Talk:Volunteer Response Team/Volunteering

Liability and risk warning for prospective volunteers

edit

Recent discussions have made it clear to me that the WMF:

  1. has no public liability insurance for OTRS volunteers
  2. makes no guarantee that they will not raise a civil suit for damages against an OTRS volunteer
  3. would supply identifying information about volunteers if presented with a subpoena; other organizations would only do this if a warrant were presented, i.e. an independent crime investigation rather than a civil case, see this EFF report
  4. maintains a legal fund, however this would not be used where the WMF were a party to a civil case, nor is there any guarantee of availability, or definition of whether this would ever be made available to OTRS volunteers suffering from a civil case for damages
  5. this is in the context that neither the WMF, nor any other Wikimedia organization offers standardized training for OTRS volunteers

That I might be personally liable for unlimited damages both for correspondents and the WMF (to the extent of putting my house at risk), was not clear to me when I first applied to be an OTRS volunteer. With later experience I am cautious in not taking "difficult" cases and have sufficient experience to be aware of how vaguely interpreted what might constitute giving apparent legal advice or accidentally releasing damaging personal information might be.

Proposal: Prospective volunteers would benefit from having the risks spelt out clearly in a visible warning banner on this volunteer application page. They might then at least be encouraged to read up on what their liability is, consider their own liability insurance, and ask questions about it (which to date I have never seen a prospective volunteer ever do) and take serious precautions such as choice of pseudonym, keeping their own records of events, or asking for independent advice for difficult cases before making any commitments in writing. -- (talk) 09:43, 3 January 2014 (UTC)Reply

I think you're looking for another problem to match the solution you've come up with. Well, in my personal opinion, your concerns are (somewhat) unfounded and (somewhat) misleading in ways. On your point, numbered same:
  1. Where were you ever given the impression, or alternatively, where is it indicated or even hinted at that there is some "liability insurance" or other "assistance" (other than what has been disclosed by the Foundation) available to volunteers? I don't see this portrayed anywhere, and I think it's an extremely moot point.
  2. Will await Foundation comment - I'm not sure that people are very concerned with this. Agents have nothing to be worried about, with regards to their answering of tickets, unless they are intentionally answering tickets in malicious/other inappropriate ways, handling the information in ways contrary to the privacy policy, etc.
  3. Awaiting Foundation comment.
  4. I don't have a link to the legal fund information, but if I recall correctly, when this was created, it was mentioned that OTRS agents would be one example of a user would benefit from such fund, if the need had raised and criteria were met.
  5. What do you mean by "training"? Users are given a plethora or resources to assist with determining if and how a ticket should be handled. On the otrs-wiki, there are many help pages, guides, FAQs and a number of venues available for further guidance/assistance on any ticket. With that being said, training and development has something that I and a few other OTRS admins have been planning to begin an "overhaul". But we've been quite busy since the upgrade, and now with the new year, we have a couple of other time-sensitive projects that take precedence, but I expect we'll start delving into this in the first quarter of this year.
I've dropped a note for a Foundation response here. I was speaking above as a long-time member of the OTRS community. Sure, other people have expressed some of the same concerns as you over the years - I'm certainly not simply dismissing them - I'm always open for discussions. I just felt necessary to clear up a couple of the misleading statements above.
I oppose the addition of such "warning" message to the page. I think that would take things slightly out of proportion. Rjd0060 (talk) 12:07, 3 January 2014 (UTC)Reply
Hi, thanks for your views. I note that my listed statements of fact above remain true as stated. As well as the link above, you or others can find clarifications from Geoff Brigham that are now archived at m:Talk:Access_to_nonpublic_information_policy/Archives/2013 helpful. With regard to the legal fund, this is not insurance, it is not guaranteed in any circumstances, and it would make no sense for the WMF to authorize funds in a case where they were a party against their own financial interests. Thanks for asking the WMF to clarify, I look forward to a further statement from Geoff. Examples of where the legal fund has ever been used to help OTRS volunteers in the past may be illuminating. Thanks -- (talk) 12:29, 3 January 2014 (UTC)Reply
I still think we're going a bit overboard. I've been following the nonpublic info. discussion. I just don't see the big issue. :-) I've poked Maggie Dennis, who will poke the appropriate "Legal" person, or whoever should comment here. Rjd0060 (talk) 12:34, 3 January 2014 (UTC)Reply
A serious warning about personal liability that may cause a prospective volunteer to take the time to understand and ask questions about their risks and responsibilities seems fair both on the unpaid volunteer and the WMF. In terms of "standardized training" I mean a basic standard of training required of volunteers before having access to OTRS. Currently, a newly approved OTRS volunteer may have read none of the guides you mention above, particularly all material on the OTRS-wiki which by definition is not available to prospective volunteers. Thanks -- (talk) 12:47, 3 January 2014 (UTC)Reply
Hi, I do not see how that would be unclear. The new confidentiality agreement explicitely states that "[t]he Wikimedia Foundation may pursue available legal remedies, including injunctive relief or, in the case of willful intent, monetary damages." As far as nonpublic information in general is concerned, it should be clear that if you do something against the law (or, for that matter, do anything at all), you risk that someone takes legal action; given that users are required to submit identifying information under the draft access policy in order to ensure "accountability," I also fail to see how it would be unclear that the information may be used in legal contexts. As regards the other points on your list, I think these are basically evident. Why would you have a prima facie believe that someone will cover your legal fees? Cheers, — Pajz (talk) 12:41, 3 January 2014 (UTC)Reply
I don't intend to have legal fees, however any OTRS volunteer who handles tricky complaints from random members of the public should be realistic and recognize they are at risk of finding themselves the subject of claim of damages either from the complainant or a subsequent claim of damages from the WMF (or the WMF insurers) if the complainant sues them. Other charities pay for liability insurance for their volunteers who do work such as answering questions on behalf of the charity and its projects, the WMF chooses not to do this. -- (talk) 12:47, 3 January 2014 (UTC)Reply
My point is that you don't just believe that someone pays for your liability insurance. Some organizations may do that, but it's barely something anyone can reasonably expect. Let me add that this is not to say nobody should be alerted to potential specific legal risks. For instance, we raised the issue of liability risks associated with handling permissions-related tickets at a past workshop and a lawyer confirmed the suspicion that if an agent falsely tags an image (thereby averting its deletion) this may indeed have liability implications for him. I very much agree, hence, that it's helpful to remind agents at times (e.g. on our internal help pages) that some particular actions could also be, in some specific way, legally relevant. But your proposals for additions go too far in that I think they are, in this generality, obvious and unnecessary. You know, it's always easy to argue in favor of legal warnings, health disclaimers etc.—someone may not know, after all. Someone may be helped with a 10-page health warning inside every cigarette box. How could anyone oppose that? Etc. Nevertheless, I think such proposals need a good justification—I do not want this world to be plastered with scary warnings everywhere I look. Yes, you may attract liability in the context of your OTRS work, but that ia nothing really extraordinary. — Pajz (talk) 13:49, 3 January 2014 (UTC)Reply
Ensuring that volunteers and contractors that fulfil standard functions on official funded projects have adequate public liability insurance may be more UK good practice rather than USA, perhaps; it is a standard expectation for UK charities. If the member of the public is expected to sue the individual unpaid volunteer as having full independent responsibility and authority, rather than the organization that is hosting and funding the project they were dealing with, then both the volunteer and the public need to be extremely clear on that fact, otherwise the WMF is risking the liability shifting to them should there ever be a valid claim of damages; particularly if it turns out that the unpaid volunteer is living on benefits and would need legal aid to defend themselves, is a minor in their country of residence, or may even be considered legally/medically incompetent at the time of any correspondence. -- (talk) 14:22, 3 January 2014 (UTC)Reply
You're signing up for a website and a bunch of anonymous users from around the world (independant from the site operator) grant you certain access rights, just like an active user in a forum eventually may be made a moderator by fellow forum users. I doubt that it is reasonable in any part of the world to expect that the organization operating the forum/site/... (which explicitely claims to have no resonsibility for whatever users do on their site) now suddenly will come up for legal costs that may arise for you. I'm not saying that it would be unreasonable to do so, just that it's unreasonable to expect it. — Pajz (talk) 14:35, 3 January 2014 (UTC)Reply
I am not disagreeing with you, certainly that remains the WMF's viewpoint, apparently. I am just asking that you take a version of the general caveat emptor paragraph you have just written, and stick it into a notice at the top of the volunteer recruitment page so that innocent wide-eyed newbies have the same understanding. Thanks -- (talk) 14:52, 3 January 2014 (UTC)Reply

┌───────────────────┘
As discussed with, and reviewed by, the community in the ToU drafting discussion, we have the following in the first section of the Terms of Use:

Please be aware that you are legally responsible for all of your contributions, edits, and re-use of Wikimedia content under the laws of the United States of America and other applicable laws (which may include the laws where you live or where you view or edit content). This means it is important that you use caution when posting content.

There is also similar language in the Defense of Contributors policy.

As to the policies more generally: I've been involved in a great number of open source projects, and advised a great number of user-created websites, and the Defense of Contributors and Legal Fees Assistance Program are not only the strongest legal protections for volunteers I've ever seen, they are the only such policies I've ever seen. (If you've got stronger examples from similarly-situated projects, I'd be interested in seeing them.) And they're not empty words: during my ten months with the Foundation, we've quickly provided legal counsel under those programs in each of the four cases I'm aware of.

Hope that background helps inform the discussion and keep it grounded in reality. -LVilla (WMF) (talk) 18:18, 3 January 2014 (UTC)Reply

Hi LVilla, thanks for the comment here. I am a bit lost as to how the quote you have posted relates to the issue at hand of ensuring that prospective (and current) OTRS volunteers understand that they are at risk of being sued for damages when they work as unpaid volunteers on OTRS (the same is not true for employees that use OTRS). This is not a question of re-using Wikimedia content or making edits.
I am interested to see that the Legal Fees Assistance Program has been applied in four cases. This leads to three obvious questions:
  1. Did any of the past cases involve OTRS volunteers?
  2. Could you publish the criteria that WMF Legal would apply when deciding whether an unpaid OTRS volunteer who gets into hot water would be eligible for funded support and when they would not?
  3. Do you (WMF Legal) believe that when we invite prospective unpaid OTRS volunteers to apply for access, that we (the volunteer community) should unambiguously spell out their risks and liability for taking on these responsibilities?
Thanks -- (talk) 23:08, 3 January 2014 (UTC)Reply
edit

Shouldn't the "apllication form" be updated in order to automatically include a link to some global editcounters? I usually don't leave a comment but if I do I always try to have an idea of the general activity of the candidate and I look for some statistics. Am I the only one?--Alexmar983 (talk) 18:53, 6 April 2015 (UTC)Reply

Age (again)

edit

I see this was asked in the archive ten years ago, without a very convincing response. Privacy policies have also changed significantly since that time, so I'll ask again. I have often considered volunteering, until I get to the bolded instructions which clearly say, tell us your age. I could always make it up and no one would know different, but that's not my style. I have signed the CheckUser agreement and been editing for nearly 13 years - if that's not good enough I suppose I could wait another 3 years to basically write off this requirement. The issue is this - I am not prepared to tell an unknown bunch of people my age. Even if I knew who you were I still wouldn't tell you. As long as the applicant meets the requirements I don't see how this is of any relevance. There's also no indication of how this data is processed or retained or made available. So my question would be, is this really necessary, still relevant, and well thought out? zzuuzz (talk) 17:49, 13 May 2018 (UTC)Reply

Your age is part of the email that you send the OTRS admins whose queue is restricted to just them. Your age is not told to anyone else. Period. It is to make sure you are legally allowed to enter into a contract, which is what the confidentially agreement is. Signing an agreement when you are not legally allowed to do so is, in it of itself, probably illegal depending on your jurisdiction (IANAL). --Majora (talk) 17:51, 13 May 2018 (UTC)Reply
Thanks for the information. I'll assume the data is held indefinitely and available to any current and future OTRS admins for evermore. So if I told you I was older than 3 when I started editing - let's be honest that's fairly plausible - this would be good enough? Why not a statement that I am older than 16 (or 18)? Given what WMF has achieved in terms of holding personal data of this type, this seems like an outdated anomaly. zzuuzz (talk) 17:59, 13 May 2018 (UTC)Reply
I'm not sure why they still ask for your age, when you don't need to explicitly say your age (other than signing the confidentiality agreement) for CU/OS access. I imagine you could just say that you are uncomfortable revealing your age, but will sign the agreement and confirm that you are over 16 years of age. – Ajraddatz (talk) 18:15, 13 May 2018 (UTC)Reply
Huh. Well now that it has come up and I dug a little further it seems like my original opinion on why is wrong. The agreement is dictated by California law (says so right in it). But the State of California doesn't make a distinction between minors and adults when to comes to contract law (as far as I can find) except in three instances. This is where I say again that I'm not a lawyer and walk away before I dig myself a deeper hole. I'm sorry Zzuuzz, my original opinion appears to be wrong and I don't know why there is an age requirement or a necessity to provide it. --Majora (talk) 18:16, 13 May 2018 (UTC)Reply
In the past OTRS agents also had to provide a scan of their ID. And the thing is that some tickets have IDs of people giving permissions and such. It is quite fair that people getting access to those at least reveal the real name and age, even though currently it is possible to lie about both. --Base (talk) 18:49, 13 May 2018 (UTC)Reply
Thankfully in the UK I legally can use whatever names I like (and I do), as long as it is not for fraudulent activity, so good luck with the real name thing. And in the past, WMF discontinued this requirement. WMF even (apparently) shredded the identification as soon as it was received. But retaining information for accountability (as opposed to a declaration of majority) suggests that it is potentially going to be disclosed. zzuuzz (talk) 19:34, 13 May 2018 (UTC)Reply
@Zzuuzz: It's very simple: approving new OTRS agents is based essentially on trust (and on the past editing history on Wikimedia projects). If you do not trust OTRS admins, there is no reason they should trust you as the whole thing sounds just weird. Moreover, OTRS admins (like other OTRS agents) have signed the very same agreement you saw: this means that they cannot reveal publicly neither your age, nor your real name. --Ruthven (msg) 13:22, 14 May 2018 (UTC)Reply
Would you lend the keys of your house to all future OTRS admins? I bet you won't because you don't trust them. Why do you not ask applicants for their home address and bank details? Age is just another data point along the same spectrum of irrelevant information, and in other areas the WMF has made some good progress in terms of its policies. I'm not sure whether anything above represents the views of the WMF (and I'm guessing absolutely not), but thanks for the responses anyway. I guess I'll see you around. zzuuzz (talk) 15:35, 14 May 2018 (UTC)Reply
The bank details are not relevant for the task, as you can imagine. For the rest, yhe answer is "yes", I do trust OTRS admins (past and future) because this is a collaborative project and we cannot work alone. Again, trust is central here. --Ruthven (msg) 15:47, 14 May 2018 (UTC)Reply
Bank details and age (and lending your house keys) have exactly the same relevance for the task, when considered against a declaration (or indeed proof) of meeting a minimum age requirement. You really trust all other current and future collaborators on a wiki with that? Hyperbole or something else methinks. zzuuzz (talk) 15:57, 14 May 2018 (UTC)Reply
Being shy on oneself age is different than not wanting to lend my house keys. What harm can come to me from future admins knowing my age and name? --Ruthven (msg) 16:24, 14 May 2018 (UTC)Reply
I realise some people are free and easy with personal information on the Internet, and perhaps you are one of them. I am not. When you have the number of malicious, mentally deranged, defamatory, threatening, violent, dedicated trolls as I have, you value your privacy. Any release of any personal data (inadvertent or otherwise) is a risk to that privacy, with further consequences. Have you heard about those trolls who phone up your work all day and get you sacked? Or the ones who approach your family or turn up on your doorstep? One half of the world thinks that information can be controlled, and any bad consequences can be punished. I belong to the other half who think the best way protect information is to not let it be collected unnecessarily. I tend to think the WMF is normally firmly in the latter group. zzuuzz (talk) 17:17, 14 May 2018 (UTC)Reply
It's your experience, but mine is different. I disclosed to the OTRS admins my personal information when applying, and my bunch of affectionate trolls and stalkers haven't phoned me at home or at work. No leak until now, as it has to be. --Ruthven (msg) 17:25, 14 May 2018 (UTC)Reply
Then I'm glad you haven't had the same experience as others and I'll bid you good day. zzuuzz (talk) 17:32, 14 May 2018 (UTC)Reply

Signing L32

edit

With my real legal name, or my on wiki name? the phabricator page is not explicit. Thanks enL3X1 ¡‹delayed reaction›¡ 17:50, 28 May 2018 (UTC)Reply

@L3X1: With your phabricator account. --Ruthven (msg) 18:37, 28 May 2018 (UTC)Reply

How badly is OTRS hurting for volunteers?

edit

I saw talk on the moderated email list about the new EU laws possibly raising the workload. Does OTRS (specifically the en.wiki, where I am active) actively need people to apply? Or is it normal recruitment levels? thanks enL3X1 ¡‹delayed reaction›¡ 02:08, 1 June 2018 (UTC)Reply

OTRS is always looking for trustful volunteers, in particular for the most lagged queues (e.g. permissions). However, the GDPR issue is not an OTRS understaff problem, because all the mails should be forwarded to privacy wikimedia.org so that the Wikimedia Foundation may address them. --Ruthven (msg) 14:28, 1 June 2018 (UTC)Reply
Thanks, I will let my calendar settle down some before applying. enL3X1 ¡‹delayed reaction›¡ 01:26, 2 June 2018 (UTC)Reply

Workload?

edit

I'm curious about the workload that one might expect as a volunteer? I'm sure it would depend upon the type of inquiry that is chosen, but I'm looking at not having a tremendous amount of time to work on this if I do volunteer, and I'm wondering if that would be off-putting to those engaged in approvals of requests. Thanks. --Ceyockey (talk) 22:22, 31 December 2019 (UTC)Reply

Ceyockey: You can handle as many queries as you want (they don't choose you, you choose them). You're not required to handle a minimum of queries, but you must fulfill the activity policy. Of course, if you're handling a query, it is expected that you have track of it, so it can be answered/solved. And if you cannot anymore, letting any other agent to handle the query would be ideal. Esteban16 (talk) 22:40, 31 December 2019 (UTC)Reply
Hey Ceyockey. OTRS can suffer from a lot of the same problems as a lot of the Wikimedia movement: we often end up with a few people shouldering great deal of the burden. If you want to be a heavy lifter in that regard, then you are more than welcome to. But if you just want to help out some, we are also served by a larger pool of people who help out some, rather than not at all. Even helping out some, can help relieve the pressure on the whole system. In some ways, having a lot of people who help out some, rather than a few people who help out a lot, can keep us from burning out as a group. GMGtalk 22:49, 31 December 2019 (UTC)Reply
As you said, it depends on the topics. Especially for small languages there is much need even if you have not too much time. For the large languages, if you want to hear a number, I think a reasonable one could be one hour per week, with preferred as much active days as possible to followup the issues you already read into, if required. --Krd 22:51, 31 December 2019 (UTC)Reply

Anonymity vs. transparency

edit

So, my username is an abbreviation of my real name and could be deconvoluted easily to identify me. Would you recommend that people use a more anonymous login to address OTRS inquiries, or would being more transparent about one's real identity be a plus in these activities? --Ceyockey (talk) 22:24, 31 December 2019 (UTC)Reply

Ceyockey: OTRS does not reveal your email address to those who send queries. Esteban16 (talk) 22:43, 31 December 2019 (UTC)Reply
We cannot give advice about your level of anonymity, that has to be up to you and how much safety you need to maintain. Advice about that should be sought more generally. That said, there are known cases of personal harassment due to people's tasks that they have undertaken in the general wikispace of WMF, so do look at that prior putting yourself into public view.

For the purposes of your reputation, be it OTRS, administrative or something beyond, we more look to you as a good editor, knowledgeable, reliable and trustworthy as being more relevant than any ability to identify you in RL. So consider in a more general sense whether your overarching username is an issue, not so much the identification in OTRS wiki.  — billinghurst sDrewth 23:36, 31 December 2019 (UTC)Reply

When you reply to emails via OTRS, your username is not sent to clients. Clients do not see your username. However, indirectly username can be found if you perform in-wiki actions which related to ticket (otrs template on Commons, etc).—Iluvatar (talk) 00:43, 1 January 2020 (UTC)Reply

Willing to sign the OTRS users confidentiality agreement

edit

When I go to this page the wikilink for the above is Phabricator. Doug Weller (talk) 11:10, 15 February 2021 (UTC)Reply

@Doug Weller Indeed, that is correct - the signature is administered in Wikimedia Phabricator. Do you see any issue with that set up? Martin Urbanec (talk) 17:45, 15 February 2021 (UTC)Reply
I tried this, too. Maybe the issue was that redirect to phab ticked did not happen after the login. Had to use the link second time. Papuass (talk) 13:06, 1 September 2021 (UTC)Reply
The issue seems to be that you have to sign in first, and then it does not automatically redirect you to the signature page, you need to go back and click the link again once you sign in with OAuth. It shouldn't work like that, seems pretty clunky, maybe we should.... file a phab ticket?? Beeblebrox (talk) 23:30, 1 September 2021 (UTC)Reply
Return to "Volunteer Response Team/Volunteering" page.