Use this page to discuss information on the page (and subpages) attached to this one. This includes limited discussion of the Arbitration Committee itself, as a body. Some things belong on other pages:
This page has archives.Topics inactive for 14 days are automatically archived 1 or more at a time by Lowercase sigmabot III.
Contentious topics
Re this discussion: I think it should be stated explicitly in the yellow box that these principles apply to all topics, but that within contentious topics, the penalties for violating them are stricter, applied more easily and harder to appeal. When I see a yellow box, I assume that it contains the most important information, and in this case it seems to contain little other than platitudes, whereas the really key information is outside of it. Anonymous44 (talk) 17:00, 5 May 2026 (UTC)
Identity verification
Do AC and CU go through identity verification? It would be surprising if they don’t consider that they handle PI and sensitive information of Wikipedia users. 🐈Cinaroot 09:10, 9 May 2026 (UTC)
No, they do not (even though I think they should - I commented about this before at User talk:Larry Sanger/Nine Theses §Unintended consequences: ...require individuals who sign the Wikimedia Foundation Confidentiality Agreement for Nonpublic Information (which includes checkusers and arbcom members as they have access to sensitive, nonpublic personal data) undergo some form of identity verification that only the WMF will see. For example, they could be required to send the WMF a copy of their legal ID and then have a private video meeting with them.) I also asked the WMF some questions about ID verification at wmf:Policy talk:Wikimedia Foundation Access to Nonpublic Personal Data Policy#Age and ID verification but haven't received a response from them. Some1 (talk) 15:25, 9 May 2026 (UTC)
I don’t understand what good is signing a confidentiality agreement when there is no identity verification and therefore accountability will be difficult or impossible. 🐈Cinaroot 16:39, 9 May 2026 (UTC)
Before the present system was introduced in 2018, we were required to send a copy of ID to the WMF. Reasons that was changed was that the WMF staff are not trained to (nor would it be practical to train them to) validate the very many different forms of ID that could be submitted (2-3 per country is probably a low estimate - how many Belgian ID cards, New Zealand driving licences or Singaporean Military ID cards do you see on a daily basis?), especially as a photograph isn't a reliable way to determine the authenticity of all forms of ID. There were also concerns related to security and identity theft - IIRC I sent a photograph of my passport via plain email and had to just trust this wouldn't be misused by the WMF, the recipients email wouldn't be hacked, etc.
Adding a video call requirement would potentially be a large time and effort burden. m:Access to nonpublic personal data policy/Noticeboard currently lists three only staff members who are authorised to determine whether someone has properly signed the agreement, etc. There seems to be an average of roughly six editors per month globally, not all of whom have a language in common with any of the staff who do the authorising, not all of whom have reliable access to video call technology, not all of whom are available during office hours on the west coast of the United States.
These issues are probably surmountable, but not simply and almost certainly not without a large investment of time and money. Thryduulf (talk) 17:21, 9 May 2026 (UTC)
There are identity verification solutions that support verifying identity from 100s of countries. It’s very easy and cheap for them to implement. Obviously that's not their priority 🐈Cinaroot 18:19, 9 May 2026 (UTC)
ID verification is all fun and games until the foundation/its providers get hacked, social engineered, or pressured by an authoritarian government. To all the Wikipedians in countries that habitually harass and imprison Wikipedians, staying anonymous is deadly serious. And the list of countries that are anti-Wikipedia is growing, not shrinking. So, you're right, ID verification is not a Foundation priority, and thank goodness. The Committee has long advocated for maximum user anonymity and safety to the WMF, because we know exactly what can happen to users who lose their anonymity. I do not see the Foundation changing that stance. CaptainEekEdits Ho Cap'n!⚓ 18:43, 9 May 2026 (UTC)
I’m not saying all Wikipedians should verify identity. I’m not sure how much access AC members have - but CU considering they have a lot of technical access and handle PI - they should verify their identity. How can they be entrusted to millions of user data if Wikipedia doesn’t know who they are? What if a bad actor - start editing on Wikipedia and eventually become an AC or CU. Very much possible in today’s world.
There should be no anonymity for CU or Stewards or users that can have access to PI at will. 🐈Cinaroot 18:52, 9 May 2026 (UTC)
My understanding is that all CU actions are logged, and can be checked by other CUs for any improper behavior. In my opinion, keeping members of the community safe from the very real threats of hostile governments is more important than disclosing personal identities to WMF persons who will not check the logs for improper behavior. --Tryptofish (talk) 19:49, 9 May 2026 (UTC)
My understanding is that all CU actions are logged, and can be checked by other CUs for any improper behavior. They are logged, and the logs are checked. Thryduulf (talk) 20:29, 9 May 2026 (UTC)
That’s more for later investigation and compliance purposes to determine if an account did something wrong or when. Identity verification has entirely different purposes. I don’t even need to explain what that is. 🐈Cinaroot 00:37, 10 May 2026 (UTC)
The same concerns about data risk that Eek mentioned apply even more when it comes to people who have these heightened levels of access. There's a hell of a lot of work involved with becoming a wikipedian, let alone an admin, let alone a CU, let alone an arb. I'd be much, much more concerned about the other direction of attack: that an arb who began in perfectly good faith was pressured into acting against Wikipedia's interests by outside actors. And it's much easier to pressure someone in this way if you know who we are. -- asilvering (talk) 20:29, 9 May 2026 (UTC)
This isn't an attack. Lots of platforms verify identity and store your personal information. If they get hacked - yeah, your identity can be compromised. I’m not saying you guys send WMF staff your passport via email. But Wikipedia can develop proper identity verification systems and securely store it in their servers only accessible to select WMF staff. Such an ID verification system should be regularly triggered on CU, AC, etc., to verify identity on a regular basis. I’ve seen AC members whose identity is public. They can be targeted or pressured as well. But giving unverified users access to millions of accounts makes me nervous, and I think many people would agree that allowing unverified people to handle sensitive data is a massive security, legal, and ethical risk. 🐈Cinaroot 00:22, 10 May 2026 (UTC)
Also, this is not only about bad actors. CU, AC, etc., are just regular users like the rest of us. Wiki is a trust-based system. But CheckUsers and Arbitrators have enormous power. We need little more than trust to grant millions of user data to them. I like to hear from community rather than AC or CU's here 🐈Cinaroot 01:42, 10 May 2026 (UTC)
If you wish the practice to change, you may consult with the WMF. You have been given a basic explanation about why this is a bad idea from community members who actually understand the issue, but who can't change the present policy anyway. Izno (talk) 16:02, 10 May 2026 (UTC)
Are these users eligible to edit contentious topics
Users with more than 500 edits, account more than 30 days old but first edit less than 4 days old. ~2026-28712-00 (talk) 05:28, 13 May 2026 (UTC)
That will be at least 125 edits per day (That is a lot for a new user) but I am asking this because Autoconfirmed requires 4 days since first edit. ~2026-28712-00 (talk) 05:32, 13 May 2026 (UTC)
I believe extended confirmed still goes by 30 days since creation, not first edit, so yes. ~ Jenson (SilverLocust💬) 05:48, 13 May 2026 (UTC)
It's not meant to be a target. CMD (talk) 05:56, 13 May 2026 (UTC)
Yes, in theory, but statistically, if you look at the Recent Grants part of https://gamingcheck.toolforge.org/ with the Verbose option switched on, you'll see that that kind of grant acquisition pattern is often associated with either an indefinite block or an EC grant revocation. So, those kinds of features are a bit of a red flag. Sean.hoyland (talk) 06:47, 13 May 2026 (UTC)
I created WP:WORDL to have something to easily/quickly link to when placing this restriction, but obviously I don't want to add it myself to that section. Valereee (talk) 15:59, 16 May 2026 (UTC)
Thank you! Valereee (talk) 16:40, 16 May 2026 (UTC)
Although I appreciate why you'd link to the case page, where the entire text is in one place, linking to the appropriate item under Wikipedia:Contentious topics §Standard set might be more flexible, in case of future refinements to the restriction. isaacl (talk) 17:33, 16 May 2026 (UTC)
The problem is that mention had no link for more information about the editing restriction, just a note that linked to that same remedy. What we probably need is WP:Using the word limit restriction or something, which could link to all of the past discussions/future refinements. Valereee (talk) 17:43, 16 May 2026 (UTC)
Well, the case page likely will never have a link added for more information (and it has no more information than on the contentious topics page)... Sure, if someone wants to create an information page, more power to them! isaacl (talk) 18:00, 16 May 2026 (UTC)
