Wikipedia talk:Oversight

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

IP addresses[edit]

can Wikipedia delete some ip addresses on Wikipedia? 155.137.27.93 (talk) 19:57, 26 October 2023 (UTC)[reply]

Potentially. Please email the Oversight Team with your request. Primefac (talk) 20:09, 26 October 2023 (UTC)[reply]

Protected edit request on 3 November 2023[edit]

Please add a line along the lines of 

This address should only be used for requests to oversight content '''on the English Wikipedia'''. For other wikis, check the local oversight or suppression page.

Since it seems that some users accidentally send their requests here when it is intended for other wikis. Happy to share examples with the OS team if needed. DannyS712 (talk) 21:12, 3 November 2023 (UTC)[reply]

 Done Primefac (talk) 21:18, 3 November 2023 (UTC)[reply]

All oversight blocks are indef[edit]

At the moment all oversight blocks are indefinite. In ~95% of the cases this has seemed appropriate to me. Indefinite is not infinite and in most cases the behavior is so egregious or so repeated that indefinite feels like the right way to stop disruption. Once in a while it feels like too much and sometimes I think the fact that we only do indefinite means we don't block someone, because it feels like a disproportionate response, or we let a problem get worse that a shorter block applied more quickly may have stopped. I am wondering if this practice of the OS team should be reconsidered. Barkeep49 (talk) 14:31, 1 March 2024 (UTC)[reply]

I assume this wouldn't apply to oversight blocks of IP addresses? GorillaWarfare (she/her • talk) 14:46, 1 March 2024 (UTC)[reply]
Some points:
  • GorillaWarfare is correct, OS blocks of IP addresses are normally short. Dependent on multiple factors, they can sometimes be as short as a few hours, although most will run a few days or weeks. They are preventative blocks, but the time limit recognizes the ease and frequency of IP lease turnover.
  • Oversight blocks weren't a thing at all until a random admin overturned an indef block made by an oversighter. The block had been made because the (long-time, popular) editor had repeatedly published material that had required suppression. The admin thought the blockee had been punished enough. The blockee then promptly republished the material that required suppression. The admin involved failed to recognize that the point of the block was preventative, not punitive.
  • Oversight blocks of named registered accounts *should* be indefinite. The entire purpose of these blocks is preventative. They aren't lifted until the blockee demonstrates understanding that the blockable actions were a policy violation, and the blockee also agrees not to republish that material. Some OS blocks last about as long as it takes for someone to post "Oh geez, didn't realize that was not publicly known, my apologies, won't happen again, sorry!". Others haven't been lifted ever. In fact, most of them haven't been lifted.
  • I can't think of a case where there would be a limited-duration OS block of a named registered account. Is there any reason to think that a blockee has understood the reason for the block and the nature of the violation, and has agreed not to repeat the OS-blockable offense? Those things don't happen on a clock, they happen when they happen, whether in a few minutes or never. A time-limited OS block just sounds punitive to me, and doesn't do anything to prevent further identical problem editing/behaviour.
  • Oversight blocks are rare. Very rare. With the exception of limited-duration IP blocks, they are always reviewed promptly by the OS team, and lifted if determined to be inappropriate, regardless of how much time has passed. There are almost no OS blocks that are appealed to Arbcom. Admins without access to suppression tools have no rational way to determine whether the block was appropriate. It should be noted that some of the OS blocks involve policy violations so egregious that even an ordinary admin would have blocked the offending account with the intention of it being permanent.
Hope that gives some background on *why* OS blocks of named registered accounts are always of indefinite duration (in the true meaning of the word "indefinite".) Risker (talk) 15:45, 1 March 2024 (UTC)[reply]
Like Risker, I'm struggling to think of a reason for a time-limited OS block of a registered account. Either we have had communication from the blockee that satisfies us that the block is no longer required to prevent the publishing of non-public information or we haven't. We might get that a few minutes after the block, we might never get it - we have no way of knowing. Thryduulf (talk) 16:00, 1 March 2024 (UTC)[reply]
Like Thryduulf, I agree with Risker. Primefac (talk) 17:43, 1 March 2024 (UTC)[reply]
Like Primefac and Thryduulf, I agree with Risker too. stwalkerster (talk) 20:13, 1 March 2024 (UTC)[reply]
Agree with Thryduulf and Risker. Most os blocks should be resolved by the person blocked demonstrating understanding. But if it is clear the person was already well aware of our rules surrounding personally identifying information and shows a willingness to out people in knowing contradiction with those rules, an unblock shouldn't be taken lightly in order to prevent further harm.
In the overwhelming majority of cases where an indef is proposed or appealed, I'm arguing for narrower restrictions or an additional chance, but not when it comes to outing. Unlike disruption or personal attacks, where a good apology/mea culpa can truly fix any harm caused, oversightable offenses cause potentially irreversible damage at the moment of posting. It should be a bright line.
The big challenge, however, is in cases like the one which led to this discussion being opened. One person was indeffed for directly outing in a discussion where several other people had already indirectly, but no less harmfully, outed the same person. An indef looks harsh there only because the outing had already taken place and was permitted to stand. I don't see a big difference between the blocked user's posts and the OP's posts, for example. By the time Fram said what he got blocked for, the cat was already out of the bag. Had oversighters/admins taken action on that thread immediately after it was posted, we would likely have Kashmiri saying "oh my bad, I'll send it to arbcom" and continuing to edit and would never get to the point where Fram got blocked simply for dropping the facade. In other words, the problem isn't the use of indef but taking selective action that doesn't actually stop the harm, penalizing just those who violate policy without the pretense. — Rhododendrites talk \\ 16:47, 1 March 2024 (UTC)[reply]
  • I do see areas where we can improve. For example, we have had a spate of OS blocks on young users who have been very insistent on including personal information about themselves into the encyclopedia (both on their user page, and elsewhere). The usual pattern is for oversighters to suppress, and then leave a note on the user's talk page discouraging a repeat. The block usually comes if they do it again. But I'm not sure we're clear enough in our first message that they'll get blocked if they persist in posting personal information. I don't think we can stop the OS blocks for this; for one thing, we run the risk of violating governmental legislation that could have major impacts on our projects. Some of the current or proposed legislation imposes heavy fines and/or taking down of websites entirely. I do think we can be a lot more clear, particularly with young users, that this isn't the place to talk about their school, their date of birth, their full real name, etc. To be honest, it wouldn't hurt to be a lot more clear with *all* users, especially as governments consider legislation that permits right-to-disappear. Risker (talk) 20:33, 1 March 2024 (UTC)[reply]
    Thanks for this thought Risker. This was indeed one of the cases where I thought a short block might be enough to make clear to the user that they need to stop. Best, Barkeep49 (talk) 21:33, 1 March 2024 (UTC)[reply]
    I particularly agree with Risker's last sentence. I think a lot of new users, especially younger ones or those from certain parts of the world (often the Indian subcontinent but not always), confuse a Wikipedia user page with something like a LinkedIn profile. It would be nice if new users saw something before they registered or before they created a user page that advised them against posting CVs/excess personal information or writing about their own company. HJ Mitchell | Penny for your thoughts? 17:08, 2 March 2024 (UTC)[reply]
    If possible (I don't know), an edit filter that detected a new user creating a user page that might be a CV (detecting this would be the hard bit I guess) and gave them a warning that Wikipedia is not the place to post a CV or personal information before they could save might help. Thryduulf (talk) 17:14, 2 March 2024 (UTC)[reply]
  • I am not a fan of time-limited blocks in most circumstances, and especially do not support it for OS blocks. I would rather have indefinite blocks which are lifted when the blocked user demonstrates that they understand the reason and won't do it again. I cannot think of a reason, nor has one been posted above to my satisfaction, that demonstrates a situation when a time-limited block would be better than an indefinite-but-appealable block. Z1720 (talk) 01:15, 2 March 2024 (UTC)[reply]
    The main reason against that idea is it would be a huge time suck that adds no value. PackMecEng (talk) 17:53, 2 March 2024 (UTC)[reply]
  • @PackMecEng: I agree with you, to a certain extent, but it's also a time sink if an editor receives a time-limited block, then starts reposting things on-wiki when the block is over. The question is: what is better for the community? My opinion is that the time sink to evaluate OS-unblock requests is better than the time sink to clean up edits on-wiki. However, I can see how others think differently. Z1720 (talk) 18:09, 2 March 2024 (UTC)[reply]
    My view on this is not one of the effort involved, it's one of safety. I want to be sure that if an OS block is required, the blocked user understands not to post OSable material again before they continue to edit. If it's more effort for all involved, then that's effort well-spent IMHO. stwalkerster (talk) 18:12, 2 March 2024 (UTC)[reply]
    As an OSer I agree completely with this. OS blocks are not super common, not all of them are appealed, and many of the appeals are very simple (it's clear the person now gets it or clear that they don't) so the actual amount of time discussion of them takes is not great at all. It's firmly in the territory of benefits outweighing costs as far as I'm concerned. Thryduulf (talk) 18:30, 2 March 2024 (UTC)[reply]
    As a proportion of all blocks, oversight blocks (unlike checkuser blocks) are actually vanishingly rare. HJ Mitchell | Penny for your thoughts? 19:16, 2 March 2024 (UTC)[reply]

Help![edit]

I was trying to access the suppression log and I got the "permission error" message. Also when looking through oversighted edits, it is unclear who had oversighted, as the software refused to show me. Any assistance? Toadette (Let's discuss together!) 18:15, 20 March 2024 (UTC)[reply]

This information is private to Oversighters only. stwalkerster (talk) 18:16, 20 March 2024 (UTC)[reply]

Can we consider a formal rename of oversight to suppression (or something else)? (just a brainstorm)[edit]

The oversight extension has been deprecated for more than a decade, and very few people (particularly newer contributors) actually understand why the tool was named as such. A rename would be better for newer users.

A rename would entail moving this page from Project:Oversight to Project:Suppression, renaming the appropriate group roles, updating references of "oversight" to "suppressor" or "suppression team" across the project where needed, etc. It might also involve updating email addresses and mailing lists (but not discontinuing previous ones). "Oversight" is not even defined as we use it right now; oversight means "supervision or management" and is not synonymous with "suppression".

Suppression might have a negative connotation, but it is also important to note that suppression is only done for material that for one reason or another creates legal liability if accessible even by administrators. And I don't think there are many other terms that accurately describe what this is doing. We could differentiate between these different levels of deletion with stuff like level I deletion and level II deletion, but then the group name would be "level II deleter" and that does not ring nicely, and that might still not have an entirely positive connotation.

Maybe one can find a better term to reflect this role that is not negative or something? I can be certain that this role only exists for legal reasons, in the same manner "checkuser" exists. So finding a term that reflects this fact would be more helpful. Awesome Aasim 00:01, 3 April 2024 (UTC)[reply]

Noting for the record that this has been brought up several times before:
stwalkerster (talk) 00:24, 3 April 2024 (UTC)[reply]
How about this? We can maybe combine the "checkuser" and "oversight" privileges into one "functionary" role, since both roles are tied with the handling of private information, if someone is trusted with one they are trusted with the other. A functionary role would have access to the IP addresses accessed by accounts, ability to redact and technically suppress information, and oversight over each other's use of these tools. I have never seen a case where one with both roles lost just one or the other. (example: Wikipedia:Arbitration/Requests/Case/Reversal and reinstatement of Athaenara's block where a former functionary lost both roles because of lapsed judgement with the "checkuser" tool). Awesome Aasim 00:31, 3 April 2024 (UTC)[reply]
We have a number of OSers who are not CU, and a ton of CU who are not OSers. Combining these roles would give access to people who have, for one reason or another, indicated they neither want nor need the other role. Primefac (talk) 07:37, 3 April 2024 (UTC)[reply]
The two roles require different skill sets and not everybody has both. I am an OSer without CU, I don't have the technical skills to make use of the CU tool and I have little to no interest in learning them. So either people like me would have access to CU without meeting the usage requirements (pointless, arguably potentially harmful), I'd lose access to the OS tool because I didn't use CU often enough (not the greatest loss to the team, but still a loss) or I'd be forced to make bad use of the CU tool (with great potential for harm). Thryduulf (talk) 11:08, 3 April 2024 (UTC)[reply]
Suppression is the technical term and Oversight the common name for the same process. The words can continue to coexist, in the same way we call someone with the sysop privilege an admin. However, you make a good point that their duty is to perform limited and welcome suppression rather than general management. It's unfortunate that for reasons verging on marketing and political correctness we need (rather ironically) to suppress the S word. Perhaps we can find a better term which describes the role more accurately without offending anyone. Certes (talk) 09:32, 3 April 2024 (UTC)[reply]
It might be the same reason why we moved from "abuse filter" to "edit filter" even though many contributors including me still use AF. It is called that because its primary purpose is to catch potential vandalism, LTA, and etc. but not all edits the filter flags are "harmful".
The term that might be better is just "level II revision deletion" or something similar because revision deletion already removes inappropriate material from public view, and for most cases that is enough. If we need to go a step further (level I to level II) then that is what "suppress" would be. Awesome Aasim 16:16, 3 April 2024 (UTC)[reply]
suppression is only done for material that for one reason or another creates legal liability if accessible even by administrators this is not correct. The policy section of this page lists the situations where we suppress material, and privacy reasons are far more common than legal ones (both in terms of criteria and in terms of how often they are applied). Thryduulf (talk) 10:57, 3 April 2024 (UTC)[reply]
Once again, there are legal implications with having personal information visible to everyone. Most don't realize that personal information here is visible to everyone forever even if later removed. Which was the purpose of the oversight and later suppression tools. Other wikis (particularly commercial wikis) have other obligations like GDPR and when a user "vanishes" (like I have seen on Fandom), the username must be suppressed in all relevant logs for compliance, and any pages where personal information is present must be removed. It's called the right to be forgotten for a reason. Awesome Aasim 16:11, 3 April 2024 (UTC)[reply]
  • Just for the record, the action is formally called "hiding", not suppression, in our logs. I'd rather be called a hider than a suppressor. Both of them suck. In some languages, the local equivalent of "suppressor" doesn't have the Orwellian impact as it does in English, but I know for a fact (having met some colleagues from other languages) that they're none too fond of the implications of the name. The reality is that we aren't suppressing anything in any classic meaning of the term; we're preventing access to certain elements of information. We can't suppress the information in the sense that it is impossible for anyone to know the information was ever there. (Incidentally that's what the old oversight tool did, but very clearly the current suppression tools do *not* do.) So if someone has the strong urge to get into the semantics of the whole thing, they should start by insisting on the correct name of the activity, and then working their way down. I could almost accept a name like "access restrictor". Risker (talk) 16:22, 3 April 2024 (UTC)[reply]
    Maybe what might be better is "content administrator" and "account administrator" for OS/CU. Content administrator suggests that the user administers content decisions. In which case then we could rename "administrator" to "moderator" as that is essentially what the administrator tools allow. It would also distinguish between "system administrator" and "database administrator" which entail different roles and responsibilities. Awesome Aasim 21:12, 3 April 2024 (UTC)[reply]
    Administrators are far more "content administrators" than they are "system administrators" or "sysops"; oversighters make far fewer and much less wide-ranging decisions about content than regular admins do. The only "account administration" that checkusers do is blocking and unblocking - i.e. what administrators do. Thryduulf (talk) 03:12, 4 April 2024 (UTC)[reply]

How about this for the role namings and policy namings:

It may get a bit redundant if one has both but it resolves this historic happenstance and inaccurate description by using the same name to refer to both checkusers and oversighters. Awesome Aasim 23:18, 16 April 2024 (UTC)[reply]

I'm struggling to understand what the benefit of that change would be? Also note that there are functionaries without either tool. Thryduulf (talk) 09:58, 17 April 2024 (UTC)[reply]
There are functionaries without either tool aren't functionaries essentially users entrusted by both the community (or ArbCom) and the WMF to handle personal data? There could be a right called "arbcom" that lists Arbitration Commitee members, which would be a cosmetic-ish role. Awesome Aasim 19:13, 18 April 2024 (UTC)[reply]
All functionaries are entrusted to handle personal data, but not all are or were arbitrators. Wikipedia:Functionaries#Members notes that there are several Functionaries who are former oversighters and/or checkusers but not former arbitrators, TonyBallioni for example. They remain subscribed to list so they can offer their perspectives and advice when that would be beneficial, even though they don't handle personal data on a day-to-day basis. However this isn't really relevant to my question, which is why would "Functionaries (checkuser access)" and "Functionaries (suppress tool access)" be improvements over the status quo? Thryduulf (talk) 13:40, 19 April 2024 (UTC)[reply]
Because it distinguishes the technical role that gives the tool from the actual tools itself. It is the same reason we call administrators "administrators" rather than administrators, say, "deletors", even though they technically can delete. The same thing could be done for "rollback" and other roles. Any (insert name of tool)-er is one who (insert names of tool)-s, but it does not mean that every person with access to (insert name of tool) is a (insert name of tool)-er. Saying a person has "access" is much less technical, in the same manner that one has access to a vacuum or access to a pressure washer. Awesome Aasim 17:47, 19 April 2024 (UTC)[reply]
We already have "oversighter" and "checkuser"? What benefits does changing these bring? Thryduulf (talk) 18:59, 19 April 2024 (UTC)[reply]
Checkuser is unambiguously descriptive: one who checks user details such as IP address that shouldn't be public. Oversight has several meanings, only the last of which is relevant. It's a term of art that few non-Wikipedians would guess correctly. Certes (talk) 21:25, 19 April 2024 (UTC)[reply]
But why is that a problem? And why is "Functionaries (suppress tool access)" better, given that there are several meanings of "suppress", none of which are a great match for what "suppression" means on Wikipedia (sense 4 is the closest).
Consider also more prominent roles like "bureaucrat", "steward", and "extended-confirmed" whose names are wholly terms of art that few non-Wikipedians would guess correctly. Thryduulf (talk) 23:07, 19 April 2024 (UTC)[reply]

Should there be instructions in the page to contact the Wayback Machine to ask them to remove oversighted content?[edit]

Oftentimes, oversighted content gets picked up by the Wayback Machine before it is removed. They will remove PII on request. Some Wikipedia users, especially new users, are unaware about the Wayback Machine. Could there be a reminder added to the page to check if the content was archived in the Wayback Machine, and contact them to remove it? Félix An (talk) 08:48, 16 April 2024 (UTC)[reply]

That's not our site, so not by name. But maybe something generic in the notes like:
  • The oversight process described above is specific for the English Wikipedia, for assistance on another Wikimedia project, please contact their oversight team directly. For assistance with content hosted on external mirrors and forks or archvies you would need to contact the external site administrators.
? — xaosflux Talk 10:01, 16 April 2024 (UTC)[reply]
Retrieved from "https://en.wikipedia.org/w/index.php?title=Wikipedia_talk:Oversight&oldid=1219805397"