Why Warner’s Women’s Cloud 9 Wire Free Lift Bra is a Must# User:Circeus/Checkuser policy drafts
This is not an official Wikimedia project policy or guideline, but may document widely-held community practices.
This is a collection of drafts of possible policies concerning CheckUser access.
The proposals below are attempts to explore possible versions of an official policy. The goal of such a policy would be to clarify the purposes for which CheckUser may or may not be used, who can grant access to the tool (and under what circumstances), and who can remove such access (and similarly under what circumstances). Given the delicacy of the matter, any proposal on the matter should first be scrutinized by the Board and the developers before being considered by the communities.
Proposal below are presented without presumption of being preferred over the others, or even being viable. Each proposal should be considered in light of the following criteria:
- What purpose is the access supposed to serve?
- Who can grant access?
- Who can remove access?
- What privacy safeguards are enacted?
- What accountability systems are enacted?
CheckUser as a private tool edit
CheckUser is currently used as a private tool accessible only to a handful of trusted users. These are selected by the communities (depending on the project) for various purposes (but often as part of counter-vandalism work), and derives its legitimacy from being an extension of privileged access (checkuser being given often to bureaucrats, or those who also hold administrator rights).
Purposes edit
The CheckUser tool is made avaialble for the following purposes:
- To fight vandalism, by verifying whether edits from an IP originate from the same origin as edits from another, blocked account,
- To fight spam, where spammers operate through open proxies,
- To investigate possible abuses of multiple account,
- To prevent possible abuses of multiple accounts in contests or games,
- To investigate null edits or other possible technical problems in relation to specific users or IPs and
- to assist in the development of the Wikimedia projects by the Server Admins.
Granting access edit
CheckUser can be granted by:
- the Wikimedia Foundation to staff or contractors,
- the Board of Trustees to oversight appointees,
- bureaucrats, after a successful RfA lasting a minimum of 7 days, and
- (checkusers?
Access can be revoked by:
- the WMF,
- the Board of Trustees,
- a vote of no confidence by the same body who appointed the checkuser and
- by the checkuser themself.
Privacy safeguards edit
All checks should be logged via the CheckUser log feature, with a short comment indicating the purpose (i.e. “to investigate possible meatpuppetry”). Checks done in relation to oversight actions are not logged (similar to oversighted edits).
Only staff can access the full log.
Accountability edit
Actions are reviewed regularly by staff and oversight appointees.
Any checkuser found misusing the tool (i.e. by impersonating another checkuser, by removing or altering the log without going through the oversight procedures, by performing checks unrelated to the allowed purposes) loses access to the tool for a period set by the reviewing body, and erranous entries are stricken or amended as required.
CheckUser as a public tool edit
Contrary to the present status quo, CheckUser is envisioned as at least partially public tool, with possibly varying levels of access.
Purposes edit
- To fight vandalism, by verifying whether edits from an IP originate from the same origin as edits from another, blocked account,
- To fight spam, where spammers operate through open proxies,
- To investigate possible abuses of multiple account,
- To prevent possible abuses of multiple accounts in contests or games and
- To investigate null edits or other possible technical problems in relation to specific users or IPs.
Granting access edit
Access is granted on a case-by-case basis, by means of an edit in the database by either:
- a staff member,
- an oversight appointee or
- a sysop with CheckUser access.
There are two levels of access:
- Full CheckUser access (using Special:CheckUser) as currently allowed, and
- IP-only access (using Special:CheckUser/ip to see only IPs used by a specific user).
Every user is empowered with the right to see IPs used by their own account.
Accountability edit
All access (and level of access used) are logged in the public log at Special:CheckUser/log, except where the access was from a oversight appointee, in which case an oversight log is kept (only accessible to other oversight appointees).
Staff monitor the logs and can revoke rights from users who use the tool beyond the authorized purposes.
CheckUser as a hidden tool edit
Purposes edit
CheckUser is a tool with serious privacy implications, and is only made available where it is necessary to ensure the quality of Wikimedia projects.
Granting access edit
Access is granted:
- by the Wikimedia Foundation to staff or contractors, as required by their function,
- by the Board of Trustees to trustees as required and
- by the Board of Trustees to oversight appointees.
The WMF or board can revoke access at any time.
Access is removed when the appointee leaves the position (resigns, is recalled, etc.)
Privacy safeguards edit
Logging is performed by the software, and only accessible to staff and the board.
Accountability edit
Access to the tool is implicitly reviewed when the staff member or appointee is reviewed in the course of their position.
The Board retains ultimate authority on whether someone can have access to the tool.
CheckUser as arbitration tool edit
Purposes edit
CheckUser is designed only to assist in administrative actions by the Arbitration Committee (or similar bodies, if such exist on other wikis), in resolving disputes involving multiple accounts (sockpuppetry or meatpuppetry) or for investigations of open proxies used by vandals.
Granting access edit
Access is granted for a single task, by the WMF on a recommendation of the Arbitration Committee (or other body). When that task is completed, the access is revoked.
Privacy safeguards edit
Checks are logged as required by the committee. Logs are expunged once they are no longer required (or when the case is closed).
Accountability edit
The Arbitration Committee is responsible for the use of the tool, and is required to submit a report of all checks done (along with the rationale for the checks) once the access is revoked.
