User:~riley/CheckUser

The CheckUser tool may be used to prevent disruption or investigate legitimate concerns of bad-faith editing or sock-puppetry.

Grounds for checking edit

CheckUser may be used to investigate, prevent, or respond to:

1. Vandalism;
2. Sock puppetry;
3. Disruption (or potential disruption) of any Wikimedia project; and
4. Legitimate concerns about bad faith editing.

CheckUser may never be used to:

1. Effect political control;
2. Apply pressure on an editor; or
3. Threaten another editor in a dispute.

The primary use of CheckUser is to investigate sock-puppetry, but the community accepts there are legitimate uses of alternative accounts, inasmuch as the accounts are never used to violate site policy (for instance, to double-vote or give the impression there is more support for one faction in a discussion or content dispute).

Notifying the account that is checked or may be checked edit

It is permitted but not mandatory to notify the subject their account has been checked or may be checked. Notification of the check to the community (on a community process page like Wikidata:Sockpuppet investigations) is not mandatory, but can be very useful in tracking the activity of a serial vandal, and so is permitted if done in accordance with the privacy policy.

The CheckUser feature accesses non-public information. The Wikimedia Foundation takes privacy of its editors extremely seriously, and there may at times be a conflict between the high priorities given to both protecting Wikidata from damage and disruption, and privacy of even problematic users. This is a very delicate area and at times no solution is ideal; the following covers some of the principles and common practices on Wikidata. If in doubt, please ask a CheckUser.

1. CheckUsers have a wide range of discretion to use their access provided it is for legitimate purposes – broadly, those which relate to preventing or reducing potential or actual disruption, and to investigation of legitimate concerns of bad faith editing. (CheckUser policy)
2. CheckUsers may accept requests publicly or otherwise, as they see fit.
3. Requests should not be accepted on the basis of "fishing" – that is, requests by users without a good and specific cause. On their own cognisance they may however perform privately as part of their role, any checks within the bounds of CheckUser policy – that is to say, any check which is reasonably performed in order to address issues of disruption or damage to the project.
4. Disclosure of CheckUser results is subject to privacy policy, which broadly states that identifying information should not be disclosed under any but a few circumstances. These include:

   • "With permission of the affected user",
   • "Where the user has been vandalising articles or persistently behaving in a disruptive way, data may be released to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers", and
   • "Where it is reasonably necessary to protect the rights, property or safety of the Wikimedia Foundation, its users or the public."

IP information disclosure edit

It is not normally considered a breach of privacy policy to state that different named accounts are operated from the same IP or range if details of the range are not given, or if a generic description only is given (country, large ISP etc.) that in no way is very likely to identify a specific person. It is undesirable to link an IP to a named account, since an IP is often much more tightly linked to a specific person. (This is often less so for larger IP ranges: the larger the range, the less obvious the connection will often be to any specific person.) CheckUsers will employ a variety of means to avoid doing this, but in some cases it is hard to avoid.

This can happen in several ways:

• A user is disruptive through multiple IPs, or a mixture of IPs and accounts. It is hard to block all of these (often on the same article) without obvious inference being drawn by onlookers.
• A user is disruptive on multiple accounts, and it is reasonably plausible they will create more accounts, requiring the blocking of the underlying IP range that these accounts are using.

CheckUsers will often use a variety of techniques to avoid drawing such connections, but in many cases it is hard to avoid in a practical sense. Users who engage in problematic conduct to the point that requests for administrative action or blocking are raised and considered valid for CheckUser usage, and where CheckUser then determines the user probably has engaged in such conduct, must expect the protection of the project is given a higher priority than the protection of those who knowingly breach its policies on editorial conduct, if the two conflict or there is a problematic editing history.

IP information retention edit

Data on users (like their IP address) is retained for a limited period on Wikimedia Foundation sites. Data retention is so limited because incidents or actions that are not current rarely require investigation.

Guidance given to CheckUsers edit

m:CheckUser policy advises that, even if the user is committing abuse, it's best not to reveal personal information if possible:

• Generally, do not reveal IPs. Only give information such as same network/not same network or similar. If detailed information is provided, make sure the person you are giving it to is a trusted person who will not reveal it
• If the user has said they're from somewhere and the IP confirms it, it's not releasing private information to confirm it if needed
• If you're in any doubt, give no detail

On Wikidata, CheckUsers asked to run a check must ask for (and be given) clear evidence that a check is appropriate and necessary. The onus is on an individual CheckUser to explain, if challenged, why a check was run. Do not make any presumptions, no matter who asks.

CheckUsers are seasoned, experienced users, trusted to handle sensitive and privacy related matters and other user issues. Routine sock-puppet and editing issues requiring CheckUser review are handled at Wikidata:Sockpuppet investigations. CheckUsers are authorised to receive contact by other means, like on their talk pages, by e-mail, on IRC or a mailing list, and so on. If an incident is of a private or sensitive nature, you should never use public means of contact. If an incident is of an urgent nature, you should contact a CheckUser you know to be online, or contact multiple active CheckUsers. If an incident is an emergency, you should contact the Wikimedia Foundation.

If you require an editor with CheckUser access, you may contact:

1. An individual CheckUser who will either advise, deal with the matter, or (especially if asked) forward it on to other CheckUsers for wider discussion. (For the list of CheckUsers, please see Special:ListUsers/checkuser)
2. The Wikidata CheckUser team which will be ideal if you need a quick response, with other CheckUsers aware, and do not know any CheckUsers personally to judge which individual to contact.
3. The Interwiki Checkuser team which co-ordinates between CheckUsers on all WMF projects (and Stewards for smaller wikis with no local CheckUsers) in the Checkuser-l mailing list. The inter-project team is ideal for matters concerning prolific vandals or sock users, privacy-related incidents or harassment and other global matters of interest beyond Wikidata.

Usage edit

A user with CheckUser access will get an extra "CheckUser" option at Special:SpecialPages, a "Check IP addresses" option on Special:Contributions, access to Special:CheckUser and Special:CheckUserLog.

Hints and tips edit

CheckUser's help page gives the following tips to users:

• CheckUser is a technical tool and with it requires a significant degree of familiarity with IPs, IP ranges and related principles in order to be operated correctly.
• CheckUser is not magic pixie dust. Almost all queries about IPs will be because two editors were behaving the same way or a way that appears suggestive to disruption.