Wikipedia Arbitration |
---|
![]() |
|
Track related changes |
Initial post
I am not placing anything to the project page because it was not properly formatted yet. But I would suggest the following, after a brief discussion here. In brief, we do not have good policies to handle this case, but we need them.
- Proposed principles.
- ArbCom has no jurisdiction over any events outside this project, including private email communications between wikipedia users.
- ArbCom does not consider any evidence obtained by illegal means, such as hacking of wikipedia accounts and placing stolen private information on the internet.
- Proposed decisions
- All users are strongly discouraged from exchange of information with regard to other users and wikipedia polices over their private email channels. Such issues should be discussed openly using the appropriate talk pages and noticeboards. An exception are communications that involve privacy issues. In the event of edit warring by several users in the same articles, any proof of email exchange between them will be interpreted as an evidence of coordination, which may result in more serious sanctions.Biophys (talk) 16:32, 18 September 2009 (UTC)
Proposed temporary injunctions
A temporary injunction is a directive from the Arbitration Committee that parties to the case, or other editors notified of the injunction, do or refrain from doing something while the case is pending.
Four net "support" votes needed to pass (each "oppose" vote subtracts a "support")
24 hours from the first vote is normally the fastest an injunction will be imposed.
Topic bans
1 a) All editors identified as participants in the mailing list are banned from editing any page related to Eastern Europe, broadly defined, except for the pages of this case, pending the resolution of the case.
1 b) Russavia, who was blocked for disputing a topic ban imposed by Sandstein in language that was construed as constituting a legal threat, and who was unbanned solely to participate in this case, may freely edit other articles and pages but remains banned from Eastern European pages under the terms of Sandstein's original ban and this injunction.
List of editors subject to this motion
- To be provided by Arbcom
- Comment by Arbitrators:
- I split out the two parts. I can support both parts. Editors that are over involved with an article topic to the point of off site coordination could turn up at any article on this topic so I don't think it is too broad for now. As well, some leniency for modify the editing restrictions for Russavia seems reasonable for now. He could be subject to further restrictions if problems reoccur. FloNight♥♥♥ 20:56, 18 September 2009 (UTC)
- Comment by parties:
- Sounds like a good and necessary precaution. Offliner (talk) 15:39, 18 September 2009 (UTC)
- I have no idea what this is based on, but either way, it is too broad. IF there are specific articles in question, name them (ex. web brigades), or maybe even an area like "modern Russian politics" (which is the bone of contention between Russavia, Offliner and other editors). I can fathom no reason why - for example - I should be banned from improving my latest DYK (dwór) or FA (Polish culture in WWII). Not that I can understand the reason for any topic ban... nor for targeting only some editors. I'd suggest looking into article 1RR restrictions (worked quite nicely on Volhynian massacres in a recent Polish-Ukrainian dispute) or temporary protections instead. --Piotr Konieczny aka Prokonsul Piotrus| talk 15:57, 18 September 2009 (UTC)
- On the first part of the proposal: What's the point of this? Does anyone really think that anyone involved in this case is planning on, or will have time for, doing reverts or massive editing on any articles that are most likely be closely scrutinized by the committee? And why shouldn't I be able to continue with my completely uncontroversial content creation - finishing up the articles on Leon Feiner, Stanisław Aronson, Mirosław Iringh and Platoon 535 just to name a few I've recently started (and doing content creation is a great stress relief from all the Wiki drama that is going on) and hoped to bring to DYK status? What exactly is the rationale for instituting what look like punitive bans at this early point in the process, unless EXPLICIT Wikipedia rules violations can be cited?
- If the Committee is really concerned about some uncalled for content editing going on while this is in progress, then I suggest that rather a list of potential "trouble" articles is created and these are all protected or put under 1RR restriction.radek (talk) 17:48, 18 September 2009 (UTC)
- As to the second part of the proposal: Why is Russavia's ban being removed on articles, other than these which have to do with this case? I see no reason for that - and please see my comments on AN/I in regard to this matter. This has been addressed over and over again and there's no reason why his/her ban should be rescinded in any way, except for him to participate in this case.radek (talk) 17:48, 18 September 2009 (UTC)
- Comment by others:
- Proposed. Thatcher 13:53, 18 September 2009 (UTC)
- This may need to be two different proposals - one for a topic ban and one for alterations to Russavia's block. Karanacs (talk) 14:14, 18 September 2009 (UTC)
- I agree with User:Piotrus. Come on, we even don't have any evidence as of now, and we've already got draconian sanctions it seems! What use would it be of Eastern European accounts A, B, or C, if they are not allowed any more to edit articles on EE topics? --Miacek and his crime-fighting dog (woof!) 16:14, 18 September 2009 (UTC)
- Such bans would be temporary until the end of the case. I'm sure that any editor who participated in the mailing list in general but who refrained from taking part in the more egregious discussions or from translating them into on-wiki actions will eventually be exonerated. In the mean time, a topic ban will allow uninvolved editors a chance to repair some of the damage in peace. Thatcher 16:44, 18 September 2009 (UTC)
- Erm, what damage there is that "uninvolved editors" need to repair in peace?--Staberinde (talk) 16:53, 18 September 2009 (UTC)
- Guilty until proven innocent? I find that a bit shocking (even more so that my temporary desysop - I again invite everyone to examine my log and point out to me which administrative actions I took in the past year could be seen as controversial). I ask you again: what wiki policies where broken when I wrote dwór or Polish contribution to WWII, and what damage those uninvolved editors have to repair in those articles, or in hundreds others I've edited in the past few months, uncontroversially and without any conflict or even interaction with editors who are party in this case? Also, Thatcher, I have two important questions for you: have you read the archive and do you consider yourself uninvolved in this case? --Piotr Konieczny aka Prokonsul Piotrus| talk 17:24, 18 September 2009 (UTC)
- My only attempt at enforcement action recently ended in utter failure; unless the emails go back 18 months to when I did more enforcement, or unless you folks were discussing tactics on how to get me to reverse my decision (besides the extensive and tiresome personal email lobbying), then I might be involved. But I don't really care. Whether I am involved or uninvolved I am entitled to use the workshop. I have not read the archive but am extremely curious to know whether I was discussed and in what terms. And as far as "guilty until proven innocent" is concerned, you are once again dragging criminal legal matters into the administration of a web site. Arbitration is not a legal process. The goal here is the smooth running of an encyclopedia, and if they think there is sufficient evidence, based on a preliminary review of the emails, that this group of editors have negatively affected these articles by gaming 3RR and 1RR restrictions, blocks, provoking other editors, and so forth, then Arbcom can take whatever steps it wants to ensure the smooth running of the encyclopedia pending a more thorough review. Thatcher 17:54, 18 September 2009 (UTC)
- I "am extremely curious" about stuff being discussed now and in the past on private arbcom list and by certain editors - but being curious doesn't mean I would demand them to reveal that private information, nor does it mean that if somebody would offer to give me such information I'd accept it and read it to satisfy my idle curiosity. To paraphrase a certain person: "I may not agree with you but I will respect your right to privacy." --Piotr Konieczny aka Prokonsul Piotrus| talk 19:12, 18 September 2009 (UTC)
- My only attempt at enforcement action recently ended in utter failure; unless the emails go back 18 months to when I did more enforcement, or unless you folks were discussing tactics on how to get me to reverse my decision (besides the extensive and tiresome personal email lobbying), then I might be involved. But I don't really care. Whether I am involved or uninvolved I am entitled to use the workshop. I have not read the archive but am extremely curious to know whether I was discussed and in what terms. And as far as "guilty until proven innocent" is concerned, you are once again dragging criminal legal matters into the administration of a web site. Arbitration is not a legal process. The goal here is the smooth running of an encyclopedia, and if they think there is sufficient evidence, based on a preliminary review of the emails, that this group of editors have negatively affected these articles by gaming 3RR and 1RR restrictions, blocks, provoking other editors, and so forth, then Arbcom can take whatever steps it wants to ensure the smooth running of the encyclopedia pending a more thorough review. Thatcher 17:54, 18 September 2009 (UTC)
- Such bans would be temporary until the end of the case. I'm sure that any editor who participated in the mailing list in general but who refrained from taking part in the more egregious discussions or from translating them into on-wiki actions will eventually be exonerated. In the mean time, a topic ban will allow uninvolved editors a chance to repair some of the damage in peace. Thatcher 16:44, 18 September 2009 (UTC)
- Proposed. Thatcher 13:53, 18 September 2009 (UTC)
""uninvolved editors"" "repair in peace" "damage"??? First, we don't know who "uninvolved editors" are - we don't even know who the person or persons who hacked private emails are but it's pretty probable that they are engaged in this area which is what motivated their illegal action. No "damage" has been shown to have been caused by anyone involved (and yes, I'm even including those of the involved parties that I've had disputes in the past in that statement) so this kind of language is completely unwarranted. "Repair in peace"? You are making some very serious implicit accusations with your tone and displaying the prejudiced assumptions you have already made.radek (talk) 17:53, 18 September 2009 (UTC)
- Indeed I am making assumptions, and I have formed a preliminary opinion of the case, based not only on the publicly available discussion but also based on the extensive email lobbying to which I was subjected earlier this year. This preliminary opinion is unlikely to change until Arbcom releases more details about the messages, because I am not privileged to see them. If the evidence pans out as it was initially described, I think a large number of editors are going to get a well deserved boot out the door. But that is only my prejudiced opinion. Thatcher 17:58, 18 September 2009 (UTC)
Distribution of private materials
2) Private materials and personally identifying information related to this case and the editors involved should not be circulated or otherwise passed along without the permission of the authors. This includes, but is not limited to, public posting of links to such information and any attempts at outing. Engaging in such activity will be treated as disruption and harming editor privacy. Any evidence containing identifying information or other sensitive information should be directed to the Arbitration Committee by email.
- Comment by Arbitrators:
- Proposed. Self-explanatory. Vassyana (talk) 15:34, 18 September 2009 (UTC)
- Motion to open the case addressed the situation in a level of detail that I think we need to do. I'm not sure that it is practical to say much more. FloNight♥♥♥ 21:27, 18 September 2009 (UTC)
- Comment by parties:
- Self-explanatory, but impossible to monitor and impose. --Piotr Konieczny aka Prokonsul Piotrus| talk 16:42, 18 September 2009 (UTC)
- So it should be altered and strengthened. Something like "anyone who admits to or is found to be circulating private materials and personally identifying information related to this case and the editors involved will be indefinitely banned per WP:OUTING. Editors who make on Wiki threats to reveal this public information for whatever reason will likewise be indefinitely blocked".radek (talk) 17:56, 18 September 2009 (UTC)
- Comment by others:
Speculative and inflammatory comments
3) Inflammatory comments and speculative musings about user identities, as well as related postings, cause drama and disruption. Editors are reminded that undue speculation, highly charged assertions, attempts at outing (partial or otherwise), and other similar conduct is unacceptable and will be treated as disruption.
- Comment by Arbitrators:
- Comment by parties:
- Sounds quite helpful. Such comments don't belong on Wikipedia, nor on any googlable public foras, as far as I am concerned. --Piotr Konieczny aka Prokonsul Piotrus| talk 16:41, 18 September 2009 (UTC)
- See my comment above - needs to be more specific and stronger.radek (talk) 02:41, 19 September 2009 (UTC)
- Comment by others:
- Just a comment that the Arbitration pages have not been googlable since May 26, 2009. MBisanz talk 18:40, 18 September 2009 (UTC)
Questions to Tymek
- Have you ever shared your password with anyone? Jehochman Talk 13:13, 19 September 2009 (UTC)
- Has anyone recently sent you a file, or directed you to an unfamiliar web site? Jehochman Talk 13:13, 19 September 2009 (UTC)
Future Perfect at Sunrise
Future Perfect at Sunrise (talk · contribs · blocks · protections · deletions · page moves · rights · RfA), a named party to this case, utilized sysop tools to unblock another party, Tymek (talk · contribs), over my objection. I had blocked Tymek as an apparently compromised account, or else as a disruptive account falsely claiming to be compromised. At the time I asked the Committee to consider the matter. Neither I nor FPaS has Checkuser access, whereas most members of the Committee do. In the block notice I specifically asked that the account not be unblocked without my consent, or else the consent of a Checkuser or ArbCom member. I consider FPaS action to be a serious violation of Wikipedia:Administrators. FPaS could have easily requested a clerk to perform the unblock if an unblock were needed. FPaS posted this message to my talk page upon performing the disputed sysop action. I request the FPaS be directed not to perform any further sysop actions on other parties to this case. I also request that the Committee respond to my message of September 16 so that I can understand whether you have looked into the matter of Tymek being a compromised account. FPaS seems to be concerned that you may have dropped the ball on that issue. I am also concerned. Jehochman Talk 01:57, 19 September 2009 (UTC)
- Comment. Jehochman, I have e-mailed you, asking for clarification on what is going on. Somebody has stolen my password, this is a serious offence. I was awaiting your response, but I never got one. Why? Tymek (talk) 02:02, 19 September 2009 (UTC)
- I received an email from a party unknown to me. I have no way to verify that the party who sent it to me is you. I also have no way to verify that you are the proper owner of the account, rather than the person who claims to have broken in to it. We need checkuser help. It's been nearly 48 hours since I emailed the Committee and two other Checkusers. The only response I received from any of them is "Thanks for letting us know Jonathan". Could somebody with Checkuser access please give us direction? Is Tymek back in control of his account, or not? Jehochman Talk 02:06, 19 September 2009 (UTC)
- Perhaps it would have been better to have written it to my e-mail, which is featured on my user page. I am in control of my account, but if somebody needs a checkuser, that would be good. Tymek (talk) 02:15, 19 September 2009 (UTC)
- When an account declares itself to be compromised, I am not trusting any information coming from that account until there is a technical evaluation of the logs to determine (1) whether the account appears to have been compromised, and (2) whether any evidence exists that the proper owner has regained control. Emailing you would have been useless if your email account was also compromised. Considering the circumstances that your account emailed me and proffered an archive of your private emails, it was not an unreasonable suspicion. I still have no idea whether you are the rightful owner of the account. Jehochman Talk 02:35, 19 September 2009 (UTC)
- A couple of the arbitrators have already checked, but seem not to have posted publicly. As far as I can tell, the person currently using the account is posting from the same PC as the person who was using the account last week. On September 16 only, someone logged in from a different country and send 9 emails. Have you asked Fut Perf if he had private word from another checkuser? Thatcher 02:44, 19 September 2009 (UTC)
- His comments thus far seemed to indicate he did not. Presumably that Checkuser would have unblocked the account if they found the original user was back in charge. Thank you for confirming the apparent hacking incident, and that the original account user appears to have regained control. Does the hacker's IP address lead point to any known users? Jehochman Talk 02:50, 19 September 2009 (UTC)
- Not obviously. Thatcher 02:53, 19 September 2009 (UTC)
- His comments thus far seemed to indicate he did not. Presumably that Checkuser would have unblocked the account if they found the original user was back in charge. Thank you for confirming the apparent hacking incident, and that the original account user appears to have regained control. Does the hacker's IP address lead point to any known users? Jehochman Talk 02:50, 19 September 2009 (UTC)
- I am residing in Chicago, and I use two computers, both IPs in Chicago. Now I would be grateful if somebody informed me who used my account, from what country, and if these messages were coming from my private e-mail basiaipiotr@yahoo.com, or from my Wiki account. And Jehochman thank you for you professionalism, I hope the messages you got from the cyber-thief were not my personal stuff. Tymek (talk) 02:55, 19 September 2009 (UTC)
- No comment on the unblock, but just to clarify FPaS is not involved in these disputes. He is named in the case, yes, but has no meaningful involvement in the background that would compromise or reasonably be thought to compromise his judgment. Deacon of Pndapetzim (Talk) 02:57, 19 September 2009 (UTC)
- 9 emails were sent from your wikipedia account using the special:email function. The names of the recipients are hashed so I can not tell who they were. I can't give any more details about the second IP. I obviously have no access to your yahoo account. Now would be a good time to change all your passwords, though. Thatcher 03:03, 19 September 2009 (UTC)
To clarify: Just because somebody formally added me on the parties list – apparently more or less at random, based on the mere fact that I commented at the initial ANI thread [1][2], doesn't magically make me "involved" in the sense of the admin policy. I act here, in the best of my conscience, as a completely uninvolved administrator, because I know that's what I am. I have never been involved in the Easter European disputes, not even as an administrator, much less so as a party, and my practical involvement with this case is restricted to having received the whistleblower mail and forwarded it to the committee. As for checkuser information, I was trying to get hold of it for most of yesterday, but couldn't, because Jehochman, for reasons that have remained utterly mysterious to me, refused to even tell me which checkusers he had asked to deal with the case. It's a bit disingenious to complain of me not inquiring for the relevant information when he refused to tell me where to inquire, right? As it happens, I finally did get hold of a checkuser on IRC shortly after, who confirmed what Thatcher just said above, that the account was again posting from its legitimate IPs. Fut.Perf. ☼ 06:18, 19 September 2009 (UTC)
- I don't know who added or why you were added. Who knows? ArbCom may have evidence. You appeared on my talk page, applying pressure, and appearing to have a great interest in the outcome. Several other involved editors had pressured me before (by email and by talk page) for information. My response to all of you was that I wasn't sharing contents of private email, except as strictly necessary, and that I'd sent everything to ArbCom. Surely they could have unblocked Tymek if they wanted to. I don't have Checkuser access so I did not have a way to see if the account had be recovered by the owner. I told Tymek to email the unblock list or contact ArbCom. Your intervention FPaS was unnecessary, impetuous, and obnoxious. Jehochman Talk 13:08, 19 September 2009 (UTC)
- FPaS and I seem to have resolved our miscommunications. Would the Committee please state clearly one of these two alternatives: (1) FPaS is uninvolved and can be removed from the list of parties, or (2) FPaS is involved, and should not use sysop access in these matters until the conclusion of this case. Whatever clarity you can provide would help. Jehochman Talk 14:23, 19 September 2009 (UTC)
- I think that FPaS could be removed from the list of parties. Jehochman, apologies for not getting back to you about the checkuser results. As far as I'm aware ,the whole of ArbCom are not yet aware of Thatcher's check on the Tymek account (which is a more recent check, I think). It is still not 100% clear what happened here, but I think you and FPaS can move on from this now. The focus should be on the participants in this mailing list, not the subsequent admin actions related to the case. As far as I'm concerned, both you (Jehochman) and Future Perfect at Sunrise acted in good-faith here. Carcharoth (talk) 20:27, 19 September 2009 (UTC)
E-mail recipients
Since, according to Thatcher, 9 emails were sent out by the hacker, and we have voluntary confirmation by only 3 people (Jehochman, Future Perfect, Alex Bekharev) that they received such emails (possibly containing different things), shouldn't the ArbCom issue a statement requesting that anyone else involved or participating in this case who has received an email from Tymek of whatever sort, on the date in question come forward and state that they received such an email? This statement should be backed up by a threat of a block if it is later somehow revealed that someone chose not to comply.
I've never been part of an arbitration before so I don't even know how to begin making this an official proposal.radek (talk) 21:26, 19 September 2009 (UTC)
- FWIW, I am aware of one further administrator who said he received that mail, but told me he deleted it without following the link. If it makes you feel better, I could of course ask him if he wants to voluntarily step forward and identify himself. I don't think there's much of a basis for forcing people to do so though. Fut.Perf. ☼ 22:55, 19 September 2009 (UTC)
- The proverbial cat is already out of the box. The damage is done; what is needed is a policy to prevent this from reoccurring in the future: a clear statement by ArbCom that such an evidence is unacceptable and should not be distributed by any editor (or admin!), so that any future victims of private information theft will be more protected than we were. See my proposal below. --Piotr Konieczny aka Prokonsul Piotrus| talk 23:01, 19 September 2009 (UTC)
On the use of the mailing list archive
To make things clear, the Committee did — and will continue to — examine the list of email that has been received for potential serious violations of Wikipedia rules. In particular, hounding, meatpuppetry and disruptively gaming the rules are all activities that are forbidden and destructive and that can (and usually are) made possible by coordination off-wiki.
In doing so, we are proceeding under a number of (rebuttable) presumptions: that the mail archive has not been fabricated, that most email within the archive have not been altered or falsified, and that completeness of that archive is unknown. Insofar as information in the emails correctly matches verifiable events on-wiki, they can be presumed to be authentic. Evidence otherwise is welcome and solicited, in particular from the participants of the mailing list.
There have been objections to the use of the archive entirely based on the allegation that it has been acquired through illegal or unethical means. It is to be noted that [a link to] the archive has been received independently by a number of editors, none of whom are alleged to have stolen it, who then forwarded it to the Arbitration Committee. Claims that it has been obtained improperly by the original sender are unsubstantiated, and unverifiable by the committee. Other alternatives are equally likely (that it was transmitted willingly by a member of the list or that it was leaked accidentally then forwarded by an unknown third party for instance) and investigating the issue is neither possible, nor within the Committee's remit.
At any rate, even if one ignored the obvious fact that criminal rules of evidence do not apply to the Committee the original provenance of the email archive is entirely moot: the Committee is not bound by an exclusionary rule in the first place. Even if the allegations of the mailing list archive having been taken illegally by an outsider "hacking" were correct, they lie entirely outside the jurisdiction and reach of the Committee, and have no bearing on the propriety of using it.
— Coren (talk) 18:28, 18 September 2009 (UTC)
- I read your comment (above) with considerable interest. It is very well phrased and in most part almost self-explanatory, but would you please elaborate on it further? I’d like to see a link to a policy that explains how the Arbitration Committee is not, and will not be bound in its proceedings by unethical means of acquiring evidence against users? Unless a policy like that is already in place, wouldn’t such exemplary freedom be unethical in its own right? --Poeticbent talk 21:53, 18 September 2009 (UTC)
- The Foundations servers were used to send emails that notified the Committee and other Wikipedia users of emails alleged to indicated problematic editing on site. In order to administer the site and make a case ruling, we need to examine the emails in question. All arbitrators understand and are bound by the Foundation privacy policy and can handle private and sensitive information. FloNight♥♥♥ 22:05, 18 September 2009 (UTC)
- It's an interesting philosophical question. An important difference between ArbCom and criminal justice systems is that we are unable to compel production of evidence, and have no authority to seize it forcibly; making concerns of abuse of rights for the sake of expediency inapplicable.
A closer analog might be the example of an employee or agent that breaches an employment contract — or trespasses on their employer's computers — to get evidence of their wrongdoing to give the authorities. It's worth noting that many jurisdictions have in fact put in place laws to protect employees or agents behaving in that way (the so-called "Whistleblower" protection acts); because it was judged that, in the end, the objective of curtailing improper behavior from the employer was more important to the interests of justice than the breach of privacy.
In this case, ArbCom is in a good position to minimize the dangerous aspects of the breach (if breach there was) by maintaining privacy where it does not impact the just evaluation of the evidence.
Of course, that balancing act would topple entirely if ArbCom, or someone at our behest, were to obtain evidence by ethically dubious means. I'd be the first in line with a torch and pitchfork. — Coren (talk) 00:44, 19 September 2009 (UTC)
- The critical difference is indeed one of jurisprudence. Many authorities throw out evidence obtained in certain ways purely in order to remove the incentive of enforcement agencies to obtain evidence in this way and in the process violate people's rights. For instance US courts throw out evidence obtained through illegal searches (no plain sight, probable cause, warrant, and so on) because law makers feared (and feared rightly) that otherwise police would habitually ignore people's rights to privacy. No Wikipedia arb, cu, or admin has the practical power to check email groups, so there is no threat to civil liberties we need to counter by throwing out evidence. In fact, in our position, we can't afford to. Deacon of Pndapetzim (Talk) 03:06, 19 September 2009 (UTC)
- Even the US courts do not always throw out illegally obtained evidence. See the "limitations" section of exclusionary rule. Thatcher 03:20, 19 September 2009 (UTC)
- We don't know that there was actual hacking. In theory, the account password could have been loaned to a friend who logged in to create the appearance of hacking. The situation is completely fogged. Jehochman Talk 03:22, 19 September 2009 (UTC)
- It does matter who that really was. If that was a member of the group (a "whistleblower"), this is one story. But if that was a professional FSB hacker, this is a completely different story. Jehochman, since you have a copy of this archive and I supposedly one of the "plotters" who created it, could you or someone from Arbcom please send me their copy by email? That might help me to clarify this question.Biophys (talk) 03:40, 19 September 2009 (UTC)
- We don't know that there was actual hacking. In theory, the account password could have been loaned to a friend who logged in to create the appearance of hacking. The situation is completely fogged. Jehochman Talk 03:22, 19 September 2009 (UTC)
- Even the US courts do not always throw out illegally obtained evidence. See the "limitations" section of exclusionary rule. Thatcher 03:20, 19 September 2009 (UTC)
- Thank you for clarifying which American legal (and social) contracts may, or may not apply here. I don’t think we need to go as far as criminal justice system for inspiration, because we have our own rules designed to deal specifically with the open source format – a legal novelty. The Arbitration Committee must address the fact that the initial mail was sent by an undisclosed user from another user’s account (a WP email headed with his opponent's user name). ArbCom can confirm that fact using our own tools, and decide, what approach to take. There’s no need to protect the whistleblower because nobody knows who that is in real life. Secondly, if the Foundation’s servers were used, we should be able to find out who else received the same initial info via our own servers other than the Arbitration Committee. The complete list of the recipients would indeed be quite telling, because they were all hand picked for a reason. The whistleblower knows them, and intentionally armed them with private correspondence of their active opponents, which can be used outside Wikipedia to harm living beings (remember this?). No ArbCom has any control over that sort of aftershock; however, disclosing the monikers of all the recipients of the initial info would hurt nobody here, and reveal the real scope of this situation. --Poeticbent talk 05:47, 19 September 2009 (UTC)
- Is it actually a known fact that "the initial mail was sent by an undisclosed user from another user’s account" or is that speculation at this stage? Presumably the question of whether the apparently compromised account was the original source of the leaked emails or whether the involvement of that account was an apparent reaction to those emails having been leaked from elsewhere is something that needs to be resolved at an early stage in building a picture of what happened. Has it been? 87.254.84.181 (talk) 07:32, 19 September 2009 (UTC)
- No, and it is highly unlikely that the Arbitration Committee will have a definitive answer about who was the person that sent the emails from the server. It is beyond our capacity to do an investigation of whether there was hacking of a computer/email list archives/or user account/email account, or password/account sharing or multiple people using a computer that lead to leaks, or a whistle blower from the group. All possibilities. FloNight♥♥♥ 11:23, 19 September 2009 (UTC)
- It should be taken into account that these private mails were all released right after User:Russavia got banned indefinitely who was the most active "Russian nationalist" editor. Whoever released tbese archives did so because it was in the interest of "Russian nationalist" users. I'm not accusing anyone, but just want to confirm that it's impossible that it was leaked "accidently". Someone purposely leaked private material and that means that whoever did so should not be rewarded by the unbanning of Russavia and blocking of many users which is probably exactly what he / they wanted to achieve. I'm not saying there shouldn't be sanctions, but the fact that a crime was performed should definitely be taken into account. Grey Fox (talk) 20:08, 19 September 2009 (UTC)
- If successful (in banning most or all editors of the discussion group), this operation will decimate WikiProject Poland (not that active in the area of modern Russian politics) as well. Such an outcome would benefit several parties; I've no intention to speculate who they are, as I am not fond of public speculation. --Piotr Konieczny aka Prokonsul Piotrus| talk 20:28, 19 September 2009 (UTC)
- There is no "fact that a crime was performed". There is an oft-repeated assertion of such, but no proof. Indeed, no evidence at all has been put forward. — Coren (talk) 20:17, 19 September 2009 (UTC)
- There is no denying the fact that private emails were leaked without permission, this is a violation of privacy and copyright, even if it was done by a group member (and none has so forth came forward to claim he is the cabal-exposing hero, and AFAIK in private correspondence I've been privy to all have denied being the "whistleblower", and have expressed their shock/outrage at the event). There is also no denying the fact that Tymek's account was illegally accessed and abused. It is also likely - but probably impossible to prove beyond the realm of doubt without professional investigation by cyber crime experts - that one or more computers were hacked, and the stolen private date doctored to change it into an incriminating "bomb". --Piotr Konieczny aka Prokonsul Piotrus| talk 20:28, 19 September 2009 (UTC)
- Actually, those two assertions ("without permission", and "illegally accessed") are entirely unsubstantiated and rely entirely on hearsay. You are willing to entertain the highly improbable "hacking" hypothesis, but dismiss the trivial explanation that a willful leaker might have simply lied? As for your assertion that "one or more computers were hacked" is likely — it is entirely spurious. And I happen to be a subject matter expert. That hypothesis is strictly possible but considerably less likely than most other scenarios that adequately explain the leak.
But all of this is entirely moot: the Committee does not have the ability to determine the provenance of the archive, and has neither authority nor jurisdiction to investigate the matter. — Coren (talk) 00:12, 20 September 2009 (UTC)
- Actually, those two assertions ("without permission", and "illegally accessed") are entirely unsubstantiated and rely entirely on hearsay. You are willing to entertain the highly improbable "hacking" hypothesis, but dismiss the trivial explanation that a willful leaker might have simply lied? As for your assertion that "one or more computers were hacked" is likely — it is entirely spurious. And I happen to be a subject matter expert. That hypothesis is strictly possible but considerably less likely than most other scenarios that adequately explain the leak.
- There is no denying the fact that private emails were leaked without permission, this is a violation of privacy and copyright, even if it was done by a group member (and none has so forth came forward to claim he is the cabal-exposing hero, and AFAIK in private correspondence I've been privy to all have denied being the "whistleblower", and have expressed their shock/outrage at the event). There is also no denying the fact that Tymek's account was illegally accessed and abused. It is also likely - but probably impossible to prove beyond the realm of doubt without professional investigation by cyber crime experts - that one or more computers were hacked, and the stolen private date doctored to change it into an incriminating "bomb". --Piotr Konieczny aka Prokonsul Piotrus| talk 20:28, 19 September 2009 (UTC)
- It should be taken into account that these private mails were all released right after User:Russavia got banned indefinitely who was the most active "Russian nationalist" editor. Whoever released tbese archives did so because it was in the interest of "Russian nationalist" users. I'm not accusing anyone, but just want to confirm that it's impossible that it was leaked "accidently". Someone purposely leaked private material and that means that whoever did so should not be rewarded by the unbanning of Russavia and blocking of many users which is probably exactly what he / they wanted to achieve. I'm not saying there shouldn't be sanctions, but the fact that a crime was performed should definitely be taken into account. Grey Fox (talk) 20:08, 19 September 2009 (UTC)
- No, and it is highly unlikely that the Arbitration Committee will have a definitive answer about who was the person that sent the emails from the server. It is beyond our capacity to do an investigation of whether there was hacking of a computer/email list archives/or user account/email account, or password/account sharing or multiple people using a computer that lead to leaks, or a whistle blower from the group. All possibilities. FloNight♥♥♥ 11:23, 19 September 2009 (UTC)
- Is it actually a known fact that "the initial mail was sent by an undisclosed user from another user’s account" or is that speculation at this stage? Presumably the question of whether the apparently compromised account was the original source of the leaked emails or whether the involvement of that account was an apparent reaction to those emails having been leaked from elsewhere is something that needs to be resolved at an early stage in building a picture of what happened. Has it been? 87.254.84.181 (talk) 07:32, 19 September 2009 (UTC)
- The critical difference is indeed one of jurisprudence. Many authorities throw out evidence obtained in certain ways purely in order to remove the incentive of enforcement agencies to obtain evidence in this way and in the process violate people's rights. For instance US courts throw out evidence obtained through illegal searches (no plain sight, probable cause, warrant, and so on) because law makers feared (and feared rightly) that otherwise police would habitually ignore people's rights to privacy. No Wikipedia arb, cu, or admin has the practical power to check email groups, so there is no threat to civil liberties we need to counter by throwing out evidence. In fact, in our position, we can't afford to. Deacon of Pndapetzim (Talk) 03:06, 19 September 2009 (UTC)
- It's an interesting philosophical question. An important difference between ArbCom and criminal justice systems is that we are unable to compel production of evidence, and have no authority to seize it forcibly; making concerns of abuse of rights for the sake of expediency inapplicable.
Coren, these words of yours raise an eyebrow: "Even if the allegations of the mailing list archive having been taken illegally by an outsider "hacking" were correct, they lie entirely outside the jurisdiction and reach of the Committee, and have no bearing on the propriety of using it." The Bluemarine case happened before you or most of your colleagues became arbitrators. Was its hacking incident discussed when the Committee decided to take this case? Another recent post about this being new ground for the Committee leads me to suspect that it wasn't discussed. If it were possible to provide evidence that the victim's bank account was emptied in conjunction with that hacking, would that have bearing upon your opinion as quoted? It looks from this vantage like you're taking a swift jaunt down a dangerous path. Durova319 22:26, 19 September 2009 (UTC)
- Such evidence would be more substantive than currently exist, certainly. But it would not render the mailing list evidence unusable: we (the Committee) do not have an exclusionary rule, and even if we had one it could not reasonably apply to acts done without the committee's knowledge or assent.
Let's be honest here: unlike a criminal justice system where life and freedom are at stake — or even a civil court where financial or injunctive remedies can be imposed — there can be no reasonable argument that the Committee needs to be held to rules of evidence more stringent than a court! There are no civil liberties at stake, no slippery slope to fall onto.
There is a reasonable argument to be made that the Committee has a moral obligation to not cause further harm, and we would not disclose private information that ended up on our laps (no matter how it got there). There is no sane argument that would justify ignoring that information, if it turns out to be evidence of malfeasance on-wiki. — Coren (talk) 00:12, 20 September 2009 (UTC)
- You will find on the Bluemarine case itself that he complained about the theft at the time when the hacking occurred. The ArbCom list emails from July 17-19 touch on his harassment issue in a general way. If we were to table our philosophical differences about the evidence you are already examining and related claims about moral obligations, you appear dubious about the potential for practical effect from additional evidence. Unless there's an innovative alternate solution, any more information than you already have would likely amount to asking a man who has been the target of two and a half years of harassment to disclose his bank records to a panel of strangers. Unfortunately I cannot relay your assurances of confidentiality; it would be remiss to keep him uninformed that sensitive information has leaked from ArbCom in the past. Perhaps if he has ceased doing business with that bank the request might be viable, but at best it's a very big favor and he has nothing to gain from it. Bear in mind that both he and I have reason to mistrust your judgment: it was arguably your proposals in the Fringe Science case which set in motion the domino effect that politicized my position so badly that the offsite repercussion, which you've seen, ultimately prompted my general resignation. The Bluemarine mentorship I haven't yet been able to hand away for other reasons, but the bottom line--last spring and now--is that I think you underestimate the potential of arbitration actions to morph into offsite harassment. Give me a workable means to demonstrate that and I'll gladly do so. The underlying conflicts in the case you are currently arbitrating mean little to me, but I take harassment and potential hacking quite seriously. Durova319 04:54, 20 September 2009 (UTC)
- Coren, please not forget that at least one party of this arbcom, me, is editing under a real name. At least one other party has never made much secret of his name (he is a notable Wikipedian). The name of one or two more parties was reveled in the past without their consensus. And it is obvious now that the archive, containing many more personal details (names of several more parties, addresses, and jobs) has been distributed to 10+ editors, some of which remain anonymous and cannot be prevented from sharing it further. Finally, at least some of those parties live or temporarily visit countries whose regimes have not been stranger to arrest, imprison and torture of people known to express political views incompatible with those of the government, not to mention those who can be seen as opposition activist (and editing Wikipedia can be seen as activism). So yes, this case has the potential to affect real lives of many people. --Piotr Konieczny aka Prokonsul Piotrus| talk 05:06, 20 September 2009 (UTC)
- It is obvious that the emails were stolen and publicly posted by a real life criminal, in violation of privacy and copyright laws. And it does not matter if the criminal was a member of the group, stool pigeon or an FSB hacker. Using fruits of the crime means encouraging crime. Next time they will steal and post private mail of Jimbo.Biophys (talk) 05:07, 20 September 2009 (UTC)
- It isn't obvious that the emails were stolen, actually. And the Arbitration Committee can ensure that we don't distribute it directly, and that any portion of it that we produce will be produced in a way that is redacted of real-world information about any of the participants, but we can't control what other people who've received it will do with it outside of this project. Please remember that this information was not sent directly to us, but came to us through one or more recipients chosen by whomever distributed the link to the file. We do not know who else received links to it, or what they chose to do with it, and we cannot control their actions. The Arbitration Committee has never been in control of this information, we do not know who it was given to, we do not know if it was also distributed to people outside of those who received emails through the Wikimedia interface, and we can only control what *we* do with the information. We have taken steps to try to prevent publishing of the contents of the email list onwiki, in particular real-world details of any of its members, including alerting the Oversight team to watch for and respond quickly to any related requests. Redaction is limited to what is covered in the Oversight policy, but any and every request will be carefully reviewed. Risker (talk) 05:22, 20 September 2009 (UTC)
- It is obvious that the emails were stolen and publicly posted by a real life criminal, in violation of privacy and copyright laws. And it does not matter if the criminal was a member of the group, stool pigeon or an FSB hacker. Using fruits of the crime means encouraging crime. Next time they will steal and post private mail of Jimbo.Biophys (talk) 05:07, 20 September 2009 (UTC)
Proposal by JzG
I believe that much of the problem would be solved if we had a general prohibition on admins using their tools in ethnic disputes when those admins closely identify with one side of the ethnic dispute. Ethnic issues have probably the longest history of dispute, right back to Gdanzig and beyond, and I think that any administrative action should be strictly at arms length for these articles. I don't see how Piotrus, for example, can ever be perceived as an honest broker by the opposing side in these disputes - however carefully he might weigh the neutrality of every action, the mere fact of his involvement will be inflammatory to a deeply entrenched opposing camp - muc more so than would be the case with, say, William and climate change articles, where there is at least an objective standard by which to judge the issue. In many ethnic disputes there never can be an objective single value of truth, which is why they are so intractable. Guy (Help!) 16:38, 19 September 2009 (UTC)
- Sounds like a good proposal in general (although probably peripheral to this case). Please review my admin log actions history, where you'll see I've never used my admin tool to further "Polish agenda". You are welcome to point out any controversial admin actions I've taken here, or add them to evidence, and I'll be happy to address them. PS. I'd also like to add to this proposal that admins should be prohibited from taking administrative action in ethnic disputes when those admins have identified themselves as being prejudiced against a certain ethnic group (ex. [3]). --Piotr Konieczny aka Prokonsul Piotrus| talk 16:51, 19 September 2009 (UTC)
- I would go further than Piotrus and say that admins that have identified themselves as being prejudiced against a certain ethnic group should lose their adminship, since ethnic prejudice is one of the least desirable traits imaginable in an administrator (or any editor for that matter).
- But the diff you put up (from a promptly banned SPA account) does not remotely provide any evidence that a particular administrator has "identified themselves as being prejudiced against a certain ethnic group," so I'm not sure why you included that (some ill-advised comments maybe, but hardly admissions of ethnic prejudice). I'm also not sure unsubtle jibes directed at particular users are a very good strategy for you or anyone else connected to this case. --Bigtimepeace | talk | contribs 17:53, 19 September 2009 (UTC)
- I disagree that comments like that don't reflect ethnic prejudice, but this is not the time or place to discuss it. --Piotr Konieczny aka Prokonsul Piotrus| talk 20:31, 19 September 2009 (UTC)
- For goodness sake, Piotrus, give the malicious lies up. However important you believe yourself to be, your cabal is not a whole ethnic group, and no-one now is going to take your comments any more seriously than you yourself do in practice. You must be smart enough to know anyway that this kind of thing is no longer in your interest. You need to adapt. Deacon of Pndapetzim (Talk) 01:42, 20 September 2009 (UTC)
- I disagree that comments like that don't reflect ethnic prejudice, but this is not the time or place to discuss it. --Piotr Konieczny aka Prokonsul Piotrus| talk 20:31, 19 September 2009 (UTC)
- But the diff you put up (from a promptly banned SPA account) does not remotely provide any evidence that a particular administrator has "identified themselves as being prejudiced against a certain ethnic group," so I'm not sure why you included that (some ill-advised comments maybe, but hardly admissions of ethnic prejudice). I'm also not sure unsubtle jibes directed at particular users are a very good strategy for you or anyone else connected to this case. --Bigtimepeace | talk | contribs 17:53, 19 September 2009 (UTC)
Proposal by Piotrus
I believe that the Committee should adopt a policy that would inform parties presenting evidence to the ArbCom that they have no right to share private information that is not theirs without permission from other parties whose private information is being shared, and that the Committee will not accept such evidence. The Committee should also adopt a policy that it will not accept evidence obtained by illegal or unethical means (such as, but not limited to, hacking somebody's computer). This should substantially discourage parties from attempting to violate other editors' privacy, and from other illegal actions such as hacking. --Piotr Konieczny aka Prokonsul Piotrus| talk 21:19, 19 September 2009 (UTC)
- Dude, get over it. Arbcom has stated numerous times that they will and are considering the emails. Arbcom is not bound by the exclusionary rule; not even US courts are required to discard all improperly obtained evidence all the time, and US prosecutors are indeed permitted to use evidence that was illegally obtained by third parties if the government had nothing to do with it [4].
- You are not going to be held directly responsible for the contents of the emails. Rather, the emails will be used as a kind of cipher key to discover patterns of behavior hidden in apparently random on-wiki edits, rather like one of those images that looks like a jumble of colors until you look at it through a colored filter. No one cares if you said "Let's get Russavia" and then you all forgot about it and did other things. Hot air and hot talk is not a blockable offense. But if there are messages stating "Let's get Russavia tomorrow," and on that day there is a pattern of edits targeting Russavia, then you are indeed in deep water without your water wings. (And, note that this would be relatively difficult to fake. Taking a message archive and salting it with messages that give the appearance of coordinated attacks would require an intimate knowledge of the on-wiki edits, reverts, article disputes and blocks, in order to create a post-hoc forgery suggesting pre-hoc coordination. Not impossible, but difficult.) I wonder how many such mailing list discussions can be tied to diffs. One could easily be a coincidence, two an aberration. I have a feeling there are many, and I think I smell supper. Thatcher 05:48, 20 September 2009 (UTC)
Proposal 1 by Radeksz
I actually think that this particular ArbCom case is two cases in one. I understand that there is lots of concern over cabals, conspiracies and coordination in this topic area. But a whole another issue by itself is the clarifying what kinds of rights to privacy and security Wikipedia editors can expect, when, where and by whom can off Wiki evidence be used and/or reviewed if it contains sensitive private information, the safe guards and policies that Wikipedia has to address the hacking of users accounts, legal or otherwise (note that even if we don't know how "the evidence" was obtained in this case, this is still a possibility and must be considered), what to do once private information begins to be disseminated without the permission of the affected parties, and the best ways to prevent such leaks of private information from occurring again.
This has happened once. No reasonable person should expect that such attempts will not occur again. And if the committee does not address these issues NOW, the first time it happened, it (and all of Wikipedia along with it) will look completely ridiculous the next time it happens.radek (talk) 22:23, 19 September 2009 (UTC)
Proposal 2 by Radeksz
Alex Bakharev immediately temporarily desysopped
Honestly, if this wasn't an ArbCom case already I'd ask for a straight up block for outing. Note that in previous cases editors have been almost-banned for merely stating another user's nationality. This particular incident is about as clear cut case of outing as there can be. Previously Deacon (and whoever else this was shared with) didn't know mine or other people's real name, nor any kind of personal information. Now he does because Alex provided him with it, despite my explicit instruction not to do that.
Ok, Alex forwarded this to ArbCom (eventually - he chose to read it first and post about it at AN/I). I think that posting about this publicly on AN/I, which generated publicity and drama, rather than waiting for ArbCom to finish reviewing the submitted material and acting on their instructions was already an outing violation. Regardless it was an obvious excercise of very bad judgment. Forwarding this information to other users despite explicit requests not to do so was not just outing but probably done in bad faith.
And last time I checked user Deacon is not an ArbCom member, nor was he ever. And last time I checked user Deacon is somebody who's had long standing conflicts with some of the affected parties, has engaged in personal attacks and incivility against them and, speaking personally, is about the last person on Wiki I want knowing my personal info. I'd mind less if Alex had forwarded my personal info to a random troll or vandal IP.
This injunction is necessary to prevent further damage that can be caused by Alex's extreme lapses of judgment.
If Alex asserts that whatever he emailed to Deacon (and possibly others) did not contain any personal information (real names, occupations, etc.) I will happily withdraw this proposal.radek (talk) 22:52, 19 September 2009 (UTC)
- I think not. Thatcher 05:50, 20 September 2009 (UTC)