Commons:Requests for comment/Separation of powers

From Wikimedia Commons, the free media repository
Jump to: navigation, search

Background[edit]

Separation of powers is a long-standing model in governance of all kinds of organizations, from whole states to small voluntary associations and informal groups. As a principle, it aims to prevent the concentration of power in any one single branch or body of an organization, and to limit the opportunity for the abuse of power.

I suggest that the Commons community consider implementing this principle in an attempt to limit the potential for the concentration of power and associated risks and problems, which many of us are probably too familiar with, be it in real life or on other Wikimedia projects.

To quote Lord Acton's most famous remark: Power tends to corrupt, and absolute power corrupts absolutely. — and I believe it is prudent and in Wikimedia Commons' best interest to ensure that this situation does not take place in our community.

Given the potential consequences of this discussion, I suggest that this RfC stays open for at least 30 days to allow the community to have an informed and in-depth debate on this subject.

Thanks in advance for your time and your consideration! odder (talk) 19:07, 16 July 2014 (UTC)

Proposal[edit]

The proposal is to formally prohibit any one single user from simultaneously holding more than one of the following functions on Wikimedia Commons: bureaucrat, checkuser and oversighter.

Please note that there are currently two users directly affected by this proposal: Tiptoety who is currently holding both checkuser and oversight permissions, and myself, odder, who is currently holding both bureaucrat and oversight permissions.

Two solutions of this situation come to my mind: we can either allow both of those users to retain their current privileges (a so-called grandfather clause), or ask them to resign one of their functions. Personally, I am happy to resign my bureaucrat access should the community decide to agree to this proposal.

Thanks again, odder (talk) 19:07, 16 July 2014 (UTC)

Discussion[edit]

Symbol neutral vote.svg Neutral I don't see how this prevents abuse. Commons has only a small community. We need a inactivity policy and not a separation of powers. --Steinsplitter (talk) 19:18, 16 July 2014 (UTC)

We have an inactivity policy. It's the lousy one which prevents inactive administrators from returning to administering without jumping through lots of hoops and passing a new RfX. Which in turn may put some of them off from getting more involved. What we should probably do is work out, roughly, how many administrators, bureaucrats, checkusers and oversighters we actually need and then figure out policy based around all of that. Nick (talk) 19:51, 16 July 2014 (UTC)
Just as a matter of clarification, all Commons checkusers and oversighters are already covered by their respective global policies, both of which specify that users inactive for more than one year lose their privileges. odder (talk) 19:54, 16 July 2014 (UTC)
Symbol oppose vote.svg Oppose You and Tiptoey hold a number of advanced permissions because the community trusts you with those permissions. I would like to believe that most, if not all, of the people that approved your and Tiptoey's second of {CU/OS/'crat} knew that you already had the first when they voted, and since the requests were successful, a plurality of those people decided that it wasn't a problem.
There are a limited number of people that I would trust with any of those three positions (although I would require more trust for CU than OS, and more for OS than for 'crat), but once I trust someone enough to support a request for OS, I don't mind if they're also a crat, and once I trust someone enough to support a request for CU, I don't mind if they're also an OS, 'crat, or both.
I don't believe that limiting the ability for our most trusted users to respond to problems makes sense. Sven Manguard Wha? 20:40, 16 July 2014 (UTC)
@Sven Manguard: CU is indeed the most trusted role, but it pains me to have say that there are issues with our CUs here on Commons resulting from the abuse of one of our very own CU's in April 2013 as it relates to my account. It took 12 months for me to get the very simple answer of YES a CU was done on myself in April 2013. Whilst the name of the CU who did the check was not given to me, to make matters even worse, it has been confirmed to me that one of our CUs has given information to a non-CU relating to the CU that was done on me; information that was given to them, but not given to me. Complaints to the OC were not dealt with; instead they referred it to the WMF Board some 6 weeks ago, and the only response I have received is 2 weeks from Legal stating it is their belief that OC had dealt with it. At every stage I have been given the runaround. This is why I opposed @Krd:'s RfCU not long ago, when I clearly mentioned CU abuse as a reason for my oppose. It should be mentioned also, that I was told by one CU that as a group it was decided not to tell me who performed the CU because they saw only disadvantage, and no advantage. This may be because the CU in question, left all projects not long after I started asking questions in May 2013.
Whilst I have full faith and trust in both User:Odder and User:Tiptoety, I sincerely believe that a "separation of powers" on this (and all projects) should be enacted. Hence, I will Symbol support vote.svg Support this RfC as per Odder, as per Fae and as per my own experience with abuse of rights on this project. As to whether Odder and Tiptoety could be "grandfathered", I wouldn't be opposed to that. russavia (talk) 21:52, 16 July 2014 (UTC)
To this Californian, "OC" has a meaning, but I doubt it's what you intended. Clarify for us n00bs? -Pete F (talk) 12:50, 18 July 2014 (UTC)
@Pete F: In this context, OC stands for the Ombudsman commission. odder (talk) 12:55, 18 July 2014 (UTC)
Symbol support vote.svg Support From a governance perspective, this is an excellent idea and reflects good practice adopted in other organizations. From a pragmatic perspective, there would have to be some effort going into recruitment and coaching for the more 'stressful' roles so that we not only have sufficient numbers in place but have a pipeline of future candidates along with encouraging those holding the roles to consider taking it on for a period rather than indefinitely, though this is something that ought to be happening anyway. -- (talk) 20:57, 16 July 2014 (UTC)
Symbol oppose vote.svg Oppose Most active users have multiple roles. I upload files, mostly, but I also have file mover rights, for example. Some editors are also admins. Bureaucrat, checkuser, and oversighter are just more advanced permissions we give to editors we trust. I don't see a problem. Jonathunder (talk) 21:34, 16 July 2014 (UTC)
Symbol oppose vote.svg Oppose Currently, while I am supportive of the idea, at this time we don't have enough editors with these advanced rights to make this work. Should this RFC in the end in the change being accepted I would like to see Tiptoety and Odder retain their status via a Grandfather clause. LGA talkedits 21:53, 16 July 2014 (UTC)
Symbol oppose vote.svg Oppose - If someone is trusted let him have the tools, is someone willing to do a certain job and he is capable let him have the tools. I see no reason to prevent highly trusted user to excecute multiple tasks. Also I don't see how this can prevent abuse. Natuur12 (talk) 21:57, 16 July 2014 (UTC)
Picking up on the "how" within your comment, a separation of powers ensures that these different parts of Commons governance can be asked to review each other. Without separation, the only alternative is to have some sort of "ComGovCom"* or ensure that the vote that granted the rights is forced to be reheld after a certain period (like 2 or 3 years maximum terms). The reasoning used by many here that there are votes for the roles does not hold water, as the vote is only held in advance of allocating the rights (so the vote is not based on practical experience in the "job") and there is no public review/feedback process later on, no matter how many years the same person holds on to these rights. -- (talk) 08:25, 17 July 2014 (UTC)
ComGovCom → Wikimedia Commons Governance Committee
First of all, it sounds really strange to me that oversighters are going to review checkusers for example. They are two seperate groups which should and cannot control eachother. That there is no review/feedback process is not really a problem in my opinion. You can always start a des-oversight, de-bureaucrat or de-checkuser procedure when somebody is not up for the job. However a more strickt inactivity policy can solve some parts of the problem. Now for the ComGovCom, an Arbcom seems like a much better solution ;). And I would likely support an Arbcom btw. Natuur12 (talk) 10:01, 17 July 2014 (UTC)
(1) Review ≠ Control; think of a type of peer review. (2) ComGovCom ≠ Arbcom, noooo... but RfC without using that word might get some traction... my general thoughts are that Commons has value as an example project run as an informal meritocracy, without an overly rigid hierarchy, so ad-hoc teams of established contributors to resolve specific issues, or deliver review recommendations to the community, and then disband, is a cool solution if it can become repeatable. It avoids the creation of too many life long peers of our realm with fancy hats that tend to make their heads swell up too. Smile fasdfdsfoiueire.svg -- (talk) 17:56, 17 July 2014 (UTC)
: How exactly would the peer review work when the oversighters can't see checkuser results/logs, the checkusers can't see oversighted content, and the bureaucrats can't see either oversighted content or checkuser results/logs? In fact, creating a ComGovCom type body would entail giving its members access to both oversighted content and checkuser results/logs, making them more powerful than anything we have now.
My personal feeling is that if you're worried about abuse by a small group of people holding a certain advanced permission, double or triple the number of people that hold that permission. The theory being, the more people there are, the harder it is for a group to keep a secret. Mind you, I don't see any problems with the current setup now, but I think a ComGovCom would do the opposite of what you're looking for. Sven Manguard Wha? 19:30, 17 July 2014 (UTC)
I was not expecting to have to design a governance system to hold an opinion, though my day rates are competitive if you want me to bid for the work. Smile fasdfdsfoiueire.svg Anyone involved in secure assessment is used to the idea that records may be on a need to know basis, reviewing the process and discussing how it is followed by those trusted, is often sufficient peer review. Looking at records and details with your own eyes rather than relying on the eyes of others is a distinction that one can make between basic audit and a "consultative" assessment. Effective governance audits often rely on the latter and merely check that the former are in place. As for ComGovCom, meh, I'm only interested in the concept if we can guarantee it does not devolve into (yet another) wasteful talking shop that burns out volunteers. -- (talk) 19:40, 17 July 2014 (UTC)
Symbol oppose vote.svg Oppose - Per Natuur12 and others. - Jmabel ! talk 23:53, 16 July 2014 (UTC)
Symbol oppose vote.svg Oppose - If a person is trusted to the degree necessary to hold each user right they hold, then they're trusted to hold those rights, and whether they hold two or three seems irrelevant to me. If they're not trustworthy for a right, the right should be removed. This seems like a solution in search of a problem. Beyond My Ken (talk) 01:43, 17 July 2014 (UTC)
@Beyond My Ken: Power corrupts. We see this everyday in our societies (if you are a US citizen, just look around), and the Wikimedia community is no exception to that. Abuses happen, even here, and concentration of power always ends up a bad thing. This proposal aims to prevent that from happening — not just at this moment, but hopefully for many years to come. odder (talk) 08:52, 17 July 2014 (UTC)
Power may corrupt, it's not inevitable that it does. Every example of the corruptinhg effect of power in the real world can be offset by dozens, if not hundreds, of examples of people who held power and used it without abusing it - it really depends on the individual. Why don't we wait until we actually have some examples of people abusing multiple higher-level rights before we solve a problem that doesn't, as yet, exist. Beyond My Ken (talk) 14:45, 17 July 2014 (UTC)
@Beyond My Ken: See @russavia's message above for information about CheckUser abuse that happened here on Commons in April 2013. The problem exists, abuses happen, and we should strive to limit their scope when they do. odder (talk) 08:23, 18 July 2014 (UTC)
The most corruption/abuse in Commons are admins (or any other powerful person) do favor for their friends. It even happen in DRs too. But there is no easy solution for it. Our people need to be matured. (I doubt the validity of the reason behind this CU.) Jee 09:07, 18 July 2014 (UTC)
Why not? Because the very nature of these user rights makes it very difficult for other users to discern whether or not bad decisions have been made. -Pete F (talk) 01:05, 18 July 2014 (UTC)
Symbol oppose vote.svg Oppose The decision already is up to the community each time a holder of extended right requests an additional button, so I don't see any benefit here, especially as there already is a weak support for applying the grandfather clause. I'd support a more strict inactivity policy, also for admins, though. --Krd 06:42, 17 July 2014 (UTC)
  • Symbol neutral vote.svg Neutral The intend is good, but I don't see the need for such a policy at this point. If a problem arises, we can deal on a case by case basis. Our problem is the low activity of the majority of admins. I don't think more bureaucracy will help here. Regards, Yann (talk) 09:30, 17 July 2014 (UTC)
  • Symbol support vote.svg Support I think it's reasonable proposal. --EugeneZelenko (talk) 14:14, 17 July 2014 (UTC)
  • Symbol support vote.svg Support - I live in a constitutional monarchy where until recently we had fusion of powers with incredible overlap between executive, legislative and judicial functions. An extreme example was m'Lord Chancellor who used to be head of the House of Lards (our appointed version of a Senate), head of m'Lord Chancellor's Department (the ministry in charge of the justice system as a whole), the head of the judiciary by virtue of sitting on the Judicial Committee of the House of Lords and the Judicial Committee of the Privy Council (nothing to do with toilets unfortunately), as well as being one of the Church (of England) Commissioners. Too much power invested in one person is not necessarily a good thing. I also support grand-daddying Odder and Tiptoety into the proposal but as Nick says "we should work out ... how many janitors, bureau-janitors, check-janitors and over-janitors we need". My guess is that despite being a "small" community, Commons really does need more of each group. My tuppence worth of opinions. Green Giant (talk) 15:56, 17 July 2014 (UTC)
  • Symbol oppose vote.svg Oppose People are free to vote with this methodology in mind, and the users affected are free to resign their rights if they wish, but this isn't something that should be legislated IMHO. --Rschen7754 23:45, 17 July 2014 (UTC)
    • Also, has anyone notified Tiptoety? --Rschen7754 04:41, 18 July 2014 (UTC)
Done now. --Túrelio (talk) 07:42, 18 July 2014 (UTC)
@Tiptoety was made aware of this discussion before it was started, and he was also pinged when this page was created. odder (talk) 08:23, 18 July 2014 (UTC)
  • Symbol oppose vote.svg Oppose I'd rather separate people from their powers when they actually abuse them or the trust of the community. Moreover, seems rather pointless at this point if we are talking about two people. Saffron Blaze (talk) 00:36, 18 July 2014 (UTC)
  • I had not thought of this before, so thank you @Odder: for bringing up something that seems very worthy of consideration. I look forward to seeing what others have to say, but my starting point is that I agree with you: the idea that a single person can gain detailed information about users' activities and identity (checkuser), and also take actions that are largely invisible (oversight), and also exercise control over all user rights (bureaucrat) does seem to create situations in which abuse could be very damaging, and very difficult for anyone to detect. "Abuse" need not come from bad faith or desire to cause harm, either -- sometimes we all make judgments in the best faith that turn out to have been a bad idea. So my inclination is to Symbol support vote.svg Support this proposal, and request that you and Tiptoety each resign one of the relevant privileges. -Pete F (talk) 01:03, 18 July 2014 (UTC)
  • Symbol oppose vote.svg Oppose I sure think the idea is not a bad one. But currently I don't see a big problem. @Odder: It happened to you, that is very unfortunate and certainly hit the wrong person. Most admins/crats/CU I know are happily married to the project(s) and don't seem to abuse the power given. AFAIK & IMHO. What I see as a potential problem is the low diversity of admins on Commons. We have 259 admins currently. Most speak DE/FR?EN/RU/etc... If you need one speaking AZ/FA/HI/ET/HU/SL you run into problems really fast. --Hedwig in Washington (mail?) 02:18, 18 July 2014 (UTC)
    • @Hedwig in Washington: Not sure what you mean by it happened to you. The only thing that happened to me was my learning of abuse of CheckUser privileges here on Commons in April 2013 (see above). This discussion is a direct result of my learning of that abuse, and was started in the hope that any abuse, if happens, would be limited in scope. Unfortunately, it does not appear to be going on too well right now. odder (talk) 08:23, 18 July 2014 (UTC)
  • Symbol oppose vote.svg Oppose I failed to see much meaning in considering bureaucrat, checkuser and oversighter as equally powered bodies. It will be nice if CU and OV rights are not given to a single person if we have alternatives (like if we have enough other trusted people). But (Striking off this part after reading Tiptoety's comment below.) I believe crats should have more power (as a team at least) to control the disobedient admins (yes; there are many). So I see no problem if a crat holds the CU or OV right too. Another solution is to setup an ArbCom. Jee 08:16, 18 July 2014 (UTC)
  • Symbol oppose vote.svg Oppose It's pretty handy to hold bureaucrat and oversight at the same time when renaming an account for privacy matters. --PierreSelim (talk) 06:04, 19 July 2014 (UTC)
  • Pictogram voting comment.svg Comment: First off, I'd like to state that I am abstaining from officially casting a vote. Being that I would be directly impacted by this decision, I feel it would be inappropriate for me to sway the decision one way or another. That said, I will offer a few thoughts I have. With regards to the outcome of this RFC, I am elected by the community. Whatever the community decides I will respect. I can say that many projects operate with users holding more than one user right without abuse (at least I have not heard of any). While Odder and Russavia might disagree, I'd like to say that Commons is no different. Additionally, from a personal standpoint I have found that holding both CheckUser and Oversight user rights has been not only useful, but beneficial. The tools can often run hand in hand and have assisted me numerous times in quickly preventing abuse and protecting the privacy of others. By only allowing a user to hold one advanced user right, it will likely create a need for more users with advanced user rights. I feel that the more users with access to private information, the greater the possibility for a abuse is. I would argue that the current team does a good job of policing themselves and that there are processes in place for if that fails. As for holding both 'Crat and Oversight, as mentioned above those tools are harmonious. Renaming users for privacy reasons should go across as few "desks" as possible. Anyways, just my two cents. Best, Tiptoety talk 02:36, 21 July 2014 (UTC)

Unnecessary change though I am also worried about inactivity/low activity issues. Trusted users should be aware of their responsibilities and decide if they have enough time to candidate themselves. On the other side, voters may take other flags into considerations when voting to give of not to give a flag to a certain user. It can be decided by community case by case if giving the flag or not is good or bad. I see no clear problem to be fixed. As for inactivity problems, Commons doesn't necessarily need to follow global rules as long as local rules don't disobey global ones.—Teles «Talk to me ˱C L @ S˲» 01:37, 22 July 2014 (UTC)

  • Symbol oppose vote.svg Oppose per above; also, there cannot be any real separation of powers as there is this institution called Wikimedia Foundation which owns (or rents; almost) all the servers.    FDMS  4    10:08, 29 July 2014 (UTC)
  • Symbol oppose vote.svg Oppose This proposal strikes me as utterly thoughtless. To conflate governance of a nation state with extended access is bizarre and a fallacy. How, for example, does one exert more power or become corrupt (“Power tends to corrupt, and absolute power corrupts absolutely”) because they have a technical ability to both see a user’s IP and computer configure and to grant an admin or bot flag? Staying in the example, all projects require multiple CUs as a check (meta:CheckUser policy), and admin and bot flags are not granted by a bureaucrat without an RFA or community discussion. Indeed, because we are not a nation state, we have an alternative system of checks to prevent misuse of advanced access (an entirely different notion from “power”). Is there a single example of a Commons bureaucrat granting an admin flag out of process? Is there a single example of a Commons oversighter removing revisions inappropriately? Is there a single example of a Commons checkuser running checks with ulterior motives? Now, is there a single example of a user with two or more of the aforementioned functions using them nefariously? That’s the one we need for this proposal to be at all relevant. Further, are there multiple examples to establish that this user is not a red herring, thus requiring a “separation of powers”? I’m guessing the answer is no. This proposal 1) does not identify a problem; 2) does not consider whether existing controls would be adequate if the problem actually existed; and 3) suggests a failure even to understand the (non-overlapping) nature of the functions. Эlcobbola talk 22:53, 31 July 2014 (UTC)
    • It is impossible for the "normal" contributor to this project to answer the questions you raise as any misuse would be in secret, as would any corrective action taken. Perhaps instead, as a current checkuser, could you answer the very simple direct question "have check user rights ever been used inappropriately by anyone in the history of Wikimedia projects?". If the answer is a complete and definitive no, then we can be assured that there must be a process in place that has been 100% effective and needs no improvement based on case evidence. In general process improvement is a good thing, even when nobody has been damaged as a result of ineffective processes. -- (talk) 23:02, 31 July 2014 (UTC)
      • Are you not aware that user flag changes are available for all "normal" contributors to see in the public log? Let's start with the first question: Is there a single example of a Commons bureaucrat granting an admin flag out of process? Эlcobbola talk 23:23, 31 July 2014 (UTC)
        • The fact that a very direct, very simple yes/no question at the heart of this issue is walked around by someone who holds the rights in question, speaks volumes here. -- (talk) 23:25, 31 July 2014 (UTC)
          • So no, then? Эlcobbola talk 23:26, 31 July 2014 (UTC)
            • Again, you have responded with another question, rather than giving a definitive yes or no. Anyone with some understanding of the issues reading this, must realise this looks terrible, and your comments demonstrate that a solution to better transparency and governance, clearly is needed. -- (talk) 23:31, 31 July 2014 (UTC)
              • Here I was thinking that I posed questions in my comment, and that you responded with a question. 22:53 is still before 23:02, right? I rather think hypocrisy looks terrible myself. Эlcobbola talk 23:38, 31 July 2014 (UTC)
                • LOL, I agree. Somehow I think straightforward yes/no answers to whether checkuser rights have been misused, are not going be coming from any current checkusers. Interesting to observe that happening so obviously. -- (talk) 23:45, 31 July 2014 (UTC)
  • Symbol oppose vote.svg Oppose If an editor is trusted by the community with CU or OS or crat, I see no reason why they shouldn't hold more than one of these. It takes a high level of trust to get any of them, so someone who already has one would likely be a perfect candidate for another. I would've made a great crat or OS... ;) I've never had the slightest doubt about the trustworthiness or professionalism of Odder or Tiptoety certainly.

    As for CU, just for the fuck of it, I would point out that seeing CU info of fellow admins and other established users is unavoidable for an active CU. If you check a busy range from Germany, the UK, Australia, the US, etc, you're going to see admins on the range along with socks and random users. I saw the info of half the admins here, including my own CU info several times when sockmasters were editing in my area and I ran CU on the ranges. I didn't pay much attention to it, because I was busy weeding out the socks. I blocked the sock/s, IPs/smaller ranges, and then closed the window and went on about my business, because I'm a trustworthy guy, and I don't bullshit around.

    I would feel comfortable saying the same about the other CUs and OSs here. The CU/OS logs are available to all CUs or OSs/Stewards/OC/ and WMF, so any abuse would stand out very clearly and surely be noticed, especially to experienced people like Trijnstel and others, who are very careful and conscientious, just as I was. Abuse may happen once in a blue moon, as Sven Manguard indicates above, and it's childish and shitty, but it's extremely rare. I never saw an example of abuse, and I ran a good 10000 checks myself and looked at the log daily.

    I would also note, as Tiptoety has pointed out, that having CU and OS is often convenient and helpful. I had a number of CU cases, dealing with random weirdos, or individuals like Wikinger, where I had to report pages, histories, images, and even usernames to be oversighted, when I could've done it myself much more quickly had I also held the OS right. INeverCry 04:53, 2 August 2014 (UTC)

  • Symbol oppose vote.svg Oppose couldn't agree more with the above comment of INeverCry. Trijnsteltalk 19:38, 2 August 2014 (UTC)
  • Symbol oppose vote.svg Oppose Per INeverCry. Revicomplaint? 07:25, 3 August 2014 (UTC)
  • Symbol oppose vote.svg Oppose INeverCry put's it perfectly. They hold the rights because the community trusts them to handle them properly I see no reason to strip them. Thanks, Strike Eagle (talk) 17:16, 4 August 2014 (UTC)
  • Symbol oppose vote.svg Oppose It may be good in practice, but this project has a too small community and is understaffed. Restricting access to certain user rights is not going to help that problem. If you think that the user rights are likely to be abused, maybe the user rights could be time-limited so that people with the user rights have to reapply at the end of the term, should they wish to keep the user right. --Stefan4 (talk) 10:04, 6 August 2014 (UTC)
  • Symbol support vote.svg Support Jakákoliv koncentrace moci může být výhledově nebezpečná. Je dobré, když to chápe zvláště ten, kterému byla důvěra svěřena. Revizor by mohl být správcem, ale byrokratem raději ne.--Dendrofil (talk) 19:01, 6 August 2014 (UTC)
  • Symbol oppose vote.svg Oppose C'est peut etre à la mode de faire de la non cumulation de mandat, mais wikimedia n'a pas besoin de "politiquement correct". Il faut que le non cumul soit encouragé eventuellement avec toute les aides ou garanties necessaires à une bonne passassion de pouvoir mais pas imposer contre nature dans un tel projet collaboratif. Stephvvv (talk) 12:20, 8 August 2014 (UTC)
  • Symbol oppose vote.svg Oppose I fail to see a benefit for Commons in this separation of powers. --Denniss (talk) 18:32, 10 August 2014 (UTC)
  • Symbol oppose vote.svg Oppose. This seems like a solution in search of a problem. Recusel from issues in which a user is already involved in another role is already available. --Holdek (talk) 07:51, 11 August 2014 (UTC)
  • Symbol oppose vote.svg Oppose. Unlike a monarchy. We get the rights holders we deserve because we voted for them, if we vote some power mad hat collector to lord over us its our own fault for not paying attention. --KTo288 (talk) 22:04, 18 August 2014 (UTC)