Thank you again for the concerns and comments responded to in the following letter.
INTRODUCTION Two distinct topics are discussed: (1) MediaWiki should provide its software users with OpenID Connect functionality including to verify their names and accounts via account linking, and (2) Wikipedia should make use of such MediaWiki features. On topic one, there are a large number of MediaWiki software users [1][2] and use case scenarios. On topic two, “MediaWiki's most famous use has been in Wikipedia” [3], thus it makes sense to carefully discuss MediaWiki software and Wikipedia simultaneously. CONFIGURABILITY Importantly, we can consider options for configuration for system administrators (users of MediaWiki software) and their end users. For example, a system administrative option could be whether to activate the account verification features. Account verification could then be either optional or required for their users. Allowing their users to verify their accounts, system administrative configuration can specify whether their verified users have a configuration setting with regard to whether to display their real names or their usernames. Configuration options for MediaWiki system administrators and subsequently contingent configuration options for end users can maximize utility for all parties concerned across a large number of MediaWiki use case scenarios. In this way, Wikipedia can choose whether and configurably how to utilize MediaWiki account verification features in a manner that exactly aligns with their policy. SOCKPUPPETRY “In 2012, Wikipedia launched one of its largest sockpuppet investigations, when editors reported suspicious activity suggesting 250 accounts had been used to engage in paid editing.” [4] “On August 31, 2015, the English Wikipedia community discovered 381 sockpuppet accounts operating a secret paid editing ring.” [5] PAGE PROTECTION OPTIONS AND ACCOUNT VERIFICATION System administrators of MediaWiki could configure MediaWiki to allow administrative users the capability to protect content with a mode such that only verified accounts could edit that content. “Why would this be desirable?” Reasons include, but are not limited to: (1) per the rationale for semi-protection [6] and extended confirmed protection [7], (2) an administrator determines that one or multiple unverified accounts involved in an incident are sockpuppets, bots, trolls, spammers, vandals, etc, (3) detecting or preventing conflict of interest editing. TWITTER ACCOUNT VERIFICATION CONTROVERSY “Given how much controversy and unhealthy dynamics surrounds verified accounts on Twitter, I do not think it is a good idea to copy it.” Some of the confusion around account verification on Twitter stems from misunderstanding. What is the checkmark? What does it mean? What does account verification mean when controversial figures’ accounts are verified? Some people, for example, misunderstood that it suggested endorsement by Twitter. “In July 2016, Twitter announced […] that verification ‘does not imply an endorsement.’” [8] ACCOUNT VERIFICATION AND USER PAGES “If there's an individual need to establish link between legal identity of somebody and their Wiki credentials, there are easy ways to do it – e.g. publish a signed message both on wiki user page under the account and on the resource known to be controlled by the person, etc.” System administrators could also configure for users to have an option to select for their linked account pages to be hyperlinked to from their user pages. Collaboration on Wikipedia articles can be an opportunity to socialize and connect on other websites. REAL NAMES AND SAFETY “Everywhere online, exposing your real life identity means a possibility of real life problems: stalking, harassment, attempts to get someone you have a content dispute with fired. And I'm not even theorizing: all the above things have happened on Wikipedia, multiple times.” “Requiring people to take that risk to edit certain pages is not really a good thing.” As aforementioned, system administrative configuration options could include allowing verified users to choose whether to display their real names or to display their usernames. Proponents of real-name policies include Mark Zuckerberg. “Facebook’s CEO and Founder Mark Zuckerberg defended [Facebook’s real-name policy], saying, ‘We know people are much less likely to try to act abusively towards other members of our community when they’re using their real names.’ A Pew Research study from 2014 supports Zuckerberg’s claim, proving that ‘half of those who have experienced online harassment did not know the person involved in their most recent incident.’” [9] SOCIAL MEDIA EXECUTIVES “Social networks want to have people's confirmed identities so that they could sell them to the highest bidder.” Social networks are in a crisis, as evidenced by recent testimony before Congress. Their policies with regard to account verification are genuine attempts to solve problems, some described to them by Congress, not gambits to acquire more user data. Account verification mitigates sockpuppetry, bots, trolls, spam, vandalism, conflicts of interest, fake news, disinformation and election interference. (https://www.c-span.org/video/?443543-1/facebook-ceo-mark-zuckerberg-testifies-data-protection , https://www.c-span.org/video/?443490-1/facebook-ceo-mark-zuckerberg-testifies-data-protection) WIKISCANNER “Internet experts, for the most part, have welcomed WikiScanner.” [10] “Wikipedia co-founder Jimmy Wales spoke enthusiastically about WikiScanner, noting in one source that ‘It brings an additional level of transparency to what's going on at Wikipedia’ and stating in another that it was ‘fabulous and I strongly support it.’ The BBC quoted an unnamed Wikipedia spokesperson's praise for the tool in taking transparency ‘to another level’ and preventing ‘an organisation or individuals from editing articles that they're really not supposed to.’ In responding to the edits from the Canadian Ministry of Industry, spokesman for the Wikimedia Foundation Jay Walsh noted that neutrality of language and guarding against conflicts of interest are two of the central pillars of Wikipedia, adding that ‘The edits which should be trusted would come from people who don't possess a conflict of interest, in this case, it would be worthwhile saying that if someone is making edits from a computer within the government of Canada … if it was someone within that ministry, that would theoretically constitute a conflict of interest.’ Wales has speculated on a possible warning to anonymous editors: ‘When someone clicks on ‘edit,’ it would be interesting if we could say, ‘Hi, thank you for editing. We see you're logged in from The New York Times. Keep in mind that we know that, and it's public information’ … That might make them stop and think.’” [11] [1] https://en.wikipedia.org/wiki/MediaWiki#Sites_using_MediaWiki [2] https://en.wikipedia.org/wiki/Category:MediaWiki_websites [3] https://en.wikipedia.org/wiki/MediaWiki [4] https://en.wikipedia.org/wiki/Conflict-of-interest_editing_on_Wikipedia [5] https://en.wikipedia.org/wiki/Orangemoody_editing_of_Wikipedia [6] https://en.wikipedia.org/wiki/Wikipedia:Protection_policy#Semi-protection [7] https://en.wikipedia.org/wiki/Wikipedia:Protection_policy#Extended_confirmed_protection [8] https://en.wikipedia.org/wiki/Twitter#Verified_accounts [9] https://www.csmonitor.com/Technology/2015/1101/Does-Facebook-s-real-name-policy-really-protect-its-users [10] https://www.nytimes.com/2007/08/19/technology/19wikipedia.html [11] https://en.wikipedia.org/wiki/WikiScanner#Wikipedia_reaction _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l