Talk:CheckUser policy
Archives |
---|
|
Remember the mailing list!
copied from Talk:CheckUser by Theo F 08:18, 4 March 2006 (UTC) When people are given checkuser, (a) they should be told to subscribe to checkuser-l (b) the steward should email checkuser-l-owner to confirm the person should be allowed to join the list. I've added a note to this effect, feel free to reword :-) - David Gerard 15:37, 31 January 2006 (UTC)
- Nobody was told that a mailing list would be implemented when a vote was organized in order to allow the checkuser tool on the French Wikipedia. Therefore this mailing list is illegal. I ask for this mailing list to be shut down. Theo F 08:05, 4 March 2006 (UTC)
- Quite the reverse. If the French Wikipedia contributors are unable to agree that CheckUser should be used in the confines of existing best practice and guidelines, then CheckUser status should and must be removed from all accounts thereon until such time as they are happy with what is going on.
- James F. (talk) 08:34, 4 March 2006 (UTC)
- If you do not attract the French IP check performers into your untransparent scheme I may close my eyes on how other language Wikipedias deal with the issue. But please do not interfere negatively with the transparency we are trying to implement on fr:. By the way I have never heard about a so-called "best practice and guidelines". All I've heard about is a CheckUser policy and nowhere is written in that policy that a checkuser mailing list should be created. So, as far as I know, your "checkuser list" is informal, not to say pirate. If you want to know my opinion, the best practice is that of the German language Wikipedia : no checkuser at all ! Theo F 09:25, 7 March 2006 (UTC)
-
- Actually the mainling-list is mainly (not to say only) used by en: checkusers, as they are doing dozens of checks every day (yeah, I know, that's unbelievable !), whereas on fr: the only coordination needs are fulfilled on the Requests page. I reckon fr: checkusers could as well not subscribe to the mailing-list. The only time it could be useful is for technical changes (unavailibility / features). le Korrigan bla 13:01, 7 March 2006 (UTC)
- Theo F, you are not a CheckUser. Whether the mailing list exists or not is quite frankly none of your business. Sorry if that sounds rude, but it's nothing compared to your demand that the list be shut down. Alphax 14:25, 6 October 2006 (UTC)
The log is problematic
copied from Talk:CheckUser by Theo F 08:18, 4 March 2006 (UTC) I haven't a check user permission, so why I cannot see which the users that the IP was search for them? I don't want to know the results, but if one of Wikipedians that have the permission checked an IP I want to know this and the reason for this. As special case, if anyone checked my IP, I surely want to know this. Troll Refaim 15:37, 24 February 2006 (UTC)
- You should implement on Wikipedia in your language a log page like the one used on the French Wikipedia, where people who perform the checks have to report : fr:Wikipédia:Vérificateur d'adresses IP/Journal. Theo F 08:02, 4 March 2006 (UTC)
- I know that we can use manual log. But I want automatic report, like the delete log, so any request will be logged. If the Wikipedian with checkuser permission will make wrong decision, I want that he/she cannot hide this. At the manual log, this could be happened. Troll Refaim 16:14, 11 March 2006 (UTC)
- At present the (automatic, private) checkuser log is global across all projects. I have CheckUser on Wikimedia Commons and I can see who has made what requests, globally. We are accountable to each other. Alphax 14:27, 6 October 2006 (UTC)
CheckUser on my IP
I ask you to unblock me from English wikipedia and desysop en:User:Mikkalai who blocked me without any evidences. I request also a CheckUser process to prove my innocence. Excaliburo 20:38, 19 March 2006 (UTC)
- Checkuser for edits on EN Wikipedia fall under the juristicon of the EN Wikipedia community. I will see what I can do. --Walter 21:02, 19 March 2006 (UTC)
Open proxies
If checkuser checked one user, then checked his/her IP for open proxy and found it, can he/she block this IP due to "no open proxies"? --Jaroslavleff 08:11, 30 March 2006 (UTC)
- That depends on what abuse the proxy has been used for. Such things are determined on a per-case basis. Alphax 14:31, 6 October 2006 (UTC)
Access (new version)
Only a very few editors and stewards are allowed to have the CheckUser status.
A local project must have a minimum of two checkusers or no checkuser at all (they should be at least two so that they can mutually control their activity).
In case there are no local checkuser
Editors will have to ask a Steward to check if UserX is a sockpuppet of UserY. To do so, simply add your request to Request for CheckUser information listing these users and explaining why you ask for such a check (with links). You also need a community consensus (like above). The Steward will answer you if these two users are from the same IP, same proxy, same network, same country, or are they completely unrelated (see discussion for what the Steward should more precisely say to the editor). The steward will not grant temporary checkuser access to anyone.
How to get checkusers on your project
On a wiki with a (Wikimedia-approved) Arbitration Committee, editors approved by the Arbitrators may have CheckUser status. After agreement, simply list the candidate on Requests for permissions to have him granted status.
On a wiki with no Arbitration Committee, or if the community does not wish to delegate checkuser control to its arbitration committee, checkusers (at least two) must be approved by the community. The user requesting check user status must request it within his local community and advertise this request properly (village pump, mailing list when available, ...). The editor must be familiar with the privacy policy. After gaining consensus (70%-80%) in his local community, with at least 25-30 editors approval, the user should list himself under Requests for permissions with a link to the page with the community's decision.
If an insufficient number of voters does not allow to vote for two checkusers on a wiki, and in any cases, it is possible for a local project to ask for any of the current (already approved by another community) checkuser to get checkuser status on the local project. The local community will have to choose at least 2 checkusers in the list of current checkuser. Minimum number of votes or percentage of support are up to the community. It is recommanded (but not mandatory) to choose editors from the same language group
- for example, the en:wikibooks community may choose two checkusers approved by the en.wikipedia.
- for example, the de:wikipedia community may choose two checkusers approved by the de.wikibooks.
Once a local community has become big enough to appoint its own checkusers, it may either remove the previous checkusers or choose to keep all of them according to its needs.
- This version has my full support; I believe it addresses the issues raised recently about how to provide checkuser to smaller projects, without relaxing our standards on a very sensitive permission. I support it fully, and volunteer to serve as a "guest checkuser" for any project that needs one. Essjay Talk • Contact 02:01, 19 April 2006 (UTC)
- I also indicate my support for this revision. Kelly Martin 05:19, 19 April 2006 (UTC)
- What means Steward? Any or some in particular? -Romihaitza 08:27, 19 April 2006 (UTC)
- I support the new version as well. Guest CheckUsers would resolve many of the issues with the 25-support limit. // Pathoschild (talk/map) 08:32, 19 April 2006 (UTC)
- I think this is a silly policy as it relinquishes editorial control to another project. The whole point is that the stewards have been very lax in responding to any checkuser requests, or in truth havn't responded to any at all from what I've seen (I may be mistaken here). en.wikibooks simply is trying to take matters into their own hands by getting somebody who actually cares about the project enough to respond at all, because the stewards aren't or don't want to. The question here is where is the avenue for appeal if the stewards don't respond? --Roberth 16:53, 20 April 2006 (UTC)
- I think you are mistaken indeed. Most requests for checkusers are actually done privately, with contacts either by emails or on irc. I must have myself answered at least a half dozen requests. Ant
- I have not had a single check user request handled. Period. I've made several requests, and I've withdrawn all of them simply because after waiting several months I felt they were no longer valid requests. I guess because I am averse to communication through IRC, and agree with Teofilo below that they should be very public when they occur, that these havn't been handled. I've frankly given up trying and consider this to be a tool unavailable to non-Wikipedia projects. --Roberth 23:11, 23 August 2006 (UTC)
- I think you are mistaken indeed. Most requests for checkusers are actually done privately, with contacts either by emails or on irc. I must have myself answered at least a half dozen requests. Ant
- I think handling requests publicly, as is done on fr:Wikipédia:Vérificateur d'adresses IP/Requêtes is better for transparency. Teofilo 12:34, 26 April 2006 (UTC)
- I do not understand this eagerness to appoint people with checkuser status everywhere. The German language Wikipedia has no such people and seems to be OK. Teofilo 19:04, 23 April 2006 (UTC)
- Support CheckUser is not something that needs to be local to the project. This way, en.wikibooks can start with two experienced CheckUsers instead of two inexperienced ones. --Kernigh 01:44, 25 April 2006 (UTC)
Important
Please see MediaWiki 1.7 suggestions.
Checkuser to bureaucrats
I request that bureaucrats also be given checkuser rights. Bureaucrats have to deal with possible sockpuppets on an RFA and often have to determine if a suspect user is a sockpuppet or not. Since the checkuser requesting phase takes time and RFA are a comparatively short, it would make sense to grant such rights to members of the community who have the gained the trust of the community. Nichalp 07:08, 10 May 2006 (UTC)
- As both a bureaucrat and a checkuser, I oppose this in the strongest possible terms. Bureaucrats were not selected to be given access to private user information that if disclosed can literally ruin the life of a Wikimedian, and given that anyone can be made a bureaucrat on any project, the possibility of checkuser falling into the wrong hands becomes frighteningly likely.
- To be quite honest, in a month of being a bureaucrat (I was a checkuser before that), I've never once needed to use my checkuser status while closing an RfA. (I have, to date, been responsible for 50-60% of the promotions done on en.wiki in the last month, so plenty of chance to have needed it if it was going to come up.) I have identified sockpuppets via checkuser that had participated in an RfA, but it was done through the established procedure: A user noticed an irregularity, reported it to Requests for Checkuser, a checkuser was run, and the sockpuppets identified. The liklihood of a bureaucrat needing checkuser for an RfA is such an infrequent possibility that it is simply unnecessary to extend it on those grounds only; if they feel a checkuser is needed, they can contact a checker privately and request it.
- Further, bureaucrats are not selected for having the technical skills necessary for checkuser; it is not, contrary to popular belief, a magic system that displays a bright red sockpuppet notice at the click of a button. Without the requisite skillset, releasing checkuser to all bureaucrats will a) increase dramatically the number of false accusations, b) increase the load on the checkusers who do have the necessary skillset, as we are forced to check every result to insure accuracy, and c) completely destroy the trust Wikimedians have in checkuser results, as scores of false positives are announced and then retracted. (Allow me to offer two examples: If checkusered by someone who did not a) know the individuals involved, and/or b) know how to identify a shared IP, User:Angela and User:Tim Starling would be declared sockpuppets, as would User:Mindspillage and User:GMaxwell.)
- At the very least, this cannot be allowed to happen without a reconfirmation of all bureaucrats on all projects in line with the checkuser policy; specifically, those projects with no Arbitration Committee would have to establish 25-30 supporters for each bureaucrat, or relenquish thier bureaucrats (do we want that?), and those with Arbitration Committees would have to have thier bureaucrats reconfirmed by the Arbitration Committee (another situation I doubt we want).
- The best route all around is to simply leave checkuser as it is; a separate permission assigned to highly trusted and technically capable users on a very limited basis. Essjay (Talk • Connect) 11:18, 10 May 2006 (UTC)
- I join Essjay in opposition to this idea (which has been rejected before). The current bureaucrat selection processes do not evaluate candidates for the technical skills required or for the requisite trust. Bureaucrats are trusted by the community to evaluate requests for adminship; there is no reason why this trust should be extended without consideration to the far more serious trust associated with CheckUser status. While I have no objection to individual bureaucrats applying for CheckUser rights, I would strongly urge against a blanket grant of this rather significant access to people who have not been individually screened for eligibility. Kelly Martin 11:32, 10 May 2006 (UTC)
- I oppose this, because not all bureaucrats would know how to do this. However some would and it would help them in their duties. Even some admins with the necessary knowledge would find it useful, I know I would. With IP blocks, you never know if you might hit a logged in user, even more so with range blocks. Now, there is no cabal, but if there were one it would be CheckUser. Admins are elected. Bureaucrats are elected. Stewards are elected. And even Arbcom members are elected. But CheckUser... It is arbitrarily given to a very very select few by a very select few. Needless to say that is both risky and safe. On the one hand, the odds of someone abusing it are low. On the other hand, with such a small group, its usefulness and its regulation are limited. But it is likely safer this way. Prodego Talk 18:35, 15 May 2006 (UTC)
- I also oppose this as well, because bureaucrats, at least on the English Wikipedia, are elected because they would follow the community's will; while I doubt that they would not be trusted with the checkuser bit, I also do not know if each one of them has the technical knowledge to follow those requests, and I do not want any of them to have to step down as a result. Communication between bureaucrats and checkusers in the cases that absolutely require IP checks would suffice, at least in my opinion. Titoxd(?!?) 02:07, 11 July 2006 (UTC)
- I oppose this, because not all bureaucrats would know how to do this. However some would and it would help them in their duties. Even some admins with the necessary knowledge would find it useful, I know I would. With IP blocks, you never know if you might hit a logged in user, even more so with range blocks. Now, there is no cabal, but if there were one it would be CheckUser. Admins are elected. Bureaucrats are elected. Stewards are elected. And even Arbcom members are elected. But CheckUser... It is arbitrarily given to a very very select few by a very select few. Needless to say that is both risky and safe. On the one hand, the odds of someone abusing it are low. On the other hand, with such a small group, its usefulness and its regulation are limited. But it is likely safer this way. Prodego Talk 18:35, 15 May 2006 (UTC)
Humm, I believe that when Nichalp said "checkuser to bureaucrats", he was most likely referring to the Bureaucrats on the English-language Wikipedia (where I, like Nichalp and Essjay, am a Bureaucrat as well), and not to all Bureaucrats in all the projects. And speaking strictly about the English-language project, I don't suppose that trust would be an issue when referring to Bureaucrats. I have complete trust in Nichalp, Essjay, Taxman and all the other Bureaucrats in that project. And if that's the case, all that is left is the issue of the technical skill to use the tool. It is true that the skill to perfom checks is not the reason why Bureaucrats are selected, which is why I would oppose as well making CheckUser a tool automatically associated with the status (such as Renameuser or Makesysop); on the other hand, nor is it rocket science either. On the English-language Wikipedia (again, talking strictly about it), the users chosen to be Bureaucrats are experienced people, who have been exposed to virtually all aspects of the project. I really don't believe that someone like Taxman, a Bureaucrat there and someone who has been with the project since 2003, wouldn't know how to perform a check appropriately (whether he would be willing to do it, is a different issue entirely), and I really, really don't believe that someone like him, or Nichalp for that matter, wouldn't know how to behave appropriately about the sensitive information associated with the tool.
And there's an interesting comparison: on the English-language project, the Arbitrators (the members of the ArbCom) were given CheckUser access: they are obviously highly trusted users, like the Bureaucrats over there, and, like the Bureaucrats as well, they were chosen to a position (Arbitrator) for a reason that does not relate to the technical ability to perform a CheckUser correctly: they were chosen to be the final rung in the conflict resolution process on the English-language Wikipedia.
With all of that in sight, I would not oppose asking the active Bureacrats on the English-language Wikipedia (listed at en:Wikipedia:Bureaucrats) if they would be interested in working at the very busy Requests for CheckUser page, which is currently managed by just 2 users (who are doing a great job, let it be said, but if one of them decided to take a vacation..). Redux 18:12, 4 August 2006 (UTC)
- Addendum: Bearing in mind that, according to current policy, CheckUser status on the English-language Wikipedia is decided by the local ArbCom, any "asking" would need to be done by it, or at least have its assent. Redux 19:14, 4 August 2006 (UTC)
Using Checkuser Privileges for "Dragnet" purposes
This seems to be happening now at Wikinews[1].
- About 4 of the requested user names were found to be in a different country; the other 10 or so were anons in Toronto. The person with Checkuser privilege, CSpurrier, reported information to the community about an alltogether different user "Factchecker" (for which there was no request at all for the use of checkuser) which he came upon during his check of the anons. There seems to be little if any actual vandalism involved and the checkuser requester, Amgine, has had an ongoing feud with the supposed sockpuppeteer,Neutralizer, who he recently blocked for 3 weeks. Can this apparently blatant abuse of the checkuser privilege be stopped? 70.50.76.209 23:43, 11 June 2006 (UTC)
- Upon further research it seems that the "infraction" committed by the majority of the anons who were subjected to Checkuser was this edit which they placed on Amgine's talk page in an attempt to disclose what they felt was an unbecoming edit by an Admin which had been erased from Wikinews' history;
What Amgine said about Australians [2] "Simeon edits from Australia, a continent populated entirely by criminals! And, as a criminal he would expect that we would not trust him, so obviously we cannot drink from the glass in front of us.."- Amgine/talk 03:54, 11 May 2005 (UTC). 70.50.76.209 00:05, 12 June 2006 (UTC)
Info
What information do Checkusers have? GangstaEB (W) 19:03, 9 July 2006 (UTC)
- See Help:CheckUser for an explanation of the tool and the information provided by it. Essjay (Talk • Connect) 00:14, 11 July 2006 (UTC)
checkuser on my own wiki...
Hay, I run my own wiki and I was wondering how I can get my hands on this extension? Checking server access logs and comparing it against recent changes can be quite tedious... Thanks, 63.80.111.2 21:04, 7 August 2006 (UTC)
- You'll have better luck trying to contact Brion Vibber directly. He's the creator of this tool. Try his talk page (follow the link I've provided to his user page and then click on the tab that says "discussion") or try e-mailing him, although I don't know if Brion made his e-mail address public. Regards, Redux 23:05, 7 August 2006 (UTC)
- Brion seems have have gone AWOL... is there a better place to put this question/request? 63.80.111.2 19:58, 6 September 2006 (UTC)
- Maybe if you can get a hold of any of these people, they'd be able to help you. Developers are those who make the "magic" happen on Wikimedia. Redux 18:59, 16 September 2006 (UTC)
What does "Wikimedia-approved" mean ?
This question is a kind of follow-up to a non really answered question by Angela (November 9th 2005).
Browsing through the history before asking this question, I noticed that Angela added this precision in the sentence «On a wiki with a (Wikimedia-approved) arbitration committee only editors approved by arbitrators may have CheckUser status.», to try to clarify the previous version (modification summed up as «proposed addition»).
This seems reasonable... But what does it mean exactly ? I did not find much about "Arbitration committees" with a superficial search through this Wiki. Am I right to understand the list of «(Wikimedia-approved) arbitration committee[s]» as presently reduced to one item, the arbitration committee of the en Wikipedia ? Touriste 09:30, 3 September 2006 (UTC)
- The answer to this question should be provided soon. Watch for Arbitration Committee. 207.145.133.34 14:15, 6 October 2006 (UTC)
- Also up for submission: Checkuser Privacy. Hints on why checkuser is important (beyond Privacy policy) and other methods of ensuring your privacy. ~Kylu (u|t) 04:50, 7 October 2006 (UTC)
How long
In the policy, it is mentioned that the information is not stored for long. How long is the information stored? And from last login, or last edit? These are important issues for a privacy policy-type matter. —The preceding unsigned comment was added by Womble (talk • contribs) 06:03, 27 October 2006 (UTC)
- The time period is variable. Your IP is not recorded on normal viewing of a page. Alphax 02:06, 27 October 2006 (UTC)
What if two people use the same computer
I have one doubt. This may sound trivial, but in India, it is very common for more than one person use the same computer. How to differentiate that situation and a Sock Puppet. For example, if my wife browses Wikipedia and votes in few Rfa or AFD from this computer, how can I prove that it was another person who used my computer and not me. Another case is browsing centres - Many persons may be using the same computer (with same IP). How to prove that they are both different people. Mariano Anto Bruno Mascarenhas 16:08, 31 October 2006 (UTC)
- CheckUser is not Wiki Magic Pixie Dust. Some level of common sense is required by the person who carries out the CheckUser to determine if they're the same person or not, which is one reason why access to the tool is only granted a very limited set of people. Alphax 22:46, 31 October 2006 (UTC)
What if one persons uses different accounts
And coming to the next question. What if Mr.X uses one account in a computer at his home and another account in a computer at his office. How to prove that (with different IP). Mariano Anto Bruno Mascarenhas 16:08, 31 October 2006 (UTC)
- See my response above; CheckUser is not Wiki Magic Pixie Dust. Alphax 22:46, 31 October 2006 (UTC)
CheckUser with greater consensus, less voters
In fi.wiktionary we have a persisent problem with vandalism. We've been discussing and the community supports gives 100 % support for CheckUsers. We haven't voted on the people yet, though. The problem is that even though the community works awfully well, in harmony and orderly, there are only ~15 of us. The question I have is, could 15 people elect CheckUsers, say, with a support of 80% or more?
(More about the issue: This is one person who creates several user accounts, and we know from fi.wikipedia that this person uses a small range of IP's during one attack. But on the course of many different attacks, the range is larger. So for one attack we need to know the IP and block it for some time to stop this person.)
Samulili 21:25, 2 November 2006 (UTC)
CheckUser result does not prove innocence
Help:CheckUser#Hints and tips writes "An editing pattern match is the important thing; the IP match is really just extra evidence (or not)." - I agree.
But, CheckUser policy#Use of the tool writes "It is allowed to check an editor's IPs upon his specific request, when this user wants to publicly prove his innocence." - this sentence seems misleading. Difference of IP does not prove his innocence in itself.
So one more sentence should be added, such as - "Note that a CU result may support inoccence, but is not enough to prove innocence." --Kanjy 14:57, 22 November 2006 (UTC)
- Quite true. A person requesting a Checkuser of themselves doesn't prove anything, because it is simply too easy to engineer their editing so that they appear innocent. Alphax 03:37, 23 November 2006 (UTC)
Thanks. Comments and/or improvements are welcome! --Kanjy 04:02, 26 November 2006 (UTC)
"Note that the tool may provide some partial evidence for him, while it does not prove his innocence by itself." - How about this sentence for appending to the 3rd paragraph of CheckUser policy#Use of the tool? --Kanjy 08:13, 28 November 2006 (UTC)
I will write to this policy as I wrote above if there will be no objection for a week (168 hours) from now. OK? --Kanjy 11:35, 1 December 2006 (UTC)
Done. Thanks. --Kanjy 15:32, 8 December 2006 (UTC)
Interwiki Checkusers
An increasing number of cases have started to surface for interwiki checkuser issues. Currently two checkusers should make independent analysis and exchange notes for any interwiki requiest (provided both wikis have a checkuser avalible).
I hereby propose the authority to be bestowed on stewards to be able to checkuser interwiki w/o involving second or third parties. This is for interwiki cases only.
--Cat out 07:25, 14 December 2006 (UTC)
- This is a very bad idea; Stewards are only supposed to use their access where no local users with those capabilities exist. Alphax 14:06, 14 December 2006 (UTC)
Real name policy
Regarding the recent incident, I think it is better for us to have a "real name policy" about Checkuser right as well Steward access. It would be
- Only those who give their name to the Foundation can be granted checkuser access. For this purpose, after they are elected from the community, they should send a copy of their identification with photo to the office (see Wikimedia:Contact us for contact details).
Thought?--Aphaia 10:58, 8 March 2007 (UTC)
I agree. See this wikimail for Florence Devouard's belief that "The office also know all the real identities of the checkusers I was told. [...] I think it is not the Foundation business to enter into any credential controlling activity. It makes sense for board candidates. It makes sense for checkuser because there is a technical access to data with confidentiality agreement. But getting involved in the process of collecting credentials is something we better stay away from." 4.250.168.160 16:35, 9 March 2007 (UTC) (WAS 4.250 on en wikipedia)
- Thanks for your notice, so we can say there is de-facto real-name policy about checkuser? As for access to data with confidentiality agreement, I totally agree with Florence. In that case only we lack its written description . I'll appreciate your elaboration of the proposed text the above :) Aphaia 05:41, 12 March 2007 (UTC)
- Hmmm I agree but we have to see how to set this up. I mean, there's more than 100 Check User, so we need to know how to collect the informations. In my opinion this can be one of the duty of the Volounteer Coordinator, whatever I think we should ask the board to raise this issue during their next meeting Schiste 06:57, 12 March 2007 (UTC)
- In my opinion they can simply fax/mail of the scanned copy of their ID to our laywer (=Foundation Office). They need not to inform their identity for Volunteer Coordinator (but it could happen though). From the view of the office, if they want VC to make a list, is another matter. There is a trade-off between how many people know their identity and workload but regarding the past experience, our laywer in Florida thought he reviewed each IDs with photo and would not be satisfied with a report from volunteers. --Aphaia 07:03, 12 March 2007 (UTC)
- Thanks for your notice, so we can say there is de-facto real-name policy about checkuser? As for access to data with confidentiality agreement, I totally agree with Florence. In that case only we lack its written description . I'll appreciate your elaboration of the proposed text the above :) Aphaia 05:41, 12 March 2007 (UTC)
An attempt guage community support on this and related proposals is going on at en:User talk:Jimbo Wales/Credential Verification. Please participate. Thank you. 4.250.168.15 11:37, 13 March 2007 (UTC)
- I fixed the link. Thank you for your invitation, however as for Credential verification, while it seems to be similar, it is another issue from the issue now we are discussing, so I don't think we need to go there. Our topic of only real name (and perhaps age, since Brad Patrick insisted only people over 18 years-old should be allowed to be granted the steward access). As for the oppositin to the below, I would point out two things: 1) either you don't think it feasible, it are said all CU asked to fax their ID with photo and they did and 2) regarding several point, the CU is not the matter of our virtual community but related to liability in relation to privacy policy, so relevant to the real life, it is different from the matter of sysop or bureaucrat access. --Aphaia 11:26, 15 March 2007 (UTC)
Oppose this idea. For three main reasons
- Not practical - it's easy to provide a fake name. If the said checkuser has never posted their photo or real birthdate online, it's just as easy to provide a fake ID. The only real way i'd imagine to verify a persons' identity would be to actually have a foundation member pay the person a visit and get them to prove they're who they claim to be on wikipedia. Which is just not feasible. Someone is probably going to say that i'm being paranoid here, if a wikipedian who's trusted enough to become a checkuser provides a copy of photo ID, we should assume good faith and trust it right? But in that case, we may as well just assume good faith and trust them to be a checkuser without the ID. Basically, if a checkuser is indeed trustworthy, then ID is really not needed - we trust them. If a checkuser is not truthworthy and planning to do something malicious, then they'd have no problems providing a fake ID and name, which totally defeats this purpose. On the other hand, if the checkuser considers real name/ID not all that important in the first place, then they would have already revealed it anyway, so once again, this is pointless.
- What does having real names mean? Secondly, there's no real reason for us to believe that checkusers will be better/more responsible if the foundation knows their real name. In fact, there's even no decent evidence to suggest that people who publically reveal their real names and identities will be better/more responsible members of the community because they're more accountable for their actions.
- If anything, it's oversight who need to be IDed since they actually do deal with sensitive information. I never understood why Wikipedia makes a big deal about IP addresses, IP addresses are not a big deal
- They don't identify a person. Even if someone doesn't change ISP and always uses the same internet connection, their IP address can still change often, and countless other people could still be sharing it.
- IP addresses don't reveal identity. All they do is reveal your ISP, and geographic location. The geographic location is also pretty vague - depending on who your internet service provider is. The mostly just tell what country you're from, which isn't a very personal piece of information.
- IP addresses are hardly confidential - a lot of places on the internet record your IP address. Whenever you download something from someone else, they can have your IP address. Whenever you post on any message board, the mods or admin there will have your IP address. If you've got your email at a place like hotmail, then whenever you send an email, the reciever has got your IP address.
- For most wikipedians, it's quite easy to find their IP address. Most wikipedians have accidentially made edits without logging on (i.e. forgetting to log on). If you go through someone's contribution history carefully, and then check the histories of the pages they edit, i bet for most wikipedians, you can come up with an IP address or two. If just depends on how far you're willing to go to find someone's IP address. MOst active wikipedians also have "email this user" activated. So often, you can just email them and get their IP address from a reply.
- At the end of the day, the only thing IP addresses are really good for is seeing what the probability two accounts are operated by the same person is. If they've got the same IP, then the probability is high. If they have IPs from different countries, then the probability is low. But at the end, IP addresses prove nothing.
--`/aksha 09:22, 14 March 2007 (UTC)
- Comment: Actually it is sometimes possible to resonably identify who a person is from their IP. For example, if you knew my IP, you could probably easily guess my real name. To be fair, the reason is this is because I'm not that concerned about an high level of anonymity but if for example, I had decided to keep my wiki identity seperated from the my real life identity I use on the internet, you could find out details I didn't want you to know. For some people, you could probably even find out their birthday and where they live depending on how careful they are with their personal information. Point being, an IP can in fact sometimes be used to identify or at least have a very good guess at who the person is. This does require a specific set of circumstances but it is possible and if a user wishes to remain anonymous, they should be allowed to do so. Note, many of us don't bother or care that much. I admit I have not logged in on purpose and you can probably guess what my IP is if you look hard enough at wikipedia. However again, just because some, perhaps even most people don't care doesn't mean we should ignore the fact some people do care. Secondly, and perhaps more importantly, you appear to be ignoring the fact that some of our contributors are living in regimes where their edits to wikipedia may get them into trouble. For example, the status of wikipedia in the PRC is unclear and given the history, it's possible the PRC government may decide to go after Chinese wikipedians who obey our policies regarding NPOV etc in Chinese related articles. I'm not sure how things in China work with the great firewall etc and some may be using proxies anyway but it's resonably possible that people may be prosecuted because the Chinese government finds out IPs they're using on wikipedia. For that matter, it isn't just governments. What happens if someone wants to sue a wikipedian who has chosen to remain anonymous. If we are subpoened by a court, we may cooperate depending on what our lawyer says. But should we really be allowing people to bypass our current level of protection for wikipedians? Finally while it's true a lot of other places record your IP, there are several issues here. Firstly, the level of involment people have with many of these services is somewhat different. If I'm just e-mailing my family or a friend, I don't care if they know my IP most of the time. If I was doing something serious and wanted to send an anonymous email I would use mixmaster or something like that. More importantly tho, we currently present it that wikipedians with accounts have a resonable guarantee that their IPs won't be revealed to anyone without very good reason. Therefore, it is resonable for wikipedians to assume they don't need to take extra steps like use Tor or whatever for anonymity. If we aren't going to ensure checkuser is properly limited and regulated then we need to make this clear ASAP. Nil Einne 16:21, 16 March 2007 (UTC)
I support the proposal, and for oversight as well. Of course no system is proof agains someone determined enough and clever enough, but it's a good barrier against having people who are entirely unknown or fakes of some kind in these sensitive roles. I'd extend it even further, i.e. to bureaucrats and arbcom members, but I can see how that might not be practical for the office to handle so I won't press that point, at least not in this forum. Metamagician3000 09:48, 14 March 2007 (UTC)
What about IP hashes?
Related to w:Wikipedia:IP Hash, if the IP addresses of logged-on users were hashed and made public, 90% of CheckUser's functionality could be performed by ordinary users without compromising anyone's privacy. The other 10% of the time CheckUser would be necessary to check IP addresses that are similar but not the same, since IPs from the same subnet would have vastly different hashes. It seems to me the hassle of reporting a suspected sockpuppets to CheckUser has enabled quite a few to go unnoticed for a long time. – Þ 01:16, 14 March 2007 (UTC)
Age restrictions on checkusers?
Here is someting I posted to the foundation-l mailing list:
Sebastian Moleski writes: > It might be prudent to use the term "jurisdiction" instead of country if > we're talking semantic details here. Shouldn't this discussion take place on > a talk page somewhere? Weak agreement on this invocation of the Fear Of Law. Strong agreement that this discussion should be on a wiki page; see http://meta.wikimedia.org/wiki/Talk:CheckUser_policy I am generally loathe to use age as a barrier for anything; we should be clear about where this line is being drawn, and for what reasons. "This is a very important role" is not a reason to discriminate based on age. "This is a role that requires being responsible" is likewise not appropriate. "This is a role that requires being legally accountable for one's actions" is.
SJ
Proposal to conduct random checks on RfAs
I would like to add the following subsection to the Use of the tool section:
- ===Adminship nominees===
- Nominees for adminship may be checked at random during the nomination process. Anyone who agrees to be nominated is thereby giving permission for a check to be conducted. Nominees and the community need not be informed if this has been done, unless the checkuser believes the results of the check have invalidated the nomination, in which case the information may be revealed at the discretion of the checkuser or the bureaucrats.
See here for a prior discussion of this issue.
Any thoughts? SlimVirgin (talk) 17:05, 1 June 2007 (UTC)
- I understood vote which is investigated with CU may include RfA. At any rate, Japanese Wikipedia has already performed CU on every voter (note: not random check, over 60 editors, IIRC?) on a certain RfA, include the nominee, partly since it was revealed this nominee had used to be editing via open proxy. ja:User:ちゃたま performed it, so you can see it on the log, if you have the access. Just for your information. --Aphaia 17:41, 1 June 2007 (UTC)
- I certainly think this is a good idea, admins have the potential to do serious harm to their native project, and stopping known sockpuppeteers before they even get the tools would certainly be a step in the right direction. Ryan Postlethwaite 18:03, 1 June 2007 (UTC)
- Don't like this idea, checkuser isn't a toy for random checks just in case there's a bad candidate somewhere. Either way, it won't solve anything because the admin would probably pass unnoticed. Majorly (talk) 18:23, 1 June 2007 (UTC)
- I agree with Ryan. I've been checked twice - on my books rfa & on my books CU! Sure - things can be hidden but in the end Cu is a tool to be used even if it doesn't tell you everything. It should be used quietly & carefully - I've checked some stuff that has turned up nothing, however other than Cus no one knows & no harm has been done to anyone. As to being policy - well I don't feel strongly but it should be used --Herby talk thyme 18:35, 1 June 2007 (UTC)
- Agree as well. As can be seen by the link above, the usefulness (not just the validity within policy) of this is disputed. Titoxd(?!?) 19:02, 1 June 2007 (UTC)
- Titoxd, when you say you agree, do you mean you agree that we should add that section? SlimVirgin (talk) 19:36, 1 June 2007 (UTC)
- No, I agree that it is an awful idea. Titoxd(?!?) 22:27, 1 June 2007 (UTC)
- Titoxd, when you say you agree, do you mean you agree that we should add that section? SlimVirgin (talk) 19:36, 1 June 2007 (UTC)
- Don't like this idea, checkuser isn't a toy for random checks just in case there's a bad candidate somewhere. Either way, it won't solve anything because the admin would probably pass unnoticed. Majorly (talk) 18:23, 1 June 2007 (UTC)
- I think running CU on admins is perfectly fair. EVula // talk // 20:27, 1 June 2007 (UTC)
- This is a solution looking for a problem. It will NOT solve the problem that en.wikipedia recently had with a trojan admin account. There is no point to this proposal other than adding additional bureaucracy and a feel-good solution that solves nothing. Vehemently oppose this privacy violating process. If you go this direction, you might as well insist all administrators reveal their identities to the Wikimedia Foundation. Afterall, it's the only way to be sure. --Durin 20:43, 1 June 2007 (UTC)
- Just because we can't have (and don't want to have) 100 percent security against dodgy admin accounts doesn't mean we shouldn't have some. This isn't a solution looking for a problem; quite the reverse, as I indicated above. It wouldn't increase bureaucracy at all, which is why the proposal is that the accounts may be checked at random. That is, some weeks maybe a lot, some weeks none, at the discretion of the checkusers. The point is that the nominees could never be sure that they wouldn't be checked, and that might discourage a few of the less technically minded socks. Admittedly, the absolutely determined ones will be able to evade checkuser, but as I said, 100 percent security isn't what we're looking for here. SlimVirgin (talk) 21:06, 1 June 2007 (UTC)
- And it might discourage some perfectly valid candidates from applying, knowing their IP will be revealed in a random
drug test. You've got no evidence that this will even help, given the short duration of IP logs, and it could give a false sense of security. Just no. 64.126.24.11 21:13, 1 June 2007 (UTC)
- And it might discourage some perfectly valid candidates from applying, knowing their IP will be revealed in a random
- Just because we can't have (and don't want to have) 100 percent security against dodgy admin accounts doesn't mean we shouldn't have some. This isn't a solution looking for a problem; quite the reverse, as I indicated above. It wouldn't increase bureaucracy at all, which is why the proposal is that the accounts may be checked at random. That is, some weeks maybe a lot, some weeks none, at the discretion of the checkusers. The point is that the nominees could never be sure that they wouldn't be checked, and that might discourage a few of the less technically minded socks. Admittedly, the absolutely determined ones will be able to evade checkuser, but as I said, 100 percent security isn't what we're looking for here. SlimVirgin (talk) 21:06, 1 June 2007 (UTC)
Clearly this is against the letter of the current policy, which is why a policy change is proposed. I think it is also against the spirit, and further I think CU is a tool that is most powerful when used sparingly. I have tried to use it sparingly in my usages on Commons and now on Meta. Finally I don't think it actually would work well without a LOT of fishing and checking possible things out. So I am not keen on this proposal at all and would prefer it not be adopted. I suspect that the foundation itself would need to be involved in changing the policy, were it to come to that. ++Lar: t/c 21:48, 1 June 2007 (UTC)
- I would like to see whether there's agreement among users before asking people at the Foundation for their views. SlimVirgin (talk) 22:01, 1 June 2007 (UTC)
- The proposal seems quite reasonable to me. In fact, I don't think it would be unreasonable to require all admins to confirm their identities with WMF. Adminship may not be a big deal, but it is very different from editing. The damage that could be done by a skilled sockpuppeter with multiple admin accounts (thus able to create the illusion of consensus) is quite severe.-- Visviva 01:27, 2 June 2007 (UTC)
- "I would like to see whether there's agreement among users"... Precisely so. I wasn't suggesting that the Foundation be asked just yet, merely pointing out that they WOULD have to make the policy change, it is not one that user consensus can make independently. I do think that a lot of good points were raised and I am in particular interested in your response to Oleg Alexandrov's point... I applaud your caution in wanting to do this and your sensitivity in raising it for discussion but I remain opposed to the idea itself. ++Lar: t/c 12:55, 3 June 2007 (UTC)
Bad idea, in my view. SlimVirgin, of all people, you are extremely careful about others not finding your IP address, and now you are suggesting other people's IP address be checked on routine basis. Would you even stand for admin again knowing that that it may entail a checkuser? en:Oleg Alexandrov (talk) 02:07, 2 June 2007 (UTC)
- I would, yes, so long as I trusted the people with checkuser, and the ones who currently have it are very trustworthy. If a proposal like this were adopted, we'd have all the more reason to make sure only very responsible people get access to it, and the more checks there are, the more we can be certain that we're choosing the right people for adminship (and therefore possible checkuser) in the first place. So this proposal would indirectly tighten up checkuser security too. SlimVirgin (talk) 09:42, 7 June 2007 (UTC)
Seems to me that, if the issue is the trustworthiness of admins and potential admins, then the issue applies equally to current admins. I would suggest, if this is to go forth, that it be expanded to say "Editors holding administrator and higher rights may be subject to random checkuser. The editor and the community need not be informed if this has been done, unless the checkuser believes the results of the check raise concerns. The checkuser will report any concerns to the Arbitration Committee or bureaucrats of the applicable project, who will determine next steps." Risker 03:00, 2 June 2007 (UTC) forgot to sign, oops
- This is a horrible idea. It's invasive, it's a lot of grunt work for people who have better things to do. Checkuser is never used for fishing because it's an invasion of privacy, and is only done when suspicion exists. Automatically checking admins in some hunt for possible nefariousness with no reason to do so other than "they might have other accounts!" is w:McCarthyist. Proto 09:46, 2 June 2007 (UTC)
- Okay, thanks for the input. It's clear from this limited input that there's no consensus to do random checks at this time. This strongly indicates that we don't mind if admins are running more than one admin account or are formerly banned users, which I find puzzling. Even if people think adminship is no big deal, it's not no deal whatsoever, otherwise we'd give it to everyone. So I feel there's some unclear thinking going on here. SlimVirgin (talk) 22:16, 6 June 2007 (UTC)
- I don't think the objections are because "we don't mind if admins are running more than one admin account or are formerly banned users." I think the issue is more that people do mind about the fact this is a privacy violation, will scare away candidates, and will give the checkusers a lot more work to do. Picaroon (Talk) 23:15, 6 June 2007 (UTC)
- By all means, request a checkuser if there is valid suspicion that there's a problem. That's what checkuser is for. I would suggest that people would mind if they found out there was an admin with multiple admin accounts, or are a banned user (personally, I couldn't care less about the latter - if they have been doing a good and helpful job and not abusing things, I don't really care if they used to be Willy on Wheels or Mr Pelican Shit, and we would probably never know, anyway), but as I said above, people also value their privacy (it's a principles thing). Plus checkusering is a busy job already. Proto 09:22, 7 June 2007 (UTC)
- The proposal is that random checks would be allowed, so it wouldn't add substantially to the workload; check users could do it as infrequently as they liked. This proposal would simply allow them to. As for the privacy angle, that's fair enough, but as I said above, it indicates that people don't mind that much if there are admins with multiple accounts. You're placing privacy rights above that. I value privacy too, but I trust the checkusers not to violate the privacy policy, so I don't see it as an either-or situation. SlimVirgin (talk) 09:37, 7 June 2007 (UTC)
- I'm not sure it follows that if I don't like Remedy X that I think Problem Y isn't an important problem. It just means that I don't like Remedy X. CU is not the only way to combat admins with multiple accounts, or banned users returning in general, and further, a random checkuser of an admin candidate is not the only preventative measure that could be taken. I completely agree that socknests are a bad thing. I just do not agree that using CU this way is necessarily the best or only way or the most privacy maintaining way to combat them. And I'm completely open about my identity. ++Lar: t/c 18:40, 11 June 2007 (UTC)
- Using checkuser on RfAs seems appropriate and useful. It would be good to make certain that someone hasn't been playing nice under one name while making trouble under another. Doczilla 19:14, 16 June 2007 (UTC)
One's country to be considered private information
It says that one's country can be revealed, but some people come from small countries with not so many users. Would it be possible to change it to be: Revealing that two users come from different countries is generally not personally identifiable. I come from a small country, I have an English Wikipedia account and there is something about me on the user page. If my country was told, that would reveal my identity, but a person coming from a big country might not come to think of that. Himyeana 14:36, 10 June 2007 (UTC)
I would rather have the name of the Internet service provider not to be told either, at least when it reveals the country. Himyeana 13:00, 12 June 2007 (UTC)
To have countries not to be told would improve the privacy, and at the same time the effectivity of the tool would not be changed. Himyeana 10:21, 13 June 2007 (UTC)
Could the "Checkuser" function be problematic?
Good day, I have chosen this issue to be the first in which I would like to make my voice heard regarding my concern on the effectiveness of the checkuser function. To begin, there's no doubt in my mind that it was established with the best of intentions, and it has indeed served to fuction as a tool that has helped limit disruption to various Wikipedia projects. In short, we know it has limited conduct that could have continued indefinitely under any other condition. But I cannot help but question its ability to effectively block disruptive wihout ever causing unwarrented harm to users with the same IP who happen to be legitimate. Here is my story to illustrate my point:
I begin editing on the English Wikipedia a little over one year ago. I started off a bit shaky, being unfamiliar with proper policy and such, but after a couple of months of well needed reading, I managed to establish a considerable edit count, gain more experience each day. I even became accepted on the user list for Vandal Proof, where I reverted countless incidences of vandalism. At the beginning of this summer, I went on what is known as a "Wikibreak" for the reason that I travel quite a bit this time of year, and can not edit regularly. After taking a couple of pictures, I came back to upload them, only to find that my account had been indefinitely blocked on the grounds that a checkuser had found evidence that sockpuppetry was coming from my IP address. Naturally, I was panicked to find that my user account, being fairly established, was in jeopardy. I immediately requested an unblock via my user talk page just before an admin, who was strikingly uncivil, protected the page prematurely, convinced I was guilty of the sockpuppetry in question. To this point, I am not entirely sure where the sockpuppets came from, but I am deeply offended that my account was shut down without any of my contributions being remotely considered. Of course, I raised the issue with an admin, and the blocking admin in question, only to receive no response. In addition, one of the admins disabled the e-mail user feature for the account. My user account, which I believe was bound for eventual adminship nomination, remains blocked, tagged as a sockpuppet of an account I had nothing to do with, and I have to deal with the fact that not only have my contributions gone unappreciated, they are now being treated as if they never occured, as I have no choice but to start over with a new user account, something I can't do as of yet because my IP remains blocked, and just walk away from a year of hard work.
So the question I put before you is this? Is it fair to block a username based on checkuser findings when there is absolutely no evidence this specific username has done anything wrong? I don't believe so, because blocking users who in all forms appear to be legitimate will inevitably result in very harmful collateral damage. It happened to me, and believe me, I'm not the first or last user to be wrongfully hurt by these actions. What checkusers need to take into consideration is the fact that almost all homes today with internet access could have sevaral people living in them with two or more who access, even edit the Wikis, and to make matters more complex there are many many shared IPs in the United States alone. Why then should ALL usernames associated with a certain IP be blocked? If an account appears to be legitimate, in every form, it most likely is, so please, let's block those who deserve sanction, and not those who don't. I plan to propose a few changes to the checkuser policy in light of my negative experiences, but I would first like to hear the input of other users. Without such changes, I feel that what happened to me, could happen to anyone.The Kensington Blonde T C 03:50, 17 June 2007 (UTC)
- If everything you say is true and if you can get through this without bitterness, you will become a good admin one day. It's not just the edit count which matters but how you behave and your experience, which no one can take away from you. In the light of everything I have seen around I believe what you say here is important. Himyeana 21:16, 18 June 2007 (UTC)
- That someone seems to think this issue through is very good, so thank you for that. And yes, I have every intention of becoming an administrator eventually, even if it takes another year to build up my credibility again, which I believe can be done. For now, I'm going to try and take part in this area of the project as there are other aspects of policy I'm concerned with as well. Thanks again for your opinion.The Kensington Blonde T C 21:50, 18 June 2007 (UTC)
Providing personal information to the Foundation
If you did become a checkuser what kind of personal information would you have to provide to the Wikimedia Foundation??
would it be documentation, or just your first name/surname. Pseudonyms, I assume are not accepted.
this is a hypothetical question... --Plazglend 08:48, 18 June 2007 (UTC)
- Required information options as as follows -
- In accordance with the Board Resolution:Access to Non-Public Data, we are requesting proof of identity and evidence of age of majority because of your role as Checkuser. This proof may be provided in one of the following manners:
- 1) Copy or scan of Driver's License.
- 2) Copy or scan of Passport.
- 3) Copy or scan of other official documentation indicating real name and age.
- This is copied from the request I received - hope it is what you want --Herby talk thyme 09:01, 18 June 2007 (UTC)