Wikipedia:Requests for comment/Arbcom, confidentiality, and oversight/Straw poll

RfC template
This proposal concerns the access and handling of confidential information by arbcom members and oversighters. And also changes policy concerning the granting and retaining of the Oversight user-right.

To discuss this proposal, please see the talk page. To participate in the straw poll, please see the straw poll page. - jc37 12:03, 14 December 2012 (UTC)

Support

 * Support - as proposer. - jc37 11:10, 14 December 2012 (UTC)

Oppose

 * Strong oppose on several levels. I plan on elaborating shortly. --Rschen7754 11:52, 14 December 2012 (UTC)
 * On what basis can an oversighter's performance be evaluated? The community has no way of knowing if something has been oversighted, since the logs are not public to non-admins; even admins can't see what content was oversighted, so they are in no position to judge whether the OS action was proper or not. Indefblocked users that are hidden under oversight are invisible to everyone but oversighters.
 * We went to the current appointment process that was through ArbCom because not enough oversighter candidates were passing the 70% mark that is mandated by Meta and the Wikimedia Foundation : Oversight. Per that policy, the only two ways of getting oversighters is through ArbCom or through said 70% mark.
 * Moreover, putting this high of a responsibility on an oversighter would put them above ArbCom; considering that ArbCom candidates find it difficult to get 70%, this sure wouldn't help things out.
 * "Confidential information" needs to be defined; not defining it leads us right into the mess a few weeks ago, is too ambiguous, and is a complete run-around of the Privacy policy.
 * Oversighters are already short-staffed as it is; this sure won't help make their workload any easier.
 * Regarding "this shall be considered an "emergency" situation, and by default all access to confidential information (including but not limited to oversight, and access to the mail lists and the arb wiki)" - the stewards will not act to remove oversight in said circumstances without a community vote, proof that there is a clear violation of the privacy policy, proof of a clear abuse of the Oversight tool, or without ArbCom's say-so. As we saw a few weeks ago, the WMF does not consider disclosure of the mailing list or arbcom wiki, by itself, to be a violation of the privacy policy unless personally identifying information was disclosed. So this is completely unenforceable.
 * Functionaries (including oversighters and ArbCom members) continue to be parties to ArbCom cases, and moving discussion to the arbwiki means that they have access to that discussion; the advantage of arbcom-en-b and arbcom-en-c is just that; the ability to segregate discussions so that involved parties do not know what is being said and cannot tailor evidence/statements appropriately until after the case has concluded.
 * This is a complete end-run around WP:AUSC (the group that we actually appoint to watch the CUs and OSes), and would have prevented User:Bahamut0013 from taking his seat on AUSC, since he was initially a non-admin when appointed. Yes, the OS tools are broken for non-admins, but you don't need to be able to actually suppress anything to be on AUSC - you just need to see the suppressed diffs.
 * The proposal does not address functionaries-en, oversight-l, checkuser-l, the AUSC list, or the BASC list, all of which handle similar stuff and are all used by ArbCom to some degree.
 * The convenience of email cannot simply be dismissed; with situations such as emergency desysops and other time-sensitive situations, it is easier to get someone's attention with an email than with a post to a wiki somewhere, especially as people will be by their smartphones more often than they will be refreshing the watchlist of a site that is not even enwp, and wikis are generally not editable with mobile devices, such as those that may have to be used because of work or school or vacation etc.
 * Many of our current oversighters seem inactive today, and probably would not pass a 70% confirmation scheme. The community cannot factor in oversight actions, OTRS, or mailing list posts into their vote. A lot of oversighters are ex-arbs, and there will probably be the usual crowd of ax-grinders from those who are unhappy with the way that arb voted, even years later. Finally, the rest of the oversighters are very active admins, and should be free to make the tough admin calls as any other admin would. I suspect ax-grinders would show up there too. We face the real possibility of losing the entirety of our non-arb oversight team should this happen, through resignations (heck, if this came to pass and I was an OS, I'd probably resign too) and oversighters not getting re-elected. That would thus proceed to invalidate the entirety of this proposal, with fewer or no eyes watching the arbs like the OP wants. (possibly more to come)--Rschen7754 11:55, 14 December 2012 (UTC)


 * Waiting to respond to the points when "more to come" is done. - jc37 12:22, 14 December 2012 (UTC)
 * Go ahead; I'll wait. --Rschen7754 12:55, 14 December 2012 (UTC)
 * ok.
 * 1.) that comes to "process for confirmation selection", which I intentionally left out of this proposal.
 * 2.) Who's the "we" of "We went..."? (link please?) As I read it, the policy is listed here (which says it was merely copied from CU), with this being the foundation issue. That aside, I suppose the applicable response is the one I gave at #1 above.
 * 3.) Not above. If you read over the proposal again, oversighters are not given any power save to "be there" if they wish. This is merely peer pressure. "Someone is watching." And allows for peer pressure from those who aren't also tasked with he actual business of arbcom.
 * 4.) The mess a few weeks ago wasn't that confidential information wasn't defined. It was that mail list appropriate usage apparently wasn't clearly defined, and neither was whether certain kinds of information on the mail list should or should not be considered confidential. So I intentionally define appropriate usage. And also limited how the mail list should be used. So that that determination shouldn't need to be made in the future.
 * 5.) I think Oversighters are "short staffed" for several reasons. I think by making the process more known (having the process coincide with the arbcom elections could be one way) might help.
 * 6.)Actually, if the community comes to consensus as to what it considers a type of emergency situation, I believe that that does qualify. And this is just such a community-wide discussion.
 * 7.)So? you make it sound like this is a "gotcha" moment? The only reason to discuss a case in partial or full "closed session", as it were, is due to confidential issues. Not because we want to hide the sausage making. And so if the person in question is entrusted to have access to the information in question, then what's the problem?
 * 8.) I intentionally wrote this so that non-admins could potentially be arbs. However, there was a concern awhile back as I recall about how the community expressed concerns that oversight was being over used when delete would be enough in some situations. Though that was somewhat cleared up, this is not unlike the concern that some have that if we give someone protect but not block, they might be more likely to protect pages. Same here. Having oversight means you should be able to delete and to view deleted material. If you can't be trusted with deleted content, how in the world should you be trusted with specifically private content? And if you can, RfA is merely a nomination away.
 * 9.) Don't you think this covers enough already? A proposal doesn't have to re-affirm every related or semi-related policy if there is no intended change. As for the various mailing lists, if they are treated as "confidential" due to intended use of conveying confidential information then they fall under this, else, they do not. Simple.
 * 10.)Time sensitive is not equal to confidential. of course email can and is used to contact individual arbs in a time sensitive situation. But a case is typically not "time sensitive".
 * 11.)This is back to that process thing. But since in part you talk about reconfirmation, consider that we reconfirm an arbcom member every two years. why should this be any more problematic? Incidentally I find it interesting that to get on arbcom only takes 50%, but oversight takes 70%.
 * That aside, I'm curious, why would you resign? what about this makes having the oversight tool suddenly unpalatable that someone who already has it would resign? You would be able to see private information just like before (though more of it), and could still suppress revisions. - jc37 14:06, 14 December 2012 (UTC)
 * As has been expressed elsewhere, that's really a bad idea and is putting the cart before the horse, especially considering that we have only two options, as prescribed by WMF policy, for choosing oversighters, and you're throwing one out the window and making the other virtually impossible.
 * See . We had an election that failed.
 * But you explicitly give OSers the power to call Arbs out, right? Otherwise, if the OSers are sworn to secrecy too, they're basically under a gag order and this is pointless. What's to say they'll even bother to log in?
 * No, "confidential information" is the fundamental issue.
 * Yes, and adding wikipolitics doesn't help. We're already losing functionaries left and right as it is.
 * Again, just no. I've asked a non-enwp steward to make sure I'm interpreting the relevant policies correctly and am awaiting a response.
 * I can think of a particular case where an arbitrator was a party and where there was confidential information that the arbitrator should not have had, as that would have greatly affected the case. I don't feel like discussing this further on wiki.
 * What!? That doesn't address the point about Baha at all, or AUSC.
 * No, it doesn't particularly, since it's use of a mailing list to handle confidential information instead of a wiki, which is your fundamental point in the whole essay, right? Security and not being able to take with you the info when you resign your tools?
 * So now you're clarifying this to cases only? How about "Please hurry up and vote so we can get this case done???" Or "Please reconsider your vote on _ before the 24 hour clock expires to close the case!" Or the situation in the Fae case where Philippe somehow got involved? That was pretty time-sensitive.
 * Secret balloting results in lower numbers of support. Also, ArbCom is much harder than OS and much more controversial; OS can't ban people.
 * Because I might as well run for ArbCom if that were to happen. In fact, this might be even worse than ArbCom. --Rschen7754 14:50, 14 December 2012 (UTC)
 * 1.) A follow up rfc where everyone proposes the different kinds of processes they like sounds like a good idea to me. And then consensus can determine which one(s) to be used. No point in having that RfC without this one though. This merely sounds like a chicken or egg argument to me.
 * 1b.) Just a side note, but there is a difference between WMF policy, and meta policy. And the oversight policy page looks like a hodge podge of both.
 * 2.) And maybe I'm not seeing it, but where is the discussion that the "we" had to change the policy?
 * 3.) I didn't specify as that starts to wade into confidential information and what they can and cannot say.
 * 4.) I'm sorry, but vaguewaving at the term doesn't explain. But that aside, without doing too much of a replay, it involved information on the mailing list., and whether or not it should have been considered confidential, and whether or not it should have been sent to the list, and whether another arb's subsequent actions were appropriate, etc. If the list was limited as I propose, none of the rest would have been spurred to occur.
 * 5.) From what I understand, we're losing Wikipedians across the board. so I don't see that as surprising.
 * 6.) That a local wiki cannot develop local policy as to under what circumstances they wish a steward to remove user-rights? Really?
 * 7.) ... Without more info can't comment, obviously.
 * 8.) (don't know baha, but in general) if baha is trusted by the community, rfa is just a nom away. If not, then bahashouldn't be entrusted with oversight. As WTT notes below, it could be considered that oversight requires more trust than seeing deleted material, not less. As for ausc, I don't see how this proposal affects it. what specifically are you concerned about?
 * 9.) I've re-read this a few times, and I'm not understanding what you're trying to say, including what in my comments you are referring to.
 * 10.) No. time sensitive as in: admin xyz just deleted the main page and needs a desysop. on wiki works just fine for everything else. (I wasn't following the fae situation.)
 * 11.)I still think the more potent set of tools being easier to get numerically appears a bit oxymoronic : )
 * 12.) perhaps (though I disagree), but still, that doesn't explain why you'd immediately resign in the interim. - jc37 15:44, 14 December 2012 (UTC)
 * Meta governs the stewards, and the WMF governs them too. The stewards are not allowed to break steward policy. If they do, they get removed. Even if a local community wants an admin desysopped, they have to point to a policy at SRP before the steward will act. Checkuser and Oversight can only be given and taken away by the stewards. Meta's more strictly run than the English Wikipedia and they will shoot down any attempt to change the oversight policy. Remember, most of them don't edit the English Wikipedia, and many of them hate the English Wikipedia.
 * The issue with losing CU and OS is harassment and workload. Having interacted with several functionaries and former functionaries I'm quite aware of this, but of course not to the extent that an actual functionary might be. Try Googling functionaries' usernames and you'll see what I mean.
 * Unfortunately Baha passed away and was removed from AUSC. But a coherent argument can be made that for an auditing perspective, a non-admin could be useful on AUSC. You fail to discuss the distinction between auditing the CU/OSers and using the tool yourself; viewdeleted is included in the OS tool, if I recall correctly, so this would include admin-deleted content.
 * If you're making the argument that stuff should be moved to the arbcom wiki, then by the same token functionaries-en, checkuser-l (even though that's a Meta list), and oversight-l should be disbanded, along with AUSC and BASC, right?
 * Yeah, you need to read the Fae situation. The Racepacket motion where he was banned early this year comes to mind too; speed was beneficial in terms of bringing swift justice, as Jclemens put it.
 * Basically per Salvio; this is never what oversight was intended to be. --Rschen7754 16:03, 14 December 2012 (UTC)
 * Per Steward_handbook: "If a user requests that another user's rights be removed, be sure that the action complies with the local wiki's policy on removal of rights. This will often involve sifting through a lengthy debate on a local request page to confirm the validity of the procedure."
 * As for the other mailing lists etc. No. I'm not suggesting disbanding. I think there's a misunderstanding here, but not certain where. - jc37 16:38, 14 December 2012 (UTC)
 * You're ignoring the point that stewards cannot violate their own policies. --Rschen7754 16:40, 14 December 2012 (UTC)
 * I didn't think I was. From what I can tell, when it comes to removing user-rights, they are to conform to the local wiki's policies. What policy do you think I'm missing? - jc37 16:44, 14 December 2012 (UTC)
 * Okay, what I'm getting at is that removal would definitely not be immediate. If it was put to the vote of the community, it would be at least 7 days. If it was ArbCom, it would be faster but still could take a few days (as evidenced by the Elen vote). You can't just go to SRP and expect them to pull the plug. --Rschen7754 20:24, 14 December 2012 (UTC)
 * I have confirmed with Trijnstel that the stewards will only give OS access upon a 70% vote or ArbCom, and that stewards will not emergency remove the OS flag for any violation of the proposed policy. --Rschen7754 22:36, 14 December 2012 (UTC)


 * I think there are some fundamental questions that need to be answered before we're ready for a proposal, primarily around "What is currently being kept confidential?" Even with the small amount of knowledge I have this doesn't fit with the current checks and balances we have. I should also point out that I would have not signed up to be an oversighter in the role outlined. Worm TT( talk ) 12:53, 14 December 2012 (UTC)
 * I would be happy to have that discussion. But after doing a fair amount of reading, I thought this would be a way to at least start to address the situations. Not sure how you don't see this fitting in with current policy. And what about it concerns you? - jc37 13:05, 14 December 2012 (UTC)
 * Well, a number of things, many of which have been already mentioned. For one thing, it completely ignores what Oversight is about (which in my opinion is a slightly harder delete button and an expectation to hang around watching for problems) and tries to make it political (with all the horrible selection stuff that goes with it). It gives a very different type of responsibility to the group, one that we didn't sign up for. It ignores the current system of checks and balances, AUSC for example. It also doesn't necessarily fix the problems with Arbcom - because we haven't looked at what those problems are. I'm very rarely inclined to agree with additional bureaucracy, which this is - unless there is a very good reason and I don't see the logical link between the problem and the solution. Define the problem, then propose the solution, not the other way round. Worm TT( talk ) 13:14, 14 December 2012 (UTC)
 * Why do you think it will suddenly become "political"? Is it because, even though I made it clear that I wasn't defining the process in this proposal, you are presuming that it will be like the arbcom elections? And what responsibility do you see this proposal giving to the group? And AUSC is what it is. Where do you see in this proposal that it is changed? And (imo) it helps address some of the issues that were brought up recently during the controversy concerning 2 arbs the mail list and confidentiality. See my responses to User:Rschen7754 above for more on that. - jc37 14:15, 14 December 2012 (UTC)
 * Any appointment by popular opinion will by definition become political, moreso if the role involves powers over ArbCom. The other option is appointment by fiat, which doesn't take into account the popular opinion and therefore only includes the biases of the person or committee chosing. The additional responsibilities includes supervising the Arbcom-l, thereby supervising ARbcom. As for the recent mailing list issue, I think there are much better solutions to that - a "court reporter" role mentioned at the time in particular interests me. Worm TT( talk ) 14:45, 14 December 2012 (UTC)
 * By that definition, being an admin is political. And so is oversight and checkuser as they are currently.
 * Being able to view is not equal to "supervising".
 * I remember being interested in several different suggestions as well. - jc37 15:05, 14 December 2012 (UTC)
 * Becoming an admin is definitely political. I'm surprised you don't think it is. Oversight and Checkuser is decided by Arbcom with community input - that's a different kettle of fish. Worm TT( talk ) 15:13, 14 December 2012 (UTC)
 * I'm merely attempting to understand how you are using the term "political". It can be as subjectively narrow or broad in definition depending on how a person personally sees it. - jc37 15:54, 14 December 2012 (UTC)


 * Oppose simply on the requirement that all non-confidential work be done on wiki. It's not for convenience sake that most judicial bodies debate in private--it's because those bodies may need to say things that are less civil, more direct, and incompletely formed than can be put within the confines of wiki rules. An Arbcom member should be allowed to email the rest of Arbcom saying "by the way, everything Person X just said is complete bullshit, because of X, Y, and Z." Similarly, holding debates on-wiki may inhibit some members from floating ideas or opinions; requiring people to put those ideas, half-formed, onto Wikipedia may lead to problems in a future election, problems which they should not have. This requirement is actually even stricter than we require of editors or admins, since all of us have access to email functions, and no Wikipedia policy prohibits us from discussing Wikipedia off-site (so long as we don't rise to the level of meat puppetry or canvassing). In any event, the requirement is a waste of time anyway, since all it would do is to have arbcoms just directly CCiing each other via a non-WP run email program. Qwyrxian (talk) 13:13, 14 December 2012 (UTC)
 * Strong oppose; I had a long objection planned out, but Qwyrxian gets it exactly right. Worse yet, not only is this proposal trying to solve a non-problem based on incorrect premises, but it does so by politicizing a completely different role and overloading it with a completely unrelated job.  &mdash; Coren (talk) 14:00, 14 December 2012 (UTC)
 * Oppose - nice idea, but wikis are not built for communication. Without even looking into anything else too deeply, the 'moving all to a wiki' part is a major problem for me. The Cavalry (Message me) 15:27, 14 December 2012 (UTC)
 * I have to strongly oppose this proposal as well. I fail to see how this could address the issue of confidentiality. TenOfAllTrades and Rschen7754 have already pointed out many flaws in your proposal and I agree with them both. I just wish to add that, as an oversighter, I never volunteered to be a watchdog for the community and that's not a function I fancy either: the moment OS becomes a political role is the moment I resign the flag. Salvio  Let's talk about it! 15:30, 14 December 2012 (UTC)
 * Oppose. I understand the issue you're trying to solve here, but there's pretty much no aspect of this proposal that is a good solution to any of our current problems regarding confidentiality or the supervision of Arbcom's crazier moments. To wit... First, as Worm says above, the largest issue we've had in the recent drama is what constitutes "confidential" information, and your proposal makes no effort to resolve that. On the other hand, your proposal attempts to change the appointment and re-appointment policies for oversighters/arbs - neither of which, as far as I'm aware, has been an issue the community has any concerns about. I might support the putting forth of an RfC to resolve the issue of whether the community is ok with non-admins being oversighters or arbitrators, but again, while that could be a useful discussion, that's not what's being asked here; you're just assuming the community would support your idiosyncratic position and rolling it into a large proposal.  Giving oversighters supervisory access to Arbcom and the arbwiki and mailing lists: Just because they call us "oversighters" doesn't mean we're "overseers". We don't carry, and largely are uninterested in carrying, whips. I think you'll find that the group of people who are interested in and competent at handling deletion of privacy-related information, and the group of people who are interested in and competent at reading and judging everything arbcom says, are fairly close to mutually exclusive. As Salvio says, we didn't sign up for that, and I suspect if we were asked to do that there would be a lot of oversighter resignations, followed by the addition of oversighters who might be competent at management, but not at handling confidential information.  On-wiki discussion is a great ideal. I agree with you that transparency is a good thing in a lot of cases. I, too, wish arbs would do more of their deliberations onwiki, and I wish more editors would get in the habit of speaking privately in a way they wouldn't be embarrassed to speak publicly. However, I do not agree with you that there is a defining line between "confidential" and "perfectly ok to trumpet all over Wikipedia" that would allow us to force arbs to have conversations here, or that it's possible to have a coherent conversation revealing nothing private about cases where private data is important. That is, even if it were possible to define "ok, X is confidential, Y is not, so Y is ok to discuss onwiki, but X is not," how do we ask arbs to deliberate publicly over someone's behavior when every other utterance would have to be "Well, I don't agree with that position, but I can't discuss why" or "I think that per private evidence #13,822, so-and-so has done something wrong." Ultimately, it wouldn't be more transparent so much as it would be incomprehensible from the perspective of someone reading the conversation, and overwhelmingly confusing for someone trying to take part in it.  I'm also somewhat confused by your statement that "At an individual's discerning discretion, he or she may of course choose to recuse from access to one or more venues of confidentiality. (Access to confidential information should never be forced upon an individual.)" No one is forcing access to anything upon anyone, in the current setup or in your setup. In all cases, people volunteer for these positions. No one is being beaten over the head with a stick to make them accept access to the arbwiki, or OTRS, or anything. But at the same time, we're volunteering for a job that involves reading X, Y, and Z. Why would we, or the community, want anyone doing this job who declares themselves unwilling to consult, X, Y, or Z, and therefore will not be performing the duties they were elected/appointed to carry out? For example, if I apply to be an oversighter, but I refuse access to the mailing lists oversighters use, I am deliberately reducing the accuracy and reliability of my performance, because now there is nowhere that I can sanity-check or ask opinions about my actions. From the community perspective, what good am I, deliberately performing at, say, 65% the reliability of other oversighters, simply because I don't want to do part of my job? They would be well within their rights to say "Well, Fluff, thanks for offering your services, but we're going to elect this person over here who will actually be willing to discuss their actions".  tl;dr: I understand what you're hoping to do here, but this proposal wouldn't resolve any of the issues that have caused serious problems wrt arbcom/confidentiality - it would only introduce new ones. A fluffernutter is a sandwich! (talk) 16:46, 14 December 2012 (UTC)
 * Opppose I don't think the proposal is well fitted to the problem it is trying to solve. It may be that a narrowly focused proposal could achieve consensus, but this proposal is not it. It drags in too many random issues that are all controversial. Also, the straw poll isn't sufficiently prominent being on a subpage. Monty  845  16:54, 14 December 2012 (UTC)
 * Oppose as per the above. I have a lot of concerns about this proposal, and all of them have been more ably and more clearly explained by trusted editors who got here first. There may be ways to solve some of the problems that do exist with confidential data, but this ain't it. UltraExactZZ Said~ Did 16:56, 14 December 2012 (UTC)
 * Oppose This attempt to fix ArbCom would ruin the oversighter group by turning into something completely and totally out of step with it's current mission. We signed up for the job of quietly removing stuff that doesn't belong and not talking about it almost all of the time, not the job of babysitting the arbitration committee. Hose are more or less incompatible jobs. There is a problem that needs fixing, but this proposal is not he fix it needs and would only create more problems. Beeblebrox (talk) 20:01, 14 December 2012 (UTC)
 * Oppose I don't find omnibus bills acceptable as a matter of principle - least of all in a volunteer-driven project -, regardless of the validity or not of the proposals, which in this case are frankly bizarre and misguided. Others have gone into great detail about why this or that provision of this proposal is unwise and it doesn't need me to contribute my two cents on that front for sure, this is a rare case of a proposal that really doesn't need much comment.  Snowolf How can I help? 20:16, 14 December 2012 (UTC)
 * This is an unworkable "solution" that throws the baby out without the bathwater. T. Canens (talk) 21:14, 14 December 2012 (UTC)
 * Oppose. Those who have opposed above, especially Fluffernutter, Worm, and Rschen, have perfectly expressed my own concerns so there is no need for me to retype them here. Kudpung กุดผึ้ง (talk) 21:43, 14 December 2012 (UTC)
 * Oppose Although I would support the limitation of private, off-wiki correspondence in favor of more open on-wiki discussions. I don't agree with the changes to oversighters, Beeblebrox states my view pretty clearly and Fluffernutter has good points here as well. But I really do like the mailing list proposal. Perhaps it can be broken off and resubmitted?  Them From  Space  21:58, 14 December 2012 (UTC)
 * Oppose per my comments at: Wikipedia talk:Requests for comment/Arbcom, confidentiality, and oversight Nick-D (talk) 22:33, 14 December 2012 (UTC)
 * Strong Oppose, this seems to potentially inconvenience the oversighters more than anything, and we haven't a demonstrated problem with that group. -- No  unique  names  23:31, 14 December 2012 (UTC)
 * Oppose - Let's snow this sucker shut, please. Carrite (talk) 04:26, 15 December 2012 (UTC) Last edit: Carrite (talk) 04:28, 15 December 2012 (UTC)
 * Oppose per all the above comments, especially concerning the moving of all non-confidential discussion to enwiki. Apart from the obvious convenience issue, I have this horrific image in my head of trying to follow a conversation that would often take place in sections, sometimes months apart. A lot of time would be spent searching through archives and trying to make sense of things. This would not only be bad for the Arbs, but would dramatically reduce the potential benefit of transparency. Assuming that this RfC is following on from the recent ArbCom security breach, it seems to me that (as posited by Elen) the only real problem in need of serious discussion is that of discussion security. &mdash; Oli OR Pyfan! 08:48, 15 December 2012 (UTC)