Talk:CheckUser policy

copied from Talk:CheckUser by Theo F 08:18, 4 March 2006 (UTC) When people are given checkuser, (a) they should be told to subscribe to checkuser-l (b) the steward should email checkuser-l-owner to confirm the person should be allowed to join the list. I've added a note to this effect, feel free to reword :-) - David Gerard 15:37, 31 January 2006 (UTC) Reply

Nobody was told that a mailing list would be implemented when a vote was organized in order to allow the checkuser tool on the French Wikipedia. Therefore this mailing list is illegal. I ask for this mailing list to be shut down. Theo F 08:05, 4 March 2006 (UTC) Reply

Quite the reverse. If the French Wikipedia contributors are unable to agree that CheckUser should be used in the confines of existing best practice and guidelines, then CheckUser status should and must be removed from all accounts thereon until such time as they are happy with what is going on.

James F. (talk) 08:34, 4 March 2006 (UTC) Reply

If you do not attract the French IP check performers into your untransparent scheme I may close my eyes on how other language Wikipedias deal with the issue. But please do not interfere negatively with the transparency we are trying to implement on fr:. By the way I have never heard about a so-called "best practice and guidelines". All I've heard about is a CheckUser policy and nowhere is written in that policy that a checkuser mailing list should be created. So, as far as I know, your "checkuser list" is informal, not to say pirate. If you want to know my opinion, the best practice is that of the German language Wikipedia : no checkuser at all ! Theo F 09:25, 7 March 2006 (UTC) Reply

Actually the mainling-list is mainly (not to say only) used by en: checkusers, as they are doing dozens of checks every day (yeah, I know, that's unbelievable !), whereas on fr: the only coordination needs are fulfilled on the Requests page. I reckon fr: checkusers could as well not subscribe to the mailing-list. The only time it could be useful is for technical changes (unavailibility / features). le Korrigan ^bla 13:01, 7 March 2006 (UTC) Reply

Theo F, you are not a CheckUser. Whether the mailing list exists or not is quite frankly none of your business. Sorry if that sounds rude, but it's nothing compared to your demand that the list be shut down. Alphax 14:25, 6 October 2006 (UTC) Reply

copied from Talk:CheckUser by Theo F 08:18, 4 March 2006 (UTC) I haven't a check user permission, so why I cannot see which the users that the IP was search for them? I don't want to know the results, but if one of Wikipedians that have the permission checked an IP I want to know this and the reason for this. As special case, if anyone checked my IP, I surely want to know this. Troll Refaim 15:37, 24 February 2006 (UTC) Reply

You should implement on Wikipedia in your language a log page like the one used on the French Wikipedia, where people who perform the checks have to report : fr:Wikipédia:Vérificateur d'adresses IP/Journal. Theo F 08:02, 4 March 2006 (UTC) Reply

I know that we can use manual log. But I want automatic report, like the delete log, so any request will be logged. If the Wikipedian with checkuser permission will make wrong decision, I want that he/she cannot hide this. At the manual log, this could be happened. Troll Refaim 16:14, 11 March 2006 (UTC) Reply

At present the (automatic, private) checkuser log is global across all projects. I have CheckUser on Wikimedia Commons and I can see who has made what requests, globally. We are accountable to each other. Alphax 14:27, 6 October 2006 (UTC) Reply

I ask you to unblock me from English wikipedia and desysop en:User:Mikkalai who blocked me without any evidences. I request also a CheckUser process to prove my innocence. Excaliburo 20:38, 19 March 2006 (UTC) Reply

Checkuser for edits on EN Wikipedia fall under the juristicon of the EN Wikipedia community. I will see what I can do. --Walter 21:02, 19 March 2006 (UTC) Reply

If checkuser checked one user, then checked his/her IP for open proxy and found it, can he/she block this IP due to "no open proxies"? --Jaroslavleff 08:11, 30 March 2006 (UTC) Reply

That depends on what abuse the proxy has been used for. Such things are determined on a per-case basis. Alphax 14:31, 6 October 2006 (UTC) Reply

Only a very few editors and stewards are allowed to have the CheckUser status.

A local project must have a minimum of two checkusers or no checkuser at all (they should be at least two so that they can mutually control their activity).

In case there are no local checkuser
Editors will have to ask a Steward to check if UserX is a sockpuppet of UserY. To do so, simply add your request to Request for CheckUser information listing these users and explaining why you ask for such a check (with links). You also need a community consensus (like above). The Steward will answer you if these two users are from the same IP, same proxy, same network, same country, or are they completely unrelated (see discussion for what the Steward should more precisely say to the editor). The steward will not grant temporary checkuser access to anyone.

How to get checkusers on your project
On a wiki with a (Wikimedia-approved) Arbitration Committee, editors approved by the Arbitrators may have CheckUser status. After agreement, simply list the candidate on Requests for permissions to have him granted status.

On a wiki with no Arbitration Committee, or if the community does not wish to delegate checkuser control to its arbitration committee, checkusers (at least two) must be approved by the community. The user requesting check user status must request it within his local community and advertise this request properly (village pump, mailing list when available, ...). The editor must be familiar with the privacy policy. After gaining consensus (70%-80%) in his local community, with at least 25-30 editors approval, the user should list himself under Requests for permissions with a link to the page with the community's decision.

If an insufficient number of voters does not allow to vote for two checkusers on a wiki, and in any cases, it is possible for a local project to ask for any of the current (already approved by another community) checkuser to get checkuser status on the local project. The local community will have to choose at least 2 checkusers in the list of current checkuser. Minimum number of votes or percentage of support are up to the community. It is recommanded (but not mandatory) to choose editors from the same language group

for example, the en:wikibooks community may choose two checkusers approved by the en.wikipedia.

for example, the de:wikipedia community may choose two checkusers approved by the de.wikibooks.

Once a local community has become big enough to appoint its own checkusers, it may either remove the previous checkusers or choose to keep all of them according to its needs.

• This version has my full support; I believe it addresses the issues raised recently about how to provide checkuser to smaller projects, without relaxing our standards on a very sensitive permission. I support it fully, and volunteer to serve as a "guest checkuser" for any project that needs one. Essjay ^{Talk • Contact} 02:01, 19 April 2006 (UTC) Reply
• I also indicate my support for this revision. Kelly Martin 05:19, 19 April 2006 (UTC) Reply
• What means Steward? Any or some in particular? -Romihaitza 08:27, 19 April 2006 (UTC) Reply
• I support the new version as well. Guest CheckUsers would resolve many of the issues with the 25-support limit. // Pathoschild (^talk /_map ) 08:32, 19 April 2006 (UTC) Reply
• I think this is a silly policy as it relinquishes editorial control to another project. The whole point is that the stewards have been very lax in responding to any checkuser requests, or in truth havn't responded to any at all from what I've seen (I may be mistaken here). en.wikibooks simply is trying to take matters into their own hands by getting somebody who actually cares about the project enough to respond at all, because the stewards aren't or don't want to. The question here is where is the avenue for appeal if the stewards don't respond? --Roberth 16:53, 20 April 2006 (UTC) Reply
  • I think you are mistaken indeed. Most requests for checkusers are actually done privately, with contacts either by emails or on irc. I must have myself answered at least a half dozen requests. Ant
    • I have not had a single check user request handled. Period. I've made several requests, and I've withdrawn all of them simply because after waiting several months I felt they were no longer valid requests. I guess because I am averse to communication through IRC, and agree with Teofilo below that they should be very public when they occur, that these havn't been handled. I've frankly given up trying and consider this to be a tool unavailable to non-Wikipedia projects. --Roberth 23:11, 23 August 2006 (UTC) Reply

I think handling requests publicly, as is done on fr:Wikipédia:Vérificateur d'adresses IP/Requêtes is better for transparency. Teofilo 12:34, 26 April 2006 (UTC) Reply

• • I do not understand this eagerness to appoint people with checkuser status everywhere. The German language Wikipedia has no such people and seems to be OK. Teofilo 19:04, 23 April 2006 (UTC) Reply
• Support CheckUser is not something that needs to be local to the project. This way, en.wikibooks can start with two experienced CheckUsers instead of two inexperienced ones. --Kernigh 01:44, 25 April 2006 (UTC) Reply

Please see MediaWiki 1.7 suggestions.

I request that bureaucrats also be given checkuser rights. Bureaucrats have to deal with possible sockpuppets on an RFA and often have to determine if a suspect user is a sockpuppet or not. Since the checkuser requesting phase takes time and RFA are a comparatively short, it would make sense to grant such rights to members of the community who have the gained the trust of the community. Nichalp 07:08, 10 May 2006 (UTC) Reply

As both a bureaucrat and a checkuser, I oppose this in the strongest possible terms. Bureaucrats were not selected to be given access to private user information that if disclosed can literally ruin the life of a Wikimedian, and given that anyone can be made a bureaucrat on any project, the possibility of checkuser falling into the wrong hands becomes frighteningly likely.

To be quite honest, in a month of being a bureaucrat (I was a checkuser before that), I've never once needed to use my checkuser status while closing an RfA. (I have, to date, been responsible for 50-60% of the promotions done on en.wiki in the last month, so plenty of chance to have needed it if it was going to come up.) I have identified sockpuppets via checkuser that had participated in an RfA, but it was done through the established procedure: A user noticed an irregularity, reported it to Requests for Checkuser, a checkuser was run, and the sockpuppets identified. The liklihood of a bureaucrat needing checkuser for an RfA is such an infrequent possibility that it is simply unnecessary to extend it on those grounds only; if they feel a checkuser is needed, they can contact a checker privately and request it.

Further, bureaucrats are not selected for having the technical skills necessary for checkuser; it is not, contrary to popular belief, a magic system that displays a bright red sockpuppet notice at the click of a button. Without the requisite skillset, releasing checkuser to all bureaucrats will a) increase dramatically the number of false accusations, b) increase the load on the checkusers who do have the necessary skillset, as we are forced to check every result to insure accuracy, and c) completely destroy the trust Wikimedians have in checkuser results, as scores of false positives are announced and then retracted. (Allow me to offer two examples: If checkusered by someone who did not a) know the individuals involved, and/or b) know how to identify a shared IP, User:Angela and User:Tim Starling would be declared sockpuppets, as would User:Mindspillage and User:GMaxwell.)

At the very least, this cannot be allowed to happen without a reconfirmation of all bureaucrats on all projects in line with the checkuser policy; specifically, those projects with no Arbitration Committee would have to establish 25-30 supporters for each bureaucrat, or relenquish thier bureaucrats (do we want that?), and those with Arbitration Committees would have to have thier bureaucrats reconfirmed by the Arbitration Committee (another situation I doubt we want).

The best route all around is to simply leave checkuser as it is; a separate permission assigned to highly trusted and technically capable users on a very limited basis. Essjay (Talk • Connect) 11:18, 10 May 2006 (UTC) Reply

I join Essjay in opposition to this idea (which has been rejected before). The current bureaucrat selection processes do not evaluate candidates for the technical skills required or for the requisite trust. Bureaucrats are trusted by the community to evaluate requests for adminship; there is no reason why this trust should be extended without consideration to the far more serious trust associated with CheckUser status. While I have no objection to individual bureaucrats applying for CheckUser rights, I would strongly urge against a blanket grant of this rather significant access to people who have not been individually screened for eligibility. Kelly Martin 11:32, 10 May 2006 (UTC) Reply

I oppose this, because not all bureaucrats would know how to do this. However some would and it would help them in their duties. Even some admins with the necessary knowledge would find it useful, I know I would. With IP blocks, you never know if you might hit a logged in user, even more so with range blocks. Now, there is no cabal, but if there were one it would be CheckUser. Admins are elected. Bureaucrats are elected. Stewards are elected. And even Arbcom members are elected. But CheckUser... It is arbitrarily given to a very very select few by a very select few. Needless to say that is both risky and safe. On the one hand, the odds of someone abusing it are low. On the other hand, with such a small group, its usefulness and its regulation are limited. But it is likely safer this way. Prodego ^Talk 18:35, 15 May 2006 (UTC) Reply

I also oppose this as well, because bureaucrats, at least on the English Wikipedia, are elected because they would follow the community's will; while I doubt that they would not be trusted with the checkuser bit, I also do not know if each one of them has the technical knowledge to follow those requests, and I do not want any of them to have to step down as a result. Communication between bureaucrats and checkusers in the cases that absolutely require IP checks would suffice, at least in my opinion. Tito xd ^(?!?) 02:07, 11 July 2006 (UTC) Reply

Humm, I believe that when Nichalp said "checkuser to bureaucrats", he was most likely referring to the Bureaucrats on the English-language Wikipedia (where I, like Nichalp and Essjay, am a Bureaucrat as well), and not to all Bureaucrats in all the projects. And speaking strictly about the English-language project, I don't suppose that trust would be an issue when referring to Bureaucrats. I have complete trust in Nichalp, Essjay, Taxman and all the other Bureaucrats in that project. And if that's the case, all that is left is the issue of the technical skill to use the tool. It is true that the skill to perfom checks is not the reason why Bureaucrats are selected, which is why I would oppose as well making CheckUser a tool automatically associated with the status (such as Renameuser or Makesysop); on the other hand, nor is it rocket science either. On the English-language Wikipedia (again, talking strictly about it), the users chosen to be Bureaucrats are experienced people, who have been exposed to virtually all aspects of the project. I really don't believe that someone like Taxman, a Bureaucrat there and someone who has been with the project since 2003, wouldn't know how to perform a check appropriately (whether he would be willing to do it, is a different issue entirely), and I really, really don't believe that someone like him, or Nichalp for that matter, wouldn't know how to behave appropriately about the sensitive information associated with the tool.
And there's an interesting comparison: on the English-language project, the Arbitrators (the members of the ArbCom) were given CheckUser access: they are obviously highly trusted users, like the Bureaucrats over there, and, like the Bureaucrats as well, they were chosen to a position (Arbitrator) for a reason that does not relate to the technical ability to perform a CheckUser correctly: they were chosen to be the final rung in the conflict resolution process on the English-language Wikipedia.
With all of that in sight, I would not oppose asking the active Bureacrats on the English-language Wikipedia (listed at en:Wikipedia:Bureaucrats) if they would be interested in working at the very busy Requests for CheckUser page, which is currently managed by just 2 users (who are doing a great job, let it be said, but if one of them decided to take a vacation..). Redux 18:12, 4 August 2006 (UTC) Reply

Addendum: Bearing in mind that, according to current policy, CheckUser status on the English-language Wikipedia is decided by the local ArbCom, any "asking" would need to be done by it, or at least have its assent. Redux 19:14, 4 August 2006 (UTC) Reply

This seems to be happening now at Wikinews [1].

• About 4 of the requested user names were found to be in a different country; the other 10 or so were anons in Toronto. The person with Checkuser privilege, CSpurrier, reported information to the community about an alltogether different user "Factchecker" (for which there was no request at all for the use of checkuser) which he came upon during his check of the anons. There seems to be little if any actual vandalism involved and the checkuser requester, Amgine, has had an ongoing feud with the supposed sockpuppeteer,Neutralizer, who he recently blocked for 3 weeks. Can this apparently blatant abuse of the checkuser privilege be stopped? 70.50.76.209 23:43, 11 June 2006 (UTC) Reply

Upon further research it seems that the "infraction" committed by the majority of the anons who were subjected to Checkuser was this edit which they placed on Amgine's talk page in an attempt to disclose what they felt was an unbecoming edit by an Admin which had been erased from Wikinews' history;

What Amgine said about Australians [2] "Simeon edits from Australia, a continent populated entirely by criminals! And, as a criminal he would expect that we would not trust him, so obviously we cannot drink from the glass in front of us.."- Amgine/talk 03:54, 11 May 2005 (UTC). 70.50.76.209 00:05, 12 June 2006 (UTC) Reply

What information do Checkusers have? Gang staE B (W) 19:03, 9 July 2006 (UTC) Reply

See Help:CheckUser for an explanation of the tool and the information provided by it. Essjay (Talk • Connect) 00:14, 11 July 2006 (UTC) Reply

Hay, I run my own wiki and I was wondering how I can get my hands on this extension? Checking server access logs and comparing it against recent changes can be quite tedious... Thanks, 63.80.111.2 21:04, 7 August 2006 (UTC) Reply

You'll have better luck trying to contact Brion Vibber directly. He's the creator of this tool. Try his talk page (follow the link I've provided to his user page and then click on the tab that says "discussion") or try e-mailing him, although I don't know if Brion made his e-mail address public. Regards, Redux 23:05, 7 August 2006 (UTC) Reply

Brion seems have have gone AWOL... is there a better place to put this question/request? 63.80.111.2 19:58, 6 September 2006 (UTC) Reply

Maybe if you can get a hold of any of these people, they'd be able to help you. Developers are those who make the "magic" happen on Wikimedia. Redux 18:59, 16 September 2006 (UTC) Reply

This question is a kind of follow-up to a non really answered question by Angela (November 9th 2005).

Browsing through the history before asking this question, I noticed that Angela added this precision in the sentence «On a wiki with a (Wikimedia-approved) arbitration committee only editors approved by arbitrators may have CheckUser status.», to try to clarify the previous version (modification summed up as «proposed addition»).

This seems reasonable... But what does it mean exactly ? I did not find much about "Arbitration committees" with a superficial search through this Wiki. Am I right to understand the list of «(Wikimedia-approved) arbitration committee[s]» as presently reduced to one item, the arbitration committee of the en Wikipedia ? Touriste 09:30, 3 September 2006 (UTC) Reply

The answer to this question should be provided soon. Watch for Arbitration Committee. 207.145.133.34 14:15, 6 October 2006 (UTC) Reply

Also up for submission: Checkuser Privacy. Hints on why checkuser is important (beyond Privacy policy) and other methods of ensuring your privacy. ~Kylu (u|t) 04:50, 7 October 2006 (UTC) Reply

In the policy, it is mentioned that the information is not stored for long. How long is the information stored? And from last login, or last edit? These are important issues for a privacy policy-type matter. —The preceding unsigned comment was added by Womble (talk • contribs) 06:03, 27 October 2006 (UTC)

The time period is variable. Your IP is not recorded on normal viewing of a page. Alphax 02:06, 27 October 2006 (UTC) Reply