Wikipedia talk:Harassment/Archive 14

Archive 10Archive 12Archive 13Archive 14Archive 15Archive 16Archive 20

Page move outing?

Odd case, but I'm curious as to where we sit. Let's say that User123 creates an article on John Smith that reads just like an autobiography. Someone decides that it is, (and is probably correct), but rather than send the John Smith article to AFD, moves it to User123's user page (not a draft in their sandbox). Now visiting User:User123 shows the biography of John Smith, as if they had created it there. Should this be regarded as outing? If so, what is the correct response? Move the article back, leaving the original move and reason in the move log? Just delete it? Or let it be, if on the grounds that it was extremely likely that it was an autobiography after all. And do things change if the user was User:jsmith or even User:johnsmith123? - Bilby (talk) 23:28, 23 January 2017 (UTC)

Interesting question. (I'm tempted to reply that it is outing if the first administrator to see it thinks it's outing, and it isn't if the first admin thinks that it isn't. Welcome to the wonderful world of "case-by-case".) But seriously (and just one fish's opinion, not the final word), I think it's relevant that it can't be outing if the user voluntarily posts it here and does not redact it. And there's certainly a well-established practice of putting a "connected contributor" tag on article talk pages. So if the username is nothing like John Smith, it's just a userified page, and that does not really imply that it's about oneself. And if the username is johnsmith123, then the user has voluntarily written a page with information about John Smith and voluntarily called themselves john smith. The one caution I would make is that the editor moving the page into userspace, or doing anything else with it, should be cautious about asserting that it is autobiographical. It's often sufficient to take such action without saying it out loud. --Tryptofish (talk) 23:46, 23 January 2017 (UTC)
I think you are probably correct if their username matches the biography they are writing - it is probably best to regard that as a form of self-outing, and not worry too much, although there may be other issues as you say. With the User123 case, my concern isn't with userfication, but making the biography into their user page. If it was moved to User:User123/John_Smith then I'm ok with it, as I agree that that isn't making a statement that the person is John Smith (ignoring move log comments). The one I'm more concerned with is moving John Smith to User:User123, making the claim that the person is John Smith, rather than that they have been working on an article about John Smith. - Bilby (talk) 01:36, 24 January 2017 (UTC)
Oh, that's different, if the move is to the user page itself (I should have realized that you said that). That would seem to me to be a seriously inappropriate thing to do. Whether it's really outing is questionable, but it would also raise BLP issues, maybe even a sort of NPA, and it's probably never appropriate to equate an article page with a user page. I would probably move the page back into article space and then PROD or AfD it if appropriate. I'm not sure whether the edits would qualify for oversight, but hopefully someone who knows is watching and will answer that. But putting it on a user page, even if the user name suggests that it's the same person, strikes me as a very weird thing to do. --Tryptofish (talk) 02:39, 24 January 2017 (UTC)
Thanks for that. I'll act on that basis, return the pages, and look to prod them. That sounds like a good approach. - Bilby (talk) 22:09, 24 January 2017 (UTC)
  • Maybe outing. Not harassment, not a violation, and not sanctionable. If you genuinely believe someone outed themselves, then asking them about it has to be taken as a good faith action. And moving the page might as well be asking them about it. It would be one thing if you moved their userpage into the mainspace and added real names, but the action described clearly is not covered under this policy. Theoretically, under some circumstances, it may be a clear bad faith action, and those should be reported on ANI, but as described it is not harassment, and so should not be covered in the harassment policy page. Hijiri 88 (やや) 22:22, 24 January 2017 (UTC)
  • FWIW, I agree with Trypto that moving a page to someone's userpage without asking them about it is a weird thing to do and if I saw it I'd probably first guess that someone made a mistake trying to userfy the page. I wouldn't call it outing - or at least not so obviously so that it would be covered here - but it's definitely not appropriate as a regular practice. Opabinia regalis (talk) 22:33, 24 January 2017 (UTC)
OR, would you consider the move to be a candidate for oversight if there had been no obvious connection between the biography and the username? I'm asking because I don't know, and it was a possible consequence of Bilby's question. --Tryptofish (talk) 22:42, 24 January 2017 (UTC)
Depends on the context and content, IMO - I'd be more inclined to do it (and give them a lecture on WP:AUTOBIO) if the subject themselves asked for oversight, or if it was somehow obvious from their other behavior that the page-mover was aiming to harass rather than clumsily help the author. We do sometimes get "oops, I didn't realize that was public" type requests from new editors. Opabinia regalis (talk) 23:15, 24 January 2017 (UTC)
I would just assume the person who did the move made a mistake and move the text to either the talk page or the sandbox of the account in question. I know I have posted on the user page by mistake when I meant to post on the talk page.Doc James (talk · contribs · email) 01:37, 25 January 2017 (UTC)
In this case I think a mistake was unlikely. I also don't think it was deliberate harassment - just an incorrect idea that moving mainspace bios to a user's home page instead of to a sandbox would be helpful. - Bilby (talk) 03:41, 25 January 2017 (UTC)
Should be a simple mater of bringing it to the users attention with recommendations of a preferred practice. Doc James (talk · contribs · email) 00:01, 26 January 2017 (UTC)
Perhaps not in this case. But that's alright - it should be easy enough to handle politely. - Bilby (talk) 01:07, 26 January 2017 (UTC)

I have no place here, but reading through the first half is worrying. Whatever you all do, don't undermine harassment and its psychological - social cost on people. Recently I read someone asking an other to take tea and vehemently saying they themselves are on a high sugar consumption from related stress. As an ip editor, I know the implications from watering down of policies from its title. If outing is going to be a sanctioned practice, it doesn't take much effort for user's to find reasons for doing it and for doing it better. For paid editing and subsequent problems we already have good counter measures - trim the content if promotional, check whether it satisfies core policies, if continual problems exist in proving point - deal as such (block and ban), if the issue is serious - move the topic for some sort of panel assessment, above all move on to other articles. It is also logically faulty to think everything can be controlled. If anything anti-harassment policy should be strengthened to current evidences, supportive towards structural victims and usage of such policies should be given space for acknowledgement and response (even reviewing the current state of the policy, there are usages of tongue in cheek language which leads to equivocality), guideline's should be there for better interpersonal skills. - All these are from a laymen's view, but very important individually at this moment.117.241.55.2 (talk) 05:10, 26 January 2017 (UTC)

One thread of discussion that I would like to pull out, is the following - the ToU obligates people editing for pay, to disclose "employer, client, and affiliation". It's been said in a few places, that paid editors do not have the right not to disclose this information. (Just like no one has the right to persistently ignore the other policies and guidelines - editing here is a privilege that comes with obligations).

That is a fact - paid editors do not have the right, to not disclose this information.

There are different things that can follow from this with respect to other editors here.

  1. One can say: "Yes paid editors must disclose, and if they don't disclose we can ban or block them. Nothing here gives a third party the right to disclose this information on a paid editor's behalf."
  2. Another reading is, "Yes because this information must be disclosed, it should not be protected under OUTING - other editors should be able to post this information"
  3. Another reading is: "Yes because this information must be disclosed, it cannot be protected under OUTING - other editors must be able to post this information"

I am uninterested in the difference between 2 and 3 and I hope people don't get into the weeds of that. The stark difference will be between those who follow the line in #1 and those who follow the lines in #2 or #3.

So is it worthwhile, then, to define two classes of "personal information"?

The first paragraph of the OUTING section states:

Posting another editor's personal information is harassment, unless that person has voluntarily posted his or her own information, or links to such information, on Wikipedia. Personal information includes legal name, date of birth, identification numbers, home or workplace address, job title and work organisation, telephone number, email address, other contact information, or photograph, whether such information is accurate or not. Posting such information about another editor is an unjustifiable and uninvited invasion of privacy and may place that editor at risk of harm outside their activities on Wikipedia. This applies to the personal information of both editors and non-editors.

What about (after we finish related discussions) adding to the end of that:

However, as described in the Terms of Use, editors who receive consideration for editing Wikipedia are obligated to disclose their employer, client, and affiliation, for each edit they make for consideration. Those three pieces of information are therefore not protected under this policy and it is not the community's concern if other personal information can be determined based on any or all of those three pieces of unprotected information. However all other personal information remains protected by this policy and cannot be posted in Wikipedia; posting other personal information is harassment.

Please note that separate discussions would be needed about :

  • a) whether off-wiki sources can be used at all, to determine the employer, client, and affiliation of a suspected, or even already-blocked, undisclosed paid editor;
  • b) what would count as evidence (kind of an WP:RS guideline) both with regard to on-wiki diffs and off-wiki sites
  • c) what process would be used; and
  • d) who would have the right to post unprotected information once the process was complete.

Those are separate and important questions. Am just trying to see if -- if we are able to agree on a), b), c), and d) -- folks can agree to this classification. Trying to build stepping stones toward consensus. Jytdog (talk) 22:46, 29 January 2017 (UTC)

IMO some degree of transparency is essential. Editors deserve the right to defend themselves and the community should see a degree of due diligence taking place. Doc James (talk · contribs · email) 23:32, 29 January 2017 (UTC)
While Paid editors are required to disclose, what happens to people who are incorrectly labeled as paid editors? The exception being applied in cases 2 and 3 rely on the "paid editor" being a paid editor. Does it become a violation of outing if this label is applied incorrectly? --Kyohyi (talk) 14:58, 30 January 2017 (UTC)
The reason we shouldn't put this in place until after the discussions in a) through d) have been done, is to make sure we get it right. If the account cannot be connected with reasonable certainty to "employer, client, affiliation" then it would not be posted. Am just seeking here to get agreement that the information required to be disclosed should be considered a different class of "personal information" and - pending discussion about how to implement, should be exempt from OUTING. No desire to implement this until related discussions are done. Getting agreement on this will help make the other discussions easier as it clarifies what is under discussion (e.g. posting someone's address or RW name is not what anybody is thinking about) Jytdog (talk) 17:49, 30 January 2017 (UTC)
Obviously, the devil will be in the details, but broadly speaking I am strongly in favor of this kind of approach. I do, however, agree that the issue brought up by Kyohyi is important. --Tryptofish (talk) 00:57, 31 January 2017 (UTC)

We have an excellent statement just published by legal. Have linked to it from this page. Specifically it clarifies what the "privacy policy" applies to, which is private data collected by the WMF. Additionally the WMF appears to support "Posting links to other accounts on other websites is allowable on a case-by-case basis."

They state

"It’s also important to remember that WP:OUTING can’t be used as a way to avoid the disclosure requirements in the Terms of Use: if someone is editing for a company and fails to disclose it, an admin properly posting that person’s company where it is relevant to an investigation is part of their job to help bring the account into compliance with those requirements."

And

"But we think it is appropriate, as described above, to post some already public personal information as part of a good faith investigation. We trust that editors, administrators, and functionaries can tell the difference in the vast majority of cases, and they can always contact the Wikimedia Foundation if a controversial borderline case arises."

Doc James (talk · contribs · email) 02:47, 19 January 2017 (UTC)

  • It confirms that the privacy policy applies only to information collected by the Foundation and its partners and obtained by editors and others while carrying out paid and unpaid roles. Apparently some editors were confused on that point, and believed that it also applied to deciding when to apply the "case by case" sentence, so that is helpful.
  • It clarifies that the outing policy cannot be used to avoid complying with the terms of use. That is, WP:PAID trumps WP:OUTING when we request "employer, client, and affiliation with respect to any contribution for which you receive, or expect to receive, compensation".
  • It asks for common sense and good judgment in deciding when it is acceptable to post publicly available personal information.
SarahSV (talk) 23:52, 19 January 2017 (UTC)
I, for one, am delighted that WMF legal has posted this. About the case-by-case language here at this policy page, it is important that editors understand that the "privacy policy" referred to by the WMF is the policy at meta, and not the personal information section of the policy here. Two different things. --Tryptofish (talk) 01:28, 20 January 2017 (UTC)
Tryptofish is right, enacting this statement would require en-WP policy change (for more of which see section below). Also as below, editors should not rely on the WMF statement as immediate authorization to post personal information on-wiki; if you'd like a policy change to enact the statement, please identify and obtain that policy change first. -- Euryalus (talk) 01:34, 20 January 2017 (UTC)
Except that Tryptofish didn't say that (see also my comment below), but of course I am indeed right. Editors should indeed tread very carefully for the time being, until the local consensus is achieved. But en-wiki is subject to the meta Terms of Use whether or not ArbCom or anyone else would like to have a policy that is contrary to the Terms of Use. So, WMF Legal's interpretation of the Terms on undisclosed paid editing is already in effect here, without the need for en-wiki to "enact" it. --Tryptofish (talk) 01:46, 20 January 2017 (UTC)
Ah,apologies for misinterpreting your rightness. Let me rephrase by not mentioning Tryptofish and simply urging people to uphold the existing harassment policy unless/until there is consensus for change. -- Euryalus (talk) 02:05, 20 January 2017 (UTC)
Thanks. From now on, I want to be addressed as "Your Rightness". (joke) --Tryptofish (talk) 02:08, 20 January 2017 (UTC)
  • I had a question concerning this statement. Just to be clear, the language refers only to paid editing. We encounter many COI situations in which it is either not paid editing or it is unclear if the definition applies. Am I correct in assuming that this statement refers to only paid editing and not other COI situations? Coretheapple (talk) 14:20, 20 January 2017 (UTC)meh, reading it again I think the scope is clear. Coretheapple (talk) 15:33, 20 January 2017 (UTC)

Socks of undisclosed paid WP editing companies

I have started a list here of the blocked socks used by companies involved in undisclosed paid editing to help with future follow up and enforcement of the TOU. IMO this list follows the spirit and letter of the WP:Harassment policy. Before I work on it further; however, I would like to get further community input. Doc James (talk · contribs · email) 14:15, 19 January 2017 (UTC)

Yeah, this isn't in line with policy as worded. The only case by case basis that outing currently allows is accounts on websites, not employer information. --Kyohyi (talk) 14:54, 19 January 2017 (UTC)
Thanks for bringing it up. I don't see that we have much choice but to get far clearer on what those "case by case" situations are.
...an admin properly posting that person’s company... So, should we make this a situation where admin involvement is required in disclosing a company? --Ronz (talk) 22:38, 19 January 2017 (UTC)
We could ask legal to clarify it they meant to restrict this to admins. I would say it should not be. Doc James (talk · contribs · email) 22:42, 19 January 2017 (UTC)
I agree that we'd be much better off knowing what legal meant. Requiring admin involvement seems a large burden that's unnecessary. --Ronz (talk) 22:47, 19 January 2017 (UTC)
What is probably meant by company within the sentence "if someone is editing for a company ..." is employer as the term is used within the Terms of Use, namely whoever is paying for the edits. Or it could mean client. The point of the sentence is that we are allowed to say who the employer and client are. SarahSV (talk) 23:04, 19 January 2017 (UTC)
You could list those already publicly outed by necessity and take it from there. A list would certainly be useful to help the eagle eyed — Iadmctalk  23:42, 19 January 2017 (UTC)

What we actually need is clarity from the arbcom. They could easily say "yes Legal has advised X but we are stricter", and I must note that they have already banned users for outing blatant bad faith spammers. Ping GorillaWarfare, your commentary on this, both personal and speaking for the arbcom, are probably required at this point - David Gerard (talk) 00:15, 20 January 2017 (UTC)

Not sure if you're asking for my commentary on the WMF statement or on the advisability of this page, so I'll give you both. I can only give you my personal take at the moment: I'm horrified at the statement, as it condones (even endorses) posting personal information of editors if there's even the slightest concern of wrongdoing, with the only "requirement" being some plausible deniability that it was good faith. I think it completely undermines the harassment policy and the WMF's November commitment towards working to end harassment. I am hoping that the ArbCom will be publishing a response, though we're still discussing it. As for this page, I think it's a terrible idea. The statement explicitly said that it had no change on community policy, so I'm not sure why you now feel a page like this is a good idea. GorillaWarfare (talk) 00:43, 20 January 2017 (UTC)
I suggest we actually need is clarity from the community. To enact the WMF paid editing statement in full, the community would need to:
  • amend WP:HARASS to permit "outing" to the extent necessary to conduct a good-faith paid editing investigation, and/or
  • amend WP:BLOCKEVIDENCE to permit individual admins to block editors on the basis of private evidence provided directly to them and not able to be published for peer review; and/or
  • positively require functionaries or Arbcom (as a subset of the admin community) to receive and act on personally identifying information in the context of paid editing investigations (but see below)
Option three offers the least policy change, as both functionaries and Arbcom are already authorized to receive and act on certain pieces of personal information. However there are longstanding restrictions (and traditions) on what evidence is considered, how it is obtained and to what degree it is relied upon. There has not traditionally been a positive obligation on either group to conduct or oversee offwiki investigations; there is reasonably strong opposition to generalized wikisleuthing by functionaries (see for example the ContribsX case of 2015), and past discussion on this talkpage indicates most functionaries are reluctant to enhance their offwiki investigatory role for reasons to do with privacy, harassment prevention and the law.
With any option, the community would also need to consider how changes might affect the anti-harassment policy being simultaneously developed by the WMF :- essentially whether or not enacting the paid editing statement increases the risk of harassment of individual editors; and if so, whether this is or is not worth it to reduce the prevalence of paid editing on Wikipedia.
I'll offer some personal views in the statement from Arbcom (if that eventuates). Hopefully the above is seen as more of a practical presentation of the options.
Further, please note that regardless of its rights or wrong the WMF statement does not of itself change any en-WP policy - before anyone seeks to enact the WMF statement they should seek community consensus to obtain policy change. -- Euryalus (talk) 00:57, 20 January 2017 (UTC)
Euryalus, the policy has said, since February 2015: "Posting links to other accounts on other websites is allowable on a case-by-case basis." It's an unsatisfactory sentence, but the point of it is to allow common sense and "stating the bleedin' obvious", especially when it comes to paid editing. The statement from legal doesn't seem to go beyond that. SarahSV (talk) 02:17, 20 January 2017 (UTC)
The statement from legal seems to be being twisted to suit whatever desired outcome is wanted here. All legal did was reconfirm their position all along that the privacy policy, as far as they are concerned, is in regards to information collected by the Foundation. Of course that is all they are going to say on the matter. That is all they care about. They would be pissed if a CU was run on a potential undisclosed paid editor as that would be using Foundation information. You must draw a distinction between what legal is actually concerned about and what is being discussed here. Outside information is none of legal's concern as it isn't Foundation collected info. It is up to enwiki policy (and therefore community consensus) to determine what to do with that. --Majora (talk) 02:23, 20 January 2017 (UTC)
Can you provide a citation for this please "They would be pissed if a CU was run on a potential undisclosed paid editor as that would be using Foundation information." Doc James (talk · contribs · email) 02:28, 20 January 2017 (UTC)
Sorry, forgot "unless there is enough evidence that supports sock puppetry to warrant a checkuser." As is the case with any CU. The Foundation would be quite angry if a CU is run without merit. Hence the privacy policy, the existence of complaint channels, and the existence of the ombudsman commission. (and you don't have to cite the sky is blue). --Majora (talk) 02:31, 20 January 2017 (UTC)
Sure of course CU should not be "run without merit". No one has ever requested them to be. Evidence of undisclosed paid promotional editing however is "merit". Doc James (talk · contribs · email) 02:36, 20 January 2017 (UTC)
Try to see the bigger point beyond the "CU" part of the post. Legal's response was completely and totally predicable and inline with what legal actually cares about. That should, in no way, give anyone the green light to do anything on enwiki unless community consensus allows for it. As SarahSV stated. The policy already has a provision for allowance on a case-by-case basis and the previous RfC on opening that up further was closed and archived as stale (with no clear consensus to change anything). So legal's response was predicable and enwiki policy still dictates what happens on enwiki. If you want to change that you can always open another RfC. As it stands, it looks like we are stuck with the "case-by-case basis" wording that is currently in the policy --Majora (talk) 02:44, 20 January 2017 (UTC).
In a sense, Legal's opinion is just their opinion and not binding. And, yes, their agenda is not our agenda. But the Terms of Use, themselves, are binding on all Wikimedia projects. And we're not stuck with the "case-by-case" wording, as wording. --Tryptofish (talk) 03:00, 20 January 2017 (UTC)
Tryptofish the ToU related to paid editing is not at all binding on all Wikimedia projects, as they can be overridden by the local community, which is why Commons does not require any disclosure of paid contributions from its contributors. --kelapstick(bainuu) 13:40, 20 January 2017 (UTC)

The TOU is an absolute base level expectation that, of course, is binding for everyone. Just because posting other information about other sites does not violate the TOU (per legal) does not mean it would not violate enwiki policy. That is decided by the enwiki community and can be more stringent than the baseline (and often is). --Majora (talk) 03:05, 20 January 2017 (UTC)

Majora, what you say is correct (in that we can have a local policy about harassment that is more stringent than what the ToU requires), but in this specific instance we are talking about ToU that require disclosure, so saying locally that disclosure is voluntary is not going above the ToU baseline, but rather setting a less stringent requirement. But more importantly, yes Kelapstick you are partially correct and I was partially incorrect. Looking more carefully into the link that you gave, and other information at meta, it is indeed the case that the ToU can be overridden by a local policy that may "either strengthen or reduce the requirements". Well, I'll be! But it's also important to note that such an alternative disclosure policy is permitted only when (1) we "gain consensus specifically to replace the paid editing disclosure requirements in the Terms of Use with the policy of the project", and (2) "After creating such a policy, projects must include their policy on the list of alternative disclosure policies." Note: "must". Right now, that has occurred for Commons, MediaWiki, and Russian Wikibooks, but not for us at en-Wiki. ArbCom cannot declare it. The community must create a new policy page on paid editing, because one does not now exist. Once it has gotten community consensus, we have to list it at meta:Alternative paid contribution disclosure policies. Until then, we are bound by the meta ToU on paid editing. That's the way it is. And before somebody proposes such a policy, we all need to think hard on why the ToU describe undisclosed paid editing as "deceptive" and "fraud". --Tryptofish (talk) 17:33, 20 January 2017 (UTC)
Actually, we do already have Wikipedia:Paid-contribution disclosure, but it says nothing about privacy or harassment issues, pretty much just repeating the ToU, and isn't listed at meta. --Tryptofish (talk) 17:39, 20 January 2017 (UTC)
A new policy that would revoke the ToU needs an "RfC (that) must be conducted in a manner consistent with the standard consensus-based process for establishing core policies." That's a fairly high standard. OTOH, once the current policy was established, modifying it in a way that does not weaken the ToU is accomplished in the same way that any other policy is modified. Smallbones(smalltalk) 02:43, 21 January 2017 (UTC)

Agree that it is the community from which we need greater clarity not Arbcom. Arbcom does not determine policy. IMO it is a bad idea to expect a group of volunteers (ie arbcom) to take on a duty they do not want as one of two things will likely happen. (1) they will not do it (2) they will do a really bad job. We do not need to protect the blocked accounts of undisclosed paid editors. We do need these details on Wikipedia to help detect their future accounts. We need to do this not only to protect the quality of our content and our reputation but to protect those who are being mislead by these companies (ie. their clients).

If we had a list of companies that are banned from editing Wikipedia because they do not follow the TOU, their clients will find this list when looking up the company and maybe not hire them. Right now we are simply sitting ideal and allowing these undisclosed paid editors to create the only story being told. Doc James (talk · contribs · email) 01:14, 20 January 2017 (UTC)

It's significant that the WMF said "WP:OUTING can't be used as a way to avoid the disclosure requirements in the Terms of Use". That's an important point, with important implications for local policy. We at en-wiki certainly can set tougher standards for what constitutes harassment, than the minimum defined by WMF. And that's why it is indeed important for the community here to work towards a consensus about our policy. And furthermore, it's the community that should make policy, not ArbCom. But here is the significance of what WMF said: the Terms of Use cannot be overridden by a local project consensus. The Terms of Use are binding on all Wikimedia projects. Thus, however we decide to configure the wording of WP:OUTING, we cannot do it in a manner that tends to violate the Terms concerning undisclosed paid editing. --Tryptofish (talk) 01:40, 20 January 2017 (UTC)
+1 to that. If an account is blocked for undisclosed paid promotional editing and there is evidence that they are associated with a specific WP editing company, IMO this supports us linking them. Doc James (talk · contribs · email) 01:46, 20 January 2017 (UTC)
The terms of use do not call for third parties disclosing the paid editing. There is no conflict between outing and the TOU, the TOU says you have to self identify if you are to do paid editing. Outing prevents third parties from identifying you. What's more it doesn't say that a third party disclosing for you meets the requirements. So, a person who identifies a paid editor does not bring that editor in compliance with the TOU. In turn this means that meeting the TOU cannot be used to OUT another editor. On a slightly related note, if we are to implement anything I think it should fall within Euryalus's second or third bullet above. --Kyohyi (talk) 14:23, 20 January 2017 (UTC)
In a sense, "a person who identifies a paid editor does not bring that editor in compliance with the TOU", in that identifying personal information (as we define "personal information") is not what the ToU requires. The violating editor remains not-in-compliance personally, even after someone else makes the disclosure. But it's not really important whether the third party editor brings the offending editor "into compliance", in the sense of making them "see the light". After all, who cares about that? What matters is undoing the damage to Wikipedia's content that is done by the undisclosed paid editing. And identifying a violator's status as an undisclosed paid editor, and the specific way that the undisclosed paid editing is fraudulent, does in fact undo the damage done by the violation. Unless the community here decides to enact an alternative disclosure policy, the ToU that treats paid editing as something that must be disclosed overrides the outing policy here. --Tryptofish (talk) 17:08, 20 January 2017 (UTC)
The TOU treats paid editing as something that must be disclosed by the person doing the paid editing. That's it. End of text. It doesn't treat paid editing as something that the community must ferret out and identify, if we want to make that something that is a requirement of the community we need to change policy to do so. But, as is, there is no conflict because there is no requirement. --Kyohyi (talk) 17:18, 20 January 2017 (UTC)
What you are writing there is just a distraction. No one has written that "the community must ferret out and identify" undisclosed paid editors. If you don't want to spend time dealing with it, of course you don't have to. Of course. The question here is what those who want to address undisclosed paid editing can and cannot do. Jytdog (talk) 17:33, 20 January 2017 (UTC)
Yes, and the ToU do treat undisclosed paid editing as prohibited, and expect local communities to enforce it. Otherwise, we have a nonsense situation: paid editing must be disclosed, but if you choose not to disclose it, nobody will stop you. Please note, however: we can still find ways to disclose paid editing by users who fail to disclose it, without violating those users' "private information" as defined by the outing policy, although the boundaries are fuzzy, and are not de-fuzzied by "case-by-case". --Tryptofish (talk) 17:44, 20 January 2017 (UTC)
It's not a distraction, it's a response to Doc James list. The justification is that the list is enforcing the TOU and identifying employers albeit by third parties. Identifying employers by third parties is not a requirement in the TOU. Identifying of employers by third parties is a violation of outing. Therefore the TOU and OUTING are not in conflict, and the list should not exist. --Kyohyi (talk) 17:52, 20 January 2017 (UTC)
Basing an argument on things that no one is saying is a distraction and WP:DISRUPTIVE. Do not misrepresent other editors. No one is saying that "Identifying employers by third parties is a requirement in the TOU." If you don't understand the arguments being made, please ask. Jytdog (talk) 17:57, 20 January 2017 (UTC)
Sorry, but it's pretty clear you aren't getting my argument, and you shouldn't misrepresent me. Identification of employers by third parties does not meet the requirements in the TOU. Identification of employers by third parties is outing. Doc James said "I have started a list here of the blocked socks used by companies involved in undisclosed paid editing to help with future follow up and enforcement of the TOU.". This list includes the paid editing companies/organizations. Linking the two together is outing per employer. This list does nothing to enforce the TOU. What's more, this statement from Doc James "+1 to that. If an account is blocked for undisclosed paid promotional editing and there is evidence that they are associated with a specific WP editing company, IMO this supports us linking them" is pretty clear that he thinks we can link editors to WP editing companies. --Kyohyi (talk) 18:21, 20 January 2017 (UTC)
Let me clarify. I think we can and should link "BANNED" editors to WP editing companies they work for. The word banned is very important here. Doc James (talk · contribs · email) 19:12, 20 January 2017 (UTC)
Banned editors have all the same protections of outing as other editors. And while I think your trying to move us past the deadlock that we've come to, I don't agree with the direction are proposing. I would, however, support a resolution that's closer in line to what's done at SPI. --Kyohyi (talk) 20:07, 20 January 2017 (UTC)

Socks: arbitrary break

  • Support list connecting blocker users to their affiliated spam organizations Even though I support I also wish for ongoing conversation. One basis for conflict here is the premise that we Wikipedians are unable to differentiate between more rare, more horrible things like sexual harassment of vulnerable people on wiki and more common, commercial misuse of the website like posting promotional information on behalf of a company. I continue to think that countering harassment as traditionally imagined is important, and that countering spam is important, and I am not persuaded that these issues should be combined and be managed with a uniform process. I wish to promote safety on Wikipedia but I am not ready to agree that identifying companies and users who exploit Wikipedia as a business practice necessarily compromises the safety of individuals in harassment or stalking situations.
I am ready to support whatever personal protections for individuals anyone would propose. At the same time, I think that the problem of spam in Wikipedia has been a burden to thousands of editors, millions of readers, the source of many or most conflicts in Wikipedia, a wasteful unsatisfying time sink of volunteer labor, and an issue which can be singled out for special treatment like posting on a list. If there is enough evidence to block someone for spamming Wikipedia then it seems reasonable to me that there is enough evidence to list such users as being blocked for spamming Wikipedia, and to link those blocked accounts to the publicly accepted evidence which was used to create a rationale for the block. This might be in conflict with some current policies but as a practical matter the issue should be addressed. Previously some of the rules in Wikipedia have shown extraordinary favoritism to support the most obvious and complained about spammers in attacking and defiling Wikipedia for commercial gain. Spam is its own issue, and while the spam issue is addressed, I confirm that the OUTING policy should be strengthened for people who use it for reasons other than to post spam.
Let's keep the OUTING policy but make changes to help counter the worst spam. Blue Rasberry (talk) 18:15, 20 January 2017 (UTC)
I think that Bluerasberry makes excellent points about not letting outing policy get out of balance with the need to control deceptive paid editing. I'd also like to point back to what WMF Legal said that was quoted at the beginning of this discussion:
"It's also important to remember that WP:OUTING can't be used as a way to avoid the disclosure requirements in the Terms of Use: if someone is editing for a company and fails to disclose it, an admin properly posting that person’s company where it is relevant to an investigation is part of their job to help bring the account into compliance with those requirements."
Even given that we can develop, gain consensus for, and list, an en-wiki policy that handles the issue differently than that, it's worth thinking carefully about the point being made. Imagine a paid editor who takes the attitude that, because of the outing policy, they can ignore the disclosure requirement even to the point of causing major disruption. We don't need to have other editors posting that person's name, address, family members, etc. But do we really want to say that saying the person "is being paid by XYZ company to disrupt Wikipedia" is something that we want to treat the same way that we treat someone who stalks another editor and posts harassing personal information about them? --Tryptofish (talk) 19:28, 20 January 2017 (UTC)
Trypto, with regard to Imagine a paid editor who takes the attitude that, because of the outing policy, they can ignore the disclosure requirement even to the point of causing major disruption. - that is already settled here in en-wiki - editors cannot avoid disclosing on the basis that it would make them OUT themselves. See this old ANI discussion and particularly this summarizing section. The statement from legal is really trying to talk about how to handle personal information in the midst of ToU discussions in light of OUTING.
What you write about threading the needle in balancing addressing ToU violations and OUTING, by categorizing ToU disclosures (employer and affiliation) in a different "class" of personal information, is very interesting. Something to try to get consensus around!! Jytdog (talk) 20:29, 20 January 2017 (UTC)
Thanks, and I agree with everything that you said, and the links are quite helpful. I agree with you that there is already a good basis at en-wiki to conclude that editors cannot refuse to disclose on the basis that doing so would out themselves. That's the way that I understand it, too, and it's reinforced by what the WMF has said. But here is why I raised it that way: Other editors have been arguing in this discussion that if a paid editor chooses not to disclose, and another editor makes the disclosure for them, then the paid editor has a legitimate complaint that the other editor is in the wrong for supposedly having violated the outing policy. I'm explaining that the paid editor's complaint is not really valid. And given that, it becomes problematic to sanction the other editor for outing nonetheless. If the paid editor has no justification for failing to disclose, then how can they be harassed by having the disclosure take place? And indeed the WMF said that a user "properly posting that person's company where it is relevant to an investigation" is appropriate, and consequently is not harassment. (Again, I have no quibble with also saying that only the minimum necessary amout of information should be made public.) --Tryptofish (talk) 21:27, 20 January 2017 (UTC)
You're missing the confirmation bias, and circular reasoning. If the "paid editor" is not a paid editor then they don't have to disclose. And information about paid editing can be faked, and unrelated people can be banned/blocked. --Kyohyi (talk) 22:10, 20 January 2017 (UTC)
I agree with you that posting personal information about the wrong person is a troubling problem, and one that must be taken into account. But it is not circular reasoning to argue that the problem with undisclosed paid editing is large, and the problem of misidentification is relatively infrequent. --Tryptofish (talk) 22:15, 20 January 2017 (UTC)
Let me add: you have a valid concern about outing someone who does not deserve to be outed, but there is likewise a valid concern about blocking an editor trying in good faith to control COI editing. --Tryptofish (talk) 22:19, 20 January 2017 (UTC)
Yes we all agree that posting wrong information could be a problem. But this proposal is only for banned users. And we are just posting the WP editing company they are associated with. If a banned user get associated with a paid Wikipedia editing company by error not sure that has huge negative repercussions. Doc James (talk · contribs · email) 22:27, 20 January 2017 (UTC)
You're not sure there are "huge negative repercussions" to publicly accusing someone of misdeeds they didn't commit, in an environment where they can't respond? Opabinia regalis (talk) 06:52, 21 January 2017 (UTC)
And why can they not respond? These business continue on just fine even though we block bunches of their accounts. But yes I am sure there are not significant negative repercussions from listing accounts involved in undisclosed paid editing as accounts that are involved in paid editing. We do it already. Connecting them with a company changes not one iota from a "negative repercussions" angle Doc James (talk · contribs · email) 02:16, 22 January 2017 (UTC)
In your view, what would that minimum necessary amount of information be? -- Euryalus (talk) 21:43, 20 January 2017 (UTC)
In one fish's opinion: that there is paid editing, and either the party that is doing the paying or the specific nature of the editing agenda (the latter because editors need to understand what the POV was). But that answer doesn't really solve the problem. Say that XYZ Company paid the editor to do promotional editing, and there's a good chance that someone reading that will have enough information to search for more information than that. I've seen ArbCom block users for saying things that did not disclose personal information, but gave readers a clue as to how to find that personal information. --Tryptofish (talk) 21:58, 20 January 2017 (UTC)
Or start a new subsection. --Tryptofish (talk) 22:39, 20 January 2017 (UTC)
  • Three things which seem to be not generally understood in some parts of the discussion:
(1) This is not the WMF Statement about the policy that applies only at meta. It is the WMF statement about the policy that applies at enWP, , as the introductory paragraph makes clear (and presumably also at all WMF projects).
(2) While enWP may have a stricter privacy policy it may not have a stricter privacy policy that interferes unreasonably with enforcement of the minimum WMF policy on paid editing
(3)The formal opinion of WMF Legal about what enWP is required to do is fundamental to all policy at the enWP. We operate under their structure. DGG ( talk ) 00:41, 21 January 2017 (UTC)
  • In my opinion, that's exactly right. But I would also add, per my interchange with Kelapstick above, that WMF spells out a specific procedure for setting a local en-wiki policy that differs from the meta ToU. But we can do that only by following that procedure. --Tryptofish (talk) 00:49, 21 January 2017 (UTC)
With regard to claims in #3 about the role of WMF in en-wiki's development and interpreting of the en-wiki OUTING policy, this is in my view charged territory and I ask folks to step very, very lightly. The autonomy of each project is a very old and fundamental part of the ToU. I am glad to have WMF legal's statement on these matters but from my view it is just an important voice (and this is not what I wanted them to focus on - I wanted them to focus on what they could do, directly, with respect to companies that advertise paid editing services but have no on-wiki disclosures). And please don't make claims that WMF is "requiring" anything of the en-wiki community in that statement; I don't see that they are. Jytdog (talk) 01:15, 21 January 2017 (UTC)
#2 is an interesting point; as always, the devil is in the details about how to "enforce" (meaning police and then adjudicate alleged violations of) the paid editing aspect of the ToU while not violating OUTING/Privacy. It isn't simple. Jytdog (talk) 01:15, 21 January 2017 (UTC)
Well, I think we all are stepping lightly, in the sense that this is simply a discussion. But the WMF make it clear that, in the present day, their ToU do apply here, and local consensus cannot merely shrug that off. In fact, as I noted above, they provide an explicit procedure for making our policies different than what it says at meta. We can do that, so in that sense WMF is indeed allowing for autonomy, but that does not mean that we can spontaneously do anything that we want. And the fact that they have a procedure for creating a different policy means that they intend, absent that procedure, that what they say is a sort of requirement. (Think about it this way: if WMF, instead of en-wiki, had the outing policy as part of the ToU, we could not simply say that outing is OK here on the basis of a local autonomy.) --Tryptofish (talk) 01:36, 21 January 2017 (UTC)
Of course the obligations for paid editors to disclose employer, client, and affiliation apply in en-Wiki unless we make a different policy. That isn't the question here. Jytdog (talk) 01:52, 21 January 2017 (UTC)

Break 2

I think it's fair to say that a many of editors are concerned about undisclosed paid editing and the effect it is having on the English Wikipedia. We have all worked hard to make the English Wikipedia what it is today and to see it being undermined without the means or tools to counter it has been frustrating. To me, the central problem and barrier has been that 'undisclosed paid editing' includes an unreasonably wide range of cases with two types on either end:

  1. Large scale operations involving sock puppetry, dozens if not hundreds of articles, and an elaborate attempt to willfully circumvent our policies and guidelines
  2. Single article incidents that possibly involve WP:COI and maybe compensation (vaguely defined)

The second example could be a substitute teacher fixing a typo on an article about the school district in which they work. WMF Legal verified, elsewhere, that such an occasion would constitute undisclosed paid editing (an interpretation I am not sure is represented in the ToU and accompanying FAQ). In this example, the teacher is paid to be a teacher — not for their edits to Wikipedia — but because there is potentially a monetary benefit linked to their edits, according to WMF Legal, this is undisclosed paid editing.

I have absolutely no interest in going after editors even remotely in the same ballpark as the second example — let alone out their personal information (publicly available or not). More importantly, I have deep reservations about the practice of publicly posting any personal information about another editor. A person's digital footprint may include information that is publicly accessible and alone insignificant, but when amalgamated from various sources into one location and then posted to a place with the visibility of Wikipedia, has the potential for real harm. The further notion that this practice could occur during an investigation is equally as disturbing. What happens when an investigation concludes, well after the personal information has been revealed, that there was no wrong-doing or that the information was revealed under false pretexts. It is without question that such a situation could have lasting consequences for the individual whose information was revealed. We cannot expect every editor on the English Wikipedia understand the inherent risk they would putting themselves in by editing.

Something has to be done, but it is not what the WMF Legal is guiding the community towards. I am immensely proud of the work and policies the community has introduced over the years to protect the privacy of individuals in our community. The community decided a long time ago that the WMF's Terms of Use and Privacy Policy protected only the Foundation and more was needed to protect editors from hostile threats. The community has stuck by that decision. Personally, I am not wanting to see these protections disappear and the WMF depart from the longstanding practice to allow local projects to self-govern.

The community has a difficult road ahead; it must decide the fate of how undisclosed paid editing is handled on the English Wikipedia. Whatever that decision, it should align with the community's own core values and principals. Whether this translates to a policy: one that allows functionaries to evaluate privately submitted information (by the community) about undisclosed paid editing and grants functionaries the ability to block for ToU violations; or some other policy that empowers administrators (that I hope still preserves the protections offered by the community to all editors). Mkdw talk 04:10, 21 January 2017 (UTC)

I had this page on my mental list of "stuff to catch up with" and I was going to write a long post, but Mkdw nailed it. In every other context on Wikipedia, we operate by the principle of taking as much action as needed to protect the project, and no more. We don't reveal private information about vandals and trolls and sockpuppeteers unless the disclosure of that specific piece of information is necessary to protect the project from the offending user's actions. In those cases, what's being disclosed is usually something like an IP address or range - typically less personally identifying than a name or an employer - and those data are sourced directly to the checkuser logs, not to other editors' internet detective activities. And those are cases of actual demonstrated malice, rather than the typical paid editor's attempts to exploit our Google rankings or ride our coattails. It strikes me as very strange to see otherwise sensible people argue that we should provide information that is more identifying and less reliable with substantially weaker protection than we provide for data that is covered under the privacy policy.
It's too easy to overlook the fact that we have many examples like Mkdw's #2 above, and that even the #1s are still real flesh-and-blood people trying to put food on their tables in personal economic circumstances that make bottom-feeder internet freelancing seem like a good deal. I expect a lot of us have at one point or another made a short-sighted decision because of personal circumstances, and I'm certainly glad that none of mine have (to my knowledge, at least!) resulted in someone doxing me and accusing me of fraud on a high-traffic website. Furthermore, we're not very good at distinguishing "paid editor who obstinately refuses to admit to it" from "unpaid editor who's a big fan of their article topic and doesn't understand how to write for an encyclopedia". And we've seen a number of cases - real cases, not hypothetical what-ifs - of joe-jobs and impersonations in which established editors are misrepresented offsite as being available for paid work. It's important to remember that outing is irreversible - it can be contained and mitigated, if oversighters are quick enough, but it can't be purged from the brains of the people who've already seen the outing post, and it can't easily be removed from other sites that copy or mirror the post, and it can't (well, won't) be purged from the servers entirely. Outing or threats of outing constitute one of the most common forms of harassment reported to arbs and functionaries, and can be extremely distressing to the people affected. Those are very high stakes.
Importantly, as we invest our time in all of these conversations about "outing", we're missing the opportunity to explore the full range of possible ways to handle the actual, concrete problem presented by paid editing - namely, the problematic content it tends to produce. There are ways we can manage that problem without the need to publicly expose anyone's personal information or waste valuable volunteer time in error-prone amateur sleuthing. We could raise the notability criteria for people, products, and organizations, which are common topics both for paid editing and for other kinds of poor work (self-promotional, poorly sourced, under-watched BLPs, etc.) We could set up a "promo-prod" mechanism similar to BLP-prod to facilitate the deletion of content that isn't quite G11-worthy, but is unlikely to be developed in a reasonable amount of time. We could raise sourcing expectations. We could provide improved technical mechanisms for paid-contribution disclosures. We're on the harassment policy talk page, so this isn't the place for extended discussion of those things, but the point is we have a lot of unexplored options and underutilized resources to dedicate to this problem. I hope that we see some creative thinking about practical approaches to these issues. Oh shit, I failed at not writing a long post... ;) Opabinia regalis (talk) 06:16, 21 January 2017 (UTC)
I agree completely with this "We don't reveal private information about vandals and trolls and sockpuppeteers unless the disclosure of that specific piece of information is necessary to protect the project from the offending user's actions. "
Having a list of what BANNED accounts are associated with what banned paid editing company is needed to protect the project from these offending companies actions. It is also required to protect people who are being not only mislead by the content they create but the people who pay these companies and think they are legit.
I do not see any credible argument that creating this sort of list will harm good faith editors.
Yes other measures are also needed to address undisclosed paid promotional editing. This is a complicated problems without a simple solution.Doc James (talk · contribs · email) 17:48, 21 January 2017 (UTC)
Opabinia regalis, this isn't the place to develop this, but I want to say that I strongly agree with your point: "We could raise the notability criteria for people, products, and organizations ... We could set up a "promo-prod" mechanism similar to BLP-prod to facilitate the deletion of content that isn't quite G11-worthy ..." Readers have gained the impression that anyone vaguely notable must have a page and should be able to control its content. If we were to enforce WP:NOT fully (particularly WP:NOTADVERTISING, WP:NOTDIRECTORY and WP:NOTFACEBOOK), a significant amount of paid editing would disappear. Doc James, attacking the cause makes a lot of sense. I don't have time to start a discussion about this elsewhere, but I'd be happy to take part in one. SarahSV (talk) 02:40, 22 January 2017 (UTC)
As below, I've been busy IRL recently and haven't had time to put much new thought into this; lack of time is one reason I haven't tried to start such a large-scale discussion either :) I do find it surprising that no one has, considering how much discussion there has been lately about paid editing in particular and quality control in general. Currently I am pretty backlogged on reading evidence for the open arb cases, but once those are closer to completion I'll give this a look. Opabinia regalis (talk) 05:00, 31 January 2017 (UTC)
Apologies if the answers to these are obvious, but a couple of questions:
  • These editors were banned for UPE, but how do you know what specific editing services they were working for?(note: seeking a general answer, please don't post these specific editors' personal info here in response)
  • What actual future evidentiary value could be obtained from such a list?
  • Where an undisclosed paid editor is identified and banned, would it not be more useful to maintain a ready reckoner of the company articles they edited, so these can be watchlisted and routinely checked for promotional fluff, than to maintain a list of usernames which will never be reused? -- Euryalus (talk) 19:29, 21 January 2017 (UTC)
Will email you the answer to the first bit.
The list will help people identify further socks from these companies. These companies have definitely created new accounts and are still editing.
It will help those who are being told that the companies are legitimate so they will not hire them in the first place. Doc James (talk · contribs · email) 02:04, 22 January 2017 (UTC)
Sorry, I don't know the answers to Euryalus' questions, but the "Break 2" discussion strikes me as very helpful, and I have an assortment of comments I want to make.
First, because it's getting lost in the tl;dr, I want to reiterate what I understand needs to be the procedure for enacting something here at en-Wiki that does not simply mirror the ToU at meta. It is explained at: meta:Terms of use/FAQ on paid contributions without disclosure#Can a local project adopt an alternative disclosure policy for paid editing?. We have to: (1) Develop a community (not ArbCom) consensus about a formal policy to take the place of the present Wikipedia:Paid-contribution disclosure, that spells out what we do and do not allow to have posted onsite, and (2) list the new policy at meta:Alternative paid contribution disclosure policies.
Second, I am thinking about what specifically we need to figure out, and it grows out of a question that Euryalus asked me earlier in this discussion. We have to define, exactly, what we need to be able to post onsite that, just as Opabinia said, constitutes enough to take care of the undisclosed paid editing problem, and nothing more. I think it is:
  1. The fact that there is undisclosed paid editing. (And just that, just a binary "is" or "isn't" that kind of editing.)
  2. Enough information about either the business interest that is paying for the editing, or the POV that is being promoted, to guide editors in fixing the content. (How much of that is enough? We need to work that out. Maybe the actual name of a business if it is engaging in large-scale socking etc, but maybe not even the name if it's not that bad, just the business sector?)
I don't think anything more than that is needed. And we can probably hone #2 so that it does not leave enough bread crumbs to track down personal information. This has direct implications for the outing policy here: we ought to revise it to say explicitly that #1 and #2 are not included in the "personal information" that is protected, but everything else that is personal is. I'm thinking hard about making this something that does not open the door to the horror stories that the Arbs keep seeing. I read carefully what GorillaWarfare said at Jimbo-talk, and I think this information would not be anything like the Facebook material that she talked about. (Opabinia: your ideas about content, about raising notability requirements and so forth, would indeed be helpful in addition to this, but not instead of. That's because there will be people who will talk about the problem on talk pages and get confused about what they may post, and because people on both sides will try to game it. Notability, unlike porn, is not the kind of thing everyone recognizes when they see it.)
Third, we need to figure out whether or not the community still supports emailing information privately to administrators, or to functionaries, as the outing policy currently encourages. At Wikipedia:Village pump (proposals)/Archive 134#Proposal for a confidential COI mailing list, the community reacted quite negatively to having any sort of off-site investigation (and not just to the specific proposal, but to any kind of non-transparent investigating). I don't know how we reconcile all of that, but there needs to be a clear and unambiguous policy about what can and cannot be posted onsite, and discussed privately. The current outing policy is spectacularly unclear, at least to good-faith editors, even if functionaries think that it is obvious. --Tryptofish (talk) 01:52, 22 January 2017 (UTC)
Opabinia regalis, raising notability is a start, but will do nothing in places where it really counts - big pages that Tryptofish describes below. My worries are exactly like Tryptofish's - one could game the system easily. Cas Liber (talk · contribs) 00:16, 29 January 2017 (UTC)
Thanks for that! --Tryptofish (talk) 00:26, 29 January 2017 (UTC)
Tryptofish I think we reconcile things as follows. I think everyone (or the vast majority) here would agree there has to be some confidential place/forum/etc. for concerns to be discussed. Once there is consensus that this is a necessity, several options are then discussed and presented for voting. Cas Liber (talk · contribs) 00:20, 29 January 2017 (UTC)
I'm not sure what to say here. The Village Pump discussion to which I linked just above seems to me to indicate that there may not yet really be the consensus to which you refer. And before anyone initiates an RfC about options, there is going to have to be a lot of community discussion before any viable options can even be described with the precision needed for a useful RfC. --Tryptofish (talk) 00:26, 29 January 2017 (UTC)
Hmmm, I dunno. I think some folks who would have opposed that specifically would understand there is at times a need to discuss concerns privately. Also, that didn't really gain very wide input. As things stand now, I don't think the projected workload outweighs the abilities of checkusers, arbs and functionaries to deal with things (though obviously things might change!) Cas Liber (talk · contribs) 02:38, 29 January 2017 (UTC)
For whatever it's worth, that RfC was pretty widely advertised, and I would expect that the editors who commented there would also be within the larger population of a larger RfC. What struck me was the extent to which editors who opposed the proposal also specifically pointed out that they would oppose any off-wiki investigation by individual admins, arbs, or functionaries, on the grounds that no one should be blocked without transparency, and there would be too much risk of individual functionaries using it for personally motivated blocks. Not my own opinion, but an opinion that was pretty widespread. --Tryptofish (talk) 21:22, 29 January 2017 (UTC)
Sorry Trypto, I've been meaning to respond to this but have been busy IRL for the last week and am just catching up. I think it's worth everyone taking two or three or ten steps back and getting a good look at this issue from a broader perspective, because it is really strange (and after a few days of paying no attention whatsoever to wikipolitics, let me tell you, really strange) that so much of the conversation around the topic of managing paid editing is hyperfocused specifically on this narrow issue of "I think I found a paid editor, so when can I out him?" Seriously, it is weird that the talk page about the policy on harassment has hosted so much of this discussion.
On the one hand, I think you're on the right track in trying to work out a minimalist view of what would be needed to support a hypothesis of paid editing. On the other hand, I think that waaaay before anyone starts trying to define what the minimum amount of information to post might be (or just how sure you have to be that you're right before you post it, or whether we should create a set of uberfunctionaries to receive this information, etc etc etc), we need to first work out the details of what the actual problem is and what approaches would work best to minimize it. Most of this conversation - and in that I include the WMF statement - is proceeding from the unstated and unsupported assumption that it is productive to identify a suspected paid editor, search for their personal information, and either post it on-wiki or share it with editors in private who will review and make judgments specifically about this off-wiki research. None of that actually seems to come with a justification for why this is a good way to manage a problem that a) involves a lot of socking anyway, and b) mostly generates content that is unwanted on its own merits. That's one reason why I emphasized an approach based on actual evaluation of the content: since most of it is bad to begin with, getting rid of it on the grounds that it's bad is much quicker and completely obviates the need for risky, time-consuming, and error-prone off-site investigations. There is just no compelling reason to go down this road outside of circumstances at least as extraordinary as those that prompt release of data protected by the privacy policy. Opabinia regalis (talk) 05:00, 31 January 2017 (UTC)
Oh, no need at all to be sorry! I do think that you raise many very good points here. I've been pretty immersed in these discussions over the last several days, and I can observe that a lot of us are thinking hard about minimizing the amount of information that needs to be revealed, in not harming a user who was incorrectly accused, and in differentiating between someone who just wants to publicize something small that they are close to, and who doesn't yet fully understand policy, versus someone coming from a website that is set up to engage in deliberate policy violation on a large scale. And I'm not seeing anyone who really is saying "when can I out him?" But it's worth considering that there can be a need for explaining to a putative undisclosed paid editor why we are reverting or blocking them, to provide concrete evidence. And very importantly, I think that you are mistaken in thinking that simply enforcing existing policies and tightening notability guidelines will control the problem without discussing motivations. I said somewhere else that generals tend to fight the last war, and here, we should not underestimate what is coming our way in the era of "alternative facts". I wrote Break 3, just below, for exactly that reason. And I think I described a very plausible situation in which our existing policies and guidelines simply will not be able to keep up with the problem. --Tryptofish (talk) 22:50, 31 January 2017 (UTC)

Break 3

I've been paying close attention to the scenarios that other editors have been describing, about the really awful kinds of harassment that occur, really I have. And I don't mean to diminish any of that with what I'm now going to say. But I think that it is important to consider the impact on editors from the other side of the issue.

We all know about such undisclosed paid editing examples as someone promoting a small business or a garage band, with relatively rare outbreaks of massive problems with multiple sockpuppets. But I'm convinced that it will be just a matter of time until we look back on all that as "the good old days". Not only do large corporations have increasingly sophisticated PR departments, but we are entering an age of fake news motivated by political agendas, and even Russian hackers. As Wikipedia becomes more and more noticeable as the top Google hit, and as where "anyone can edit", we will become more and more of a tempting target for deep-pocketed interests who will put effort into figuring out how to game the system. And it won't simply be matters of new pages where we can try to apply stricter notability guidelines.

Let's say a moneyed interest that is hostile to climate science decides to use us for their purposes. They hire a few people to set up a very large number of socks. Each sock goes to one of our geographic pages, and they merely make a small change in the numerical value of the average temperature, to lower that number by a few degrees. Do that enough, and there's a little less evidence for climate change. And they play the system. Let's say I look at one of these edits and decide to revert it as unsourced. A different sock turns up and reverts me. Rinse and repeat. Do I keep reverting and end up violating 3RR? Then I start to notice a few other geographical pages where the same thing is happening, but with different sock accounts at every page, no overlaps. It dawns on me that this might be an organized effort and not just a few random number-changing vandals. So I go to a talk page or noticeboard, and point out these edits and express my concern so that other editors will also look into it, and maybe get some page protection. But the paid editors are a step ahead of me. They create some Joe job external web pages where they post something about the fact that they actually are doing these edits, except in a way that is innocuous, along with a lot of personal information that doesn't really need to be there, and then they create other pages about embarrassing personal information about the same "real names" that the first group of pages contain. And they send an email to ArbCom complaining that Tryptofish is outing them by saying that they might be paid editors, which they deny, and they are very upset that the suspicions I posted will lead others to track down the embarrassing information about them and dox them. So ArbCom blocks me, until we can all figure out what is really going on. It could credibly happen. Same thing for efforts to make crime information on pages about US cities just a little more prominent, to advance the "American carnage" agenda of a US political faction. Or efforts to make our medical pages treat sugar as just a little more nutritious. It could quickly grow to a scale that good-faith editors will find overwhelming (after all, there is already some overwhelming from large class student projects: multiply that by a big number). Pleasant dreams, y'all!

So we need to have clearly established ways for editors to make good-faith accusations of ToU violations without violating the outing policy (and of course also without opening the door to outing editors who may be wrongly accused of paid editing). --Tryptofish (talk) 22:07, 22 January 2017 (UTC)

We already have cases of dictators from third world countries paying people to alter their Wikipedia profiles to help them continue to suppress their populations. That was a particularly unpleasant paid editor who complained vigorously when after he outed himself it was used against him.
Yup one concern is that these companies will begin adding bunches of "personal information" to their outside pages to protect themselves from being disclosed on Wikipedia. Of course all the personal information will be made up / borrowed from someone else. Doc James (talk · contribs · email) 03:49, 23 January 2017 (UTC)
Thanks User:Tryptofish, now my pov editing nightmares will get even worse. In fact I'd argue that pov editing may be a bigger threat to Wikipedia, maybe even now, then paid editing. Doug Weller talk 08:49, 26 January 2017 (UTC)
Thanks, Doug – that's what I'm here for! I think that the boundary between POV and paid will become increasingly blurred in the future. --Tryptofish (talk) 22:23, 26 January 2017 (UTC)
I do not see as many large sock cases with POV editors as I see with paid editors. POV editors typically edit one main topic so easier to address / keep an eye on. Paid editors edit what every topics people pay them to. Often obscure stuff that is poorly watched because it is of questionable notability to begin with. Doc James (talk · contribs · email) 11:27, 26 January 2017 (UTC)
Tryptofish's nightmare scenario has already happened. First, see Wikipedia:Requests for arbitration/Scientology in 2009. Second, among the politicians who would use us are not just third world dictators, as in the Kazakh Wikipedia, but staff members of US Congressmen,see WP:Congressional staffer edits. DGG ( talk ) 19:00, 28 January 2017 (UTC)
Thanks, DGG. I've been listening to news about "alternative facts" and the press being the enemy of the people here in the US (not to mention the size of the inaugural crowd), and I think that I really do see a storm heading Wikipedia's way. There's a cliché that generals fight the previous war, and I see a danger in thinking about these hazards in terms of the past history of doxing (which of course is not to say that privacy does not matter). --Tryptofish (talk) 23:57, 28 January 2017 (UTC)
The number of ways content can be gamed are numerous - using undue weight for starters - sock 1 removes sourced negative material and says article is unbalanced. edit war continues. RfC is held and socks 2,3 and 4 uphold view that inclusion of said material is problematic for whatever reason. Can also argue that many newspaper sources are reliable or unreliable, depending on scenario. Ditto blogs. etc. Cas Liber (talk · contribs) 00:18, 29 January 2017 (UTC)

Why is this discussion happening here

User:Opabinia regalis you have mentioned a couple of times that you don't understand why this discussion is happening here.

There is actual and obvious tension between the spirit and letter of the ToU and COI guideline and their intention to protect the integrity of WP content, and the spirit and letter of OUTING, with its aim of protecting privacy of editors.

It takes clear thinking to understand that tension and grapple with it. Which is not always available. Jimmy Wales, on the one hand writes op-eds in the NYT like this about the absolute value of privacy in WP ("Privacy is an essential right."), thinking with only his "privacy" cap on, but then turns arounds and writes things like this: My own view is that our policy on WP:OUTING is not well written, and prevents open discussion of the problems. In too many cases, speculating that an editor is a paid advocate is a mild example of failing to assume good faith (a real concern, of course) whereas proving it could be treated as a case of outing. That's not good policy. thinking with his "paid editing" hat on.

This kind of hand-wavy approach is actually destructive (and yes I am speaking to you Opabina) because there is a lot at stake for editors who choose to spend their volunteer time addressing integrity issues, and the tension is not easy to manage.

The biggest risk that people who choose to spend their volunteer time working on these issues run, is getting indefinitely blocked under this policy. That is a huge deal. User:Doc James wrote this recently: In fact the severe interpretations that some take of the "outing policies" make me feel less safe rather than more safe, as they protect those who harass others. - that was with regard to what he went through with the people from Medtronic and trying to have action taken against them here in WP, and his own worry that his work addressing integrity issues might end up getting him blocked, if he does something that someone with the power to block perceives as a violation of OUTING.

I, of course, ran afoul of this and was indefinitely blocked for it. That block was due to a mistake i made that I shouldn't have made, and was justified, but it resulted in a chilling of other people addressing COI/paid editing efforts at all, as several editors have emailed to me. (which is again, my fault for making the mistake) My fault.

Discussion of this policy is where things need to be worked out with regard to the community navigating the tension between preserving integrity and preserving privacy, and deciding how to calibrate things. It would not be appropriate to have it elsewhere.

And about other ways - purely en-WP ways - to address integrity issues in WP. That work is happening all around you at COIN, in AfD discussions where promotional pressure is increasingly being raised as a reason to delete marginal articles, and new page patrol. These issues are being raised here for good reason - namely to reduce the risk for those who address these issues, and provide more information about the paid editing that goes on. Everybody understands that risks are involved in trying to selectively adjust the OUTING policy. Nobody, including me, takes them lightly. Jytdog (talk) 23:06, 31 January 2017 (UTC)

and I'll add that I am not confident the community will ever reach consensus on amending OUTING. It might not. But the consistent efforts to dismiss and shut down the discussion from happening at all are getting in the way of even trying. Which is part of why we might not reach consensus. Jytdog (talk) 00:14, 1 February 2017 (UTC)
With respect to the comments by User:Jimbo Wales, the ones about privacy occured in 2015 while the ones about the effects our privacy policies on making addressing UPE more difficult were in 2017. This might simply reflect a further development of his position as we all become more aware of the seriousness of the current situation. Doc James (talk · contribs · email) 01:02, 1 February 2017 (UTC)
nope, he has been saying the vague "OUTING is flawed" thing for a while. 2013 example: diff. I don't want to litigate that either. My point was just that it is very hard to figure out how to actually amend OUTING in a way that deeply respects privacy while improving our ability to maintain the integrity of WP, and it is hard to even discuss because privacy is such a deeply held value and the conversation gets distorted very quickly with wild allegations. Jytdog (talk) 02:11, 1 February 2017 (UTC)

I disagree User:Jytdog with you position regarding your block. You were blocked on June 27th 2016 until August 8th, 2016 (5 weeks). The blocked remained long after you acknowledge the "mistake" and agreed not to do it again. You were required to go through a bunch of hoops to get unblocked. And the block was for providing evidence that an account that was editing in a promotional manner and being disruptive, was in the marketing department of the company they were writing about. Yes yes, it was so obvious that the evidence was not really needed.

In other cases; however, you can compare a fellow editing who works under their real name to Hitler's physician, "Josef Mengele" and nothing happens besides some minor scolding. IMO the use of the harassment policy has unfortunately moved away from decreasing harassment to protecting paid editors. The interpretations of some are resulting in more harm than benefit not only to our editors but to our readers. Doc James (talk · contribs · email) 01:28, 1 February 2017 (UTC)

I really, really don't want to relitigate my block and hope the discussion doesn't go there. Jytdog (talk) 01:53, 1 February 2017 (UTC)

These discussion seem to have gone lengthy and unstable. I don't see information regarding how does one in a non-invasive manner get to an understanding that a user is a paid editor. I hope it isn't through a snowballing of assumptions. Can someone provide some information on the process.59.96.162.139 (talk) 18:26, 3 February 2017 (UTC)

59.96, it is a good question how can investigations be non-invasive and cooperative. I am a frequent contributor at WP:COIN and feel that I can give a perspective on this. One way is to simply ask an editor if they are paid using {{Wikipedia:Conflict of interest/Question}} or equivalent, and assume good faith that the answer is true and complete. In some cases this doesn't work, so we depend on what we see in the articles. Conflicted editing, as a rule, is bad editing and leaves a pretty big signature of POV wording, content, and selective sourcing. Rarely, but occasionally, an off-wiki connection will be made but really this is not the norm. You can see in the Orangemoody case how some scammed businesspeople contacted Wikipedia to complain and the ball got rolling from there. - Brianhe (talk) 19:50, 3 February 2017 (UTC)
That's a good explanation, but I feel like I need to add that there is a very real risk that, as the problem grows in the near future, intentional violators will find better ways to cleverly camouflage their POVs, to make it look like innocuous editing. There are tremendous incentives to game the system, if we make it practical. --Tryptofish (talk) 22:41, 3 February 2017 (UTC)
Mildly, another mention of that traditional suggestion: we could also make paid editing that little bit less lucrative by substantially increasing the notability requirements for businesses and businesspeople. At present any business that can cobble together a half dozen trade magazine reports of their press releases has a moderate shot at an article here, and these small-scale companies are a key market for UPE. -- Euryalus (talk) 23:06, 3 February 2017 (UTC)
Then I'll give what is becoming the traditional reply. Yes, I think nearly everyone regards that as a good idea, but the question is whether it would be sufficient by itself. Per #Break 3, I am sure that it will not be. --Tryptofish (talk) 23:09, 3 February 2017 (UTC)
What, to solve the entire issue? No, it wouldn't be. But worth doing all the same. -- Euryalus (talk) 23:14, 3 February 2017 (UTC)
Thanks! That means that we agree, and I am glad about that. I know of a few editors who have in fact argued that it would solve the entire issue, or close to it, and I hope that they will come to be persuaded. --Tryptofish (talk) 23:20, 3 February 2017 (UTC)
By increasing notability standards; allowing functionaries (or a subcommittee) to block on privately held evidence; continuing to run checkusers on paid sock farms; and deleting any UPE created articles (provided they have not been substantially edited by other editors in good standing) and salting them, will be able to play a major role in reducing the effects of undisclosed paid editing. Mkdw talk 00:00, 4 February 2017 (UTC)
Agreed, but some caveats. I wonder whether the broader community will agree with changing notability requirements, given how strongly opinions run about that. As for private evidence, Wikipedia:Village pump (proposals)/Archive 134#Proposal for a confidential COI mailing list revealed a lot of resistance to it, and the current discussions at WT:COI seem to me to be at least somewhat divided. And no matter what we eventually decide about private versus public evidence, we will need to make the rules of the road much clearer than they are currently (as in "case-by-case"), or there will be ongoing dramas. --Tryptofish (talk) 00:12, 4 February 2017 (UTC)
One of the things that helps WP:MED deal with UPE is WP:MEDRS. In fact it is critical to the process. One still needs to monitor UPE though. People who are paid not to understand MEDRS, will simply not understand MEDRS (disclosure of COI does not always improve understanding but helps with FU).
Strongly support the running of CUs on paid editors and I believe that the practice of liberally doing so would be endorsed by legal at the WMF. User:Slaporte_(WMF) can you comment? Doc James (talk · contribs · email) 05:26, 4 February 2017 (UTC)
If you would like a change to the English Wikipedia checkuser policy, you'd need to propose it via RfC at WT:Checkuser. WMF employees cannot unilaterally change local policy; if you'd prefer not to conduct an RfC you would need to get the WMF to change the global checkuser policy at meta (and those changes would then apply here). -- Euryalus (talk) 05:58, 4 February 2017 (UTC)
(edit conflict) Tryptofish, I definitely agree with you on the question about whether the community would support such remedies. Doc James, the question about running checkusers on confirmed undisclosed paid editing is a complicated one. In cases where there aren't any signs of sock puppetry, do we allow fishing? Does the act of engaging in undisclosed paid editing weaken privacy protections provided to them by other policies? Can checkuser information be used to tie an accounting to an employer? E.g. university, senate, etc. How is this information logged for future review? How much of it can be revealed publicly? I would definitely be interested to know the WMF's position on these questions in terms of the meta checkuser policy -- and other questions that the community might have. Mkdw talk 05:59, 4 February 2017 (UTC)
Likely both will need to occur User:Euryalus. We need the WMF to clarify that running CUs based on concerns of paid editing is okay from their POV (especially as we have some functionaries arguing that EN WP cannot change the CU policy to allow this unless the WMF says doing so is okay). Doc James (talk · contribs · email) 00:47, 5 February 2017 (UTC)
The checkuser policy makes clear that the meta version takes precedence. Who are the functionaries who are arguing differently, or insisting on a WMF endorsement before any changes to the en-WP version? -- Euryalus (talk) 01:06, 5 February 2017 (UTC)
This is my interpretation of the statement "we are not able to expand the checkuser policy, we can only limit it's use further. (see the notice at the top of the page that says it's a global policy coming down from the Wikimedia Foundation." by DeltaQuad and in response to "that standards for CU be lowered when investigating undisclosed paid editors".
Legal's position; however, appears to be that the meta CU policy can be changed on meta as long as the Access to nonpublic information policy is adhered to. And EN WP can match that language. Doc James (talk · contribs · email) 02:18, 5 February 2017 (UTC)
Personally, I do not think the protection against outing can be reasonably said to apply to deliberate bad faith editors. They have no moral right to claim the protection of our rules, if they themselves are acting in blatant contempt of them. The difficulty , however, is distinguishing these from editors who merely do not understand our policies on COI and paid editing, but are not knowingly and persistently deliberately violating them. Given the complexity of WP and the uncertainty of the boundaries of some of the rules, such editors do deserve the same protection as everyone else. A few years ago, I would have said that this is a straightforward distinction, but further experience has shown me otherwise--bad faith editors are learning to be more plausible, and an increasing number of good faith editors assume promotional writing is what we want in WP. Fortunately, we need not insist of evidence beyond a reasonable doubt--we are not a criminal court, and all we can do is ban editors and delete articles, not send people to prison. A reasonable likelihood is sufficient, but we need to formalize our procedures for going about this. DGG ( talk ) 05:13, 11 February 2017 (UTC)
I think the question of whether we might draw a sort of line, where the protection against outing changes from applying to no longer being available, is a significant one. It's important to note that under existing policy, WP:HA#Harassment and disruption explicitly says: The prohibition against harassment applies equally to all Wikipedians. It is as unacceptable to harass a user with a history of inept or disruptive behavior as it is to harass any other user. Thus, it is contrary to existing policy to define a type of disruptive conduct as so bad that protections under the outing policy no longer exist. And yet, I agree with you that we are now facing just such a kind of disruptive conduct, and thus, the policy will need revision. At the parallel discussion at WT:COI, I made this comment the other day: [1], drawing such a distinction and explaining why. The community does need to figure out whether and where to draw such a boundary. --Tryptofish (talk) 19:20, 11 February 2017 (UTC)

Arbitration Committee response to the Wikimedia Foundation statement on paid editing and outing

The Arbitration Committee has just published a response to the WMF statement at Wikipedia:Arbitration Committee/Noticeboard#Response to the Wikimedia Foundation statement on paid editing and outing. GorillaWarfare (talk) 19:48, 26 January 2017 (UTC)

The Arbcom statements have been archived and are now here Jytdog (talk) 05:34, 15 March 2017 (UTC)
Have started the RfC - listed at Wikipedia_talk:Conflict_of_interest#Investigating_COI_policy. Vote away.... Cas Liber (talk · contribs) 03:19, 27 January 2017 (UTC)

As part of this wide-ranging discussion, I've posted Wikipedia_talk:Conflict_of_interest#Concrete_proposal_1 which reads

Concrete proposal 1

The following shall be inserted at the end of Wikipedia:Harassment#Posting of personal_information

"There are job posting sites where employers publicly post advertisements to recruit paid Wikipedia editors. Linking to such an ad in a forum such as WP:Conflict of interest noticeboard is not a violation of this policy."

Let's keep the !voting and discussion there as part of the overall discussion.

Smallbones(smalltalk) 15:26, 29 January 2017 (UTC)

Does this really have consensus?

A section on "Impersonation exception" was just added, [2]. Does that language really have consensus? If so, does it really require its own subsection, and should the specific language be revised in any way? --Tryptofish (talk) 18:50, 21 March 2017 (UTC) (Subsequently reverted, [3]. --Tryptofish (talk) 19:54, 21 March 2017 (UTC))

Once one specific type of exception is enumerated in policy, it becomes logical to assume that all other conceivable types of exception not enumerated in policy is forbidden. This unintentional consequence matters. It undermines the case-by-case exceptions language that did have consensus. Geogene (talk) 19:36, 21 March 2017 (UTC)
I agree (except that I don't believe that the "case-by-case" language still has consensus), and I'll add that another exception was just added (based upon a stronger consensus) in the sentence just before the new addition, about posting to job sites. I cannot see any reason why the impersonation denial exception merits its own subsection while the job sites exception does not. --Tryptofish (talk) 19:50, 21 March 2017 (UTC)
Agree it does not need its own section. Have grouped with the other bits. Doc James (talk · contribs · email) 23:48, 21 March 2017 (UTC)
That's a good improvement, thanks. --Tryptofish (talk) 00:18, 22 March 2017 (UTC)
Happy with your adjustment in wording[4] Doc James (talk · contribs · email) 01:01, 22 March 2017 (UTC)
Yes, fine, for my part, and thanks. (I put the header in, not for emphasis, but just because the section is a bit of a wall of text. This is dense material and could stand a few more internal headers IMO.) Herostratus (talk) 02:44, 22 March 2017 (UTC)

The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.


We have an interesting case. I reached out to a journalist as an editor was claiming to be them. The journalist assured me that this was not them. I have asked them if I can post their reply to Wikipedia. If they give consent can one link on Wikipedia to their reply? Doc James (talk · contribs · email) 12:42, 18 February 2017 (UTC)

Support

  1. Support Seem perfectly reasonableDoc James (talk · contribs · email) 12:42, 18 February 2017 (UTC)
  2. Support Per Doc James. The Ninja5 Empire (Talk) 12:47, 18 February 2017 (UTC)
  3. Support with caveats. If someone has given their explicit consent to post information about them on Wikipedia it is acceptable to do so, as long as (a) no more information than has been consented to is posted; and (b) neither the purpose or effect of the posted information is to out or otherwise harass a third party. Thryduulf (talk) 13:17, 18 February 2017 (UTC)
    I should add that, where possible, a link to where the consent was given should be posted with the information. Ideally this would be an OTRS ticket, but I recognise that this is not going to be true in all cases. Thryduulf (talk) 13:33, 18 February 2017 (UTC)
  4. Support, and agreeing with the caveats identified by Thryduulf. Giving consent to post something onsite is logically equivalent to posting it oneself, in terms of being voluntary and being something to which the person could easily have said no. Information that someone voluntarily makes available about themselves cannot be considered to be outing of that person. --Tryptofish (talk) 00:32, 19 February 2017 (UTC)
  5. Support, provided that their consent was explicit and what's posted is only what they agreed to, I cannot see how anyone could have an issue with this. Seraphimblade Talk to me 01:01, 21 February 2017 (UTC)
  6. Support with caveats. Wholly acceptable, so long as the consent is public and verifiable. We obviously have no way to verify consent from an email chain, for instance, so we can't really accept it. It could easily be doctored to justify posting information. But if someone were to verifiably consent to their information being posted on-wiki (and the information being posted doesn't otherwise violate policy), I see no reason to say no. ~ Rob13Talk 06:33, 21 February 2017 (UTC)
  7. Support so long as the consent is legitimate and verifiable, whether it be through publicly available means or privately through email to OTRS or functionaries. We should err on the side of caution here and remove the information if there is even the slightest doubt about the validity of the consent or of its sender. — Train2104 (t • c) 16:34, 9 March 2017 (UTC)

Oppose

  1. Malformed. A journalist posts a notice on their blog, stating "I am not wbm1058. Neither am I Doc James; nor am I Twitternotices." I don't see what the point of linking to such a public statement would be. Randomly linking to such statements, while perhaps generally harmless and not violating any specific rules, could still be seen as a form of spreading innuendo. Of course that journalist is not me, why would there be any reason to think he was? Twitternotices has not publicly claimed to be a journalist. The only way to connect any dots would be to publicly post the contents of private emails sent by Twitternotices to Doc James. I don't believe this proposal is proposing to do that. wbm1058 (talk) 18:59, 22 February 2017 (UTC)
  2. Strong Oppose to allowing details 'supposedly' consented by an unverified social media account (or email address) to be posted to the English Wikipedia. How does the community verify consent has been granted by the same person whose details are being publicly posted? We already have mechanisms for privately dealing with impersonation claims such as OTRS and other mailing lists. This entire RFC very poorly formed and misleading. The RFC, literally, is requesting comment on a single incident; the RFC propser believes that they're actually asking this question which I don't believe it does. Mkdw talk 20:15, 22 February 2017 (UTC)

Discuss

  • Is this RFC just about this one isolated incident involving a journalist, or is this one example being used to frame seeking community consensus, where any time, if an editor gives their consent their details can be posted to Wikipedia (as the section title states)? Mkdw talk 01:58, 21 February 2017 (UTC)
  • I also had questions about what reasonable steps are being done to verify (in this case or broadly) that the individual giving their consent is the same individual whose "details" are being posted. Mkdw talk 18:10, 21 February 2017 (UTC)
  • What is the proposal being voted on? The ANI report is archived here. Taking that case, a user with a total of seven edits is claimed to have said that they are a particular journalist. Further, someone whom LinkedIn suggests is that journalist has stated off-wiki that they are not the editor. If the proposal asks whether a link to a public statement by a particular person can be added to a noticeboard, the answer is of course, because the scenario is not outing any editor. On the other hand, if the public statement were "I am User:Example and not the other user", that would be outing and a really good reason for posting would be needed. In fact, such a post would be prohibited but that should not be a problem because the situation can be explained as I have done here, and details can be emailed to Arbcom for verification, if needed. Johnuniq (talk) 07:11, 21 February 2017 (UTC)
  • Doc James, I'm puzzled by this one too. If someone gives you permission to post their email (or to summarize it) and their name, then of course you can do that. SarahSV (talk) 18:00, 21 February 2017 (UTC)
  • For whatever it may be worth, when I replied to the RfC I assumed that the question I was answering was probably restricted to the one specific case, but was definitely restricted to cases in which what is being disclosed is not information broadly construed, but is only to quote someone with their permission who is saying that something else posted elsewhere was not posted by them. If it's about revealing personal information, as opposed to making a denial public, with permission, then it's a surprise to me. --Tryptofish (talk) 01:14, 22 February 2017 (UTC)
    • The question is if someone posts on FB or linkedin that user X is not them. Can that claim be linked on WP. Yes no "outing" from my understanding of the term would be involved. But a linking to an account on another website would be occurring but with that person's permission. Doc James (talk · contribs · email) 10:37, 22 February 2017 (UTC)
      • Doc James, the RFC needs to be rewritten because right now the RFC is only asking about a single incident. If you're asking for a community consensus on language that would allow for any situation that must be included in the RFC so it may be discussed. Mkdw talk 17:07, 22 February 2017 (UTC)
        • Not convinced. Will let this run its course. Doc James (talk · contribs · email) 17:09, 22 February 2017 (UTC)
          • Doc James, it isn't clear what language would be added to the policy. If an editor is claiming to be A, and you write to A, and A says "that isn't me; please make that clear on Wikipedia," then of course you can do that, whether by summarizing an email or posting a link to their comment (so long as you know the person you're dealing with really is A). In fact it's important to do it, because of BLP. No one is being outed in that scenario, so that has nothing to do with this policy. SarahSV (talk) 17:15, 22 February 2017 (UTC)
            • Some claim that no outside accounts can be linked to ever. This of course is not supported by the majority of the community but some still feel that the outing policy supports such a position. Doc James (talk · contribs · email) 17:19, 22 February 2017 (UTC)
              • Can you link to where someone has said that? It may have been a misunderstanding. SarahSV (talk) 17:22, 22 February 2017 (UTC)
                  • We have "One never needs to nor has to post a link to someone's external information to prove a point or win a conflict."[5] as one example. The question here is are we allowed to keep Wikipedia from being used for "identity fraud"? I imagine the editor in question in the above example has already moved onto another account. Once our ability to pick up socks and prevent editing by long term bad faith editors improves this question will become more important. Doc James (talk · contribs · email) 17:37, 22 February 2017 (UTC)
I think I see what happened here. A new user, apparently editing with a COI, said they were a named journalist in India. James approached that journalist via Linkedin, and the journalist said no, that's not me. James posted to AN/I about it.
Euryalus and wbm1058 replied that James should forward the information to a functionary/ArbCom, per WP:BLOCKEVIDENCE (which would benefit from a rewrite because it seems a bit misleading). But James could have shared that information with anyone with the journalist's permission. (I wonder whether this was a misunderstanding about the reach of the privacy policy, which applies to "data collected by the Wikimedia Foundation, by Foundation partners, by some users in special roles (such as checkusers), or by some third parties who provide data to the Foundation." See WMF statement). Or better still, James could have asked the journalists' permission to post a link to his reply.
I'm still not seeing what we could usefully add to this policy. We're allowed to post links to people's accounts with their permission, so long as we don't out other people in the process. That much is self-evident. Is there anything helpful to add beyond that? SarahSV (talk) 17:58, 22 February 2017 (UTC)
  • Mkdw, re: your oppose, if someone were to post on Facebook, "A question has arisen as to whether I edit Wikipedia as User:A. This is to confirm that I do not edit Wikipedia under that or any other username", it would not be problematic to post a link to that, provided we can be reasonably sure that it's a genuine Facebook account and not something created five minutes ago. Such a link would not out anyone. SarahSV (talk) 21:05, 22 February 2017 (UTC)
I could see myself supporting an RFC that outlined the following:
  • A reasonable effort was made to verify the authenticity of the account and message (i.e. Twitter verified account, Facebook Page with millions of followers, an email via OTRS from an email address that's publicly listed on a website as belonging to the individual, etc.)
  • The original statement was posted publicly (Not requiring an account to view it)
  • Express consent was also provided to post it on Wikipedia
A Facebook profile that may have parts of it set to private with a public post could be easily faked; an email privately held by another editor that is unable to be verified; or a Linkedin profile which are extremely easy to set up a fake account are all examples I would not deem admissible. The current RFC does not propose any of these aspects to be implemented so that's why I opposed. Mkdw talk 22:03, 22 February 2017 (UTC)
Mkdw, we wouldn't need consent to post it if it's a public post. We do that all the time when we use sources. Someone says, publicly, on a verified account: "I am not User A". That isn't outing or anything that we need to be wary of posting. I agree that, if the account is dubious, then of course we shouldn't.
An email held privately by one editor, where the sender says "I am not User:A", can be forwarded or summarized to other editors with the permission of the sender. Again, we do this with sources, when issues need to be clarified. SarahSV (talk) 22:17, 22 February 2017 (UTC)
@SlimVirgin: I think we're talking about two very different things. This RFC is framed around OUTING policy in regards to Wikipedia editors and not articles using reliable sources. The RFC 'example' case is an ANI where there was a question about impersonation. Mkdw talk 00:06, 23 February 2017 (UTC)
Mkdw, it's the same issue, whether to do with sourcing or Wikipedia discussions. Editors can summarize emails with permission, can link to public sources of material. We have to be careful not to out people, but someone saying "I am not User:A" isn't outing. I'm puzzled as to why this ever came to be an issue in the example James linked to. SarahSV (talk) 00:37, 23 February 2017 (UTC)
I think you have to think beyond this one example. The RFC effectively proposes that an editor can publicly post personal information and tie it to another editor on Wikipedia provided they have 'consent' in the form or an email, Linkedin post, etc. The problem is the RFC does nothing to ensure that the consent is verified as being from the person whose personal information is being posted.
In the example, it's a declaration stating "I'm not User X" which I've already said, repeatedly, is not one I'm concerned about. This RFC has wider implications on other scenarios. Emails and LinkedIn profiles are virtually impossible to verify as belonging to or being sent by the person in question. We see editors dragged into ANI all the time over routinely poor judgement. By not addressing the issues around verification of the consent or that it came from the individual itself, this RFC provides a way for editors to OUT another editor and avoid any consequences so long as they say, "a Linkedin profile or private email that said I could post all their personal information to Wikipedia". It's just a very poorly laid out but significant change to the OUTING policy. Mkdw talk 06:38, 24 February 2017 (UTC)
@Mkdw: Perhaps this is a matter of "you say tomato and I say tomahto". I understand that you are seeing the RfC as generalizing to any case of linking to personal information. I can tell you that I have always understood it to be limited only to the specific case of "I'm not User X". That's what I thought when I first responded to the RfC, and I still think so now. I agree with you that the more general case should not be determined from this RfC. But I also agree that the specific case of "I'm not User X" is not something to be concerned about. --Tryptofish (talk) 20:39, 24 February 2017 (UTC)
Mkdw, I agree that this isn't something that could be added to the policy as written. Either it's meant to be interpreted narrowly (as in "it's okay to repeat that someone stated he is not User:A"), in which case there isn't much point in adding it, or more broadly, in which case we need more precision. SarahSV (talk) 21:10, 24 February 2017 (UTC)
@SlimVirgin and Tryptofish: I think we're roughly on the same page. I took this RFC to be only about the one specific incident Doc James presented. However, subsequent discussion has made it clear that there's intent beyond what's actually presented. With that being the case, the section title requires attention as it possibly indicates the actual intent: "Posting details to Wikipedia with the consent of the subject" or any sort of similar interpretation is where most of my concerns rest. Mkdw talk 21:25, 24 February 2017 (UTC)
I'm commenting here about the discussion of letting the RfC run its course. I think that it would be fine for the RfC to run its course and provide DocJames with community feedback about how to handle the specific case, but I would not support changing the wording of the policy based on this RfC. --Tryptofish (talk) 00:52, 23 February 2017 (UTC)
The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

Post-close discussion

  • About the close, Herostratus misrepresents what I said: I answer the question affirmatively, but I do not see it as requiring a revision of the policy page. That is not a contradiction: one does not have to want the policy to be changed in order to answer "yes" to the question that was asked. More broadly, I think that the close goes beyond a summary of the discussion, to being an additional opinion that comes close to being a supervote. Nonetheless, I agree with the basic tl;dr. --Tryptofish (talk) 18:28, 21 March 2017 (UTC)
    • Since some argue that any linking to an outside account should be a bannable offense, this is a useful clarification which prescribes a little more nuance to the occasional black and white position. Doc James (talk · contribs · email) 23:45, 21 March 2017 (UTC)
  • Consent for it to be posted on-wiki was a requirement of the vast majority of supporters. Not merely a public post and thereby implicit consent -- hence the usage of "explicit". Mkdw talk 06:17, 22 March 2017 (UTC)
    • Your recent edit (diff) is very strange. The old text said it was ok to post an on-wiki statement contradicting impersonation by an editor if the disavowal was public or specific permission was given. Consider a scenario where Bill Gates posted on a public website that he is not User:Example (after that user had claimed to be Gates). The effect of changing or to and is that no one can post a link to the website where Gates has made the disavowal. That's absurd. My reading of the RfC is that people are concerned about how the community could be satisfied about an on-wiki post saying, for example, that Gates had emailed the person posting, and had said they are not User:Example. More than that, Gates would need to email the disavowal and state that it was ok to post his statement on-wiki. Johnuniq (talk) 07:00, 22 March 2017 (UTC)
      • It's understandable to have a concern that it's not enough if the person means that it's OK to put the information somewhere else but they did not mean that it's OK to post it here. But I also agree that we don't need a personal permission for something that is already truly public, and insisting on that would lead to unintended consequences. I think maybe that this fixes it. OK? --Tryptofish (talk) 19:48, 22 March 2017 (UTC)
The RFC question was expressly about whether it can be posted to Wikipedia with their consent. Johnuniq, if that's absurd to you, then hold an RFC where consent is not expressly required on publicly posted information. The changes to the policy where consent is not at the heart of the wording was not supported by the outcome of this RFC. Consent was cited in nearly every support comment:
  • "someone has given their explicit consent to post information about them on Wikipedia" - Thryduulf (supported the RFC)
  • Tryptofish, at the time of their support, also cited Thryduulf's caveats. (supported the RFC)
  • "consent was explicit" -Seraphimblade (supported the RFC)
  • "verifiably consent to their information being posted on-wiki" -BU Rob13 (supported the RFC)
I don't agree that publicly posting something elsewhere is implicit or explicit consent to link or share that information on the English Wikipedia. Disavowals are a much more isolated issue and perhaps the supporters had not contemplated such a narrow scope at the time they supported the RFC. However, we cannot change their consensus on a reductive interpretation of the concerns. We cannot simply disregard the caveats and restrictions by the supporters of the RFC. Do public disavowals require consent to be linked on the English Wikipedia? It's a good and valid question but not the one asked at this RFC. And certainly not something that there's a clear consensus of support on. Mkdw talk 20:27, 23 March 2017 (UTC)
@Mkdw: Two things: First, I think your edit to the policy page was very good, an improvement. Second, I didn't understand what Johnuniq said as meaning that the RfC result was absurd, but that a specific situation that he described was an unintended absurd consequence of using the "and" construction of an earlier version. And I agree with him. The point was not that someone narrowly gave consent somewhere else in a way that would not assure that they would be OK with it being on Wikipedia. It was more like when the person calls a news conference or issues a press release, saying that this impersonation on Wikipedia is BS, and it was all over the news. The earlier "and" language made it sound like we would still need a communication directly to Wikipedia, even when a ton of BLP-compliant sources were telling us that it was impersonation. But that's water under the bridge, because the language is fixed now. --Tryptofish (talk) 23:19, 23 March 2017 (UTC)

For what it's worth, I interpreted this RfC as asking a specific narrow question - i.e. is it acceptable to post information about a person when they have given consent, and my answer relates to that specific narrow question and should not be taken as supporting questions that were not asked. I do not support a blanket statement that posting information about a person is acceptable where the consent is implicit. If the person concerned is notable AND their statement is verifiable in reliable sources AND both their statement and intent to make it public are unambiguous then it is fine to post this information (assuming it is relevant, etc). I may also support it in additional circumstances, but I have not fully thought them through. It is not possible to know, based on the above RfC, whether my position regarding implied consent represents a consensus view or not because the RfC did not ask that question. Thryduulf (talk)

Thank you Thryduulf and Tryptofish. I agree with both of you. I think the community will naturally use reasonable judgement and rely less on policies like OUTING when it comes to high profile individuals who make statements in reliable primary and secondary sources. The OUTING policy is mainly here to serve the community and where the vast majority of the incidents will occur and continue to act as a preventative safeguard to ensure personal information is not inaprropriately disclosed by other parties. I think the RFC consensus and current wording acknowledges both and ensures consent is a central aspect to the policy. Mkdw talk 06:57, 24 March 2017 (UTC)