Wikipedia:Arbitration Committee/CheckUser and Oversight/May 2010 election
The Arbitration Committee has determined that there is a need for additional oversighters and checkusers to improve workload distribution and ensure complete, timely response to requests. From March 31 through April 10 experienced editors were invited to apply for either or both of the Oversight or CheckUser permissions. Completed applications were due on April 12 to arbcom.privilegeswikipedia.org. The Committee is currently reviewing applications. The timeline for the process is below.
Those applying for consideration as checkuser and/or oversight candidates should be familiar with the applicable CheckUser and Oversight policies, as well as the WMF Privacy Policy. Checkuser candidates are expected to be familiar with basic technological issues and sockpuppetry investigation tools and techniques. Successful candidates will also have good communication skills and demonstrated ability to work collaboratively.
Anyone considering applying should be aware that checkusers and oversighters (and candidates for these permissions) are subject to considerable internal and external scrutiny. Scrutiny from external sources can include attempts to investigate on- and off-wiki activities, and can result in revealing personal details of the candidates or contacts with employers, family or others; the Arbitration Committee cannot prevent such activities from occurring or from being distributed or discussed off-wiki. This risk will continue if the candidate is successful in the election. There is limited ability within Wikipedia to prevent off-wiki “outing” or harassment. In addition, the Foundation requires that successful candidates be at least 18 years of age, have legal majority in their jurisdiction of residence, and that they identify themselves to Foundation staff before they are allowed access to private information.
For answers to common questions about the election process, please see here.
Timeline of election process
March 31 – Announcement of upcoming election and invitation to request applicationsApril 10 – Deadline to request applicationsApril 12 at 23:59 UTC – Deadline for submission of applicationsMarch 31 – April 30 – Arbitration Committee review of submissions- May 1–8 – Preparation for election, including offers of nomination to selected candidates
- May 7 – Candidates are announced and may post a brief statement.
- May 8 – The community may begin asking questions of the candidates.
- May 9–22 – Voting using the SecurePoll extension for a secret ballot
- May 22–27 – Arbitration Committee review of results
- May 28 – Announcement of results
CheckUser candidates
Amalthea (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)
Hi everyone,
I'm offering to help with the CheckUser tool.
About me: I have an account since September 2005, became an active editor in June 2008, an administrator in February 2009. I am a relatively recent active editor, but do not foresee my activity on this project to change in the near future. I've always only worked on the maintenance part of Wikipedia, in recent times mainly on technical things like templates or maintaining Twinkle and Friendly.
I am a computer scientist, am familiar with the MediaWiki Checkuser extension, and have prior work-related experience with web server log analysis and investigation of multiple account abuse therein, so I know I have the required technical and investigative skills. I believe myself to be an upright, serene, and communicative person and editor, am familiar with the WMF's privacy policy and the CheckUser policy, and have a good understanding of when CheckUser should and should not be used. I only have limited experience with pure contributions-based sock analysis or SPI clerking. Nonetheless, I believe I can be useful at the CheckUser part of SPI.
Amalthea 15:27, 7 May 2010 (UTC)
Comments and questions for Amalthea
Noting in advance that I will only have limited Internet access this weekend (read: via analog modem), so I will probably only be able to respond to questions late on UTC Sunday. Amalthea 15:27, 7 May 2010 (UTC)
Questions from Deskana: (five questions, so I'm only looking for brief answers)
- 1. What are the key differences between the checkuser policy and the privacy policy?
- A. The WMF privacy policy formulates principles about gathered private data, access to that data, and circumstances that can prompt release of that data to third parties. That gathered private data far exceeds what can be queried through the CheckUser extension, and CheckUser queries are only one aspect of the privacy policy, so its principles are more far-reaching than CheckUser queries. CheckUser policy mainly spells out specifics when queries may be used and may not be used, based on the principles from the privacy policy. In addition it details access to the right and gives some specific guidance and best practices, again building on the privacy policy. Amalthea 01:02, 10 May 2010 (UTC)
- 2. What conditions does the checkuser policy require to be met in order to use the checkuser tool on an account?
- A. Most important condition is, I believe, that there needs to be a "good and specific cause" to use it. Checkusers have a range of discretion to use CheckUser queries if there is such a legitimate purpose. Explicitly and most typically, it may be used to prevent damage to the project, i.e. to fight vandalism/bad faith editing, to check for sockpuppet abuse, and to limit disruption of the project. It may not be used to pressure or threaten editors (quite like admin tools in a dispute), and is not normally used to prove innocence on en-wiki (which the privacy policy wouldn't restrict). Amalthea 01:02, 10 May 2010 (UTC)
- 3. What conditions does the privacy policy require to be met in order to use the checkuser tool on an account?
- A. Essentially the same thing, in a more general sense. Principles applying would be that the collected data may be used to "serve the well-being of its projects", by countering "certain kinds of abuse and counterproductive behavior", like "suspected use of malicious “sockpuppets” (duplicate accounts), vandalism, harassment of other users, or disruptive behavior", and minimal access (which translates, in part, to the "good and specific cause" from above). Amalthea 01:02, 10 May 2010 (UTC)
- 4. What conditions does the checkuser policy give on the release of data from the checkuser tool?
- A. It generally defers to the conditions from the privacy policy (see below), and stresses again that disclosure of IP information should be avoided, if possible. Amalthea 01:02, 10 May 2010 (UTC)
- 5. What conditions does the privacy policy give on the release of data from the checkuser tool?
- A. Either of: Compulsory request by authorities, with permission by the user, when necessary for abuse investigations, certain technical issues with bots/spiders, message to ISP complaint department following vandalism/persistent disruption abuse, or in response to certain threats.
Brief answers, as asked for, and in parts simply taken from the policy pages. Feel free to ask follow-up questions. Amalthea 01:02, 10 May 2010 (UTC)
- A. Either of: Compulsory request by authorities, with permission by the user, when necessary for abuse investigations, certain technical issues with bots/spiders, message to ISP complaint department following vandalism/persistent disruption abuse, or in response to certain threats.
Just one question from HJ Mitchell
- 6. If you are granted CU access, how do you think that will affect you as an editor and an administrator and do you think that will (or should) affect the way that other editors interact with you?
- A. Checkusers are comparatively rare since the right is (and should be) given out sparingly, so my focus will certainly shift to SPI.
I remember that when I was a very new editor comments from editors with additional user rights seemed to carry more weight. It obviously shouldn't and doesn't, by itself. Was that your question? Amalthea 01:02, 10 May 2010 (UTC) (slightly tweaked 09:13, 10 May 2010 (UTC))
- A. Checkusers are comparatively rare since the right is (and should be) given out sparingly, so my focus will certainly shift to SPI.
One last minute question by Buggie111
- 7. When do you think your definition of "the near future" will be?
- A. Counted in years. Amalthea 01:02, 10 May 2010 (UTC)
Really last minute question from Spitfire
- 8. Imagine a scenario where a user has created a vandalism page, which was tagged for speedy deletion, and they then then tried to remove the tag, but upon being stopped by a bot, they appeared to log out and remove the tag that way. The page was later deleted but an SPI case was opened on the user, you preform a check which reveals that the user is related to the IP, what action do you take, and why? (or would you not have preformed the check, and if not, why?)
- A. Unless there are circumstances that suggest a wider pattern, there's no need for a checkuser, in particular considering the behavioral evidence, so I would not have performed one. Potential actions range from talking to the user to an indefinite block, depending on other edits by the user, the type of vandalism, and the user's reaction, but that's independent of the SPI case. Amalthea 01:02, 10 May 2010 (UTC)
Question from User:zzuuzz
- 9. What actions would you consider taking if you found an editor was using one or more open proxies to edit? Under what circumstances would you reveal this discovery to the community?
- A. Depends extremely on the circumstances. The IPs of the open proxies will almost always need to be blocked right away (see WP:PROXY), if they aren't already. If the editor used the proxies in violation of WP:SOCK or other policies the violating accounts will be blocked indefinitely, and possibly the master as well. There are circumstances where no action needs to be taken at all, editing through open proxies or Tor is not forbidden per se and we explicitly grant exemptions for that (e.g. for users from Mainland China). If the editor I found was using Wikipedia legitimately and the open proxy was still unblocked, I might contact the editor privately. If the proxy is open and used by only one editor, it might be a misconfiguration and he should be notified privately and urged to quickly rectify it.
In all such legitimate uses, the community should not be notified. If an open proxy was used abusively, a note of that on the respective SPI case can be useful for the future. Amalthea 01:02, 10 May 2010 (UTC) (slightly tweaked 09:13, 10 May 2010 (UTC))
- A. Depends extremely on the circumstances. The IPs of the open proxies will almost always need to be blocked right away (see WP:PROXY), if they aren't already. If the editor used the proxies in violation of WP:SOCK or other policies the violating accounts will be blocked indefinitely, and possibly the master as well. There are circumstances where no action needs to be taken at all, editing through open proxies or Tor is not forbidden per se and we explicitly grant exemptions for that (e.g. for users from Mainland China). If the editor I found was using Wikipedia legitimately and the open proxy was still unblocked, I might contact the editor privately. If the proxy is open and used by only one editor, it might be a misconfiguration and he should be notified privately and urged to quickly rectify it.
Questions from User:7 (ignore the struck question)
10. What is an analog modem?- 10. One of the less documented areas of CU work is to help out at WP:ACC when a CU rangeblock has been applied to an IP requesting a new account. This can be done directly in the ACC interface, or by responding to emails sent to the functionaries list or to a Quick SPI request. Do you have an account with ACC or would you be willing to setup one to help there too?
- A. I do not have an account with the account creation tool. If I find that such requests are more efficiently processed in the ACC tool then sure, I'll ask for an account. I won't seek involvement beyond that, though. Amalthea 09:13, 10 May 2010 (UTC)
Question from Happy-melon
- 11. All CheckUsers and Oversighters are members of the functionaries-en mailing list, a forum for discussion and co-ordination of privacy-related issues which affect any and all areas of Wikipedia. What qualities and perspectives would you bring to such discussions?
- A. Hmm. Probably no perspectives that aren't already there. I believe I am calm, neutral, and objective, don't hold any grudges, and hope that I can be a reasonable voice there. I tend to investigate a lot of background before I write any conclusions. I'd say that my views on privacy are comparatively conservative. Another quality might be that I'm very available throughout the day (UTC+2, currently), and can give input quickly if an issue is pressing. Amalthea 16:30, 12 May 2010 (UTC)
Jamesofur (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)
Howdy!
For those who haven't met me either on wiki or IRC (or some of you irl) my name is James. If you look at my account ( here for my matrix or here for the SUL util) you will notice a couple things. One that is obvious is that while my En account has been created for a while I wasn't really active before last August. Before that I was around (with very infrequent wikignomish edits logged in and out) but I mostly read, and read. Because of a habit I have of following links to keep getting the story this often included pages about the "infrastructure" of the wiki and eventually led me to getting more active. The other thing you will notice is that while I have not been an admin on En for long (RfA Passed April 22nd) I have a fair amount of tools... on other wikis. My focus for quite a while has been cross-wiki abuse (vandalism and spam) as part of that I am a Checkuser and Sysop on the Simple English Wikipedia, a sysop on Meta Wiki as well as a Global sysop and Global rollbacker. I am also an OTRS agent focusing on Permissions and copyright violations.
I think I could be a great addition to the En checkuser team:
- Availability: I constantly idle on IRC and am available for hours a day (and frequently at odd hours when other CUs do not seem to be available) and easily contactable by multiple people for emergencies (and happy to help whenever humanly possible).
- crosswiki experience, work and tools: Having access to the Checkuser tools on En would allow me to help for both time sensitive (and perhaps complex) checks and the fast and simple requests that are not worth leaving to rot, especially for the fairly frequent occurrences when stewards are looking for help or vandals are crossing project boundaries where I have either the tools or contacts to help deal with them. I will also be available to speed up processing of normal on wiki Checkuser requests.
- Prior experience: I have held the Checkuser on another WMF project since December. Because of this I have already had extensive experience with the tools both technically (range blocks, proxies/nmap, XFF's etc) and (arguably more important) first hand experience learning more about behavioral evidence. I have also had experience with the vandals we already have to deal with through work both with they come to Simple (when they get blocked here they go there) and through the Checkuser-l mailing list (where I'm a list admin).
I can tend to be a bit tl;dr and so I don't want to drag on too much longer, but I am happy to answer any questions people have and will promise to respond quickly. I also have a slightly expanded statement since I had to cut this one down for the 500 word limit. James (T C) 16:38, 7 May 2010 (UTC)
Comments and questions for Jamesofur
- Questions from Deskana: (five questions, so I'm only looking for brief answers)
- What are the key differences between the checkuser policy and the privacy policy?
- The short answer is that they tend to have different job. The part of privacy policy that we deal with as a CU is largely focused on the release of information with some broader comments about access and use. The Checkuser policy quotes the privacy policy but the rest is much more directly focused on who is allowed access to the tool and when it can be used. What little is added on Wikipedia:Checkuser focuses on the same.
- What conditions does the checkuser policy require to be met in order to use the checkuser tool on an account?
- The checkuser policy is quite clear, you can only use checkuser to prevent damage to the WMF projects most specifically to combat vandalism, abusive socks and disruption and that it must NOT be used as any kind of political tool or threat. You are allowed to check an account on request, but not required to.
- What conditions does the privacy policy require to be met in order to use the checkuser tool on an account?
- In general the privacy policy does not concern itself with what conditions must be required to use the tool, except that it must be used as minimally as possible and to serve the good of the projects except when forced to use it by a legally binding decision (which is generally outside of our purview).
- What conditions does the checkuser policy give on the release of data from the checkuser tool?
- In general the checkuser policy does not deal with this issue (though it does quote the privacy policy). It does give some deeper explanation that basically boils down to "if in doubt, don't or seek additional tool holders to discuss it with)
- What conditions does the privacy policy give on the release of data from the checkuser tool?
- The privacy policy states that data must never be released except under specific conditions (paraphrased):
- Valid, and forced, request from law enforcement.
- With permission from the user
- When required to investigate, defend against and report abuse.
- When necessary to protect the Foundation, it's users, and the public (this is a bit of the catch all, threats of harm for example)
- Bot related technical data to help the developers (generally involves data the developers will get from elsewhere).
- The privacy policy states that data must never be released except under specific conditions (paraphrased):
On a side note the Checkuser quote from the privacy policy seems a bit out of date... I'm going to have to look into that later today. James (T C) 23:50, 8 May 2010 (UTC)
- Really last minute question from Spitfire
- Imagine a scenario where a user has created a vandalism page, which was tagged for speedy deletion, and they then then tried to remove the tag, but upon being stopped by a bot, they appeared to log out and remove the tag that way. The page was later deleted but an SPI case was opened on the user, you preform a check which reveals that the user is related to the IP, what action do you take, and why? (or would you not have preformed the check, and if not, why?)
- To be totally honest it is highly unlikely I would do the check at all. In a case like that "proving" the connection isn't of any real help especially with the duckyness. Removing the speedy tag while "pretending" to be someone else (assuming they realized they weren't logged in) is bad but is really just a continuation of the vandalism and not an abusive sock issue. Even when vandalism is involved the tools only need to be used (and should be used) when you need them. Further actions would be the same, the vandalism is the real issue here not abuse of accounts/ips, if the IP or account is continuing to vandalize and isn't blocked then I would block but knowing they are linked is not sufficient (in my mind) to warrant placing or adjusting a block on it's own merits. James (T C) 12:26, 9 May 2010 (UTC)
- Question from User:zzuuzz
- What actions would you consider taking if you found an editor was using one or more open proxies to edit? Under what circumstances would you reveal this discovery to the community?
- The policy on En, (it's actually a bit different in practice on some projects despite meta) is fairly clear and if I discover new, unblocked, open proxies they're going to get blocked as such. While editing from an Open Proxy may make me take a second look at the info I have there are very legitimate reasons to do so (most obviously when editing from a location which censors or blocks the project such as China or Iran). In my CU checks on Simple I have definitely found very legitimate editors while checking vandals. So far any legitimate editor I've found using Open Proxies had already asked for and received an IPBlockExemption but if I found one who did not I would attempt to get a hold of them (privately) to see if they need the Exemption. Legitimate editors are more then welcome to edit from unblocked proxies if they want without running afoul of policy and if they have to do it for some reason I have no problem given the ability to do so.
- Regarding when I would reveal the discovery: As always, only when necessary. When investigating a sockpuppet or abuser noting on the SPI or checkuser-l thread that they used open proxies can be very helpful for future investigations and so should be noted. I can't think of any reason to reveal the fact that a legitimate editor is using open proxies. In general Open proxy editing can be used as a marker but isn't "the problem" the problem is if they are acting abusively or not. If they are then we need to address that and if they aren't then there is nothing to address other then making sure they are able to edit. James (T C) 21:53, 9 May 2010 (UTC)
- Question from User:7
- Q One of the less documented areas of CU work is to help out at WP:ACC when a CU rangeblock has been applied to an IP requesting a new account. This can be done directly in the ACC interface, or by responding to emails sent to the functionaries list or to a Quick SPI request. Do you have an account with ACC or would you be willing to setup one to help there too?
- A: Aye, I actually already have an account on ACC and idle in the channel on IRC where both requests and comments are posted. While I make accounts when I see them still open the majority of what I already do there is to help people who have questions on whether they should make the account or not (so same thing a CU will do) I've actually ended up helping out as a CU on multiple instances already because I was able to confirm it was not the person who was being blocked (because of evidence I had seen on either checkuser-l or from Simple since many of the vandals cross project). James (T C) 18:50, 10 May 2010 (UTC)
- Question from Happy-melon
- All CheckUsers and Oversighters are members of the functionaries-en mailing list, a forum for discussion and co-ordination of privacy-related issues which affect any and all areas of Wikipedia. What qualities and perspectives would you bring to such discussions?
- Mostly I don't think I'll bring something "new" as much as another angle. I think in general I'm another level headed and calm individual who would be able to comment whenever people wanted advice/thoughts or when I thought I had something that would contribute. Just like the checkuser-l list now I like to read every post I get on any of the foundation/wikipedia mailing lists even if that means I look at it briefly when I get it and read it fully when I have time if it doesn't look like it needs an emergency response and to make sure I read everything even when responding would be superfluous or unhelpful. I also think I'd be able to bring another voice from someone active in the xwiki community which can be very helpful, of course we already have some good voices in that category already. The other thing is a bit harder to "prove", I like to think that I try to see things from a "reader/user/new editor" point of view as much as possible along with the editor point of view and would like to add that insight when something comes up on the mailing list. I don't honestly know how much current functionaries think along those lines so it very well good be something that is already well represented :). James (T C) 07:30, 13 May 2010 (UTC)
MuZemike (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)
Hello, folks! I am MuZemike (first name being Mike, of course), and I am making myself available to run for CheckUser in this CheckUser/Oversight election. I have been an editor on the English Wikipedia since May 31, 2008 and an administrator since September 14, 2009. I have over 40,000 edits so far (verify) and have conributed to 7 good articles and 12 did you know articles. Recently, I have co-coordinated with User:Wizardman in the April 2010 good article nomination backlog elimination drive, which resulted in a reduction in the backlog by over 300 nominations.
I have been a CheckUser clerk for sockpuppet investigations since July 21, 2009 and have helped to rewrite the administrators' instructions for sock puppetry (as now transcluded on the WP:SOCK policy page). As a clerk, I have assisted other editors and the CheckUsers in many cases; as an admin, I have handled hundreds of SPI cases, especially at times when the backlogs were quite large. In addition to SPI, I am also an edit filter manager and have created to date four edit filters, three of which I actively maintain to combat various vandalism.
Being a Wisconsinite, I live in the Central Time Zone (UTC-5). I am not in school right now, and I work 4 days a week, normally having off Saturdays, Sundays, and Mondays unless other RL activities require me to be away. I have at times coordinated with CheckUsers on other Wikipedias and have gotten accounts blocked on enwiki or globally locked on Meta; if elected to CheckUser I will continue in cross-wiki coordination with other CheckUsers and administrators.
Technically, I am knowledgeable in the CIDR notation (which is essential for any type of rangeblocking) and have made many rangeblocks. I am also able to read WHOIS and geolocation information as well as interpret editing patterns to determine whether IP addresses are static or dynamic. I generally block IP addresses on a need-be basis; that is, I usually block long enough to prevent disruption as other innocent users can easily take over on IPs. If there hasn't been any recent disruption, then I normally don't block.
I have knowledge to how the CheckUser tool works and what it can check and what it can not check. As we know CheckUser is not a fishing or 8-ball tool, I understand that it's not a be-all and end-all tool for determining sock puppetry - that is up to the regular admin (as I have done many times) to ultimately take the CheckUser evidence alongside the behavioral editing patterns and determine if there is a match.
Finally (I'll put this out right here and now), I am above the legal age required by the Wikimedia Foundation (I am 28) and will identify myself to the Foundation if elected by the community. –MuZemike 17:30, 7 May 2010 (UTC)
Comments and questions for MuZemike
- Questions from Deskana: (five questions, so I'm only looking for brief answers)
- What are the key differences between the checkuser policy and the privacy policy?
- In the crudest sense, the WMF's privacy policy is more general and applies to both checkuser and oversight, while the checkuser policy is more specific as to what cannot be done per the privacy policy. In addition, the privacy policy covers additional points of emphasis such as the viewing of deleted pages/revisions, the usage of cookies, and legal implications. Basically, the privacy policy is the driving force behind what the checkuser policy does. –MuZemike 15:54, 9 May 2010 (UTC)
- What conditions does the checkuser policy require to be met in order to use the checkuser tool on an account?
- Because of privacy policy reasons and the need to prevent releasing one's private information out to the public, checkuser is supposed to be used only when necessary. As the policy states, that includes abuse via socks or other abuse such as vandalism or similar disruption. Just as with other tools given to editors and admins like rollback, deletion, or blocking, you cannot use it to gain an upper hand in a dispute. –MuZemike 15:54, 9 May 2010 (UTC)
- What conditions does the privacy policy require to be met in order to use the checkuser tool on an account?
- The privacy policy basically says the same thing as the checkuser policy, while the privacy policy adds that the usage of its main applicable tools (CU and OS) should be kept to a minimum to (understandably) reduce exposure to such privacy issues. This is why we normally block users without running a checkuser when behavioral evidence clearly indicates sock puppet activity. –MuZemike 15:54, 9 May 2010 (UTC)
- What conditions does the checkuser policy give on the release of data from the checkuser tool?
- First off, I sense the difference between this and the following question is that #4 deals with specifically what checkuser can and cannot do, while #5 deals with what checkuser, oversight, or any other future tool dealing with privacy can or cannot do in general. The big things with checkuser is that IPs should not be revealed publicly (which is why you see many times from CUs "no comment on the IP(s)") and only to other users (the privacy policy actually narrows this down to "other privileged users"), and the old "when in doubt, don't disclose" mantra. –MuZemike 15:54, 9 May 2010 (UTC)
- What conditions does the privacy policy give on the release of data from the checkuser tool?
- The release of private information is made more explicit in the privacy policy than in the checkuser policy. To briefly list them, reasons to release include in response to a subpoena or law enforcement request, with the affected user's permission, for abuse complaints (either internally or with an ISP) for resolution of technical issues, or when otherwise necessary to protect the WMF or the public. –MuZemike 15:54, 9 May 2010 (UTC)
- Questions from Firsfron:
You recently indefinitely blocked a good-faith contributor with over 17,000 edits under his belt with the block summary Vandalism-only account. Although you reversed the block and apologized, the editor is question has politely requested an explanation, but still has received none. You've edited since then. As a Checkuser, what will you do to prevent mistakes like this (relating to both Checkuser tools and Administrator tools) from occurring in the future? And, in the case of a mistake in Checkuser procedures, will you explain your rationale for the mistaken action? Firsfron of Ronchester 17:45, 8 May 2010 (UTC)
- I thought I have explained that in the unblocking and thought the situation was settled. I made a mistake there and admitted to it, albeit at a horrible, horrible time. I cannot add anything else there besides the fact that I messed up there on blocking.
- As far as CU is concerned, if I have overlooked something in the CU results, I would not be afraid to admit to error (as I have done in the past and very recently), but my the WMF privacy policy, I cannot go as far as to disclosing anything that would result in outing a person's private information if it hasn't been done so already by that person. It is just as bad if not worse to try to rectify one mistake and then make another in the rectification process. –MuZemike 08:11, 9 May 2010 (UTC)
- Really last minute question from Spitfire
- Imagine a scenario where a user has created a vandalism page, which was tagged for speedy deletion, and they then then tried to remove the tag, but upon being stopped by a bot, they appeared to log out and remove the tag that way. The page was later deleted but an SPI case was opened on the user, you preform a check which reveals that the user is related to the IP, what action do you take, and why? (or would you not have preformed the check, and if not, why?)
- First off, if a block is necessary to stop the continued vandalism, then I would block the registered account only (remember that the related IP would be autoblocked, and such information about autoblocks is hidden from public view including administrators). The main thing here to worry about is to try and prevent the release or personally identifiable information to the user, so I there would be no need for me to disclose whether or not there is a connection. Since some will easily assume that the IP is related due to looking at the contributions on a page, there isn't much that I would be able to do preventing such inferences from being made. Now if the registered user clearly indicated that the IP did belong to that user, then there would be no privacy policy violation by disclosing that. –MuZemike 16:04, 9 May 2010 (UTC)
- Question from User:zzuuzz
- What actions would you consider taking if you found an editor was using one or more open proxies to edit? Under what circumstances would you reveal this discovery to the community?
- Per our (WMF also) policy on open proxies, the OP would be blocked and normally for a very long time or until the proxy closes; good faith contributors caught under . Naturally, this block would be listed in the block logs, so this would already be revealed. They may be disclosed as part of a sockpuppet investigation for instance that OPs were being used. This is done to let users know in the case of repeated abuse via OPs; for our more serial vandals and sockpuppeteers, this is commonplace. –MuZemike 16:26, 9 May 2010 (UTC)
- Question from User:7
- Q One of the less documented areas of CU work is to help out at WP:ACC when a CU rangeblock has been applied to an IP requesting a new account. This can be done directly in the ACC interface, or by responding to emails sent to the functionaries list or to a Quick SPI request. Do you have an account with ACC or would you be willing to setup one to help there too?
- A. I have just a little experience in creating accounts for others, as the unblock-en-l mailing list gets similar requests from time to time. If checkuser assistance is needed over in the ACC area, I'd be willing to volunteer some of my time to help over there. I do realize the folks over at ACC are fairly low-key but just as essential. –MuZemike 17:30, 10 May 2010 (UTC)
Tiptoety (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)
Hello everyone. I am Tiptoety. I have been on Wikipedia for a little over three years. In those years, I have spent a fair amount of time dealing with sockpuppetry. I started as a clerk at the former request for CheckUser back in June of 2008. After noticing a number of flaws in the system we were using, I, along with a small group of other users created Wikipedia:Sockpuppet investigations (our current process for dealing with, and responding to sockpuppetry). I still currently serve as a clerk there.
I was granted sysop rights on this project in March of 2008 and have since performed approximately 14,500 logged actions. I also serve as a Sysop, CheckUser, and Oversight on Wikimedia Commons, and am a Global Sysop. In those roles I deal with a large amount of cross-wiki vandalism/sockpuppetry (most of which is initiated on the CheckUser mailing list). A number of these involve en.wiki in which me having access to the CheckUser tool could assist in investigations and in the speedy response to vandalism. (For all my other userrights, please see my matrix).
One of our current issues is that there are a large amount of request for CheckUser attention that sit untouched for sometimes up to a week. I feel that by me having CheckUser rights I could assist in ensuring the quick handling of cases. I am online every day, and consider myself active. I am reachable via email, and use IRC.
Lastly, I am already identified with the foundation and am very familiar with the privacy policy. My personal philosophy is that if I am unsure, hold off and ask for a second opinion. Tiptoety talk 03:01, 8 May 2010 (UTC)
Comments and questions for Tiptoety
- From Aiken drum: Why do you think you failed your last request, and do you think you've overcome the problems raised there? Aiken ♫ 12:06, 8 May 2010 (UTC)
- A. I think the main cause of concern related to my previous request was my professional life. Many felt that with my work in the field of law enforcement my judgment would impaired by some form of "legal requirement to act", specifically relating to threats of violence. While I respect peoples concern, I am not sworn in any manner that requires me to report perceived threats of violence to law enforcement, nor am I bound by any policy to do so. This was confirmed by and Arbitrator (Risker), who contacted my employer. Like I promised in my last request, should I be put into a position of "mandatory reporting" I would resign as a CheckUser. I also promised the defer to other CheckUser's should I feel my decision making is some how being effected by my professional life. That said, I would argue (as shown on commons, in my role as a CheckUser there) such situations have never happened. Cheers, Tiptoety talk 20:00, 12 May 2010 (UTC)
- Questions from Deskana: (five questions, so I'm only looking for brief answers)
- What are the key differences between the checkuser policy and the privacy policy?
- The foundation's privacy policy is far more specific in regards to the principles of privacy, the release and retention of private (non-public data), and is not just limited to the information that the CheckUser tool provides those with access to it. The CheckUser policy goes more in depth with regards to the principles surrounding the actual usage of the CheckUser tool. More specifically, the criteria that must be met in order for a check to be ran, and standard operating procedures. Tiptoety talk 20:40, 10 May 2010 (UTC)
- What conditions does the checkuser policy require to be met in order to use the checkuser tool on an account?
- The CheckUser policy states that CheckUser is a tool which is granted to trusted users for the purpose of fighting vandalism, investigate cases of "bad faith editing" where there is a possibility of multiple accounts being used, and more generally to limit disruption to any Wikimedia project. As such an account must be involved in some form of disruption where there is a reasonable suspicion of multiple accounts being used before a check can be ran. It is worth nothing there are legitimate uses for alternate accounts. Tiptoety talk 20:40, 10 May 2010 (UTC)
- What conditions does the privacy policy require to be met in order to use the checkuser tool on an account?
- And I quote: "when investigating abuse on a project, including the suspected use of malicious “sockpuppets” (duplicate accounts), vandalism, harassment of other users, or disruptive behavior, the IP addresses of users (derived either from those logs or from records in the database) may be used to identify the source(s) of the abusive behavior." Tiptoety talk 20:40, 10 May 2010 (UTC)
- What conditions does the checkuser policy give on the release of data from the checkuser tool?
- For most of the cases, revealing a users IP is not an appropriate response. Only under certian circumstances should private data be released, those generally being when the disruption has reached a level to warrant IP blocks / range blocks. That said, there are ways of going about issuing range blocks without revealing who the IP is linked too. Tiptoety talk 20:40, 10 May 2010 (UTC)
- The privacy policy states very specific conditions:
- In response to a valid subpoena or other compulsory request from law enforcement,
- With permission of the affected user,
- When necessary for investigation of abuse complaints,
- Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues,
- Where the user has been vandalizing articles or persistently behaving in a disruptive way, data may be released to a service provider, carrier, or other third-party entity to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers,
- Where it is reasonably necessary to protect the rights, property or safety of the Wikimedia Foundation, its users or the public. Tiptoety talk 20:40, 10 May 2010 (UTC)
- Just one question from HJ Mitchell
- If you are granted CU access, how do you think that will affect you as an editor and an administrator and do you think that will (or should) affect the way that other editors interact with you?
- A.Nothing will change. I already work around SPI quite a bit, and deal with sockpuppetteers often. I will still ask for second opinions and seek help when needed. Just because I will have access to CheckUser will not mean I will be the end all know all. Tiptoety talk 20:40, 10 May 2010 (UTC)
- Really last minute question from Spitfire
- Imagine a scenario where a user has created a vandalism page, which was tagged for speedy deletion, and they then then tried to remove the tag, but upon being stopped by a bot, they appeared to log out and remove the tag that way. The page was later deleted but an SPI case was opened on the user, you preform a check which reveals that the user is related to the IP, what action do you take?
- A. I am not sure a situation like that would even warrant a check to start with, given it is a pretty clear cases of DUCK. That said, I would probably leave a message on the users talk page advising them of our sock policies. I do not feel a block would be warranted. Tiptoety talk 20:40, 10 May 2010 (UTC)
- Question from User:zzuuzz
- What actions would you consider taking if you found an editor was using one or more open proxies to edit? Under what circumstances would you reveal this discovery to the community?
- A. I think each situation needs to be evaluated on its own merits. Before taking any action, I would contact the user who is believed to be editing through an open proxy. If after doing so, I conclude that the intention of the user was to cause some form of disruption, evade a block, or avoid scrutiny then I would reveal the discovery to the community. Tiptoety talk 00:47, 11 May 2010 (UTC)
- Question from User:7
- Q One of the less documented areas of CU work is to help out at WP:ACC when a CU rangeblock has been applied to an IP requesting a new account. This can be done directly in the ACC interface, or by responding to emails sent to the functionaries list or to a Quick SPI request. Do you have an account with ACC or would you be willing to setup one to help there too?
- A. I had an ACC account a while ago, but had it closed due to inactivity. If this is an area that requires a fair amount of CheckUser work I would be willing to have my account reopened and help out when needed. I will be honest that this would not be a top priority for me. Tiptoety talk 22:33, 10 May 2010 (UTC)
- Question from Happy-melon
- All CheckUsers and Oversighters are members of the functionaries-en mailing list, a forum for discussion and co-ordination of privacy-related issues which affect any and all areas of Wikipedia. What qualities and perspectives would you bring to such discussions?
- A. Being that I already have access to the cross-wiki CheckUser mailing list, I am familiar with the type of discussions that take place. In that, I consider myself fairly knowledgeable of proxy detection and have often offered my assistance with such matters. I also hold CheckUser privileges on commons, and should the matter be cross-wiki I could provide my assistance there. Tiptoety talk 19:35, 18 May 2010 (UTC)
- Comment/Question from Max Rebo Band, I wonder if there isn't something underlying in the "election promise" that "My personal philosophy is that if I am unsure, hold off and ask for a second opinion." - when you appear to have been one of a handful of administrators on Wikimedia Commons who sipmly deleted dozens of images you found personally distasteful because they contained nudity this past month, without a proper channel such as a Deletion Request. I notice many of those images have been restored by other administrators, often because they were in fact on use in WMF projects, indicating you likely did not "hold off and ask for a second opinion". Examples would include File:Anelina Stretching.jpg, File:G0001.jpg, File:Camila Tavares making a handbra.jpg and File:Ashley Taking a Shower 15.jpg. I guess my concern is that your taste for "unilateral action without consensus" seems demonstrated for deleting images...how do you allay the concern that you may approach our privacy policy the same way when seeking to unmask sockpuppets? I notice that you were criticised for "misrepresenting" the fact you were in fact a Police Officer with the Multnomah County Sheriff's Office in your second failed Request for Admin, and admitted it yourself in your third Request. This does raise severe privacy concerns for me, when Law Enforcement is now seeking the ability to ascertain the actual identities of pseudonymous editors on WMF.Max Rebo Band (talk) 04:15, 20 May 2010 (UTC)