SoylentNews is people
SoylentNews
I've been approached about working on a new privacy policy for SoylentNews and have agreed to do so. This journal is the first step in that process.
SN currently runs on Rehash, which is written in Perl and dates back to Slash 2.0. Many privacy-related considerations in Rehash are dictated by decisions made by the Slashdot admins nearly 25 years ago when they wrote the original code. The age of this code and its dependencies on tools like mod_perl make it nearly unmaintainable, meaning that SN may implement a new code base sooner rather than later. This is a pivotal time to discuss a new privacy policy for SN, an the decisions made now will likely influence the implementation of whichever new code base powers SN in the future.
SN has three primary stakeholders, which are 1) the ownership, 2) the staff, and 3) the community. To be successful, any site policy needs the support of all three of these stakeholders. That means the community needs to be actively engaged in the process.
My first steps will be to solicit input from the SN community and to spend most of my time listening. There are three important questions to discuss:
1) Problems: What privacy-related considerations are important to you, the members of the SN community? What are your concerns? As long as the issues are reasonably relevant to privacy, anything should be on the table here. This includes things like what user data gets stored, how long it is retained, who has access to it, the right to be forgotten, anonymous commenting, and anything that can reasonably be construed as a privacy issue.
2) Process: All three stakeholders must be supportive of any privacy policy for it to be effective. Therefore, once a privacy policy is drafted, we need a process for all three stakeholders to approve this. I anticipate the biggest questions here will be how you, the members of the SN community, get to voice your support or to request amendments to the policy. What process would the community like us to follow for enacting policy? Do all logged-in users get to vote? Does the community elect representatives?
3) Potential Solutions: Once you, the members of the SN community, make your privacy concerns heard, we need potential solutions for those concerns. These solutions will be limited by a few constraints. To allow for robust discussions and make SN a welcoming community, we need the ability to track abuse of the site (e.g., spam comments, sock puppet account creation, gaming the moderation system, etc...) to prevent disruption of the discussions. SN is required to comply with the laws in relevant jurisdictions such as the United States and the state of Delaware. Any solutions have to be practical, given the limited financial and human resources. Working within those constraints, SN policy should go above and beyond what is merely required by law, and to maximize the privacy of the members of the community.
I'll start by posting three journals at least 7-10 days apart to discuss each of these issues. For this journal, I want to focus on the first point, which is what privacy concerns you have, What is important to you, as members of the SN community, and what do we need to address in the new privacy policy? While any discussion of privacy matters is on-topic in this journal, I'd like to try to keep the discussion focused as much as possible on privacy-related problems that we need to address.
There are a few ground rules in this discussion:
1) If you're giving examples of specific privacy concerns, please don't include actual user names or people. Please use hypothetical terms, or use generic names like "person A" and "person B."
2) The new privacy policy is forward looking, meaning that the discussion should focus on how we can be better in the future, and not on holding people responsible for past mistakes or how the existing code is written.
3) Please keep the discussion civil and welcoming. Everyone deserves a chance to participate in this discussion and to be heard. Please keep the discussion constructive and refrain from posting personal attacks. Privacy is for everyone, and that means everyone deserves to be heard. I ask that you please don't try to dominate the discussion or shout other people down, and instead let everyone make their opinions known.
4) Please keep the discussion on-topic. Any privacy-related matters are on-topic, but issues like story selection are beyond the scope of this policy. Let's keep issues like politics out of this discussion, too.
5) Please don't moderate people down unless they're off-topic, trying to dominate the discussion, shouting people down, or posting personal attacks. Even if you disagree with someone else, please don't moderate them down unless they're violating the ground rules for this discussion. I want everyone to be heard.
I pledge that I'll read every comment that you post. My direct input to this discussion will be minimal, and I probably won't post at all except maybe to answer questions or ask for more detail if appropriate. I'm not here to debate with people. I just want to listen to your concerns. Anonymous Cowards are welcome in this discussion, but all comments that I post will be from the dalek account. I have unchecked the "willing to moderate" box in my user preferences, which means that I am not moderating any comments in this discussion. I am just here to listen.
I want to make these discussions as inclusive as possible. That means I intend to allow Anonymous Coward input to all of these journals. In exchange for keeping these discussions open, I ask that you please keep these discussions on track. I will post future journals, but for now, I want to know what your privacy concerns are, and what topics we need to address in the new privacy policy.
(Score: 2) by janrinok on Thursday June 01, @08:32AM (31 children)
I disagree. It has usually been the recipient of the email who has compromised his own hash by publishing it in a comment on this site. In fact, if you look closely, they have usually added invalid characters into the hash while maintaining the correct hash length to prevent any reverse hashing.
I have occasionally pointed out that 2 alleged different ACs are in fact the same person but not the information that we needed to make that link (which need not be the IP hash). This is to prevent abuse by appearing to have more support for a particular viewpoint than is in fact the case.
(Score: -1, Offtopic) by Anonymous Coward on Thursday June 01, @10:20AM (3 children)
Janrinok the Accuser! Preventing privacy abuse on SN, by committing it first! The best defense is offensive! We had to destroy SoylentNews in order to save it. Isn't that the way they say it goes. But forget all that, and give me the number, if you can find it.
(Score: 1, Offtopic) by janrinok on Thursday June 01, @10:42AM (2 children)
The number to what?
(Score: 1, Offtopic) by janrinok on Thursday June 01, @11:02AM
I have moderated them all as Off-Topic, including my responses - because that is what dalek originally ask for when introducing this discussion.
(Score: 0) by Anonymous Coward on Friday June 02, @02:52AM
Operator?
Jim Croce
(Score: -1, Troll) by Anonymous Coward on Thursday June 01, @05:21PM (8 children)
Hahahahahaha
Ok, now unmask all of the sock puppets you've found and the users' main account. No personal info needed so by your standards no reason not to. What a load, and blaming your bad actions on some AC unmasking themselves is an obvious deflection.
(Score: 1) by dalek on Thursday June 01, @08:32PM (7 children)
I would like to remind you of the ground rules for this discussion:
Please follow the rules I have specified.
If you have concerns about transparency and accountability for actions taken by people who have privileged access to user data, that is a valid privacy concern that certainly can be discussed. If you believe these actions should be reviewed by a third party such as a panel of community members who don't have privileged access, that could be put up for discussion. It might not be practical to do so, and one would have to ensure that those community members are trustworthy, but it is a valid privacy concern that certainly could be discussed. If you believe there need to be clear policies for revoking privileged access for anyone who does not follow the privacy guidelines, that is also forward looking, and is a reasonable topic for discussion. I am more than willing to discuss all of these topics in subsequent journals.
However, the purpose of this journal is not to criticize staff members for past actions. It is about developing better privacy policies for the future. Please follow the ground rules I have posted for this discussion.
EXTERMINATE
(Score: -1, Offtopic) by Anonymous Coward on Thursday June 01, @10:09PM (6 children)
Those who ignore history are bound to repeat it.
"However, those points can be made without referring to specific individuals, dwelling on past decisions made by the site management, posting personal attacks, or bringing politics into the discussion."
Only aristarchus was mentioned which is not a personal attack and is fair to mention since I am falsely accused of being aristarchus. If you want civility then it starts with staff and must be maintained. There are many spam mods I have received for making these complaints, which the entire community should see and are not spammed or frequently brought up outside already offtopic threads. No apologies or fixes for bad moderators makes me care even less about being more civil, so since you are requesting you (now staff) civilize first. Being in power and declaring rules based on personal bias is exactly what person B accuses person A of wanting.
As for politics, the bias has been clear for years of story selections. When staff stop allowing rightwing politics while banning leftwing topics with "that is what journals are for" then we can try ignoring politics. Your rules mean nothing when you feel self righteous in handing out spam mods for site criticism, so if person A is being targeted for spam mods then restore their accounts so you can stop making mistakes.
Yes all my points are valid, which is why they get repeated. Staff could shut me up by posting clear rules and honest technical privacy information like logged in user's ac comments tied to the username forever. Editor B is busy muddying the water with not-exactly-lies. Dalek you've been trying to remain civil, it is a hard task and I wish you the best of luck, but playing hardline authoritarian is not how to build a successful community of nerds.
- hopefully this was only posted once, so many similar posts by dalek I think this is the one that had a form error preventing submission
(Score: 1) by dalek on Thursday June 01, @10:26PM
I do appreciate your concerns and your frustrations. I'm trying to get actionable items that can be addressed going forward. Thank you for your kind words; they are much appreciated!
It seems like there's a trust issue between some community members and some members of the staff. One of the ideas I've been thinking over is community governance.
What if the community elected members to serve in various capacities, but those community members wouldn't have privileged access to the site? It could be a community advisory board to help define policy, whether that's editorial issues, amending the privacy policy, or any other matters that arise. They might help with conflict resolution, when there are concerns that a staff member might not have followed site policy. In that case, they would get access to the specific privileged information to determine the facts of the situation, but wouldn't have access to anything else. Community members might also be able to act as an appeals panel, if there's a dispute over something like a moderation ban. They wouldn't see any information except what's strictly necessary to determine the facts of the situation. We'll want to make sure there isn't an excessive workload for any individual, because these would also be volunteers.
I'm suggesting this in the hopes that community members might see this committee as their peers instead of staff members with privileged access. I don't know if this is something the community would even be willing to do, but I'll post it as a possible way to address these issues in the future.
I know this technically isn't within the scope of this journal, but I welcome feedback for this idea.
EXTERMINATE
(Score: 2) by janrinok on Friday June 02, @04:37AM (4 children)
dalek was asked if he would be prepared to undertake this role because he is not staff. He does not have access to any more information than you do. He is entirely independent. You couldn't be more wrong.
Why was he asked? We have received many emails from dalek over an extented period of time raising privacy issues and complaining about specific problems, all supported by well written arguments. He has strong views on the subject and he is keen to have privacy issues covered by some form of agreed document that we can all work to. He often holds our feet to the fire, but he does it correctly and we have intelligent discussions. dalek has done more to shape our views than all of the random complaints by ACs that litter otherwise intelligent discussions. We have made changes based on our earlier discussions, and you are referring to some events that happened in the past but not more recently.
As a result of these discussions, I believe that dalek can also appreciate the difficulties that we face in managing a discussion forum that is sometimes being abused to target specific individuals. That is not the purpose of this site.
You are missing the entire point of this journal entry. Lets get this sorted out now, before we end up writing any more software that makes the same mistakes that were made 25 years or more ago. We are prepared to consider dalek's findings and to try to produce an agreement that will clearly state what is acceptable and what is not.
This is the staff getting feedback from, and listening to, the community again - but a handful of you are failing to understand that. You are, in effect, silencing yourselves and the community.
(Score: -1, Spam) by Anonymous Coward on Friday June 02, @07:40PM (3 children)
Those discussions happened after years of these complaints being posted, glad someone finally took them seriously. We shall see if you can do better.
Your constant gaslighting where you merge the behavior of at least three separate people is your own act of witless evil. I get it, hard to deal with when they are AC. Too bad, registered user accounts aren't that much better since creation can be automated. That is the site's decision, you don't get to abuse people because your system is faulty.
I refuse to email you because these discussions should be done in the open, and there is no technical security vulnerability you would have to disclose to discuss these things. The clear fact at this point is you do not wish to let the community know just how much they are tracked and how easily admins can tell who made an "AC" comment, and you pat yourselves on the back saying users should already know everything about protecting their privacy on your site. That is usually fine, except when you champion freedom and privacy while allowing white supremacists cUz FrEE sPeEcH!@!#!$%%@!!
(Score: 1, Offtopic) by janrinok on Saturday June 03, @05:34AM (2 children)
We have been changing policy almost continuously to improve the site. We do it through consultation with the community (The Big Discussion [soylentnews.org]) which resulted in AC comments from people not logged in being removed from front page stories because the actions of a handfull of them were preventing the majority of the community being able to discuss topics intelligently. That policy change has been entirely successful.
This is another community consultation process, independent of staff control, to enable everyone to express an opinion.
Your comment is directed at an individual. Again you want to shout down those you disagree with to prevent them from expressing their views. You have made your statement. Repeating it will achieve nothing in this discussion.
Email me from a secure email account and if you want to discuss your problems like an adult. Your comment is Off-Topic in this journal entry. Hubie stated such in his introduction to the discussion.
(Score: -1, Spam) by Anonymous Coward on Sunday June 04, @08:03AM (1 child)
Well, thanks to Hubie for starting this forum! Except, it was dalek? Janrinok, are you alright?
(Score: 0) by Anonymous Coward on Sunday June 04, @08:46AM
Senior moment acknowledgement gets a Spam mod? OK, if there are no family members present, I will just back away from the hole situation.
(Score: -1, Troll) by Anonymous Coward on Thursday June 01, @07:16PM (16 children)
If you are comfortable pointing out which AC comments came from the same person why should anyone trust that you will not do worse in more private conversations?
(Score: 1, Offtopic) by janrinok on Thursday June 01, @08:02PM (6 children)
Because part of my job is controlling site abuse.
So you have nothing to substantiate that claim. FUD.
(Score: -1, Troll) by Anonymous Coward on Thursday June 01, @10:03PM (5 children)
You've made multiple false accusations, some lointless ones, and saying comments shared IP hashes does nothing to stop the spammer. It is not FUD to say we should worry about public abuses being worse behind closed doors. Interesting how you never provide details for your accusations and pointing out your false accusations gets spam modded. Totally above board, some say the most above board, you wouldn't believe the honesty folks! TMB was right, and the way I see you attacking NCommander is pretty shitty after all the whinging you do about being a volunteer getting harsh criticisms.
(Score: -1, Troll) by Anonymous Coward on Friday June 02, @10:23AM (4 children)
I think what everyone is trying to say, is that we need a privacy policy that is robust enough to withstand a rogue admin like janrinok. His witchhunt should not even be possible.
(Score: 2) by janrinok on Friday June 02, @12:32PM (3 children)
If you want to discuss me personally - send me an email. It works fine for dalek and other people. I welcome the opportunity to explain why things are the way they are. I have no objection of anyone criticising me - but stop disrupting other discussions. Personal attacks are Off-Topic.
(Score: -1, Troll) by Anonymous Coward on Friday June 02, @07:00PM
Disrupting? Curious comment from a privacy violator!
(Score: -1, Troll) by Anonymous Coward on Friday June 02, @07:18PM
It does not work for me, transparency is what is needed. The fact that you previously let slip that hashed IPs are forever stored for registered users, but now you're playing word games to not exactly lie but oush "hashed IPs are dropped after two weeks" when previously that was only for the general AC account. Anyone that pays attention would see these patterns, but most users only see a few if these offtopic discussions since you're so keen to downmod every single one but mever your offtopic replies.
Quite simply SN is run by admin abusing authoritarians that smear others for questioning authority and pointing out inconvenient facts. With human hive mentality it will take personal experience for each user to give these criticisms consideration. The lesson seems to be the same, anyone that appeals to authority and conceals problems should be treated as untrustworthy authoritarians.
The real eye opener was seeing you authorize targeted abuse which obviously did not prevent the spamming account creator, so why? Any future community should be built on trust and transparency. Seems to be the last thing paranoid libertarian techies want to do, gotta keep the tight fist of control!
(Score: -1, Spam) by Anonymous Coward on Sunday June 04, @08:07AM
Explain why things are they way they are, janrinok. Locked down, aristarchus banned, Runaway running away, khallow not being able to shut the up fuck. You think any of this is good for SoylentNews? You killed it, janrinok! SoylentNews has died under your watch. Time to just own up, and ride off into the singularity.
(Score: 1) by dalek on Thursday June 01, @08:22PM (8 children)
This is not a discussion about whether you have confidence in the staff. The ground rules say:
I do respect the concerns about 1) what information is stored, 2) who has access to that information, and 3) how that information can be shared. If you are concerned about the ability of staff in some circumstances to determine which users posted AC comments, and how they use that information, those are also valid concerns, and I appreciate them. I will ensure that these are brought up for discussion in subsequent journals.
Please limit the discussion to the actual privacy issues instead of criticisms of current staff members for past actions.
EXTERMINATE
(Score: 0) by Anonymous Coward on Monday June 05, @02:11AM (7 children)
Umm, no? Is that why you made a new journal, to bury the criticisms again? Personally all that is needed is honesty and apologies for bad community management. Sadly it seems SN is doubling down on tyranny by committee. Very musky.
(Score: 1) by dalek on Monday June 05, @07:09AM (5 children)
The new journal directly links to this journal twice in its first paragraph, and the first three words of the title are "Privacy policy updates." The new journal explicitly and conspicuously addresses this one, and it also explicitly encourages people to continue discussing the topics of this journal here. This journal had started to slip down the recent journals Slashbox, and the rate of comments had waned significantly. If anything, the new journal draws more attention to this one than it had been receiving. Moreover, I indicated that I would continue to review this journal and create a complete list of all the privacy concerns that have been raised. You have a very unusual and unique definition of what it means to bury criticisms. Also, the fact that I posted this journal does not prohibit me from also posting other journals to discuss other topics that are of interest to me.
Now, I fully support honesty and transparency. I think there are some misunderstandings of how Rehash works, but this can be addressed by properly documenting how the code works, especially in regard to user privacy. And I support summarizing that in the privacy policy in a way that's easily understood. There could even be an FAQ with questions about how the code works, with accurate answers. As I recall, there was an infamous thread on Slashdot investigating troll comments, and it picked up a vast amount of off-topic mods. Moreover, people who modded up comments in that thread discovered that they no longer had the ability to moderate. At least some of these criticisms were addressed in Slashdot's FAQ, with questions such as if editors can moderate. I should also point out that Slashdot had scripts to make users automatically post at -1 and to silently revoke their moderator privileges, the later of which was done at a large scale to people who modded up comments in the aforementioned thread. The editors also spent hundreds of their unlimited mod points in that thread. I support transparency and honesty, and that's a topic that will be up for discussion in a future journal.
As I stated, the criticisms of staff that you're referencing are off-topic in this journal:
The good news is that I have a solution to offer to you that will meet your needs. From your description, it seems that you'd like to have a journal with a topic that's outside the scope of this one. If your goal is to have a discussion about criticizing SN staff for past mistakes and to criticize the existing code, you have a way to do this, and to have it be completely on-topic. All you have to do is create your own journal that's dedicated to those specific topics. Because that journal would be posted from your own account, you could ensure that the only topics that are discussed are the ones that you want to discuss. If you want a journal to discuss topics that are outside the scope of this journal, why not create your own? If my journal isn't satisfactory for your purposes, what's getting in the way of you creating your own?
I wholeheartedly encourage you to create your own journal, express your criticisms of the staff and the existing code, and post it with comments enabled for everyone. Your criticisms will be displayed far more prominently than any of your comments in this journal. Your criticisms will get far more visibility, and the community can discuss those topics without any distractions like the code base or proposed drafts of the privacy policy. Why not post your own journal to make sure that your criticisms are as visible as possible, with no distractions at all? What's stopping you?
EXTERMINATE
(Score: -1, Spam) by Anonymous Coward on Monday June 05, @09:23AM (4 children)
Dalek's attempt to bury the "town hall" mysteriously coincides with a magical disappearing janrinok post to NCommander's journal, where he complained about SN's faults all being laid at the feet of "staff", or, him. I suspect puppetry of socks.
(Score: 1) by dalek on Monday June 05, @11:11AM (3 children)
I'm under no obligation to tolerate your behavior.
The current effort to develop a privacy policy is a genuine attempt to listen to the community's concerns and to be more respectful about privacy in the future. I am a volunteer, not even an actual member of the staff, trying to oversee this process. I fully intend to bring any actual privacy concern up for discussion, whether it involves transparency, logging and data retention, anonymous posting, the right to be forgotten, how to ensure that privacy is actually being respected, and anything that's remotely relevant to the topic of user privacy. I'm here to support privacy and to do right by the community.
None of this means that I'm required to stand by while you refuse to respect the ground rules of my journal or accuse me of things that are factually untrue. If I said I've had enough and walked away from this effort because of your abuse, it's very possible that you'll be stuck with the privacy status quo. I'd just like to point out that the status quo is something you've repeatedly said you strongly oppose. This is a great opportunity to do something about it and to have real and enforceable policies to protect privacy. But it means you have to play by the ground rules, and you haven't been doing so.
I'm not your property, and you don't get to make demands of me. I think it's important to have these discussions, but my volunteer effort to work on a better privacy policy does not mean that I can't talk about other topics just because they're inconvenient for you. Once again, you don't own me.
I fully intend to do right by the community, which encompasses everyone who visits and participates at SN. The community is not one or two people. It is everyone, regardless of whether or not I agree with their political views, share their interests, or get along with them personally. Everyone who wants to speak up on the topic of privacy deserves to express their opinions without being drowned out by your off-topic attempts to antagonize people. You're fortunate that this town hall doesn't involve everyone gathering in a meeting room to discuss their opinions. If it were, someone who behaved like you and tried to disrupt the discussion would probably be escorted out in handcuffs by the local police for disorderly conduct and would spend the night in jail.
If you have real suggestions about what the privacy policy should include or how it should be developed, I'm happy to hear you out. If you don't wish to discuss those things, then kindly go away. The next journal about developing a privacy policy will be posted about a week from today. There will be at least one more after that, and quite possibly more. If I see fit to discuss other topics in my journal during this process, topics such as motorsports, that's my right, and you have zero grounds to complain about it. Even if you don't care about the privacy policy, at least have the decency to stop trying to disrupt a process that will benefit many other community members.
EXTERMINATE
(Score: 0) by Anonymous Coward on Monday June 05, @08:46PM (2 children)
Dalek, just listen to yourself! Behave! Your story about the troll mod discussion is complete fabrication, a lie, in other words. You can demand compliance with janrinok's rules all you want, but you have no power here. (*Dalek turns into a large Snowy Owl*)
(Score: 1) by dalek on Tuesday June 06, @12:42AM (1 child)
Not a fabrication at all. Here's the thread: https://slashdot.org/comments.pl?sid=26315&cid=2850660 [slashdot.org].
And four years later, the thread was discussed in https://slashdot.org/comments.pl?sid=183628&cid=15166303 [slashdot.org], and at least one user reported that they were still banned for moderating in the first thread.
EXTERMINATE
(Score: 0) by Anonymous Coward on Wednesday June 07, @09:39AM
That would be aristarchus, then.
(Score: -1, Spam) by Anonymous Coward on Monday June 05, @09:20AM
In the past, it was common practice to displace journals where the alt-right was having its ass handed to it. Most of the time, a Runaway1956 journal would be immediately followed by a boring and technically inane entry by takyon. Did not really work, though, other than to telegraph their fear and desperation.
(Score: -1, Spam) by Anonymous Coward on Saturday June 03, @07:06AM
Janrinok disagrees, he does not deny. Obviously, the staff have done this. Oh, the Modulating Morphates!