- If you need to contact a Checkuser for a sensitive matter, please see Contacting a checkuser below.
|This page documents a procedural policy of Wikipedia. The main Wikimedia Foundation policy on CheckUser has been decided on Meta (m:CheckUser#Policy) and nothing here may override that policy without approval there.|
On Wikipedia, CheckUser is a tool allowed to be used by a small number of users who are permitted to examine user IP information and other server log data under certain circumstances, for the purposes of protecting Wikipedia against actual and potential disruption and abuse. CheckUser itself simply produces log information for checking; it can require considerable skill and experience to investigate cases even with the tool.
On the English Wikipedia, CheckUser is entrusted to a restricted number of users who can both execute CheckUser inquiries subject to their own discretion and monitor and crosscheck each other's use of the function.
The permission is approved (exceedingly rarely and only with good cause) by the Arbitration Committee and beginning in February 2009 with a community election following vetting by the arbitration committee, who handle many privacy-related functions. Users authorized for CheckUser must be 18 years of age or older and have provided personal identification to the Wikimedia Foundation. Once this information has been verified, the documents supplied to the Foundation are destroyed.
The CheckUser feature is approved for use to prevent disruption, or investigate legitimate concerns of bad faith editing.
Grounds for checkingසංස්කරණය
The tool is to be used to fight vandalism, to check for sockpuppet activity, to limit disruption or potential disruption of any Wikimedia project, and to investigate legitimate concerns of bad faith editing.
The tool should not be used for political control; to apply pressure on editors; or as a threat against another editor in a content dispute.
Note that there are legitimate uses of alternative accounts, so long as they are not used in violation of the policies (for example, to double-vote or to increase the apparent support for any given position).
Some wikis allow an editor's IPs to be checked upon his or her request if, for example, there is a need to provide evidence of innocence against a sockpuppet allegation; note, however, that requesting a checkuser in these circumstances is sometimes part of the attempt to disrupt. Such requests are typically declined on the English Wikipedia.
Notifying the account that is checkedසංස්කරණය
The CheckUser feature accesses non-public information. The Wikimedia Foundation takes privacy of its editors extremely seriously, and there may at times be a conflict between the high priorities given to both protecting the Wiki from damage and disruption, and privacy of even problematic users. This is a very delicate area and at times no solution is ideal; the following cover some of the principles and common practices on English Wikipedia. If in doubt please ask an experienced CheckUser.
- CheckUsers have a wide range of discretion to use their access provided it is for legitimate purposes – broadly, those which relate to preventing or reducing potential or actual disruption, and to investigation of legitimate concerns of bad faith editing. (CheckUser policy)
- CheckUsers may accept requests publicly or otherwise, as they see fit.
- Requests should not be accepted on the basis of "fishing" – that is, requests by users without a good and specific cause. On their own cognisance they may however perform privately as part of their role, any checks within the bounds of CheckUser policy – that is to say, any check which is reasonably performed in order to address issues of disruption or damage to the project.
- "With permission of the affected user",
- "Where the user has been vandalising articles or persistently behaving in a disruptive way, data may be released to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers", and
- "Where it is reasonably necessary to protect the rights, property or safety of the Wikimedia Foundation, its users or the public."
IP information disclosureසංස්කරණය
This can happen in several ways:
- A user is disruptive through multiple IPs, or a mixture of IPs and accounts. It is hard to block all of these (often on the same article) without obvious inference being drawn by onlookers.
- A user is disruptive on multiple accounts, and it is reasonably plausible they will create more accounts, requiring the blocking of the underlying IP range that these accounts are using.
CheckUsers will often use a variety of techniques to avoid drawing such connections (new checkusers should ask and pick these up), but in many cases it is hard to avoid in a practical sense. Users who engage in problematic conduct to the point that requests for administrative action or blocking are raised and considered valid for CheckUser usage, and where CheckUser then determines that the user probably has engaged in such conduct, must expect that the protection of the project is given a higher priority than the protection of those who knowingly breach its policies on editorial conduct, if the two conflict or there is a problematic editing history.
IP information retentionසංස්කරණය
As configured by Wikimedia, CheckUser keeps IP and other information on users for a fixed period, due to privacy concerns related to older log data that is potentially less useful. In general if a matter is not current, it is less likely to require administrative intervention.
Guidance given to CheckUsersසංස්කරණය
m:CheckUser policy gives this guidance on privacy compliance:
- Even if the user is committing abuse, it's best not to reveal personal information if possible.
- Generally, do not reveal IPs. Only give information such as same network/not same network or similar. If detailed information is provided, make sure the person you are giving it to is a trusted person and will not reveal it themself.
- If the user has said they're from somewhere and the IP confirms it, it's not releasing private information to confirm it if needed.
- If you're in any doubt, give no detail. (m:Help:CheckUser states, "If you're in any doubt at all, give no detail and answer like a Magic 8-Ball.")
A further ideal on English Wikipedia is: if you are requested to perform a check, always ask for the evidence of the user that a check is needed and appropriate, and confirm for yourself that there is indeed a valid basis that you can explain if needed. Do not assume, no matter who asks.
"Fishing" is broadly defined as performing a check on accounts where there is no credible evidence to suspect sockpuppetry. Checks are inappropriate unless there is evidence suggesting abusive sock-puppetry. Checking an account where the alleged sockmaster is unknown, but there is reasonable suspicion of sockpuppetry is not fishing - a suspected sock-puppet's operator is sometimes unknown until checked. Please note that a check coming up negative does not mean that the original basis for the check was invalid.
Contacting a checkuserසංස්කරණය
In general terms, checkusers are seasoned and experienced users trusted to handle sensitive and privacy related matters and other user issues. Routine sock-puppet and editing issues requiring checkuser review are handled at Wikipedia:Sockpuppet investigations. Otherwise, and for sensitive issues, Checkusers may be contacted in any of these ways, and using any means that can normally be used to contact other users (on-wiki post, wiki email, IRC, mailing list, etc):
- Contact an individual checkuser who will either advise, deal with the matter, or (especially if asked) forward it on to other checkusers for wider discussion.
- Contacting the English Wikipedia checkuser team generally. This may often be the best option if you need a checkuser response, possibly other checkusers to be aware, and do not know any checkusers personally to judge which individual to contact. See the functionaries-en mailing list for how to do this. If it is sensitive beyond that, then it may instead be sent to the Arbitration Committee mailing list or any arbitrator.
- For matters likely to also be of interest to other projects, such as prolific vandals or sock users, or harassment, privacy or other/'global' concerns that may go beyond English Wikipedia, there is a Wikimedia-wide checkuser mailing list for all checkusers, but you will need to contact an individual checkuser by one of the above means and ask them to forward it since that list is not able to be emailed directly from outside.
A user with CheckUser access will get an extra "CheckUser" option under Special:SpecialPages.
Hints and tipsසංස්කරණය
CheckUser's help page gives the following tips to users:
- CheckUser is a technical tool, and requires a significant degree of familiarity with IPs, IP ranges, and related principles, to be correctly used.
- CheckUser is not magic wiki pixie dust. Almost all queries about IPs will be because two editors were behaving the same way or an editor was behaving in a way that appears suggestive of possible disruption. An editing pattern match is the important thing; the IP match is really just extra evidence (or not).
- Most dialup and a lot of DSL and cable IPs are dynamic. They might change every session, every day, every week, every few months or hardly ever. Unless the access times are right next to each other, be cautious in declaring a match. After a while, you get to know which ISPs change fast or slow. If it's a proxy, it might not be a match, depending on the size of the organisation running the proxy (per whois output). If it's an ISP proxy, it is not so likely to indicate a match. (Note – some users, particularly those involved in technical matters, can help identify whether an IP is likely to be a proxy, or is likely to be static, fast, or slow changing.)
- There is both a checkuser mailing list (email@example.com), and a checkuser irc channel (#wikimedia-checkuser), providing means to consult and get advice on checks and their interpretation, especially in the case of more complex vandalism. Both are used by checkusers on all Wikimedia Foundation projects; they are not just for the English Wikipedia. Access to the IRC channel is by invitation only.
Reasons and communicationසංස්කරණය
CheckUsers are expected to have policy-compliant grounds for CheckUser actions, identification, and blocks, and to discuss openly and fully with other CheckUsers their rationale if asked.
Administrators who hold Checkuser privileges may block users based on non-public information revealed through the checkuser tool, and such an administrative action is generally viewed to be made in the user's capacity as an oversight or checkuser, although the action itself is an administrative one. All such blocks are subject to direct review by the Arbitration Committee, and administrators should not undo or alter any block that is specifically called a "Checkuser" block without first consulting a Checkuser.
CheckUser requests are logged privately with a comment for each. The full log of all searches is visible to other CheckUsers at Special:CheckUser. The log lists who made a request, when, what the request was, and a provided comment. They do not list the results of the check, nor do they store any user IP data.
Assignment and revocationසංස්කරණය
This section, in a nutshell;
The process is not set in stone. Users wishing access should watchlist the Arbcom noticeboard for an announcement, or contact the Committee or an individual arbitrator, and proceed from there. However, only a very small number of appointments are typically made per year.
Users who require the CheckUser permission are typically members of the Arbitration Committee and former Arbitration Committee members. For those users who are not, in order to be approved for the CheckUser flag, a case should be made and sent to the ArbCom mailing list or to any active Arbitrator. Users are advised to initially sound out interest, discuss suitability, and check the current position via an off-list email to any active Arbitration Committee member, understanding that most times, new CheckUsers are not being looked for and an exceptionally good basis would also be required. Appointments that are confirmed by the Arbitration Committee will be posted on Requests for permission on Meta-Wiki, a Steward will assign the permission once identification is confirmed.
Just as easily as the CheckUser permission can be approved, it can be revoked. If the Committee feels that an editor has abused CheckUser, such as by inappropriately performing checks or needlessly disclosing privacy related information from a CheckUser inquiry, they will immediately request a Steward to remove the permission from the editor. This may be done by any of the usual ways, including e-mail or a request on requests for permission on Meta.
Emergency requests based upon clear evidence may also be made in exceptional circumstances, the same way. In an exceptional case, and for good cause, a Steward may temporarily remove the permission, pending a decision by the Committee. The Steward should check the matter is well founded, and make clear immediately that it is a temporary response only, since such an action could lead to controversy.
Complaints and misuseසංස්කරණය
WMF policy on removal states that:
Other complaints or inquiries about potential misuse of the checkuser tool should be referred to the Audit Subcommittee.
Users with CheckUser permissionsසංස්කරණය
An automatic list is available at Special:Listusers/checkuser. As of 1 January 2011, the CheckUser team is:
- Current Arbitrators
- Casliber, Chase me ladies, I'm the Cavalry, Cool Hand Luke, Coren, Elen of the Roads, Iridescent, Jclemens, John Vandenberg Kirill Lokshin, Mailer diablo, Newyorkbrad, PhilKnight, Risker, Roger Davies, Shell Kinney, SirFozzie, Xeno.
- Former Arbitrators
- Deskana, Dominic, FloNight, Fred Bauder, Jdforrester, Jpgordon, KnightLago, Yellow Monkey.
- Non-arbitrators appointed by Arbcom
- Alison, Amalthea, Avraham, Brandon, Frank, Hersfold, J.delanoy, Jredmond,
Lar, Luk, MBisanz, MuZemike, Nishkid64, Tiptoety, Tnxman307, Versageek.
- Brion VIBBER, Tim Starling, Voice of All.
- Jimbo Wales, Wikimedia staff members, Wikimedia Ombudsmen.
Developers do not typically patrol the site for violations, and require access to the CheckUser tool mainly for maintenance and enhancement purposes. "Others" includes users who require access for WMF reasons, and WMF officers.
- CheckUser Mackensen's comment on "Checkuserblocks," and why they should not be lifted.
- Arbitration Committee statement on Checkuser blocks, 18 July 2010
- Although this user has the checkuser tool, he uses it only for review and does not actually carry out checks himself.
- Current member of the Audit Subcommittee
- This user was appointed as a CheckUser prior to joining the Committee.
- Checkuser permission suspended during his current term as an Ombudsman
- CheckUser access
- m:Requests for permission; used by the arbitration committee to request usergroup addition;
- m:User rights log; shows CheckUser assignments and removals. Enter User:USERNAME@enwiki in the "Title" box.
- Wikipedia:Arbitration Committee/CheckUser and Oversight elections
- Related pages
- Wikipedia:User access levels;
- Wikipedia:IP block exemption;
- m:Steward requests/Checkuser; page at metawiki for requesting checks that take in more than one project.
- mw:CheckUser; more detailed description of how the feature works and how to install the extension on one's own wiki.