Talk:Requests for comment/Abigor: Difference between revisions

Abigor has requested IP information from the checkuser investigation reported in the RfC. The checkusers concluded that Abigor was the creator of a highly offensive username. The request was denied per policy about sharing checkuser data.

That policy, however, is designed to protect the privacy of users. Abigor's request should be granted, and, further, the full data (including user agent) be provided, redacting only the offensive user name (if the data is made public, the user name could be provided privately to Abigor).

Abigor could easily have known his own IP and agent string (see [1]), so providing him with this information does no harm. However, suppose that he was *not* the offensive editor. There are many possible scenarios, and we simply have concluded that they are unlikely, perhaps very unlikely, not that they are impossible. If it was not him, it would be important for Abigor to know where the problem was arising, was it at work? At the local coffee house? At home? Which computer? Etc.

I do not see providing a user with their own information, when they have been identified as a sock, as violating the intent of any policy. The information could be provided privately, but I think it would be best to do it publicly, so that requests like this are less likely to be made by guilty parties, i.e., those who know that they made the edits. This should only be done, as well, for definitive identification, where the user suffered some loss as a result of it. On the other hand, Abigor was a long-term volunteer, so providing him with the data privately could be okay as well. --Abd 18:56, 7 July 2011 (UTC)[reply]

Abd, an IP gives too much info for someone who knows how to look at it, provide it violate privacy policy even if the use allows it, stewards and CheckUser can't do that. And by what the CU said (and i don't have acess to CU logs) the only chance to not be Abigor was if someone was using his pc at the same time he does. Béria Lima ^msg 19:09, 7 July 2011 (UTC)[reply]

I don't really see what good that information will do him, anyways. A checkuser has determined that the user agent and IP are identical for the offensive username, Abigor and the admitted sock. Even if the IP is very public, the odds of the offensive username being created by someone else at this time is astronomically small. Given this history of recent disruption from this user, this request could also be seen as an attempt to drag out the proceedings and try to establish reasonable doubt, when little if none currently exists. Ajraddatz (Talk) 19:10, 7 July 2011 (UTC)[reply]

Beria, someone else could be using his PC at the same time as him. Compromised PC. Unlikely, but definitely possible.

The cited privacy policy page states:

It is the policy of Wikimedia that personally identifiable data collected in the server logs, or through records in the database via the CheckUser feature, or through other non-publicly-available methods, may be released by Wikimedia volunteers or staff, in any of the following situations: [...]

2. With permission of the affected user, [etc.]

It is clearly allowed. Ajraddatz, it is not "astronomically" impossible that a technically sophisticated enemy targeted Abigor. The strong preponderance of the evidence is what we must act upon, Abigor is properly blocked. But what is the harm of providing what he asks for? The benefit could be, that in the future, and even if he was "guilty," he remembers himself as having been treated fairly. --Abd 20:45, 7 July 2011 (UTC)[reply]

What is the 'need' of providing what he asks for? Is there 'any' reason for giving him these info about his own account? What would he do with this info? The checkuser is not needed for that; he can find out what is his IP by himself. 4th question: Is there any reason for not considering him a vandal and not assuming good faith on his request?” T_ele^s (T_{alk @ C S}) 20:56, 7 July 2011 (UTC)[reply]

@Abd; Since you obviously don't know what kind of information was posted by this account and how Huib got it. You cannot say anything about the odds. The information posted by Huib was entrusted to him in the days the user who was now harassed by him still trusted Huib. Still the personal information of this person is only known to Huib and some CU's and stewards. As far as I know Huib is the only one on the wikimedia projects having a problem with this user. I would say the chances that another person got into Huib's IP to publish this kind of information is practically non existent. I don't see any reason to grant Huib access to meta. Silver Spoon 21:07, 7 July 2011 (UTC)[reply]

Perplexed, I am. We are only talking about "personal information" -- IP and user agent info (like the browser version in use) -- from the accounts Dirt Diver, Abigor (Huib), and the vandal. Since the checkuser confirmation was so strong, since Abigor was blocked again on the basis of this information, we can assume that all three are Abigor. This is being confused with "personal information" about another person. None of this is being mentioned as any reason to give Huib access to meta. The opposite. It would only be letting Abigor know the evidence against him. I've stated positive value for that act. I'm not seeing any negative, the original claims that this was prohibited by privacy policy were not correct. I just think that one of the checkusers who already has this data could handle the request in a flash. It would have taken less time than this discussion. Huib could request the data from the Foundation, but this would be simpler. --Abd 22:11, 7 July 2011 (UTC)[reply]

Abd, you are making the assumption that editing from an IP address means that it's their own IP address. This is not necessarily the case. As the owner of a similar wiki site, I know that the privacy concerns are justified. Guido den Broeder 23:37, 7 July 2011 (UTC)[reply]

If I'm using an IP address to access Wikipedia, it's "mine" for that time, or I couldn't even read or edit the site, the handshake with the server wouldn't work. Yes, there are anonymizing proxies, but I still know that proxy's address, it becomes "mine," and I can retrieve it from any web site which displays it. --Abd 02:44, 8 July 2011 (UTC)[reply]

It's the people that own it for the rest of the time (and the libraries, etc.) whose privacy is protected here. Guido den Broeder 10:26, 9 July 2011 (UTC)[reply]

This is preposterous. That's public information, generally. No, privacy policy protects our users, not their ISP. I don't "own my IP," Verizon does. But I'm using it, and I can easily determine what IP is currently assigned to me, and I can see my user agent string and screen resolution. (The display there is sent by the browser.) If you were to access that information page through a proxy, you'd see the proxy IP and whatever is being sent through from your computer, or by the proxy server. Which is what Wikipedia would also see. --Abd 16:11, 9 July 2011 (UTC)[reply]

Following what Ajraddatz said on Barras' talk page, there are only two possibilities: (1) Abigor is the owner of the vandal account; (2) Abigor is not the owner of the vandal account. If (1) is true, he created the account and we should end this discussion without attending the request. If (2) is true, by providing the IP some would be releasing an information of 'another person', which is not Abigor and it would be a privacy violation, so we would also have to end this discussion without attending the request. There is no need to keep discussing here something that shouldn't be done whatever the truth is. I believe the above is not a false dilema and, if not, this discussion is meaningless.” T_ele^s (T_{alk @ C S}) 03:49, 8 July 2011 (UTC)[reply]

Just look up the time the account was created and then give that piece of information to him; he can figure out the rest for himself (where was I at that time? where was my PC? etc.) Seb az86556 15:27, 9 July 2011 (UTC) nevermind, I see he already knows this. Seb az86556 15:36, 9 July 2011 (UTC)[reply]

(wrote this before Seb struck his comment.) While it might help, it isn't conclusive. It is consistent with privacy policy to simply give him the checkuser data on what was allegedly his IP and user agent string -- as well as the time of the edits. I'd argue that he should also get the offensive user name. Remember, the presumption here is that it was him. If it was him, no harm is done by giving it to him. If it was not him, he should know what was spoofed about him. (However, it's possible that the user name provides RL information that should not be given to Abigor. However, the real WMF user name should be given to him.) It is not impossible that he could find evidence, for example, linking the allegedly insulted user with the IP used. As an example of what might explain what was observed, consider the possibility that his password for Dirt Diver was obtained. The vandal then logged in to Dirt Diver and to make the vandal edit. (This was using some unusual device, probably mobile, my guess, with some apparently unique identifier. A question I'd ask of checkuser was what Abigor normally used, user agent and IP, for Abigor and other Dirt Diver edits.) This would completely explain the mystery, and is a pretty simple scenario. We should end this right here, it's up to Abigor to deal with the possible consequences of, say, password compromise. The full information could establish this for him. and then he'd know better where to look. From what he says, he didn't log in as Dirt Diver in the manner that was described. We may assume that he's lying, as a presumption, given the circumstances, but we should leave it as a rebuttable presumption, and give him what he needs to discover the truth. He's blocked, and should remain blocked, and there was enough revealed to justify the block even if he was not the vandal. But the vandalism increased our impressions of Abigor's culpability for serious offenses, the RfC immediately flipped to "block." Without it, there were still offenses justifying a block, but if he was not the vandal, a period of positive contribution somewhere might allow him to return to positive work globally. The RfC should be closed.

What is important to me is that he be treated fairly. We must conclude, from what we know, that he was the vandal. But it would simply be fair and due process to allow him to know the evidence on which he was charged and "convicted." He was a long-term volunteer. Why not give him the respect of providing him with the information requested? The only person whose privacy is "protected" by not providing the information would be him, if he was the vandal, or a vandal who pretended to be him, having hacked his access in some way, and thus whose privacy should not be protected, just as Abigor's privacy was not respected on the appearance of clear evidence that he was the vandal. (Which is more of a problem, his IP, which he's openly revealed, or the claim that he was the real-life person behind a major piece of vandalism? It's entirely possible that this could affect his career, for example.) --Abd 16:11, 9 July 2011 (UTC)[reply]

Frankly, I really do not understand your point and such insistence on this matter. The checkusers already said that "The vandal account shares the same IP address and other technical information that Abigor and Dirt Diver shares, with 100% exactitude.". If you or Abigor doubts this information, they can ask for a recheck or appeal to the Ombudsman. Repeatedly asking for this info is nothing but an annoying red-herring, and personally I'm very much fed up with reading that pleading again and again and again. You have the necessary mechanisms at your disposition, use them, but for Christ sake stop with those petitions. It's clear enough that nor you nor Abigor will ever get that info at the current stage.--- Darwin ^Ahoy! 16:17, 9 July 2011 (UTC)[reply]