Talk:Identification questions and answers

From Meta, a Wikimedia project coordination wiki

Personal thoughts[edit]

Here are thoughts stemming from today's open meeting. I don't know what led to the recent discussion/decision to reinterpret the policy, and haven't been following the latest discussion closely. When the policy was first passed, I recall a discussion about whether to ask OTRS volunteers to identify, but the idea was dropped.

I would love to see examples in which it matters that a person agreeing to uphold Foundation policies was able to legally bind themselves to such an agreement; or in which we might need to follow up with someone under their real name as a result of their work with nonpublic data.

I wasn't on the Board when the initial policy was written, and it hasn't changed since 2007. As far as I know there has been no Board discussion of it since then. It seems to me what matters is:

someone trusted (to verify the identity of others)
confirms that a user (identified by username + email (and/or knowledge of the user's password))
belongs to a person (identified by a real name, contact information, and ???)
who (is capable of entering into binding agreements? can be held responsible for their actions?)

We gauge whether someone is trusted to carry out certain tasks based on their work and history on the projects, not based on this ID process.

The discussions of the age of majority, and when one can enter into binding agreements, imply that there are such agreements for contributors to sign. Do we have such agreements / have we ever taken that step? SJ · talk 21:05, 5 February 2011 (UTC)[reply]

Why identify[edit]

There are a few different expectations about why this matters. Is this a way to remind people that certain work should be taken seriously? A sanity check for conflicts of interest? A way to get better contact information? A way to hold people personally responsible for their work with private data?

Depending on why one is identifying contributors, a minimum set of information to keep might include:

  • A record that the user was ID'ed, a description of what process was followed.
  • Contact information
  • A copy of any agreements signed.

Beyond this sort of private identification process, for what roles do we need people whose identities are fully, publicly known? For instance, for financial and other transparency it is generally assumed that full identities of staff, contractors, and Trustees will be(come) public. Is there anything in between those levels of identification?

Other questions[edit]

What is needed beyond a legal full name to identify a person signing a contract or agreement? (What goes in the "???" above?)
How extensively should the ID process be validated?
How much information is needed to record that someone has been IDed successfully?
What sort of agreement should people consciously enter into to be entrusted with private data? (What agreements are currently used?)
Should all or part of an ID process be renewed periodically? Maintenance of current contact information?

Some thought experiments[edit]

  1. A prominent athlete becomes a prominent Wikipedian. Or vice-versa. That person enjoys helping out with OTRS. What is the minimum number of people who need to know that this Wikipedian is famous in the real world? Can they be identified simply by their email address and 10-year edit history?
  2. A prominent Wikipedian is also a Brockhaus writer and maintainer of the satirical website http://wikipediaunendlich.com . She starts helping out with scholarship work. Does she need to highlight these real-world connections to related projects?
  3. A chapter in a jurisdiction where people can enter into binding agreements at age 17 wants to manage its own identification process. They also don't want any information used to identify their participants to leave their country, to avoid having it potentially cached on servers in other countries. Can the Chapter take responsibility by proxy for the work of such contributors? If the act of taking responsibility involves signing an agreement, how would that work in practice?

On exceptions[edit]

Back in 2007 it made sense for the Board to be the source of any exceptions to this policy. Now it seems out of place for the Board to be noted explicitly as the source of exceptions -- while the Board could approve an exception to any policy in any specific case, that should be a very rare circumstance indeed. Whoever is managing the ID process (and already trusted to verify these identities and uphold our privacy principles) should be able to make exceptions, if any are needed. SJ · talk | translate 21:06, 5 February 2011 (UTC)[reply]

Identification of candidates[edit]

Since at least 2007, all steward candidates must identify to the foundation before the voting starts. I suspect that this is not a requirement of the board but just tradition?! In any case, it doesn't make sense and should be changed because those candidates who do not get elected haven't fulfilled the criteria of wmf:Access to nonpublic data policy at any point. The identification process should happen after the elections. (This is something I already remarked on Talk:Stewards/elections 2011, but no one answered there.) --Tinz 20:15, 7 February 2011 (UTC)[reply]

  • late ;) but strong! support. (Although - with a view upon the open questions on content page - this page seems to be lost in foundations webspace, not to be watched and edited.) --Rax 20:20, 17 October 2011 (UTC)[reply]
The problem is, that people probably don't want to vote for people when they don't know if they fulfil the criteria. It would be shame and waste of time to translate all statements, ask questions and so on, to then get someone elected who is not or won't identify. -Barras 20:25, 17 October 2011 (UTC)[reply]
I don't think that this will be a problem. Any candidate with a remote chance to get elected has put a lot of work into the project and thereby built a reputation for him. There are also technical criteria he must fulfill (must be admin somewhere). Now someone like this could of course write an application, answer questions, confirm that he is 18 and willing to identify in case he gets elected, and then, after the election, say "Haha, I lied earlier, I'm not going to identify". But why should he do this? All of his efforts would have been totally futile, plus he would probably lose a lot of the trust that got him elected in the first place. On the other hand, he has absolutely nothing to gain. This scenario is just not going to happen, as long as you make sure that each candidate puts his ---~~~~ after the statement "I confirm that I am above 18 and willing to identify to the foundation in case I get elected." --Tinz 12:51, 18 October 2011 (UTC)[reply]
This is indeed an abandoned page: it was created to ask some questions about the new identification policy and collect/summarise answers which never came. Anyway, I don't understand what "not a requirement of the board but just tradition" means: the rules for election are decided by the board through the election committee and you can find the last ones at Board_elections/2011/en#Prerequisites_to_candidacy; they're not necessarily legal requirements and the best place to discuss them is the talk of the process itself. I doubt your proposal will be accepted, though, and if you look at the history I think you'll see that this particular requirement actually helped to remove some not serious candidates. Nemo 18:33, 18 October 2011 (UTC)[reply]
I think that that you misunderstood me, I was talking about Steward elections, not about board elections (for which the identification in advance makes much more sense because applicants don't have to be admins). -Tinz 20:05, 18 October 2011 (UTC)[reply]
Sorry. The same reasoning applies, though. Nemo 21:26, 20 October 2011 (UTC)[reply]