Wikipedia talk:Requests for checkuser

From Wikipedia, the free encyclopedia

Archive
Archives
Shortcut:
WT:RFCU

Contents




[edit] Clerks and private info

Since the long discussion about clerks that happened earlier this week I've been wondering about something, do clerks have access to private information? I ask because Peter Dodge wrote this: [1]: " CheckUser clerks are trusted members of the community chosen by the checkusers because they trust these users with sensitive private information that sometimes is necessary to discuss in a checkuser investigation." It seems to have come from a project page somewhere, but none of the ones I've looked at have that wording. And at least one page (the checkuser clerk page) says that they do not have that kind of access. I also noticed that the clerks IRC channel became invite only, so I was wondering if that happened because private info was being passed there? (if not then I'm not sure why it would need to be invite only). In any case, do they have access to private info, and if so is it passed in part on the clerks IRC channel? Thanks! RxS 20:12, 2 March 2007 (UTC)

No. That would be a huge Foundation issue. (I think Peter is sometimes over-enthusiatic in defending the position.) There is really nothing checkuser clerks do that other editors can't if they can figure out the system. Mainly I think, it's easier for the checkusers to feel comforatble working with a smaller group of steady volunteers rather than dozens of part-timers. I'm trying to clarify and harmonize the various clerk pages. Regarding the IRC channel, Mackensen or Daniel.Bryant would have to answer that one. Thatcher131 20:26, 2 March 2007 (UTC)
Sometimes during the course of a CU investigation the CheckUsers will share privileged information with clerks. I myself am not usually one of these peoples, but administrators the CheckUsers have IP block these people obviously need to know the IPs, which are indeed private bits of information. ✎ Peter M Dodge (Talk to Me) 20:29, 2 March 2007 (UTC)
Hmm. Are you sure about that? Now, as a matter of reality, if someone asks for an IP block on a vandal who has been making attack user names (such as this), and the checkuser answers, "IP blocked," then is it is trivially easy for anyone to look in the checkuser's block log and find the IP. This is not really personal information as it is not tied to a user's identity. And sometimes users give away their own location and IP by editing while logged out to avoid 3RR limits and so forth, such as GeorgeBP. Now, looking at a case like American Brit, where the user has never been publically identified with an IP address through his own action, it would be completely inappropriate for a checkuser to inform anyone of the underlying IP address, clerk or not. As far as I know, this information has never been shared; certainly such information has never been shared with me. Thatcher131 20:47, 2 March 2007 (UTC)
From the topic in the CheckUser clerk channel: Checkuser Clerk Private Coordination Channel | Congrats to James F, the newest Checkuser! | Please don't invite non-clerks or non-checkusers, as limited personal information may be discussed.Peter M Dodge (Talk to Me) 20:55, 2 March 2007 (UTC)
What kind of personal information is shared specifically? RxS 21:06, 2 March 2007 (UTC)

I've never said anything there that I'd be unwilling to say on-wiki. Thatcher correctly characterizes the appropriate limits. Mackensen (talk) 21:15, 2 March 2007 (UTC)

I agree those are the appropriate limits, but I seem to be getting mixed messages. What personal information does the IRC topic refer to specifically? RxS 23:16, 2 March 2007 (UTC)
Basically nothing. Daniel Bryant 00:00, 3 March 2007 (UTC)
I'd take it as an appropriate caution--checkusers are about, and they might talk about things not meant for general consumption. To be honest, I never gave it much thought. Mackensen (talk) 03:09, 3 March 2007 (UTC)
Regarding in the invite-only, that was Essjay's decision, so I'm not going to assume anything on his behalf. Other than that, really, there's nothing terribly interesting; I appreciate your concern, however rest assured that it'd be more than we're all worth to start breaching foundation guidelines regarding private info. I believe you may have misunderstood the intention of Peter's comment, which has led to this. Cheers, Daniel Bryant 03:49, 3 March 2007 (UTC)
Fair enough, then shouldn't the topic say something like "Please do not discuss any personal information in channel that is not meant for general consumption?" etc? I think a pretty bright line should be drawn around access to personal/private information. If clerks are around, checkusers shouldn't be talking about anything not meant for general consumption right? RxS 18:40, 3 March 2007 (UTC)
In light of recent events, its fair to say that that will get a fresh look at some point. Thatcher131 23:51, 3 March 2007 (UTC)
I see that the possibility of discussion of some personal (on the clerks IRC channel) been added to the clerk project page (ratified?) [2]So I guess the question comes back to what kind of information not meant for general consumption is being shared outside the Checkuser group? I don't mean to be going on about it, but as I know everyone understands it involves some pretty important foundation policy. Thanks, RxS 03:08, 5 March 2007 (UTC)
For one, the habits and trademarks of banned users. Mackensen (talk) 03:14, 5 March 2007 (UTC)
That wouldn't really fall under a description of "limited personal information" though would it? Or a small, closed IRC channel I suppose? RxS 03:22, 5 March 2007 (UTC)
The only info clerks might get is WP:BEANS info about why a check couldn't be run, that anyone with enough time could find, since it is nearly always the same reason. (after all the Special:Checkuser code is open). It is not as if checkusers are saying User:Essjay's IP is... to clerks. I agree with Thatcher. Prodego talk 03:23, 5 March 2007 (UTC)
Good enough, there seems to be some mixed messages, but Checkusers should be able to limit what info is shared there, thanks. RxS 03:27, 5 March 2007 (UTC)
I think EssJay explained it once probably along the same lines as above but essentially the checkuser process is an open secret meaning that it's not hidden but it's not advertised. Part of the "security through obscurity." The secrecy isn't because personal information is being shared, but rather the process and limitations are not being advertised. --Tbeatty 03:32, 5 March 2007 (UTC)
Ten wikipedians will have 12 different opinions on something. To give a somewhat related example, I have been active in blocking the socks of a particular banned user. Periodically, another admin, who has been in an editing conflict with this person, will email his suspected new socks to me. He doesn't want to post a public request because that would mean revealing the person's "tells" which (if he stopped doing them) would make him harder to spot. That's also why the channel is invite-only. Wouldn't want to be discussing Lightbringer's tells while Lightbringer was lurking in the room. Tbeatty also has a point. We don't want to say, "that user can't be checked because he is doing X," because then all the smart sockpuppeteers will start doing X too. Thatcher131 03:36, 5 March 2007 (UTC)
That's understandable, and I wasn't really too concerned about that. I was wondering more along the lines of server logs and data derived from page logs...which I'm under the impression are used in checkuser audits. That's the "bright line" I was talking about...but it sounds like that's something that would never be shared in this manner. RxS 03:43, 5 March 2007 (UTC)
If it was, I would quit. Thatcher131 03:51, 5 March 2007 (UTC)
I probably got hung up on the term personal information (IRC topic), when someone says that I hear server logs. RxS 04:02, 5 March 2007 (UTC)

[edit] Vandal with a grudge

I have e-mailed a letter of complaint to administrators of networks used by the vandal with a grudge. (For the text of the complaint, together with the contact e-mails, look here.) Today I received a response from Czech On Line a.s., requesting IP addresses used by the vandal, with exact date and time of edits. Of course, I don't have this information available; could you please send follow-up e-mails to them, to allow them to continue the investigation? (According to the privacy policy, "where the user has been vandalising articles or persistently behaving in a disruptive way, data may be released to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers".) - Mike Rosoft 19:13, 5 March 2007 (UTC)

Looking over the checkuser requests I believe are associated with this, it looks like Dmcdevit did most of the checking -- you might want to get in touch with him off-wiki, if possible. – Luna Santin (talk) 21:41, 5 March 2007 (UTC)
AFAIK, Dmcdevit, Mackensen, and Jpgordon all ran checks against this vandal. I suggest that you contact them off-wiki since this issue seems a little too sensitive to be discussed on-wiki. TML 06:25, 7 March 2007 (UTC)

[edit] Checkuser Request for AMA case

Hello, I'm Dfrg.msc and I'm representing Cliffb in an AMA case. We request an unusual request as a means of identifying the IP responsible for the below message, sent to Cliff via his webform.

Date: Wed, 28 Feb 2007 22:13:30 -0500 (EST)
To: **** Removed my address..
From: Doug Michael <dmichael@yahoo.com>
Subject: Wikipedia edit

Below is the result of your feedback form.  It was submitted by
Doug Michael: dmichael@yahoo.com on Wednesday, February 28, 2007 at 22:13:30
---------------------------------------------------------------------------

content: Dear Cliff,

It is perfectly accepted to edit Wikipedia articles, but your edits should not be used as a forum 
to express homosexual opinions about other men. If you are wondering why people do not 
like nor accept homosexuals (gay is too soft a word, my friend. Gay implies happy.
You are not happy, you are genetically damaged. It's not your fault, of course, you were born 
this way). However, please keep your opinions to yourself, since you are just a poor woman 
trapped inside of a man's body. Your edits are no longer welcome. 

Yours truly, 

Doug

---------------------------------------------------------------------------

HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
REMOTE_ADDR: 12.119.119.186

The sending IP is: 12.119.119.186 (talk contribs WHOIS block user block log checkip)

The harassment clearly references Wikipedia. Is it possible to cross reference from the IP address 12.119.119.186 to Wikipedia user activity on or about 1 March 2007 03:13 UTC. If it is not possible or an outcome is achieved please notify either:

And we will take the necessary steps. Regards, Dfrg.msc 05:40, 8 March 2007 (UTC)

Hi Dfrg - I doubt that this will be possible for two reasons. One: it infringes on Wikimedia Foundation Privacy policy, whether abusie or not, and whether related to Wikipedia or not. Two: The abuse was, in any case, made off Wikipedia, so it isn't really for Wikipedia Dispute Resolution to swing into action unless the user in question is identifiable by recent on-Wiki conflicts. Your best course of action is to continue with the abuse report, and perhaps contact the abusive user asking him to identify himself - checkusers probably won't be allowed to do this. Martinp23 19:47, 8 March 2007 (UTC)
I suggest contacting Mackensen, Jpgordon or UninvitedCompany directly for this unusual request. Thatcher131 19:52, 8 March 2007 (UTC)

Yes, you could contact a checkuser directly as Thatcher suggested, but barring a clear ID (which may not be technically feasible), ignore it as trolling, delete the message, and go about your business, keeping an eye out for on-wiki actions that might point you to the perpetrator. MastCell 19:57, 8 March 2007 (UTC)

Hmm, I wonder if it is possible to see if it was HideandLeek, who recently vandalized my userpage —Cliffb 21:15, 8 March 2007 (UTC)
That's probably worth checking out and should be technically feasible. You may want to email a checkuser directly, or post on WP:RFCU. MastCell 21:33, 8 March 2007 (UTC)

[edit] What about evasion of AIV by creating many sock-puppets?

There is a vandal who creates accounts and then gets two or three warnings on them and moves onto another account before being blocked, so she has never been blocked. I am fairly sure that it is the same person (at least for some of the accounts), but the sock-puppet process seems too complex to me. What can I do? JRSpriggs 09:04, 20 March 2007 (UTC)

I have her IP address (or at least one of them) namely, 74.103.19.52 (talkcontribsWHOISRDNSRBLsblock userblock log). What I need is a list of all user-ids associated with that address and whether there are any other IP addresses used by those users. Then I could ask to have her IP address and all users who use it blocked, assuming that I am correct and their aggregate number of acts of vandalism is way over the threshold. JRSpriggs 07:08, 22 March 2007 (UTC)

[edit] Summary letter

Why do we require, Do not specify more than one summary letter? So far, the only disadvantage I've seen when more than one summary letter is entered is that some or another clerk complains about there being more than one summary letter. It doesn't make my job any harder to have more than one. --jpgordon∇∆∇∆ 20:42, 21 March 2007 (UTC)

I agree. I've been ignoring it recently, as it only adds to the loads of instruction creep that makes up RFCU. PTO 20:48, 21 March 2007 (UTC)
I removed that, it seems useless. Prodego talk 20:57, 21 March 2007 (UTC)
But it was re-added by UninvitedCompany. Here is the reason. Prodego talk 21:09, 21 March 2007 (UTC)

[edit] sockpuppets of long term blocked users based on arbitration rulings

Wouldn't it make more sense to store checkuser data on long-term blocked users? After all logs expire after a month. -- Cat chi? 20:51, 24 March 2007 (UTC)

I think there may be privacy implications, although I suspect it's done unofficially anyway.--Domitius 21:05, 24 March 2007 (UTC)
I do not believe privacy is an issue. The ips and other info will not be published to public. All info will still be for arbitrators' "eyes only" -- Cat chi? 09:58, 26 March 2007 (UTC)
Cool Cat, do you have a specific incident in mind? Many of the checkusers do keep records, but they may not always have the foresight to keep the right records in the right case. Thatcher131 14:57, 26 March 2007 (UTC)
Yes and no. I had difficulties on a very old case that resurfaced a wile back ago. Checkuser data wasn't available so a second arbitration case had to be started for the (new) individual. But that specific thing isn't important right now.
My concern is future and current disputes. Personal logs of any checkuser can disappear for simple reasons such as virus infections and stuff. A centralized location where all en.wiki checkusers can access (such as a private mailing list or some hidden archive) is what I have in mind. I think it would be beneficial to have such a thing.
-- Cat chi? 16:30, 26 March 2007 (UTC)
There is a CheckUser mailing list already, I believe. This comment should probably be moved to Wikipedia talk:Requests for checkuser, though, since it doesn't deal explicitly with arbitration and we have some non-Arbitrators that serve as CheckUsers. Thanks! Flcelloguy (A note?) 16:48, 26 March 2007 (UTC)
I'll copy paste there now. -- Cat chi? 16:53, 26 March 2007 (UTC)