Jump to content

Talk:Ombuds commission

Add topic
From Meta, a Wikimedia project coordination wiki
Latest comment: 18 hours ago by Arcticocean in topic French Wikipedia Nominations Committee
SpBot archives all sections tagged with {{Section resolved|1=~~~~}} after 3 days and sections whose most recent comment is older than 60 days.

Statement of the Ombuds commission

[edit]

The Commission has been asked whether or not a volunteer may retain their access rights on one project after being banned from another, in terms of the global CheckUser, Oversight, Privacy, and Access to Non-Public Data policies and the Confidentiality Agreement to which the volunteer has subscribed.

In short, our decision is that:

  • Loss of trust on one project is not a ground for removal of access rights or of permissions on another project.
  • The decision to remove permissions is for the community where the rights are held.
  • The Commission will not interfere with the local community's decision unless the decision is manifestly unreasonable.
  • The right to access other systems, like wikis and mailing lists, is separate from holding a wiki permission.
  • In extreme circumstances, administrators of other systems are entitled to revoke an untrustworthy person's access even if they retain the permission.
  • The Commission will consider complaints about loss of trust but it may dispose of them summarily in accordance with the principles above.

Our reasons for this decision follow.

Removal due to loss of trust

The starting point for this question is that each community is responsible for granting permissions on its own project. That can occur by election or appointment and the process may differ across projects. The culture and norms of each community will also differ. Protecting the diversity and autonomy of Wikimedia projects is an implicit objective of the global policies.

When a volunteer with access rights loses the trust of their community, the primary responsibility for removing the access right lies with the community on the project.

It is implied in the global CheckUser and Oversight policies that the holders of advanced permissions should be both trusted and competent. It is for this reason, for instance, that the Commission has on past occasions recommended removal from advanced permissions holders whose use of the tool has been careless or inaccurate. Those occasions were an enforcement of the requirement to be 'competent'.

The requirement to be 'trusted' is also enforceable by the Commission. Volunteers do not need to have actually misused their data access in order to have breached the policy. If it would be unreasonable to continue having confidence in the user, the Commission is entitled to treat the data access agreement as untenable and recommend the removal of access.

Be that as it may, the Commission affords a margin of discretion to the individual communities. It would not interfere with a community's decision to elect or appoint a user to an advanced permission unless it was manifestly unreasonable to have trust in that user. Equally, a community is entitled to at any time remove the permission from one of its elected or appointed advanced permissions holders.

If a community has not exercised its right to remove permissions from a user, the Commission will seek to treat that as an expression of the community's will. It would not interfere with the community's decision unless the decision is manifestly unreasonable and no other course is open than to remove access rights.

In general, communities are better placed to assess the trustworthiness of its permission-holders. The community's members will tend to have more experience with the individual with access rights. They will all speak the same language. They may work together and regularly communicate. The community can dedicate more people and time to assessing the individual's past contributions, questioning them, and discussing the candidacy (or proposal to remove permissions). The Commission lacks those strengths.

There is also the risk of importing one community's standards into another community. If one community bans a user, it does not follow that they need to be banned on another project. Bans are issued for various reasons and numerous users banned on one project have contributed happily and productively elsewhere. Even bans for loss of trust on one project do not necessarily indicate that the user cannot be trusted with advanced permissions on another project. The decision to trust a user sits with the individual community. The Commission will interfere only if no reasonable community, whatever its nature or subjective norms, would take the decision to trust the volunteer with access rights.

Any case of loss of trust can be brought to the Commission for review in accordance with our jurisdiction and procedures on case handling. However, in general, if a volunteer has lost the trust of another community but committed no other breach of the global or non-public data policies, the Commission will not uphold the complaint.

In accordance with its case handling procedures, the Commission may also in those circumstances summarily dismiss the complaint without seeking a view from the user being complained of, on the grounds that it can dismiss the complaint without troubling them for their input.

Removal from ancillary inter-community systems

Certain access rights are conventionally granted alongside the checkuser or oversight permission. For checkuser, this includes access to the wiki, IRC channels, and mailing lists. For oversight, this includes access to mailing lists and VRT. The Commission has universal jurisdiction over any system which is subject to the Wikimedia Foundation Privacy Policy and no jurisdiction over other systems. It would be open to the Commission to remove access from these systems but not the access rights.

However, for the reasons given in relation to access to the permission itself, the Commission will also decline to remove access to other systems solely because of loss of trust on another project.

Parallel management structures may be available to consider any complaint that a checkuser has lost trust. For example, the global checkuser community can remove a checkuser from the global mailing list if it finds that checkuser disruptive or untrustworthy. IRC or Discord administrators can remove a checkuser from the community checkuser channels. VRT administrators can remove an oversight from the VRT system. Provided that removals on Wikimedia systems, such as mailing lists or VRT, are subject to appeal to the Commission, the respective community administrators are entitled to remove such checkusers. It should be emphasised that this would be a serious decision not to be taken lightly.

For the Ombuds Commission, Daniuu (talk) 08:04, 19 October 2024 (UTC)Reply

The above answers are more or less common sense, so nothing to worry about. In general, though, OC is no arbcom, and I fail to see any mandata for the OC to officially answer such abstract what-if questions and provide interpretations that serve as policies. Am I mistaken? Krd 08:29, 19 October 2024 (UTC)Reply
That is an interesting, complex question – thanks for asking! The terms of reference require the OC to "educate CheckUsers, Oversighters or others about applicable Foundation and community policies". Policies are not mathematical functions; interpretation and application is required. In the present case, we were asked whether a hitherto-unimagined situation falls in breach of a global policy, specifically whether a loss of trust on one project amounts to a loss of trust in terms of global policy. That requires the policy to be interpreted and applied. We cannot exercise our mandate without answering the question. The question is an abstract one but I do not think that prevents it being answered.
The role of an ArbCom varies across projects and changes over time, so your tag, 'OC is no arbcom', could perhaps mean a number of things. I shall attempt to give my view regardless. ArbCom is a general problem-solving body which can interpret any policy relevant to disputes before it. The OC has a more narrow mandate, and only particular policies, all of global nature, fall within its mandate. arcticocean ■ 10:08, 19 October 2024 (UTC)Reply


Applications are open to join the Ombuds Commission

[edit]

I am cross-posting this recent announcement on the Wikimedia-l mailing list by the Wikimedia Foundation:

Greetings,

The annual appointments round for the Affiliations Committee, the Ombuds Commission, and the Case Review Committee are now open. You can find out more about the appointments and information for applying on the appointments page on Meta. [1] Applications are accepted for all three committees starting today, 16 October 2024. Applications for the Affiliations Committee close on 18 November 2024, and applications for the Ombuds commission and the Case Review Committee close on 2 December 2024.

You can learn more about these committees on their Meta pages:

  • Affiliations Committee (AffCom) [2]
  • Ombuds commission (OC) [3]
  • Case Review Committee (CRC) [4]

You can post to the appointments information talk page [5] or email cst@wikimedia.org with any questions you may have.

  1. Special:MyLanguage/Wikimedia Foundation/Legal/Committee appointments
  2. Special:MyLanguage/Affiliations Committee
  3. Special:MyLanguage/Ombuds commission
  4. Special:MyLanguage/Trust and Safety/Case Review Committee
  5. Talk:Wikimedia Foundation/Legal/Committee appointments

The current members of the Ombuds Commission would be happy to answer any questions from prospective candidates about their experience of serving on the Commission. These questions may be asked on this talk page, by email to the Commission or directly to any commissioner. Questions about the application process or role itself should be referred to Wikimedia Foundation staff using the links in the announcement email. arcticocean ■ 14:12, 19 October 2024 (UTC)Reply

French Wikipedia Nominations Committee

[edit]

In May 2020, the French Wikipedia voted to amend its method for granting checkuser and oversight permissions to a volunteer. At the vote, community members were presented with three options for the future method of granting advanced permissions:

    1. Creating a 'selector' role within the French Wikipedia Arbitration Committee (CAr),
    2. Creating a 'nominations committee' (CNom), or
    3. Directly approving future nominees through the use of elections.

The community selected the second option and in October 2020, members were elected to the first CNom.

The Ombuds Commission has concluded that this option is not acceptable, for the reasons set out below. We are issuing recommendations in relation to appointments already made by the Nomination Committee and the future function of the Nomination Committee. We are also recommending changes that the French Wikipedia community could make to the terms of reference for the CNom which would allow it to validly appoint advanced permissions holders.

The policy position

The vote on establishing a CNom and giving it responsibility for advanced permissions appointments was strongly attended, by 113 users <https://fr.wikipedia.org/wiki/Wikipédia:Prise_de_décision/Méthode_de_nomination_des_CU_et_OS#Vote_2>.

After the CNom was established <https://fr.wikipedia.org/wiki/Wikipédia:Comité_de_nomination>, seven members were elected <https://fr.wikipedia.org/wiki/Wikipédia:Comité_de_nomination/élection_2020_09> to 3-year terms on the CNom. Their election was attended by more users than the most recent Arbitration Committee election and the CNom members enjoy the legitimate support of the French Wikipedia community.

Appointment of the advanced permissions on any Wikimedia projects are subject to the global Oversight policy <https://meta.wikimedia.org/wiki/Oversight_policy> and the global CheckUser policy <https://meta.wikimedia.org/wiki/CheckUser_policy>. The Oversight policy states:

On wikis with an Arbitration Committee elected with 25–30 members' approval, users may also be appointed by the Arbitration Committee, unless the local community prefers independent elections. After agreement, a member of the local Arbitration Committee should place a request on Steward requests/Permissions.

The CheckUser policy states:

On wikis with an Arbitration Committee (ArbCom) whose members have been elected with the support of at least 25–30 members of the local community, CheckUsers may be directly appointed by the Arbitrators. After agreement, a member of the Committee should simply list the candidate on Steward requests/Permissions.

Both policies envisage that appointments on wikis without an Arbitration Committee will be made by direct election of the community.

Nomination Committees which are not part of an Arbitration Committee are not authorised to assign the advanced permissions. As the French Wikipedia has separated the Nomination Committee from the Arbitration Committee, its Nomination Committee does not have authority to assign the advanced permissions.

Under global Wikimedia policy, Arbitration Committees have a special organisational purpose. At least one Meta-wiki page describes the committees as "a small group of trusted users who serve as the last step of dispute resolution" <https://meta.wikimedia.org/wiki/Arbitration_Committee> and that is a fair description of an Arbitration Committee/CAr.

The global CheckUser policy and the global Oversight policy envisage there are only two valid method of appointing the advanced permissions. The first is to subject candidates to the scrutiny of the Arbitration Committee, who may have non-public information about the candidate that has a bearing on their suitability for appointment. The second valid method of appointment is to let every user on the project make the appointments by election.

The French Wikipedia are proposing a third method of appointment: a Nomination Committee that is neither the CAr nor the whole French Wikipedia community. This combines the disadvantages of both methods. Nomination Committee members are not members of the Arbitration Committee, so they have no access to the non-public information which Arbitration Committees are empowered to collect or to the serious disputes which can be expected to end up before an Arbitration Committees. At the same time they are a relatively tiny group of users. Whereas elections can call on a wide pool of experience, memory and resources, Nomination Committees are made up of less than a dozen users, some of whom may be inactive; they are like having an election with a very low turnout. The global policies specifically require that an advanced permissions election be attended by at least 25 users. The only alternative is for a CAr to appoint the advanced permissions. A CNom is not equivalent to a CAr.

Conclusion

Under current global policy, Nomination Committees are not currently a satisfactory method of appointing an advanced permissions user.

Recommendations

The global CheckUser and Oversight policies are revised in such a way that the French Wikipedia's Nominations Committee complies with the revised policies.

Should the global CheckUser and Oversight policies not be modified in such a way, all checkuser and oversight permissions assigned by order of the French Wikipedia's Nominations Committee should be removed, without prejudice to reappointment in a policy-compliant manner, and future requests on behalf of a Nominations Committee not complying with global policy are to be refused by the Stewards.

-- Scott Thomson (Faendalimas) talk 18:02, 4 December 2024 (UTC) for the Ombuds CommissionReply


Concerns

[edit]

Moved from Talk:Ombuds commission/2024/French Wikipedia Nominations Committee by Arcticocean

I am concerned with a very rigid interpretation of policy here. The CUOS policies were designed decades ago, when most projects either did direct CUOS elections or had their arbcom make those appointments. It codified, to an extent, existing practice and set a template for the future.

However, there is no consideration given here to a flexible interpretation that respects the spirit of the policy. There is no normative reason why ArbComs, which are dispute resolution bodies, should be the only group empowered to appoint CUOS. I think there is a way to read those policies to say that a nominations committee, endorsed by the local arbcom and meeting the other criteria (i.e. that the members of the nominations committee itself are elected with 25-30 votes), would meet the criteria and be able to issue legitimate appointments. The policy is silent on delegation of responsibility, which has been decided by the community in this case.

I am also slightly concerned with activist activity by the Commission. Practically speaking, which policy issues are addressed by this decision/recommendation? Is there really a concern with privacy or handling of non-public information here? This sort of work does not strike me as particularly useful in light of your overall mandate.

Now, I am not entirely critical - CUOS are the most sensitive permissions and I do think it is good to have a consistent interpretation of the policies surrounding their use. But I am concerned and to an extent confused why linking CUOS to ArbCom, without the possibility for delegation of that responsibility within the framework and spirit of the policy, wasn't considered. – Ajraddatz (talk) 18:02, 4 December 2024 (UTC)Reply

Speaking for myself, I agree that the global CU/OS policies are now old policies and deserving of both review and interpretation. The role of an ArbCom varies across the projects, but at minimum they are a private group of experienced users with a dispute resolution function. ArbCom members get familiarity with project disputes and community standards and access to private evidence and information. Indeed, ArbCom members typically gathers a great deal of information during their terms – private evidence, reported concerns. NomCom members have no dispute resolution function and are as well-informed as the typical community member, which indeed they are. The global policies specify only well-attended elections and appointment by an ArbCom as the only means of appointment. I do not think this is because nobody had yet invented another type of committee when the policies were written. An ArbCom has a particular function on a project: complaints go to its members, who consequently know a great deal of information that would otherwise have to be shared with a favoured admin or the community as a whole. That makes them good decision-makers. Give the candidacy to a NomCom and the decision is being made by a very small group of individuals who may be quite poorly-informed about a candidate's history. I always seek pragmatic and mission-forward interpretations of global policy; I think that the other commissioners do the same. This was a case, however, where a novel practice clearly created a risk of inadequate scrutiny of applicants for the CU/OS permissions. arcticocean ■ 21:12, 11 December 2024 (UTC)Reply