| Revision as of 16:24, 17 November 2016 view sourceMrjulesd (talk | contribs)Extended confirmed users, Pending changes reviewers8,536 edits {{Misplaced Pages accounts|collapsed}}← Previous edit | Latest revision as of 23:26, 14 November 2024 view source Risker (talk | contribs)Edit filter managers, Autopatrolled, Checkusers, Oversighters, Administrators28,295 edits unnecessary shortcutsTag: Manual revert | ||
| (154 intermediate revisions by 78 users not shown) | |||
| Line 1: | Line 1: | ||
| {{Redirect|WP:CHECK|the WikiProject|Misplaced Pages:WikiProject Check Misplaced Pages}} | |||
| ⚫ | <noinclude>{{Pp-semi-indef}}{{Pp-move-indef}}</noinclude> | ||
| {{For|the encyclopedic article about the CheckUser tool|CheckUser}} | |||
| {{For|how to request CheckUser intervention, please|Misplaced Pages:Sockpuppet investigations}} | |||
| ⚫ | <noinclude>{{short description|Procedural policy of Misplaced Pages}}{{Pp-semi-indef}}{{Pp-move-indef}}</noinclude> | ||
| :''{{!xt|If you need to contact a CheckUser for a sensitive matter, please see ] below.}}'' | |||
| {{Warning|To '''contact a checkuser about sensitive matters''', see ]. Otherwise, to open an investigation, go to ].}} | |||
| {{procedural policy|WP:CHK|WP:CHECK|text=This local policy supplements—but cannot override—the ].}} | |||
| ⚫ | ]<!-- Typically, CamelCase is not used for every iteration of the word "checkuser". Based on past discussion: A "checkuser" (capitalized at the start of a sentence) has the "checkuser" (always lowercase, usually placed in <code></code> markup) permission, which lets them use the "CheckUser" tool. --> | ||
| ⚫ | The '''CheckUser''' tool is used by a small group of trusted Misplaced Pages users (called '''checkusers'''). The tool allows its users to determine from Misplaced Pages's servers the ]es used by a Misplaced Pages user account, as well as other technical data stored by the server about a user account or IP address. | ||
| Misplaced Pages's checkuser team uses the tool to establish whether two or more accounts are being operated ], and to protect Misplaced Pages against disruptive or abusive behaviour. | |||
| {{procedural policy|WP:CHK|WP:CHECK|text=This local checkuser policy supplements – but cannot override – the global CheckUser policy. The global policy originates from the Wikimedia Foundation and is hosted ].}} | |||
| Checkusers are able to view a list of all IP addresses used by a user account to edit the English Misplaced Pages, a list of all edits made ''by'' or ''from'' an IP address or range (which includes edits by accounts while on the IP address or range), or a list of all user accounts that have used an IP address or range. They may also view a log of CheckUser actions at ]. | |||
| ⚫ | ]<!-- Typically, CamelCase is not used for every iteration of the word "checkuser". |
||
| ⚫ | CheckUser data is never accessed or released except in accordance with the ]'s (WMF) ] and the additional restrictions placed by this policy. After completing an investigation with the CheckUser tool, most checkusers release their findings in generalised form (such as with a statement that "account A is, is not, or may be the same as accounts B or C"); on the English Misplaced Pages, the release of actual private data (like "account D is connecting through IP address 0.1.2.3") is exceptionally rare. Conclusions derived from CheckUser data have limited usefulness, and a negative finding by a checkuser ] obvious sockpuppetry. | ||
| ⚫ | The '''CheckUser''' tool is |
||
| ⚫ | On the English Misplaced Pages, CheckUser access is entrusted to ] who can execute CheckUser inquiries at their own discretion. The permission is granted by Misplaced Pages's ], after community consultation and vetting of the editor by the committee's members and the ]. While there is no formal requirement that checkusers also be administrators, the Arbitration Committee has traditionally restricted applications to users who are currently administrators. Checkusers must be 18 years of age or older and have ] before being appointed. The use of the CheckUser tool on the English Misplaced Pages is monitored and controlled by the Arbitration Committee, and checkusers may have their permissions revoked by the Arbitration Committee for misuse or abuse of the tool. | ||
| ⚫ | |||
| ⚫ | On the English Misplaced Pages, CheckUser is entrusted to ] who can execute CheckUser inquiries at their own discretion |
||
| This policy supplements the ] and applies only to the English Misplaced Pages. | This policy supplements the ] and applies only to the English Misplaced Pages. | ||
| Line 20: | Line 22: | ||
| {{main|m:CheckUser policy}} | {{main|m:CheckUser policy}} | ||
| The |
The CheckUser tool may be used only to prevent disruptive editing on the English Misplaced Pages or to investigate legitimate, credible concerns of bad-faith editing or ]. | ||
| === Grounds for checking === | === Grounds for checking === | ||
| CheckUser data may be used to investigate, prevent, or respond to: | CheckUser data may be used to investigate, prevent, or respond to: | ||
| #Vandalism; | #]; | ||
| #Sockpuppetry; | |||
| #]; | |||
| #Disruption (or potential disruption) of any Wikimedia project; and | #Disruption (or potential disruption) of any Wikimedia project; and | ||
| #Legitimate concerns about bad |
#Legitimate concerns about bad-faith editing. | ||
| The tool may never be used to: | The tool may never be used to: | ||
| Line 35: | Line 36: | ||
| #Threaten another editor into compliance in a content dispute. | #Threaten another editor into compliance in a content dispute. | ||
| The primary purpose of CheckUser is the prevention of |
The primary purpose of CheckUser is the prevention of sockpuppetry, but community policy provides for several ] where the alternative accounts are not being used to violate site policy (such as by double voting or by giving the impression there is more support for a position in a discussion or content dispute). | ||
| {{shortcut|WP:CHECKME}} | |||
| On some Wikimedia projects, an editor's IP addresses may be checked upon |
On some Wikimedia projects, an editor's IP addresses may be checked upon their request, typically to prove innocence against a sockpuppet allegation. Such checks are not allowed on the English Misplaced Pages and such requests will not be granted. | ||
| === Notifying the account that is checked === | === Notifying the account that is checked === | ||
| ⚫ | Checkusers are permitted, but not required, to inform an editor that their account has been checked. The result of a check may be disclosed to the community (on a community process page like ]). | ||
| ⚫ | == CheckUser and the privacy policy == | ||
| ⚫ | Checkusers are permitted but not required to inform an editor that their account has been checked. The result of a check may be disclosed to the community (on a community process page like ]) |
||
| {{shortcut|WP:CUPRIVACY}} | |||
| ⚫ | == CheckUser and privacy policy == | ||
| {{main|m:Privacy policy}} | {{main|m:Privacy policy}} | ||
| The CheckUser feature facilitates access to non-public information. The Wikimedia Foundation takes the privacy of its users extremely seriously, and there may at times be tension between protecting Misplaced Pages from damage and disruption, and protecting the privacy of users (even disruptive ones). Checkusers must perpetually weigh these opposing concerns. In order to reach the optimal result, checkusers on the English Misplaced Pages are required to adhere to the following conventions and practices |
The CheckUser feature facilitates access to non-public information. The Wikimedia Foundation takes the privacy of its users extremely seriously, and there may at times be tension between protecting Misplaced Pages from damage and disruption, and protecting the privacy of users (even disruptive ones). Checkusers must perpetually weigh these opposing concerns. In order to reach the optimal result, checkusers on the English Misplaced Pages are required to adhere to the following conventions and practices: | ||
| # Checkusers are given discretion to check an account, but must always do so for legitimate purposes. Broadly, checks must |
# Checkusers are given discretion to check an account, but must always do so for legitimate purposes. Broadly, checks must be made only in order to prevent or reduce potential or actual disruption, or to investigate credible, legitimate concerns of bad faith editing. | ||
| # Checkusers often receive requests from non-checkusers that they check an account (though many checks are also initiated by the checkuser without direction, for instance because the checkuser has noticed a suspicious account). Where a check is initiated as a result of a request from a non-checkuser, that request may be received in public or in private. Requests received privately may be directed by the checkuser to be made publicly if the checkuser so desires, and vice versa. | # Checkusers often receive requests from non-checkusers that they check an account (though many checks are also initiated by the checkuser without direction, for instance because the checkuser has noticed a suspicious account). Where a check is initiated as a result of a request from a non-checkuser, that request may be received in public or in private. Requests received privately may be directed by the checkuser to be made publicly if the checkuser so desires, and vice versa. | ||
| # Unsubstantiated requests will be declined and a check will not be run (typically using the slogan " |
# Unsubstantiated requests will be declined and a check will not be run (typically using the slogan "CheckUser is not for fishing"). On their own cognisance, checkusers may nonetheless privately make any check that falls within the bounds of CheckUser policy; this might include a check that they have elsewhere or earlier declined to make. | ||
| # The disclosure of actual |
# The disclosure of actual CheckUser data (such as IP addresses) is subject to the ], which requires that identifying information not be disclosed except under the following circumstances: | ||
| #:* With the permission of the affected user; | #:* With the permission of the affected user; | ||
| #:* Where the user has been vandalising articles or persistently behaving in a disruptive way, data may be released to non-checkusers to allow the making of IP blocks or rangeblocks, or to assist in the formulation of a complaint to relevant Internet Service Providers or network operators; and | #:* Where the user has been vandalising articles or persistently behaving in a disruptive way, data may be released to non-checkusers to allow the making of IP blocks or rangeblocks, or to assist in the formulation of a complaint to relevant Internet Service Providers or network operators; and | ||
| Line 59: | Line 61: | ||
| === IP information disclosure === | === IP information disclosure === | ||
| {{shortcut|WP:CUIPDISCLOSE}} | |||
| Checkusers may state that different named accounts are operated from the same IP or range, so long as the actual IP address(es) are not specified, or if only non-specific details are given (such as the name of the country, region, or large ISP associated with the IP address). If the checkuser's statement could not lead to another person divining the personal identity of the user accounts in question, such disclosure would be permissible. However, on the English Misplaced Pages, checkusers are discouraged from making a public statement that connects one or more IP addresses to one or more named accounts, since an IP address is often much more tightly linked to a specific person. (In the case of larger IP ranges, this discouragement is not as great because larger ranges mean a less specific connection can be drawn.) When announcing the results of their checks, checkusers will employ a variety of means to avoid connecting a user to an IP address, but in some cases it is hard to avoid doing so. This policy encourages English Misplaced Pages checkusers not to allow such connections to be made from their results, but the global privacy policy allows them to do so in the case of serious disruption, and this policy allows checkusers to prioritise compliance with Misplaced Pages policy over the personal privacy of a user who has abusively edited the encyclopedia. | |||
| In some situations, while |
In some situations, while checkusers can endeavour to avoid explicitly connecting an account to an IP address, they will find it difficult or impossible not to do so. For instance, when a user edits disruptively using multiple IPs, or a mixture of IPs and accounts, the checkuser will find it difficult to block the accounts and then the IP addresses without an obvious inference being drawn by onlookers from the series of blocks being made in a short period of time. When a user abusively uses several accounts and it is reasonably plausible they will create more accounts, the underlying IP range must be blocked so further abusive accounts cannot be made. The IP addresses and user accounts must therefore be blocked together. | ||
| Users who engage in problematic conduct to the point that requests for administrative action or blocking are raised and considered valid for CheckUser usage—and where |
Users who engage in problematic conduct to the point that requests for administrative action or blocking are raised and considered valid for CheckUser usage—and where a checkuser then determines the user probably has engaged in such conduct—must expect the protection of the project to be given a higher priority than the protection of those who knowingly breach its policies. | ||
| === IP information retention === | === IP information retention === | ||
| Information about users (like their IP address) is retained for a limited period on Wikimedia Foundation sites. Data retention is limited in this way because incidents or actions that are not current rarely require investigation.<!-- WP:BEANS - The actual period of time should not be specified here. --> | Information about users (like their IP address) is retained for a limited period on Wikimedia Foundation sites. Data retention is limited in this way because incidents or actions that are not current rarely require investigation.<!-- WP:BEANS - The actual period of time should not be specified here. --> | ||
| === Guidance given to |
=== Guidance given to checkusers === | ||
| {{shortcut|WP:MAGIC8BALL}} | |||
| ] advises that |
] advises that even if the user is committing abuse, personal information should if possible not be revealed. Checkusers are advised as follows: | ||
| * Generally, |
* Generally, don't reveal IP addresses when announcing their results. Only give generalized results, such as that one account uses the same network (or a different network) to another account. If detailed information is provided, make sure the person you are giving it to is a trusted person who will not reveal it. Typically, such information should not be given to people who are not functionaries or experienced administrators; it would be best to deal with the abusive accounts with other checkusers. | ||
| * If the user has said they're from a certain region and their IP address confirms that |
* If the user has said they're from a certain region and their IP address confirms that, you are permitted to declare that CheckUser verifies they are. | ||
| * If you're in any doubt, give no detail – and "answer like a ]"! | * If you're in any doubt, give no detail – and "answer like a ]"! | ||
| On the English Misplaced Pages, |
On the English Misplaced Pages, checkusers asked to run a check must have clear evidence that a check is appropriate and necessary. The onus is on an individual checkuser to explain, if challenged, why a check was run. The CheckUser log is regularly examined by arbitrators. All actions associated with the CheckUser tool, especially public or off-wiki actions, are subject to public view and can result in a complaint being filed with the Arbitration Committee, the ], or both. Checkusers who run checks based on an unsubstantiated accusation may be cautioned or subject to sanctions, up to and including the revocation of their permissions; for a previous example of this, see ] by the Audit Subcommittee. | ||
| === Fishing === | |||
| === <span id=".22Fishing.22"></span>Fishing === | |||
| {{shortcut|WP:NOTFISHING}} | {{shortcut|WP:NOTFISHING}} | ||
| "Fishing" is to check an account where there is no credible evidence to suspect sockpuppetry. Checks are inappropriate unless there is evidence suggesting abusive sockpuppetry. For example, it is not fishing to check an account where the alleged sockmaster is unknown, but there is reasonable suspicion of sockpuppetry, and a suspected sockpuppet's operator is sometimes unknown until a CheckUser investigation is concluded. Checks with a negative result do not mean the check was initially invalid. | |||
| == Contacting a |
== Contacting a checkuser == | ||
| {{shortcut|WP:CONTACTCU}} | |||
| {{main|Misplaced Pages:Functionaries|Misplaced Pages:Sockpuppet investigations}} | {{main|Misplaced Pages:Functionaries|Misplaced Pages:Sockpuppet investigations}} | ||
| Checkusers are seasoned, experienced users, who are thoroughly vetted and highly trusted to handle sensitive and private matters, as well as other user issues. Routine ] and editing issues requiring checkuser review are handled at ]. In keeping with ], checkusers are authorized to receive contact by other means, like on their user talk pages, by email, on IRC or a mailing list, and so on. If an incident is of a private or sensitive nature, you should never use public means of contact. If an incident is of an urgent nature, you should contact a checkuser you know to be online, or contact multiple active CheckUsers. If an incident is an emergency, you should contact the Wikimedia Foundation. | |||
| If you require an editor with |
If you require an editor with checkuser access, you may contact: | ||
| #'''An individual |
#'''An individual checkuser''' who will either advise, deal with the matter, or (especially if asked) forward it on to other checkusers for wider discussion. is available. | ||
| #'''The English Misplaced Pages |
#'''The English Misplaced Pages checkuser team''', which can be suitable if you need other checkusers to be aware or you do not know any checkusers personally to judge which individual to contact. You may do so by emailing the English Misplaced Pages checkuser ] queue at {{nospam|checkuser-en-wp|wikipedia.org}}. Not all checkusers are subscribed to this list. If it is sensitive beyond that, then it may instead be sent to the ] or any arbitrator. | ||
| #'''The interwiki |
#'''The interwiki checkuser team''', which co-ordinates between checkusers on all WMF projects (and stewards, for small wikis with no local checkusers) in the checkuser-l mailing list. The inter-project team is ideal for matters concerning prolific vandals or sock users, privacy-related incidents or harassment, and other global matters of interest beyond English Misplaced Pages. The Wikimedia-wide checkuser mailing list does not receive mail from non-subscribers, so you will need to contact a checkuser by other means (like IRC). | ||
| == CheckUser operation == | == CheckUser operation == | ||
| ] | ] | ||
| === Usage === | === Usage === | ||
| A user with CheckUser access will get an extra "CheckUser" option under ], |
A user with CheckUser access will get an extra "CheckUser" option under ], "check IP addresses" and "recent user checks" options on ], and access to the ] and ] special pages, along with other similar functions. On the English Misplaced Pages, checkusers also receive access to the checkuser-l global mailing list, are subscribed to the ] mailing list, and receive access to the private IRC channels at their request. | ||
| Several scripts exist for English Misplaced Pages |
Several scripts exist for English Misplaced Pages checkusers, including ], ''User:Amalthea/cufilter'', ], and ], among others.<ref group=note>No guarantee is given that any of these scripts are currently functional, under active development, or actively being maintained.</ref> | ||
| === Guide to checkusers === | === Guide to checkusers === | ||
| {{shortcut|WP:PIXIEDUST}} | |||
| The ] gives checkusers the following information: | The ] gives checkusers the following information: | ||
| *CheckUser is a technical tool, and requires a significant degree of familiarity with IPs, IP ranges, and related principles, to be correctly used. | * CheckUser is a technical tool, and requires a significant degree of familiarity with IPs, IP ranges, and related principles, to be correctly used. | ||
| *CheckUser is not magic wiki ]. Almost all queries about IPs will be because two editors were behaving the same way or an editor was behaving in a way that suggests disruption. An editing pattern match is the important thing; the IP match is really just extra evidence (or not). | * CheckUser is not magic wiki ]. Almost all queries about IPs will be because two editors were behaving the same way or an editor was behaving in a way that suggests disruption. An editing pattern match is the important thing; the IP match is really just extra evidence (or not). | ||
| *Most dialup and many DSL and cable IP addresses are dynamic, meaning they might change every session, every day, every week, every few months, or hardly ever. Unless the access times are immediately before and after each other, be cautious in declaring a match based on IP address alone. Experienced check users will learn to recognise if an ISP changes frequently or occasionally. Proxy IP addresses might not be a match, depending on the size of the organisation running the proxy (per whois output). If it's an ISP proxy, it is not so likely to indicate a match. (Note – some users, particularly those involved in technical matters, can help identify whether an IP is likely to be a proxy, or is likely to be static, fast, or slow changing.) | * Most dialup and many DSL and cable IP addresses are dynamic, meaning they might change every session, every day, every week, every few months, or hardly ever. Unless the access times are immediately before and after each other, be cautious in declaring a match based on IP address alone. Experienced check users will learn to recognise if an ISP changes frequently or occasionally. Proxy IP addresses might not be a match, depending on the size of the organisation running the proxy (per whois output). If it's an ISP proxy, it is not so likely to indicate a match. (Note – some users, particularly those involved in technical matters, can help identify whether an IP is likely to be a proxy, or is likely to be static, fast, or slow changing.) | ||
| *There is both a |
* There is both a checkuser mailing list ({{NonSpamEmail|checkuser-l|lists.wikimedia.org}}), and a checkuser ] channel (<code>]</code>), providing means to consult and get advice on checks and their interpretation, especially in the case of more complex vandalism. Both are used by checkusers on all Wikimedia Foundation projects; they are not just for the ]. Access to the IRC channel is by invitation only and the checkuser mailing list does not accept correspondence from non-members – users seeking assistance of a local checkuser should see the {{slink||Contacting a checkuser}} above. Checkusers also have access to a private wiki where they can share data with other members of the global checkuser team. It can also be used to store historical CheckUser data, typically in cases of long-term or complex sockpuppetry. | ||
| ** |
** Checkusers also have access to the channel <code>]</code>, as do ]. | ||
| * |
* Checkusers who are executing a CheckUser query should remember that anonymity tools can spoof headers, including the useragent, which may make it appear that a good-faith editor with ] is actually a sock of a disruptive editor. | ||
| === Reasons and communication === | === Reasons and communication === | ||
| Checkusers must be able to provide a valid reason to another checkuser (or the Arbitration Committee) for all checks they conduct. | Checkusers must be able to provide a valid reason to another checkuser (or the Arbitration Committee) for all checks they conduct. | ||
| Checkusers |
Checkusers should clearly mark as a "checkuser block" any block based on findings that involve checkuser data. The templates {{tl|checkuserblock}}, {{tl|checkuserblock-wide}} and {{tl|checkuserblock-account}} may be used for this purpose. However, in the case of such blocks, checkusers are not required to explain to non-checkusers the specific evidence at play (and are prohibited from doing so by the privacy policy). | ||
| === CheckUser blocks === | === CheckUser blocks === | ||
| {{See also|Misplaced Pages:Blocking policy#CheckUser blocks}} | {{See also|Misplaced Pages:Blocking policy#CheckUser blocks}} | ||
| Checkusers can block accounts based on technical (checkuser) evidence. They will make clear in the block log summary that they have blocked as a "checkuser action". These blocks must not be reversed by non-checkusers. Administrators |
Checkusers can block accounts based on technical (checkuser) evidence. They will make clear in the block log summary that they have blocked as a "checkuser action", usually by including the {{tl|checkuserblock}}, {{tl|checkuserblock-account}}, or similar templates. These blocks must not be reversed by non-checkusers. Administrators must not undo nor loosen any block that is specifically called a "checkuser block" without first consulting a checkuser or the ].<ref group=note>Checkuser ]'s on checkuser blocks and why they should not be lifted.</ref><ref group=note>] </ref> However, all checkuser blocks are subject to direct review and significant scrutiny by the other checkusers and the Arbitration Committee. Users whose block log summary indicates a checkuser action may appeal the block, and are expected to do so on-wiki using the {{tl|unblock}} template. | ||
| === {{Anchor|Logging}} Log of checks === | === {{Anchor|Logging}} Log of checks === | ||
| ] | ] | ||
| CheckUser queries cannot be executed on the English Misplaced Pages without the initiator entering something |
CheckUser queries cannot be executed on the English Misplaced Pages without the initiator entering something into the "Reason for check" field, which is akin to the ] feature for page-editing. All queries are logged at ], which is visible to other checkusers through ]. Each entry in the log will show who ran the check, when, the check reason, and what type of data was called (the tool can be used to get IPs, edits from an IP, or users for an IP). The log does ''not'' display, nor allow for the retention of, data returned from a check. | ||
| === Assignment and revocation === | === Assignment and revocation === | ||
| {{ |
{{Main article|Misplaced Pages:Arbitration Committee/CheckUser and Oversight}} | ||
| Checkuser permissions are assigned by the ]. While many users with checkuser permissions are or were members of the Arbitration Committee, the Arbitration Committee also appoints a number of editors as checkusers, typically around once a year. Users interested in obtaining access should add the ] to their watchlists for an announcement or should contact the Committee. Appointments that are confirmed by the Arbitration Committee will be posted on ] on Meta-Wiki; a steward will assign the permission once the user has completed and signed the necessary ]. | |||
| Checkuser permissions can be revoked for not meeting the ] or for cause. If the Committee feels that an editor has abused CheckUser, such as by inappropriately performing checks or needlessly disclosing privacy related information from a CheckUser inquiry, they will request a ] to remove the permission from the editor. This may be done by any of the usual ways, including e-mail or a request on ] on Meta. Emergency requests based upon clear evidence may also be made in exceptional circumstances, the same way. In an exceptional case, ''and for good cause'', a steward may temporarily remove the permission, pending a decision by the Committee. The steward should check that the matter is well-founded, and make clear immediately that it is a temporary response only, since such an action could lead to controversy. | |||
| === Complaints and misuse === | === Complaints and misuse === | ||
| {{ |
{{Main article|m:CheckUser policy#Removal of access}} | ||
| WMF policy on removal states that: | |||
| The Wikimedia Foundation policy on revocation of CheckUser access states in part that: | |||
| ⚫ | {{Quotation|Any user account with CheckUser status that is inactive for more than |
||
| ⚫ | {{Quotation|Any user account with CheckUser status that is inactive for more than one year will have their CheckUser access removed.<p>In case of abusive use of the tool, the Steward or the editor with the CheckUser privilege will immediately have their access removed. This will in particular happen if checks are done routinely on editors without a serious motive to do so (links and proofs of bad behavior should be provided).<p>Suspicion of abuses of CheckUser should be discussed by each local wiki. On wikis with an approved ArbCom, the ArbCom can decide on the removal of access <p>Complaints of infringement of CheckUser, Access to Nonpublic Information Policy or Privacy Policy breaches are handled by the ] for all Wikimedia projects.}} | ||
| Complaints involving the release of personally identifying information or other potential violations of the Wikimedia Foundation's Privacy Policy should be made to the ]. | |||
| Complaints involving the release of personally identifying information or other potential violations of the WMF's Privacy Policy should be made to the ]. | |||
| Other complaints or inquiries about potential misuse of the checkuser tool should be referred to the ]. | |||
| ⚫ | == Users with |
||
| ⚫ | |||
| ⚫ | == Users with checkuser permissions == | ||
| ⚫ | There are currently {{NUMBERINGROUP:checkuser}} users with the CheckUser permission on the English Misplaced Pages. A complete listing is available at ]. {{functionaries}} | ||
| == Notes == | |||
| {{Reflist|group=note}} | |||
| == See also == | == See also == | ||
| {{Misplaced Pages glossary}} | {{Misplaced Pages glossary}} | ||
| ; CheckUser | ; CheckUser | ||
| * ] |
* ] | ||
| ;CheckUser access | ;CheckUser access | ||
| * ] |
* ] – used by the arbitration committee to request usergroup addition | ||
| * ] |
* ] – shows CheckUser assignments and removals. Enter '''<code>User:USERNAME@enwiki</code>''' in the "Target" box. | ||
| * ] | * ] | ||
| ; Related pages | ; Related pages | ||
| * ] |
* ] – page at ] for requesting checks that take place in more than one project. | ||
| * ] | * ] | ||
| * ] | * ] | ||
| * ] |
* ] | ||
| * ] |
* ] | ||
| * ] | * ] | ||
| * ] |
* ] – Local roles, appointments, and complaints about tool usage | ||
| * ] |
* ] – Global oversight of the tool for all wikis | ||
| * </nowiki> CheckUser (thoughts)] |
* </nowiki> CheckUser (thoughts)] – by Anthere on April 22, 2006, includes a historic background | ||
| * {{tl|User checkuser since}} – a userbox to indicate having checkuser permission with period of time | |||
| * {{tl|User wikipedia/Checkuser}} – a ] template to indicate you have the checkuser user right | |||
| * {{tl|Checkuser topicon}} – a ] template to indicate you have the checkuser user right – adds a category to page automatically | |||
| ; Technical | ; Technical | ||
| * ] |
* ] – more detailed description of how the feature works and how to install the extension on one's own wiki. | ||
| ⚫ | * {{commonscatinline|MediaWiki CheckUser}} | ||
| ⚫ | {{commonscatinline|MediaWiki CheckUser}} | ||
| {{Misplaced Pages accounts|collapsed}} | {{Misplaced Pages accounts|collapsed}} | ||
| ⚫ | ] | ||
| ] | ] | ||
| ⚫ | ] | ||
| ] | ] | ||
Latest revision as of 23:26, 14 November 2024
"WP:CHECK" redirects here. For the WikiProject, see Misplaced Pages:WikiProject Check Misplaced Pages. For the encyclopedic article about the CheckUser tool, see CheckUser. Procedural policy of Misplaced Pages | To contact a checkuser about sensitive matters, see Contacting a checkuser. Otherwise, to open an investigation, go to Misplaced Pages:Sockpuppet investigations. |
 | This page documents a procedural policy of Misplaced Pages. It documents various processes by which the English Misplaced Pages operates. This local policy supplements—but cannot override—the global community CheckUser policy. | Shortcuts |
The CheckUser tool is used by a small group of trusted Misplaced Pages users (called checkusers). The tool allows its users to determine from Misplaced Pages's servers the IP addresses used by a Misplaced Pages user account, as well as other technical data stored by the server about a user account or IP address.
Misplaced Pages's checkuser team uses the tool to establish whether two or more accounts are being operated by one individual or group of people, and to protect Misplaced Pages against disruptive or abusive behaviour.
Checkusers are able to view a list of all IP addresses used by a user account to edit the English Misplaced Pages, a list of all edits made by or from an IP address or range (which includes edits by accounts while on the IP address or range), or a list of all user accounts that have used an IP address or range. They may also view a log of CheckUser actions at Special:CheckUserLog.
CheckUser data is never accessed or released except in accordance with the Wikimedia Foundation's (WMF) privacy policy and the additional restrictions placed by this policy. After completing an investigation with the CheckUser tool, most checkusers release their findings in generalised form (such as with a statement that "account A is, is not, or may be the same as accounts B or C"); on the English Misplaced Pages, the release of actual private data (like "account D is connecting through IP address 0.1.2.3") is exceptionally rare. Conclusions derived from CheckUser data have limited usefulness, and a negative finding by a checkuser rarely precludes obvious sockpuppetry.
On the English Misplaced Pages, CheckUser access is entrusted to a restricted number of trusted users who can execute CheckUser inquiries at their own discretion. The permission is granted by Misplaced Pages's Arbitration Committee, after community consultation and vetting of the editor by the committee's members and the functionary team. While there is no formal requirement that checkusers also be administrators, the Arbitration Committee has traditionally restricted applications to users who are currently administrators. Checkusers must be 18 years of age or older and have signed the Wikimedia Foundation's confidentiality agreement for nonpublic information before being appointed. The use of the CheckUser tool on the English Misplaced Pages is monitored and controlled by the Arbitration Committee, and checkusers may have their permissions revoked by the Arbitration Committee for misuse or abuse of the tool.
This policy supplements the global checkuser policy and applies only to the English Misplaced Pages.
Policy
Main article: m:CheckUser policyThe CheckUser tool may be used only to prevent disruptive editing on the English Misplaced Pages or to investigate legitimate, credible concerns of bad-faith editing or sockpuppetry.
Grounds for checking
CheckUser data may be used to investigate, prevent, or respond to:
- Vandalism;
- Sockpuppetry;
- Disruption (or potential disruption) of any Wikimedia project; and
- Legitimate concerns about bad-faith editing.
The tool may never be used to:
- Exert political or social control;
- Apply pressure on an editor; or
- Threaten another editor into compliance in a content dispute.
The primary purpose of CheckUser is the prevention of sockpuppetry, but community policy provides for several legitimate uses of alternative accounts where the alternative accounts are not being used to violate site policy (such as by double voting or by giving the impression there is more support for a position in a discussion or content dispute).
ShortcutOn some Wikimedia projects, an editor's IP addresses may be checked upon their request, typically to prove innocence against a sockpuppet allegation. Such checks are not allowed on the English Misplaced Pages and such requests will not be granted.
Notifying the account that is checked
Checkusers are permitted, but not required, to inform an editor that their account has been checked. The result of a check may be disclosed to the community (on a community process page like Misplaced Pages:Sockpuppet investigations).
CheckUser and the privacy policy
Shortcut Main article: m:Privacy policyThe CheckUser feature facilitates access to non-public information. The Wikimedia Foundation takes the privacy of its users extremely seriously, and there may at times be tension between protecting Misplaced Pages from damage and disruption, and protecting the privacy of users (even disruptive ones). Checkusers must perpetually weigh these opposing concerns. In order to reach the optimal result, checkusers on the English Misplaced Pages are required to adhere to the following conventions and practices:
- Checkusers are given discretion to check an account, but must always do so for legitimate purposes. Broadly, checks must be made only in order to prevent or reduce potential or actual disruption, or to investigate credible, legitimate concerns of bad faith editing.
- Checkusers often receive requests from non-checkusers that they check an account (though many checks are also initiated by the checkuser without direction, for instance because the checkuser has noticed a suspicious account). Where a check is initiated as a result of a request from a non-checkuser, that request may be received in public or in private. Requests received privately may be directed by the checkuser to be made publicly if the checkuser so desires, and vice versa.
- Unsubstantiated requests will be declined and a check will not be run (typically using the slogan "CheckUser is not for fishing"). On their own cognisance, checkusers may nonetheless privately make any check that falls within the bounds of CheckUser policy; this might include a check that they have elsewhere or earlier declined to make.
- The disclosure of actual CheckUser data (such as IP addresses) is subject to the privacy policy, which requires that identifying information not be disclosed except under the following circumstances:
- With the permission of the affected user;
- Where the user has been vandalising articles or persistently behaving in a disruptive way, data may be released to non-checkusers to allow the making of IP blocks or rangeblocks, or to assist in the formulation of a complaint to relevant Internet Service Providers or network operators; and
- Where it could reasonably be thought necessary to protect the rights, property or safety of the Wikimedia Foundation, its users or the public.
These conventions arise out of practice that has emerged in the years since the checkuser tool was created, and in some cases out of rulings or "statements of best practice" by the Audit Subcommittee (now disbanded) and the Arbitration Committee.
IP information disclosure
ShortcutCheckusers may state that different named accounts are operated from the same IP or range, so long as the actual IP address(es) are not specified, or if only non-specific details are given (such as the name of the country, region, or large ISP associated with the IP address). If the checkuser's statement could not lead to another person divining the personal identity of the user accounts in question, such disclosure would be permissible. However, on the English Misplaced Pages, checkusers are discouraged from making a public statement that connects one or more IP addresses to one or more named accounts, since an IP address is often much more tightly linked to a specific person. (In the case of larger IP ranges, this discouragement is not as great because larger ranges mean a less specific connection can be drawn.) When announcing the results of their checks, checkusers will employ a variety of means to avoid connecting a user to an IP address, but in some cases it is hard to avoid doing so. This policy encourages English Misplaced Pages checkusers not to allow such connections to be made from their results, but the global privacy policy allows them to do so in the case of serious disruption, and this policy allows checkusers to prioritise compliance with Misplaced Pages policy over the personal privacy of a user who has abusively edited the encyclopedia.
In some situations, while checkusers can endeavour to avoid explicitly connecting an account to an IP address, they will find it difficult or impossible not to do so. For instance, when a user edits disruptively using multiple IPs, or a mixture of IPs and accounts, the checkuser will find it difficult to block the accounts and then the IP addresses without an obvious inference being drawn by onlookers from the series of blocks being made in a short period of time. When a user abusively uses several accounts and it is reasonably plausible they will create more accounts, the underlying IP range must be blocked so further abusive accounts cannot be made. The IP addresses and user accounts must therefore be blocked together.
Users who engage in problematic conduct to the point that requests for administrative action or blocking are raised and considered valid for CheckUser usage—and where a checkuser then determines the user probably has engaged in such conduct—must expect the protection of the project to be given a higher priority than the protection of those who knowingly breach its policies.
IP information retention
Information about users (like their IP address) is retained for a limited period on Wikimedia Foundation sites. Data retention is limited in this way because incidents or actions that are not current rarely require investigation.
Guidance given to checkusers
Shortcutm:CheckUser policy advises that even if the user is committing abuse, personal information should if possible not be revealed. Checkusers are advised as follows:
- Generally, don't reveal IP addresses when announcing their results. Only give generalized results, such as that one account uses the same network (or a different network) to another account. If detailed information is provided, make sure the person you are giving it to is a trusted person who will not reveal it. Typically, such information should not be given to people who are not functionaries or experienced administrators; it would be best to deal with the abusive accounts with other checkusers.
- If the user has said they're from a certain region and their IP address confirms that, you are permitted to declare that CheckUser verifies they are.
- If you're in any doubt, give no detail – and "answer like a Magic 8-Ball"!
On the English Misplaced Pages, checkusers asked to run a check must have clear evidence that a check is appropriate and necessary. The onus is on an individual checkuser to explain, if challenged, why a check was run. The CheckUser log is regularly examined by arbitrators. All actions associated with the CheckUser tool, especially public or off-wiki actions, are subject to public view and can result in a complaint being filed with the Arbitration Committee, the Wikimedia Foundation Ombuds Commission, or both. Checkusers who run checks based on an unsubstantiated accusation may be cautioned or subject to sanctions, up to and including the revocation of their permissions; for a previous example of this, see this 2009 investigation by the Audit Subcommittee.
Fishing
Shortcut"Fishing" is to check an account where there is no credible evidence to suspect sockpuppetry. Checks are inappropriate unless there is evidence suggesting abusive sockpuppetry. For example, it is not fishing to check an account where the alleged sockmaster is unknown, but there is reasonable suspicion of sockpuppetry, and a suspected sockpuppet's operator is sometimes unknown until a CheckUser investigation is concluded. Checks with a negative result do not mean the check was initially invalid.
Contacting a checkuser
Shortcut Main pages: Misplaced Pages:Functionaries and Misplaced Pages:Sockpuppet investigationsCheckusers are seasoned, experienced users, who are thoroughly vetted and highly trusted to handle sensitive and private matters, as well as other user issues. Routine sockpuppet and editing issues requiring checkuser review are handled at Misplaced Pages:Sockpuppet investigations. In keeping with WP:NOTBUREAUCRACY, checkusers are authorized to receive contact by other means, like on their user talk pages, by email, on IRC or a mailing list, and so on. If an incident is of a private or sensitive nature, you should never use public means of contact. If an incident is of an urgent nature, you should contact a checkuser you know to be online, or contact multiple active CheckUsers. If an incident is an emergency, you should contact the Wikimedia Foundation. If you require an editor with checkuser access, you may contact:
- An individual checkuser who will either advise, deal with the matter, or (especially if asked) forward it on to other checkusers for wider discussion. A list of recently active checkusers is available.
- The English Misplaced Pages checkuser team, which can be suitable if you need other checkusers to be aware or you do not know any checkusers personally to judge which individual to contact. You may do so by emailing the English Misplaced Pages checkuser VRT queue at checkuser-en-wp
wikipedia.org. Not all checkusers are subscribed to this list. If it is sensitive beyond that, then it may instead be sent to the Arbitration Committee mailing list or any arbitrator. - The interwiki checkuser team, which co-ordinates between checkusers on all WMF projects (and stewards, for small wikis with no local checkusers) in the checkuser-l mailing list. The inter-project team is ideal for matters concerning prolific vandals or sock users, privacy-related incidents or harassment, and other global matters of interest beyond English Misplaced Pages. The Wikimedia-wide checkuser mailing list does not receive mail from non-subscribers, so you will need to contact a checkuser by other means (like IRC).
CheckUser operation
Usage
A user with CheckUser access will get an extra "CheckUser" option under Special:SpecialPages, "check IP addresses" and "recent user checks" options on Special:Contributions, and access to the Special:CheckUser and Special:CheckUserLog special pages, along with other similar functions. On the English Misplaced Pages, checkusers also receive access to the checkuser-l global mailing list, are subscribed to the functionaries-l mailing list, and receive access to the private IRC channels at their request.
Several scripts exist for English Misplaced Pages checkusers, including User:Amalthea/culoghelper.js, User:Amalthea/cufilter, MediaWiki:Gadget-markblocked.js, and User:GeneralNotability/spihelper.js, among others.
Guide to checkusers
ShortcutThe Meta checkuser help page gives checkusers the following information:
- CheckUser is a technical tool, and requires a significant degree of familiarity with IPs, IP ranges, and related principles, to be correctly used.
- CheckUser is not magic wiki pixie dust. Almost all queries about IPs will be because two editors were behaving the same way or an editor was behaving in a way that suggests disruption. An editing pattern match is the important thing; the IP match is really just extra evidence (or not).
- Most dialup and many DSL and cable IP addresses are dynamic, meaning they might change every session, every day, every week, every few months, or hardly ever. Unless the access times are immediately before and after each other, be cautious in declaring a match based on IP address alone. Experienced check users will learn to recognise if an ISP changes frequently or occasionally. Proxy IP addresses might not be a match, depending on the size of the organisation running the proxy (per whois output). If it's an ISP proxy, it is not so likely to indicate a match. (Note – some users, particularly those involved in technical matters, can help identify whether an IP is likely to be a proxy, or is likely to be static, fast, or slow changing.)
- There is both a checkuser mailing list (checkuser-llists.wikimedia.org), and a checkuser irc channel (
#wikimedia-checkuser), providing means to consult and get advice on checks and their interpretation, especially in the case of more complex vandalism. Both are used by checkusers on all Wikimedia Foundation projects; they are not just for the English Misplaced Pages. Access to the IRC channel is by invitation only and the checkuser mailing list does not accept correspondence from non-members – users seeking assistance of a local checkuser should see the § Contacting a checkuser above. Checkusers also have access to a private wiki where they can share data with other members of the global checkuser team. It can also be used to store historical CheckUser data, typically in cases of long-term or complex sockpuppetry.- Checkusers also have access to the channel
#wikimedia-privacy, as do oversighters.
- Checkusers also have access to the channel
- Checkusers who are executing a CheckUser query should remember that anonymity tools can spoof headers, including the useragent, which may make it appear that a good-faith editor with IPBE is actually a sock of a disruptive editor.
Reasons and communication
Checkusers must be able to provide a valid reason to another checkuser (or the Arbitration Committee) for all checks they conduct.
Checkusers should clearly mark as a "checkuser block" any block based on findings that involve checkuser data. The templates {{checkuserblock}}, {{checkuserblock-wide}} and {{checkuserblock-account}} may be used for this purpose. However, in the case of such blocks, checkusers are not required to explain to non-checkusers the specific evidence at play (and are prohibited from doing so by the privacy policy).
CheckUser blocks
See also: Misplaced Pages:Blocking policy § CheckUser blocksCheckusers can block accounts based on technical (checkuser) evidence. They will make clear in the block log summary that they have blocked as a "checkuser action", usually by including the {{checkuserblock}}, {{checkuserblock-account}}, or similar templates. These blocks must not be reversed by non-checkusers. Administrators must not undo nor loosen any block that is specifically called a "checkuser block" without first consulting a checkuser or the Arbitration Committee. However, all checkuser blocks are subject to direct review and significant scrutiny by the other checkusers and the Arbitration Committee. Users whose block log summary indicates a checkuser action may appeal the block, and are expected to do so on-wiki using the {{unblock}} template.
Log of checks
CheckUser queries cannot be executed on the English Misplaced Pages without the initiator entering something into the "Reason for check" field, which is akin to the edit summary feature for page-editing. All queries are logged at Special:CheckUserLog, which is visible to other checkusers through Special:CheckUser. Each entry in the log will show who ran the check, when, the check reason, and what type of data was called (the tool can be used to get IPs, edits from an IP, or users for an IP). The log does not display, nor allow for the retention of, data returned from a check.
Assignment and revocation
Main page: Misplaced Pages:Arbitration Committee/CheckUser and OversightCheckuser permissions are assigned by the Arbitration Committee. While many users with checkuser permissions are or were members of the Arbitration Committee, the Arbitration Committee also appoints a number of editors as checkusers, typically around once a year. Users interested in obtaining access should add the ArbCom noticeboard to their watchlists for an announcement or should contact the Committee. Appointments that are confirmed by the Arbitration Committee will be posted on Requests for permissions on Meta-Wiki; a steward will assign the permission once the user has completed and signed the necessary non-public information confidentiality document.
Checkuser permissions can be revoked for not meeting the minimum activity level or for cause. If the Committee feels that an editor has abused CheckUser, such as by inappropriately performing checks or needlessly disclosing privacy related information from a CheckUser inquiry, they will request a Steward to remove the permission from the editor. This may be done by any of the usual ways, including e-mail or a request on requests for permission on Meta. Emergency requests based upon clear evidence may also be made in exceptional circumstances, the same way. In an exceptional case, and for good cause, a steward may temporarily remove the permission, pending a decision by the Committee. The steward should check that the matter is well-founded, and make clear immediately that it is a temporary response only, since such an action could lead to controversy.
Complaints and misuse
Main article: m:CheckUser policy § Removal of accessThe Wikimedia Foundation policy on revocation of CheckUser access states in part that:
Any user account with CheckUser status that is inactive for more than one year will have their CheckUser access removed.
In case of abusive use of the tool, the Steward or the editor with the CheckUser privilege will immediately have their access removed. This will in particular happen if checks are done routinely on editors without a serious motive to do so (links and proofs of bad behavior should be provided).
Suspicion of abuses of CheckUser should be discussed by each local wiki. On wikis with an approved ArbCom, the ArbCom can decide on the removal of access
Complaints of infringement of CheckUser, Access to Nonpublic Information Policy or Privacy Policy breaches are handled by the Ombuds commission for all Wikimedia projects.
Complaints involving the release of personally identifying information or other potential violations of the WMF's Privacy Policy should be made to the Ombuds commission.
Other complaints or inquiries about potential misuse of the checkuser tool should be referred to the Arbitration Committee.
Users with checkuser permissions
There are currently 55 users with the CheckUser permission on the English Misplaced Pages. A complete listing is available at Special:Listusers/checkuser. As of 1 January 2025, the following editors form the CheckUser team on the English Misplaced Pages:
- Appointed community checkusers
- Alison, Blablubbs, DatGuy, Dreamy Jazz, EdJohnston, Girth Summit, Ivanvector, Materialscientist, Mz7, NinjaRobotPirate, Oshwah, Ponyo, Reaper Eternal, RoySmith, Spicy, SQL, ST47, Stwalkerster, TheresNoTime, Vanamonde93, Versageek, Yamla, Zzuuzz
- Current arbitrators
- Aoidh, Cabayi, CaptainEek, Daniel, Elli, HJ Mitchell, KrakatoaKatie, Liz, Primefac, ScottishFinnishRadish, Sdrqaz, Theleekycauldron, ToBeFree, Worm That Turned, Z1720
- Former arbitrators
- AmandaNP, Barkeep49, Bradv, Callanecc, Drmies, Guerillero, Izno, Joe Roe, Jpgordon, Ks0stm, Mailer diablo, Mkdw, Moneytrees, PhilKnight, RickinBaltimore, Risker, Salvio giuliano
- Others
- Some Foundation staff members (prohibited from use by internal policy except in rare cases), Wikimedia Ombuds
- ^ Held prior to appointment to Arbitration Committee
- Ombuds commission members have global CheckUser access in order to investigate allegations related to the breach of WMF privacy policy.
The list above is served from Template:Functionaries.
Notes
- No guarantee is given that any of these scripts are currently functional, under active development, or actively being maintained.
- Checkuser Mackensen's comment on checkuser blocks and why they should not be lifted.
- Arbitration Committee statement on checkuser blocks, 18 July 2010
See also
This page is referenced in the Misplaced Pages Glossary.
- CheckUser
- CheckUser access
- m:Requests for permission – used by the arbitration committee to request usergroup addition
- m:User rights log – shows CheckUser assignments and removals. Enter
User:USERNAME@enwikiin the "Target" box. - Misplaced Pages:Arbitration Committee/CheckUser and Oversight elections
- Related pages
- m:Steward requests/Checkuser – page at metawiki for requesting checks that take place in more than one project.
- RfC: Community expectation of Checkuser
- Misplaced Pages:Identification
- Misplaced Pages:IP block exemption
- Misplaced Pages:User access levels
- m:Privacy policy
- Misplaced Pages:Arbitration Committee/CheckUser and Oversight – Local roles, appointments, and complaints about tool usage
- m:Ombuds commission – Global oversight of the tool for all wikis
- CheckUser (thoughts) – by Anthere on April 22, 2006, includes a historic background
- {{User checkuser since}} – a userbox to indicate having checkuser permission with period of time
- {{User wikipedia/Checkuser}} – a userbox template to indicate you have the checkuser user right
- {{Checkuser topicon}} – a top icon template to indicate you have the checkuser user right – adds a category to page automatically
- Technical
- mw:CheckUser – more detailed description of how the feature works and how to install the extension on one's own wiki.
Media related to MediaWiki CheckUser at Wikimedia Commons
| Misplaced Pages accounts and governance | |
|---|---|
| Unregistered (IP) users | |
| Registered users | |
| Account security | |
| Blocks, bans, sanctions, global actions | |
| Related to accounts | |
| User groups and global user groups | |
| Advanced user groups | |
| Committees and related | |
| Governance | |