Wikipedia:Administrator elections/SecurePoll permissions RFC

Draft. Not ready yet. Do not !vote.

This page will serve as WP:RFCBEFORE and a draft for a future RFC at WP:VPPR.

Normally, SecurePoll elections are created on https://vote.wikimedia.org by WMF Trust & Safety. Soon, the WMF is likely to allow English Wikipedia to create its own local elections. This will support the new administrator elections process. Once approved by the WMF, and from a technical perspective, which user groups shall be granted the ability to create (securepoll-create-poll), edit (securepoll-edit-poll), and scrutineer (securepoll-view-voter-pii) SecurePoll elections?

• Option A - Create a new group called Election Administrators (electionadmin), similar to votewiki.
• Option B - Add it to the English Wikipedia CheckUsers group.
• Option C - Other ideas?

Previous related RFC: Wikipedia:Village pump (proposals)/Archive 214#Enabling SecurePoll elections with the electionadmin right

–Novem Linguae (talk) 23:45, 11 April 2025 (UTC)[reply]

Draft. Not ready yet. Do not !vote.

• Option B. While Option A was already authorized in the previous RFC, I have given this some thought and I think Option B would be less messy. Option B (giving all SecurePoll rights to all English Wikipedia CheckUsers) solves the problem of having to create a process to appoint folks as electionadmins, it solves the problem of having to figure out who will award this permission (stewards? bureaucrats?) and then create work for those people, and it ensures the sensitive securepoll-view-voter-pii permission remains restricted to the CheckUsers group, the only local group that is authorized to view things like IP addresses. In Wikipedia:Requests for adminship/2024 review/Phase II/Administrator elections#Q5: Scrutineering (who will scrutineer), the community authorized local English Wikipedia CheckUsers to scrutineer administrator elections. Additionally, there are security features built into SecurePoll that ensure that only the CheckUsers/electionsdmins assigned to that election are able to view the sensitive data, so this option doesn't grant all CheckUsers access to private data in all elections; it just grants the 3 CheckUsers who are picked when that election is created (or edited?) access to the data. I believe the data is only retained for 60 days. One other note: any CheckUser will be able to create an election, so the CheckUser group will become the group that we ask to create and edit elections. I anticipate two administrator election requests a year so I don't think there will be any problem finding a CheckUser to volunteer to do this. –Novem Linguae (talk) 23:45, 11 April 2025 (UTC)[reply]

Draft. Not ready yet. Do not !vote.