Misplaced Pages

talk:CheckUser - Misplaced Pages

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.

This is the current revision of this page, as edited by Lowercase sigmabot III (talk | contribs) at 17:48, 18 November 2024 (Archiving 1 discussion(s) to Misplaced Pages talk:CheckUser/Archive 7) (bot). The present address (URL) is a permanent link to this version.

Revision as of 17:48, 18 November 2024 by Lowercase sigmabot III (talk | contribs) (Archiving 1 discussion(s) to Misplaced Pages talk:CheckUser/Archive 7) (bot)(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)
The project page associated with this talk page is an official policy on Misplaced Pages. Policies have wide acceptance among editors and are considered a standard for all users to follow. Please review policy editing recommendations before making any substantive change to this page. Always remember to keep cool when editing, and don't panic.Shortcuts
Text and/or other creative content from this version of Misplaced Pages:User access levels was copied or moved into Misplaced Pages:CheckUser with this edit on 10 January 2017. The former page's history now serves to provide attribution for that content in the latter page, and it must not be deleted as long as the latter page exists.

Archives
Archive 1Archive 2Archive 3
Archive 4Archive 5Archive 6
Archive 7


This page has archives. Sections older than 180 days may be automatically archived by Lowercase sigmabot III when more than 5 sections are present.

Potential Checkuser involvement in admin recall

In the 2024 RFA review, one of the subproposals in the Phase 2 of Admin recall involves Checkuser confirmation. Feedback from active CU would be appreciated on how feasible this would be. Soni (talk) 17:13, 11 May 2024 (UTC)

Transparency in the Checkuser Process

The checkuser process is not open to auditing. From a technical perspective, there is no page to confirm that the checkuser process was performed because it likely involves not only the internal technical aspect handled by the MediaWiki tool but also a human element in analyzing user behavior patterns. I believe there should be a task list available that can at least ensure the technical checkuser was conducted and found no connection. It is not clear to me that it was done just because the administrator said so. I think this step is necessary to prevent human errors. Wilfredor (talk) 23:12, 31 May 2024 (UTC)

@Wilfredor that's not entirely true. The CU process can (and is) audited by other checkusers, both internal to enwiki and across projects via the Ombuds Commission (which I happen to be serving on at the moment). You are certainly correct, however, that non-checkusers have no direct visibility into the process; this is an area where preserving user privacy trumps transparency. RoySmith (talk) 23:40, 31 May 2024 (UTC)
I understand that other checkusers can authenticate themselves but I was talking about a more transparent automatic tool that will simply show that the technical evaluation was actually done, but available to everyone without giving details of how the tool or the automated technical evaluation works internally. Wilfredor (talk) 23:51, 31 May 2024 (UTC)
I get the desire to know this, but even divulging that a check has been done (other than a checkuser talking about a check they did themselves) is considered a violation of the privacy policies. RoySmith (talk) 23:56, 31 May 2024 (UTC)
I believe it's technically OK to say that 'a checkuser' has checked something, that is, saying that a check was done without disclosing in any way which other party ran the check. The governing policy concerns 'non-public personal data'; if an account being checked is considered personal data then there's a whole load of people in trouble. There are numerous other potential problems with this proposal however, some of which would easily potentially violate privacy, others would potentially compromise effectiveness in combating disruption. -- zzuuzz 00:17, 1 June 2024 (UTC)
What I propose is an automated tool that confirms the execution of the checkuser without revealing any private data. Even though there is a group of checkusers verifying the process, this is not sufficient. For greater transparency, it should be publicly shown that the checkuser was indeed carried out and not merely a decision based on other factors. Wilfredor (talk) 12:47, 2 June 2024 (UTC)
On-demand reporting of checks can in fact reveal non-public data, for example closely linked accounts. It can also provide undesirable notice to a bad person that we're on to them. A lot of blocked sockpuppets might have no checks registered against their account. And a non-positive check result is very rarely a declaration of innocence. But basically checkusers are not going to say they've run a check when they haven't. They're just not. Why would they even? -- zzuuzz 14:48, 2 June 2024 (UTC)

"CheckUser" listed at Redirects for discussion

The redirect CheckUser has been listed at redirects for discussion to determine whether its use and function meets the redirect guidelines. Readers of this page are welcome to comment on this redirect at Misplaced Pages:Redirects for discussion/Log/2024 July 5 § CheckUser until a consensus is reached. Ahri Boy (talk) 06:40, 5 July 2024 (UTC)

Using CU template on talk pages?

I have recently seen articles where there were very clearly cases of WP:LOUTSOCK present. Might one invoke something like the {{checkuser needed}} template in such cases? Should one expect this to be followed up on? ... Or is privately reporting suspected IP socks (as opposed to an official SPI) always the best modus operandi? Biohistorian15 (talk) 22:02, 5 September 2024 (UTC)

As a matter of policy and practice, CUs do not publicly disclose the IP address an account is operating from (barring extremely exugent circumstances or incidental disclosure by users drawing inference from the block log) so using that template the way you describe is unlikely to result in a CU being able to assist. HJ Mitchell | Penny for your thoughts? 22:27, 5 September 2024 (UTC)
Thank you, @HJ Mitchell. Now, would reporting the details to one (or multiple; in case of urgency...) CUs via email be likely to result in an investigation? And are there any steps after one or multiple such users have not responded? Biohistorian15 (talk) 22:34, 5 September 2024 (UTC)
There are very few circumstances in which CUs will use their access to confirm that an IP and an account are the same, even for themselves. Mostly because it's not necessary. If it's obvious enough to investigate, it should be obvious enough for a block. Just file an SPI but without a CU request. Or if there's active, ongoing disruption use AIV. HJ Mitchell | Penny for your thoughts? 23:11, 5 September 2024 (UTC)

Device fingerprint

Do CUs have access to device fingerprint data? -- Valjean (talk) (PING me) 18:49, 17 November 2024 (UTC)

What we have is described at mw:Extension:CheckUser RoySmith (talk) 18:53, 17 November 2024 (UTC)