Wikipedia:Requests for comment/Arbcom, confidentiality, and oversight


 * To discuss this proposal, please see the talk page. See also the straw poll page.

Overview
This proposal concerns the access and handling of confidential information by arbcom members and oversighters. And also changes policy concerning the granting and retaining of the Oversight user-right.

Confidential information
For various reasons, (including attempting to prevent "rules creep"), this proposal does not attempt to define what "confidential information" (which includes but is not restricted to "private information") is.

If Arbcom as a committee determines particular information is to be considered confidential, no individual arbitrator may unilaterally act in contravention to that determination.

User:Jimbo Wales
This RfC does in no way attempt to affect User:Jimbo Wales or to modify his traditional role in relation to the Wikipedia community and/or arbcom (including the appointment or removal of arbitrators to or from the arbitration committee at his discretion). And any such proposals are to be considered beyond the scope of this RfC. (And attempting to include proposals regarding this would likely prevent this RfC from gaining consensus.)

So with that in mind, this RfC presumes the current status quo: that User:Jimbo Wales has access to confidential information, including but not limited to access to specific confidential mailing lists and the arb wiki.

Arbitration committee members
To re-affirm current policy: Any user who wishes to be entrusted with the additional tools and responsibilities of arbitratorship must submit to confirmation selection every two years. (This is currently set up as yearly selection in overlapping tranches.)

The number of arbitrators to be selected is determined yearly, based upon perceived need.

When selecting someone to receive arbitratorship, it should be presumed that, if the requirements are met, the user will receive the Checkuser user-right, and the Oversight user-right.

Oversight
Any user who wishes to be entrusted (or to continue to be entrusted) with the additional tools and responsibilities of Oversight must submit to confirmation selection every two years.

As oversighters are considered to be entrusted with access to confidential information, they are required to already have the ability to view deleted information and to delete and undelete (such as by already having been entrusted with adminship).

This is also to prevent the possible issue of an oversighter choosing to oversight information when deletion would be more appropriate.

If these abilities regarding deleted content are removed (either voluntarily or involuntarily), Oversight must also be simultaneously removed.

Any arbitrator who, for whatever reason, does not have the oversight user-right, must not have access to confidential information, including the email list and the arb wiki. However, the user may, as a member of the committee (unless also removed through one of the standard processes), continue to perform the tasks and responsibilities of being an arbitrator except those which require access to confidential information or require usage of the user-rights which have been removed.

Oversight access to confidential information
All editors entrusted with the Oversight user-right, which includes all sitting arbitrators, have access to the specific confidential information mailing lists and to the arb wiki. At an individual's discerning discretion, he or she may of course choose to recuse from access to one or more venues of confidentiality. (Access to confidential information should never be forced upon an individual.)

Obviously non-arbitrators should not participate in arbcom-related discussions and/or deliberations on the mail lists or the arb wiki.

The rule of thumb being: view, not edit.

However, oversighters may help with maintenance of mailing lists and/or the arb wiki.

Venues for discussion
Mailing lists are to be used only for communication of confidential information from those outside the arbitration committee to the committee, and for possible subsequent follow up Q&A with those outside the committee concerning that confidential information.

All non-confidential communication between arbcom members which concerns their tasks and responsibilities as arbitrators, such as discussion or deliberation, is to happen on the en.wp wiki.

In cases where the arbitrators determine as a committee that confidential information is involved, and therefore, open discussion on-wiki would be inappropriate, then such committee discussion and/or deliberation may instead partially or fully happen on the arb wiki.

To reiterate: the mailing lists are only to be used for confidential communication with those outside the arbitration committee.

Emergency breach of confidential information
In a situation where any user who has been entrusted with Oversight (including Arbitrators) may be considered "at risk" to reveal confidential information (or if a user account is deemed at risk to have been compromised), this shall be considered an "emergency" situation, and by default all access to confidential information (including but not limited to oversight, and access to the mail lists and the arb wiki) to be immediately temporarily removed (by the standard processes) as a preventative measure.

This also applies to any user who has already revealed such confidential information.

This determination may be made either by a majority of all non-recused arbitrators, or by consensus of the community, or other process by policy.

The removal is to be considered temporary, and should be followed by a full case by the arbitration committee to determine whether the user's access should be restored.

FAQ

 * "Why grant Oversighters access to confidential information on the mail lists and the arb wiki?" - Who watches the watchers. This is a simple way to provide for a "third party" to watch arbcom, while doing it through users who are currently already entrusted with access to confidential information.
 * "Why remove the ability of the arbitration committee to choose oversighters?" - Per above. It doesn't make sense to have the committee to select who watches the committee.
 * "Arbcom has a limited number of seats, is this true concerning Oversighters?" - No. At least not by this proposal.
 * "What is the process for 'confirmation selection' of oversighters? Is it exactly the same as for arbcom?" - While the time period of two years is the same, the definition of the specific process of "confirmation selection" is intentionally placed outside the scope of this proposal.
 * "What about current oversighters who were granted Oversight by Arbcom?" - Anyone who did not gain oversight due to confirmation selection as an arbitrator will need to go through the oversight confirmation selection process before being granted access to the mail lists or the arb wiki.
 * "Why not checkusers?" - Checkusers (CUs) have the ability to see technical information about a user such as IP address, browser, and operating system. In considering this proposal, access to "confidential information" potentially encompasses information which may be considered well beyond this technical information. And we should not presume that when entrusted with checkuser, that those making that determination of trust ever considered that a checkuser would have such access to "confidential information".
 * "Why deprecate deliberation and/or other such discussion in the mailing lists?" - This is done as a part of implementing more transparency and accountability concerning the arbitration committee, and concerning confidential information as well.
 * In particular, while indeed someone may potentially copy such information while they have such access to confidential information, that is prevented once that access is removed. However, that user will still continue to have access to all emails received, forever. Usage of the email lists should clearly be minimised as much as possible for security reasons.
 * "I feel that the email list is more "convenient" in communication than to edit using a wiki." - The need for transparency and for security outweighs seeming "convenience". If people from around the world can get together and collaborate on the Wikipedia wiki in all other ways, then there is simply no reason why arbitrators cannot collaborate on a wiki (whether on the en.wp wiki, or the confidential arb wiki).
 * "I feel that the email list is more "convenient" in communication than to edit using a wiki." - The need for transparency and for security outweighs seeming "convenience". If people from around the world can get together and collaborate on the Wikipedia wiki in all other ways, then there is simply no reason why arbitrators cannot collaborate on a wiki (whether on the en.wp wiki, or the confidential arb wiki).