A behind the scenes look at the Wikimedia Foundation's emergency response system

Emergency “Blue Light” Telephone Used on College Campus: Monroe Community College
“Emergency Telephone Used on College Campus (cropped)” by David Maiolo, under CC-BY-SA-3.0

When my work phone rings in the middle of the night, I don’t ever have to wonder what it is. As one of the team of five who are in charge of addressing emails sent to the Wikimedia Foundation’s emergency address system, I sleep lightly on nights when I’m on call. Fortunately, emergencies don’t happen every night, but when they do I need to be prepared for the threat I’ll face – school bombing? Violence against another user? Threat of suicide? Maybe it’ll just be spam or vandalism and I’ll be back in bed in a few minutes, but I have faced all of the preceding and more. On the emergency team, we all have.
Threats of violence or self-harm are a sad, but luckily relatively uncommon, event on our projects. The English Wikipedia community has developed a process for handling them, as have a number of other projects. The emergency email address serves to help protect the public and users of Wikipedia, and the community advocacy team responds to these as part of our regular duties. We process threats of violence against self and others posted on WMF sites, running them through a protocol developed in consultation with the FBI. When a threat is credible and imminent according to the reporting criteria, we pass it along to federal or local authorities. This has brought us into contact with law enforcement around the world. We don’t always know how these reports resolve, which can leave us feeling very unsettled. Sometimes, though, it’s even more unsettling when we do.
The emergency system was established in 2010 by Philippe Beaudette (now Director, Community Advocacy), who had experience managing and creating processes for “Trust and Safety” issues with other companies and communities. He was joined in managing incoming issues by James Alexander and Christine Moellenberndt. In consultation with other staff and from years of experience, Philippe has worked to create a functional system that is manageable for the global scope of the Wikimedia projects.
What we’re looking for, primarily, is specificity and plausibility. “Block me, and I’ll kill you,” when authored by a vandal to an admin operating anonymously under a pseudonym, is neither. If a user in Philadelphia edits an area school article threatening to kill a teacher, it’s both. If we report on any private data, such as IP addresses behind accounts, we fill out a form that logs such instances. (We report any data that we have that may facilitate the rapid response of officials to these incidents, consistent with our privacy policy.) We follow this up by annotating the outcome to the other members of the team and filing a report, in our case management software, SugarCRM.
Many times during this process, we need to reach out for assistance. Sometimes reports come in from languages where we have no proficiency, and we need to find staff or volunteers to help us translate the threat and understand the context in which it was placed. Sometimes we need local administrators to help address the incidents on the projects, for instance blocking a user or oversighting content as appropriate under local policies.
Sometimes people misunderstand or misuse the system. While we are here to evaluate any threat of harm to self or others, we are sometimes contacted by people who are unhappy with the content of articles or with disputes they are having with other editors. As a matter of strict procedure, we do not assist with off-topic messages sent to this address; we don’t even forward them to other channels. We cannot afford the dilution of the emergency response system, and appropriate avenues for outreach for these kinds of problems are widely publicized on the projects themselves.
Over the years that I have worked for the Wikimedia Foundation, this process has continually improved. We have received training in dealing with emergencies and with decompressing afterwards, and the tools we use to handle them have been refined to make the whole process quick and efficient. But regardless of training, it remains a challenging experience. We seldom get a sense of closure. We are all aware of the possibility that no matter how quickly we respond, we may be too late. Even finding out that we were able to help can be distressing, because there was need for us to do it at all. Never mind the stress; it is a responsibility we shoulder willingly. It’s worth it for even a chance to help protect people and save lives.
Maggie Dennis, Senior Community Advocate

Archive notice: This is an archived post from blog.wikimedia.org, which operated under different editorial and content guidelines than Diff.

8 Comments
Inline Feedbacks
View all comments

How many of the legitimate requests came from outside USA and en.wiki?
Also, SugarCRM?! Was the adoption of SugarCRM ever announced and documented? The only mention across three years in this blog are “investigate SugarCRM”, “SugarCRM is being customized for the use of India Program”, “We have implemented and field tested case management systems such as SugarCRM” (all three about disbanded activities).

Hi Nemo, the LCA team will be able to give you further answers, but let my point out already that the use of SugarCRM was documented in the Community Advocacy section of the “Ongoing work areas of the Wikimedia Foundation” document that was published as appendix to the 2014/15 WMF Annual Plan. I remember you discussing this appendix quite extensively, but here is the corresponding paragraph reproduced for your convenience: Contact management database. CA uses the open-source product SugarCRM as a case management tool for our team and Legal (as well as others). They conduct user audits, and assure that… Read more »

Hi, Nemo. It seems Tilman has addressed your question about SugarCRM above – it’s been in use at the Wikimedia Foundation since before I was hired, so I’m afraid I can’t tell you what was discussed about at its original adoption. It was also part of the focus of James Alexander’s presentation at Wikimania this year. While we’re not the only team who uses it, if you want to know more about our use of it, you can check out his speech at the end of https://www.youtube.com/watch?v=IX3zcJHs3Hw&feature=youtu.be&t=1h7 While I don’t have numbers to share (we do not track nationality of… Read more »

Indeed, what Maggie and Tilman said. As for the history behind our Sugar implementation: four years ago, I spoke with then-CTO Danese Cooper about my wish for a CRM. Danese and I spoke about what we saw as a wide open playing field for open-source CRMs… while we use CiviCRM for fundraising, it wasn’t quite user friendly enough for what I wanted, nor was it customizable in an easy enough way. She pointed me toward SugarCRM, and particularly their community edition, which is open source (although their hosted product currently is not) and has a strong “tools” component that allows… Read more »

I would like to second Nemo here. Although, indeed, SugarCRM usage was indicated in the appendix linked by Tilman, I think this is far from being sufficient communication on the topic. I have taken the liberty of starting [[meta:SugarCRM]] based on the information available to me. Please expand.

Thank you for carrying this burden for the community!

Thanks Maggie, one fourth is an interesting figure. At least for the cases where you contact law enforcement and similar, you probably know what country it’s about, so it would be nice to have actual (though approximate) statistics about that. As for SugarCRM, thanks Tilman, Maggie and Philippe for confirming that there wasn’t a specific announcement or documentation of its adoption. As Jean-Fred notes, passing mentions in unrelated documents are not appropriate communication. On the bright side, it’s easy for you three with your experience to fix: * Jean-Fred already added a note on the “official registry” (created by Erik):… Read more »

Well, I don’t give a …. don’t care much about SugarCRM or PepperCRM for that matter, but thank you Maggie for this very interesting insight into the Emergency response system. 🙂