CheckUser policy
Languages: | English · العربية · català · čeština · Deutsch · English · español · français · hrvatski · magyar · Bahasa Indonesia · italiano · 日本語 · 한국어 · मराठी · occitan · polski · português · русский · slovenčina · shqip · српски / srpski · svenska · Türkçe · українська · Tiếng Việt · 中文 · 中文(简体) · 中文(繁體) |
---|
←Policies and guidelines | CheckUser policy |
This page provides information about CheckUser access and outlines the policy on its use. It was discussed in September and October 2005, and went live in November 2005. |
Contents
- 1 CheckUser status
- 2 Use of the tool
- 3 Privacy policy
- 4 Access to CheckUser
- 5 Users with CheckUser access
- 5.1 Everywhere
- 5.2 Arabic Wikipedia
- 5.3 Catalan Wikipedia
- 5.4 Chinese Wikipedia
- 5.5 Croatian Wikipedia
- 5.6 Czech Wikipedia
- 5.7 Danish Wikipedia
- 5.8 Dutch Wikipedia
- 5.9 English Wikibooks
- 5.10 English Wikinews
- 5.11 English Wikipedia
- 5.12 English Wikisource
- 5.13 English Wiktionary
- 5.14 Finnish Wikipedia
- 5.15 French Wikipedia
- 5.16 German Wikipedia
- 5.17 Hebrew Wikipedia
- 5.18 Hungarian Wikipedia
- 5.19 Indonesian Wikipedia
- 5.20 Italian Wikipedia
- 5.21 Japanese Wikipedia
- 5.22 Korean Wikipedia
- 5.23 Malayalam Wikipedia
- 5.24 Norwegian (Bokmål) Wikipedia
- 5.25 Polish Wikipedia
- 5.26 Portuguese Wikipedia
- 5.27 Romanian Wikipedia
- 5.28 Russian Wikipedia
- 5.29 Serbian Wikipedia
- 5.30 Simple English Wikipedia
- 5.31 Spanish Wikipedia
- 5.32 Swedish Wikipedia
- 5.33 Thai Wikipedia
- 5.34 Turkish Wikipedia
- 5.35 Ukrainian Wikipedia
- 5.36 Vietnamese Wikipedia
- 5.37 Wikimedia Commons
- 5.38 Meta
- 6 See also
CheckUser status
CheckUser is an interface for users with the checkuser permission. A user with CheckUser status on a wiki can in particular check if a user is or isn't a sockpuppet of another user on that wiki (not on all wikis). By using it, users are able to:
- Determine from which IPs a user has edited or done a logged action or password reset on the Wikimedia wiki;
- Determine the edits, logged actions and password resets on the Wikimedia wiki of a specific IP (even when logged in);
- Determine whether the user being checked has sent an email using MediaWiki interface to some other user. The time of the event is logged, the destination email address and user ID are obscured.
This information is only stored for a short period (currently 3 months), so edits made prior to that will not be shown via CheckUser. A log is kept of who has made which queries with the tool. This log is available to those with the checkuser-log permission:
See Help:CheckUser for the user manual.
Use of the tool
The tool is to be used to fight vandalism, to check for sockpuppet abuse, and to limit disruption of the project. It must be used only to prevent damage to any of Wikimedia projects.
The tool should not be used for political control; to apply pressure on editors; or as a threat against another editor in a content dispute. There must be a valid reason to check a user. Note that alternative accounts are not forbidden, so long as they are not used in violation of the policies (for example, to double-vote or to increase the apparent support for any given position).
Notification to the account that is checked is permitted but is not mandatory. Similarly, notification of the check to the community is not mandatory, but may be done subject to the provisions of the privacy policy.
Some wikis allow an editor's IPs to be checked upon his or her request if, for example, there is a need to provide evidence of innocence against a sockpuppet allegation; note, however, that requesting a checkuser in these circumstances is sometimes part of the attempt to disrupt.
Privacy policy
On Wikimedia projects, privacy policy considerations are of tremendous importance. Unless someone is violating policy with their actions (e.g. massive bot vandalism or spam) and revealing information about them is necessary to stop the disruption, it is a violation of the privacy policy to reveal their IP, whereabouts, or other information sufficient to identify them, unless they have already revealed this information themselves on the project. The relevant section of the privacy policy is:
Release: Policy on Release of Data
It is the policy of Wikimedia that personally identifiable data collected in the server logs, or through records in the database via the CheckUser feature, or through other non-publicly-available methods, may be released by Wikimedia volunteers or staff, in any of the following situations:
- In response to a valid subpoena or other compulsory request from law enforcement,
- With permission of the affected user,
- When necessary for investigation of abuse complaints,
- Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues,
- Where the user has been vandalizing articles or persistently behaving in a disruptive way, data may be released to a service provider, carrier, or other third-party entity to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers,
- Where it is reasonably necessary to protect the rights, property or safety of the Wikimedia Foundation, its users or the public.
Information release
Even if the user is committing abuse, it's best not to reveal personal information if possible.
- Generally, do not reveal IPs. Only give information such as same network/not same network or similar. If detailed information is provided, make sure the person you are giving it to is a trusted person and will not reveal it himself/herself.
- If the user has said they're from somewhere and the IP confirms it, it's not releasing private information to confirm it if needed.
- If you're in any doubt, give no detail.
Access to CheckUser
Only stewards, some Wikimedia Foundation staff, ombudsmen, and a very small number of other users are allowed to have CheckUser access. Users can only have CheckUser status locally (except for the ombudsmen and those staff members with access).
If local CheckUsers exist in a project, checks should generally be handled by those. In emergencies, or for multi-project CheckUser checks as in the case of cross-wiki vandalism, stewards may perform local checks. Stewards should remove their own CheckUser access on the projects upon completion of the checks and notify the local CheckUsers or the CheckUser e-mail list.
On any wiki, there must be at least two users with CheckUser status, or none at all. This is so that they can mutually control and confirm their actions. In the case where only one CheckUser is left on a wiki (when the only other one retires, or is removed), the community must appoint a new CheckUser immediately (so that the number of CheckUsers is at least two).
On wikis with an Arbitration Committee (ArbCom) whose members have been elected with the support of at least 25-30 members of the local community, CheckUsers can be appointed by the Arbitrators only. After agreement, a member of the Committee should simply list the candidate on Steward requests/Permissions.
On a wiki without an Arbitration Committee that meets the criterion above, or where the community prefers independent elections, two options are possible:
- The community must approve local CheckUsers (stewards not counting as local CheckUsers) per consensus. The user requesting CheckUser status must request it within his local community and advertise this request properly (village pump, mailing list when available, ...). The editor must be familiar with the privacy policy. After gaining consensus (at least 70%-80% in pro/con voting or the highest number of votes in multiple choice elections) in his local community, and with at least 25-30 editors' approval, the user should list himself under Steward requests/Permissions with a link to the page with the community's decision.
- If an insufficient number of voters vote for at least two CheckUsers on a wiki, there will be no CheckUsers on that wiki. Editors will have to ask a steward to check if UserX is a sockpuppet of UserY. To do so, simply add your request to Steward requests/Checkuser listing these users and explaining why you ask for such a check (with links). You also need a community consensus (like above). The steward will answer you if these two users are from the same IP, same proxy, same network, same country, or are they completely unrelated (see discussion for what the Steward should more precisely say to the editor).
Mailing list
There is a closed mailing list (CheckUser-l) to which all stewards and checkusers should have access. Email the list moderators to gain access. Use this mailing list to ask for help, ideas and second opinions if you're not sure what the data means.
IRC channel
There is a private IRC channel (#wikimedia-checkuser) to which all stewards and checkusers who use IRC should have access. This channel serves the same purpose as the mailing list, but in real-time. Contact any channel member to gain access; a channel manager will grant permanent access. Ask a steward if you need help gaining access.
Removal of access
Any user account with CheckUser status that is inactive for more than a year will have their CheckUser access removed.
In case of abusive use of the tool, the Steward or the editor with the CheckUser privilege will immediately have their access removed. This will in particular happen if checks are done routinely on editors without a serious motive to do so (links and proofs of bad behavior should be provided).
Suspicion of abuses of CheckUser should be discussed by each local wiki. On wikis with an approved ArbCom, the ArbCom can decide on the removal of access. On wikis without an approved ArbCom, the community can vote removal of access. Removal can only be done by Stewards. A Steward may not decide to remove access on their own, but can help provide information necessary to prove the abuse (such as logs). If necessary, and in particular in case of lack of respect towards the privacy policy, the Board of Wikimedia Foundation can be asked to declare removal of access as well.
Complaints of abuse of CheckUser or privacy policy breaches may also be brought to the Ombudsman commission.
Users with CheckUser access
Everywhere
- Stewards - upon request or their own initiative, stewards use it by briefly granting the right to themselves; this is logged.
- Some members of the Staff of the Wikimedia Foundation (see global group)
- Members of the Ombudsman commission (see automatically generated list):
Arabic Wikipedia
Automatically generated checkusers list
Catalan Wikipedia
Automatically generated checkusers list
Chinese Wikipedia
Automatically generated checkusers list
Croatian Wikipedia
Automatically generated checkusers list
Czech Wikipedia
Automatically generated checkusers list
Danish Wikipedia
Automatically generated checkusers list
Dutch Wikipedia
Automatically generated checkusers list
- Appointed by Arbcom
English Wikibooks
Automatically generated checkusers list
English Wikinews
Automatically generated checkusers list
English Wikipedia
Automatically generated checkusers list
- Appointed by Arbcom (including current arbitrators)
- AGK
- Alison
- Amalthea
- Avraham
- Beeblebrox
- Carcharoth
- Chase me ladies, I'm the Cavalry
- Coren
- Courcelles
- David Fuchs
- DeltaQuad
- Deskana
- DoRD
- Elockid
- FloNight
- GorillaWarfare
- Guerillero
- J.delanoy
- Jpgordon
- Keegan
- LFaraone
- Mailer diablo
- Materialscientist
- MBisanz
- NativeForeigner
- Newyorkbrad
- PhilKnight
- Ponyo
- Reaper Eternal
- Richwales
- Risker
- Roger Davies
- Salvio giuliano
- Seraphimblade
- Timotheus Canens
- Tiptoety
- Versageek
- Worm That Turned
- Founder
English Wikisource
Automatically generated checkusers list
(Local policy allows stewards to checkuser on this wiki for crosswiki abuse, so long as the check is noted.)
English Wiktionary
Automatically generated checkusers list
Finnish Wikipedia
Automatically generated checkusers list
French Wikipedia
Automatically generated checkusers list
- Appointed by ArbCom
German Wikipedia
Automatically generated checkusers list
Hebrew Wikipedia
Automatically generated checkusers list
Hungarian Wikipedia
Automatically generated checkusers list (requests and policy)
Indonesian Wikipedia
Automatically generated checkusers list
Italian Wikipedia
Automatically generated checkusers list
Japanese Wikipedia
Automatically generated checkusers list (policy)
Korean Wikipedia
Automatically generated checkusers list (policy and request)
Malayalam Wikipedia
Automatically generated checkusers list (Policy and Requests)
Norwegian (Bokmål) Wikipedia
Automatically generated checkusers list
Polish Wikipedia
Automatically generated checkusers list
Due to a new policy on the Polish Wikipedia, users who gain 85% of votes in favor may become CheckUsers
Portuguese Wikipedia
Automatically generated checkusers list
Romanian Wikipedia
Automatically generated checkusers list
Russian Wikipedia
Automatically generated checkusers list
- Appointed by ArbCom
Serbian Wikipedia
Automatically generated checkusers list
Simple English Wikipedia
Automatically generated checkusers list
Spanish Wikipedia
Automatically generated checkusers list
Local policy mandates that only users who gain at least 30 votes in favor and 80% support can be appointed.
Swedish Wikipedia
Automatically generated checkusers list
Thai Wikipedia
Automatically generated checkusers list
- Appointed by ArbCom
Turkish Wikipedia
Automatically generated checkusers list
Ukrainian Wikipedia
Automatically generated checkusers list
Vietnamese Wikipedia
Automatically generated checkusers list
Wikimedia Commons
Automatically generated checkusers list
Meta
Automatically generated checkusers list
See also
- Privacy policy
- Ombudsman commission (processes complaints of privacy violations)
- Requests for CheckUser information and CheckUser status
- Local policies of the projects
- Help:CheckUser user manual
- [Foundation-l] CheckUser (thoughts), by Anthere on April 22, 2006, includes a historic background
User groups | |
---|---|
Local: | blocked user – unregistered user – newly-registered user – registered user – autochecked users – autopatroller – bot – administrator – bureaucrat – oversight – checkuser – IP block exempt – importer – translation admin – centralnotice admin – uploader – massmessage senders |
Global: | locked account – unified account – bot – rollbacker – abuse filter editor – interface editor – IP block exemption – new wiki importers – sysop – ombudsman – founder – staff – WMF researcher – system administrator – steward |