which means that Data Controllers need to ensure that they not only comply with the principles, but also have appropriate processes and records in place to demonstrate compliance.)

Other jurisdictions have similar laws in place. See https://www.dataprotection.ie/sites/default/files/uploads/2019-11/Guidance%20on%20the%20Principles%20of%20Data%20Protection_Oct19.pdf for the Irish Data Protection Commissioner's interpretation of the GDPR.

While my preference would be for the block to be fully oversighted in the logs, I would accept Revision Deletion if the former isn't possible, and would now like to formally request that one or the other is done.

Please note my bringing up GDPR is *not* a legal threat and I have no intention of bringing this issue up with anyone outside Wikipedia/the WMF.

Kind regards, Bastun^{Ėġáḍβáś₮ŭŃ!} 18:19, 28 February 2023 (UTC)

P.S. I am posting this here because my email of 13 February (sent to user "Oversight" via wiki page) has still not received an acknowledgement or a response (which may be my issue, I don't know), and I have just warned another user that they may breach 3RR. I would appreciate a reply either here or by email, either works, but I would like a response. Bastun^{Ėġáḍβáś₮ŭŃ!} 18:19, 28 February 2023 (UTC)

@Bastun for anything you want acted about "GDPR" or any other sort of governmental law or regulation you must contact meta:Wikimedia Foundation Legal department (the legal@... email address or the Registered Legal Agent physical mail address). As far your notes above, it is correct that logs should almost never be removed. See Wikipedia:Revision_deletion#Log_redaction. If there was a "bad" logged action, transparent proof of that is used to hold administrators making such an action accountable. — xaosflux ^Talk 18:34, 28 February 2023 (UTC)

Also, a response to your last email about a ticket ending in ...625 was sent on 20230213T1222. — xaosflux ^Talk 18:48, 28 February 2023 (UTC)

I'm not an oversighter, and don't know what either of you have said to each other. The log clearly shows that you were mistakenly blocked, and there's no reason to think that's inaccurate. If anyone holds that against you, which would seem highly unlikely, then they're an idiot. I myself have a block log, which I encourage you to peruse, and it hasn't affected me one bit. There's lots of highly respected people roaming around with erroneous block logs. We even have a userbox, Template:User accidentally blocked, so you can wear it with pride. -- zzuuzz ^(talk) 19:31, 28 February 2023 (UTC)

Jimmy Wales blocked you?? Good grief - that's quite the war story indeed! I'd no idea that happened - Alison ^talk 19:44, 28 February 2023 (UTC)

Hi Xaosflux, thanks for the quick response. I see there is a response in my inbox, which, annoyingly, went into my spam folder. Thanks for the link, too, to RevDel - I'll have a read later (late for a meeting!) Bastun^{Ėġáḍβáś₮ŭŃ!} 19:59, 28 February 2023 (UTC)

I've got my own 3RR/oops lets reverse that - block in my block log from waaaay back in 2006! — xaosflux ^Talk 20:09, 28 February 2023 (UTC)

I'd also like to point out that the GDPR accuracy principle mentioned above is in fact being met: the block log accurately shows that you were blocked, and then unblocked. The unblocking admin also pointed out in their unblock that the block was a mistake, satisfying the requirement for amending incorrect information. GeneralNotability (talk) 22:51, 28 February 2023 (UTC)

Heh, thanks, zzuuzz - I am now en-templated! ;-) Cheers, Bastun^{Ėġáḍβáś₮ŭŃ!} 12:00, 1 March 2023 (UTC)

Per Wikipedia:Edit filter/Requested/Archive_21#Telephone numbers added to articles I created Special:AbuseFilter/1244 with the goal of blocking new users from adding phone numbers, which is a persistent problem. I think having a filter to block phone numbers is a massive improvement on the status quo, which is that these phone numbers often don't get reverted in a timely fashion, and even if they do, they are almost never suppressed (or even revdelled).

But the since the logs of the filter are visible to all admins and a small number of (trusted) non-admins, this does create somewhat of problem since the filter collates a list of material most of which should in theory be suppressed (Special:AbuseFilter/247 might have a similar problem). To be clear, the filter doesn't make the content more visible, but it does collect it in one place. Until phab:T290324 is done there's no way to set the logs to be only visible to oversighters. So I'm wondering if y'all oversighters think it's fine for me go ahead with trying to make this into a disallowable filter, or if I should wait until there's a way to hide the logs more (or I suppose we could have a bot automatically suppress the logs).

(@HJ Mitchell: since it seems he suggested using trying an edit filter for this purpose.) Galobtter (pingó mió) 21:02, 5 April 2023 (UTC)

@Galobtter a phone number alone somewhere is not necessarily suppressible, it depends on what kind of number it is and what context it is used in, so I'm not too worried about this (especially with the current state being these get published, then maybe revdeled, then OS is requested). This would be one of those logs I'd expect admins to patrol, block users as needed, and still report to OS as needed. — xaosflux ^Talk 21:11, 5 April 2023 (UTC)

Thank you for trying this out, Galobtter. Something to keep in mind is that phone numbers come in a wide variety of formats and configurations, ranging from six to more than a dozen digits. I don't think it's realistic to think it possible to filter out phone numbers without messing up other legitimate uses of number strings. Sometimes the creation of a filter gives a false sense of security that an issue is being addressed. I'm also concerned that oversighters may have to review those filter actions to verify that they're actually removing a phone number rather than either a valid string of numbers, or a completely random one that wouldn't qualify for suppression. Just FYI, one of the most common places to find telephone numbers is in edit summaries; I think that might actually be richer territory, since we don't see nearly as many valid number strings in edit summaries. Just a thought. Risker (talk) 21:38, 5 April 2023 (UTC)

Thanks for your thoughts, Risker. Regarding I don't think it's realistic to think it possible to filter out phone numbers without messing up other legitimate uses of number strings.: of course, without a human checking every edit it's impossible to perfectly distinguish these cases, but my goal is to catch most phone number additions while rarely stopping other use cases (in general you'd want a disallow filter to have <1% false positive rate); I wouldn't have come here if I wasn't reasonably confident that what I had could become a disallow filter. Currently what the filter does is look for phone numbers that have a combination of numbers and spaces; while dashes are of course often used in phone numbers, that often conflicts with dates, and most of the phone number additions seem to be from South Asia/outside of the U.S., where it a lot less common to use dashes in phone numbers. The most common false positives I found here were in links, citations, and files, so the filter excludes edits involving or adding those.

With all that done, currently my estimate is that ~90% of the edits caught by the filter are phone numbers, ~10% are number vandalism, and small percent remaining is false positives, which is pretty good IMO. Since the edits would not be suppressed by the filter, I don't think oversighters would need to review the filter actions. Also, I did look at summaries too, but this does require some work since reverts often include the revision ID in the edit summary, and there are other reasons revision IDs appear in the edit summary too. Galobtter (talk) 06:47, 10 April 2023 (UTC)

Perhaps take a look at this filtered edit, which is a good example of what would concern me. I'm reviewing the flagged revisions right now, and that one was at the top of the list. Not sure how you'd get around that, will leave it to your considerably greater knowledge. :) Risker (talk) 03:22, 11 April 2023 (UTC) Also this one. These two were from the first 10 completed edits noted in the log when I opened it. Risker (talk) 05:38, 11 April 2023 (UTC)

As it always seems, the moment I talk about a filter, it keeps running and seems to produce all the false positives :) Thanks for looking through the filter hits; I excluded the examples you gave and others by excluding any number additions inside templates or tables. This didn't seem to produce much false negatives. I think the frequency of numbers in running prose is a lot less, so hopefully this works better. Looking at the filter again though, the number of true phone number additions in articles per day does seem pretty low; there are more talk page additions but a surprisingly high number of them seem to be now stopped by Special:AbuseFilter/1245 (with the caveat that about 15% of the hits are suppressed so I can't see all the true positives). Galobtter (talk) 19:47, 11 April 2023 (UTC)

As a potential test case, here is a rare good-faith edit which might be mistaken for phone spam. Certes (talk) 14:31, 11 April 2023 (UTC)

Not related to any specific case, just something that's been on my mind. To what extent should we be suppressing personal information that adults voluntarily disclose about themselves? We obviously act with extreme prejudice with personal information that children disclose about themselves (because we presume they don't realise the potential consequences) or which is inadvertently or improperly disclosed about adults, and rightly so. But where an adult (or someone we presume is an adult) discloses information, should we routinely suppress it? Does this hold for all types of personal information? For example, should we treat a generic webmail address (eg [email protected]) the same as a physical address; an address the same as a phone number? My general impression is that we suppress most of this type of thing. My personal opinion is that perhaps we're a little over zealous and that, in general, if someone discloses personal information/contact details we should err towards leaving it unless they ask for it to be removed but I'd be happy with any consensus that emerges. HJ Mitchell | Penny for your thoughts? 19:03, 13 April 2023 (UTC)

My opinion, and one that I am reasonably confident is shared as general consensus amongst OSers, is that we assume that someone posting their personal information (email, phone, address, etc) are not aware how problematic such an edit can be, and thus we remove it for their own good. If they re-add, or otherwise question why the removal was done, and thus indicate that they are aware/cognisant of the issues, then there is no issue. In the half-decade I've been doing this, I can think of less than a dozen times in which this has happened (and it's usually minors/students who make this claim). Given the huge rise of harassment I've seen (doxxing and the like) in the last year or so, I would be extremely hesitant to have anyone's personal email be any more visible than strictly necessary. Primefac (talk) 19:10, 13 April 2023 (UTC)

Related, it also depends a bit - as it is hard to tell if what someone posts is actually their personal info, or just some personal-looking info. — xaosflux ^Talk 20:26, 13 April 2023 (UTC)

It may also be an unwitting third party's personal data, in which case it seems more important to remove it than data willingly shared by its owner. Certes (talk) 22:33, 13 April 2023 (UTC)

If it's indeed the case that adding emails is generally undesirable anywhere on Wikipedia, then we should extend Special:AbuseFilter/247 to all namespaces - I even tested this at filter 877, if people want to see the kind of edits that would block.

This practice does seem reasonable to me, since we also don't know if people are actually posting their own phone number/email, or someone else's. Galobtter (talk) 23:39, 13 April 2023 (UTC)

I think (email) addresses, phone numbers, etc fall into four categories:

1. Personal information with is disclosed maliciously. This should very nearly always be suppressed (the rare exceptions will be things like avoiding a Streisand effect).
2. Personal information which is disclosed without apparent appreciation for the consequences. This should usually be suppressed but exceptions are possible.
3. Personal information which is intentionally disclosed with (apparent and/or believably claimed) appreciation for the consequences and no suspicion of wrongdoing. This should not normally be suppressed.
4. Publicised contact information - for example contact details for companies, agents, etc. This needs considering on a case by case basis, but where it is determined that it shouldn't be in the encyclopaedia simple removal will usually be sufficient and revision deletion is enough for some of the rest but it is not impossible some may need suppression.

If it is unclear which category something falls into then we should generally (always?) treat it as being the highest it could be. Thryduulf (talk) 00:29, 14 April 2023 (UTC)

• The historical interpretation as long as I've been an OS'r and when I was an admin/working in NPP was that we assume new editors don't know how the project works, and as such will suppress since release of information requires consent, and if you don't know how the software works and its implications to your privacy, that consent is difficult to give. In other words, I agree with Primefac. TonyBallioni (talk) 01:01, 14 April 2023 (UTC)

People's thoughts would be appreciated at Wikipedia:Edit_filter_noticeboard#Expanding_247_(email_additions)_to_all_namespaces?. Galobtter (talk) 07:47, 15 April 2023 (UTC)

Moved from Special:Permalink/1151653269

Can you please explain how can someone delete their wikipedia account and request you to remove all of their data? Kicmenamozdina (talk) 10:57, 25 April 2023 (UTC)

Unfortunately, our software currently does not permit deletion of accounts. However, it does not hurt anything to leave accounts unused; you may simply stop using the account.

If you wish to remove your email address from your account, you can unset it at

Db-userreq}} to the page (including the brackets), and one of our administrators will delete the page. If you wish to rename your account, please see the instructions at Wikipedia:Changing_username. Additionally, you might qualify for the right to vanish

.

If there is personal information on another page that you wish to be removed, please email the Oversight team.

Otherwise, all you have to do is stop logging into the account. I hope this answers your question, and I am sorry to hear that you have decided to stop contributing to Wikipedia. If you wish to return, you may simply begin using the account again.

If there is anything else we can help you with, please let us know. Best regards, and thank you for using Wikipedia. Primefac (talk) 11:34, 25 April 2023 (UTC)

I got a question? How long until it is too late to get oversight for example, you forgot log in. It happened to me once in November 2021 but I didn't know about this until a year later then I was told it was too late when I requested it? Cwater1 (talk) 14:32, 1 July 2023 (UTC)

"Generally within the last three months", from [note 2]. Primefac (talk) 14:34, 1 July 2023 (UTC)

I see now. It would probably be hard to two and two (IP and User) together considering it was one time. Next time, if I accidently forget to log in and edit, then I should request oversight as soon as possible. Cwater1 (talk) 14:37, 1 July 2023 (UTC)

Correct. These days IPs are rarely static, so two edits spread a year (or more) apart are very unlikely to be connected. Primefac (talk) 14:49, 1 July 2023 (UTC)

 You are invited to join the discussion at Wikipedia:Village pump (policy) § Redirects involving BLP privacy issues. ^user:A smart kitten_meow 21:08, 24 September 2023 (UTC)