Jump to content

Wikipedia:Arbitration Committee/CheckUser and Oversight/2011 CUOS appointments

From Wikipedia, the free encyclopedia

The appointment process is now concluded, and the appointment motion has been published below.

The current time and date is 08:25, 26 November 2024 (UTC).

To improve existing workload distribution and continue to ensure timely responses to requests, the Arbitration Committee is seeking to appoint additional people to the CheckUser and Oversight teams.

Accordingly, experienced editors are invited to apply for either or both of the permissions. Current holders of either permission are also invited to apply for the other. For an overview of the appointment process, see here.

Prospective candidates should be familiar with (i) the English Wikipedia CheckUser and Oversight policies; and (ii) the Wikimedia Foundation privacy policy and related documents. They will also have good communication skills and demonstrated ability to work collaboratively. Additionally, CheckUser candidates are expected to be familiar with basic technological issues and sockpuppet investigation tools and techniques. While not a requirement, previous experience with the Open-source Ticket Request System is beneficial for Oversight candidates.

Applicants must also be:

  • available regularly to assist with the workload distribution;
  • familiar with Wikipedia processes, policies, and guidelines;
  • at least 18 years of age and have legal majority in their jurisdiction of residence; and
  • willing to identify to the Wikimedia Foundation prior to receiving permissions.

Anyone considering applying should be aware that checkusers and oversighters (and candidates for these permissions) are subject to considerable internal and external scrutiny. The external scrutiny may include attempts to investigate on- and off-wiki activities, and has previously resulted in the personal details of candidates being revealed, and unwanted contact with employers, family, or others. Please be aware that the Arbitration Committee is unable to prevent such off-wiki activities from occurring or off-wiki distribution and discussion of personal information. This risk will continue if the candidate is successful in their candidacy.

Further details on the appointment process may be found below.

Appointment process

[edit]
Dates are provisional and subject to change
  • Applications: 12–18 September

    Candidates self-nominate by email to arbcom-en-b@lists.wikimedia.org. Each candidate will receive an application questionnaire to be completed and returned to the arbcom-en-b mailing list. The completed application should include a nomination statement, to a maximum of 250 words, for inclusion on the candidate's nomination sub-page(s).

  • Review period by the Arbitration Committee: 18–25 September

    During this period, the Arbitration Committee will review applications, notify the candidates going forward for community consultation, and create candidate sub-pages as necessary. The pages will be transcluded to the Candidates section below prior to the community consultation period.

  • Community consultation: 26 September–4 October

    The nomination statements are published and the candidates invited to answer standard questions and any additional questions the community may pose. Simultaneously, the community is invited to comment on the suitability or unsuitability of each candidate. These comments may either be posted publicly on the candidates' pages or submitted privately by email to arbcom-en-b@lists.wikimedia.org. Editors are encouraged to include a detailed rationale, supported by relevant links where appropriate.

  • Appointments: by 15 October

    The committee shall review all the comments submitted and other relevant factors before finalizing an internal resolution, at which point the appointments will be published. The successful candidates will be required to identify to the Wikimedia Foundation prior to receiving the permissions.

Appointment motion

[edit]

The Arbitration Committee has resolved to appoint five editors to the CheckUser team and three editors to the Oversight team pursuant to the CheckUser and Oversight appointment procedures and following the 2011 CUOS appointments process.

Subject to their providing identification satisfactory to the Wikimedia Foundation, the Arbitration Committee hereby resolves to:

(a) appoint the following editors as checkusers:

(b) appoint the following editors as oversighters:

† Previously identified member of the Audit Subcommittee who will retain the specified permission(s) upon the conclusion of their terms.

The committee thanks the other candidates (28bytes, HelloAnnyong, Kww, and Mentifisto); those who applied but were not put forward as candidates; and the community in bringing this appointment process to a successful conclusion.

The committee also recognizes the departures of Dominic and Nishkid64 from their dual roles on the CheckUser and Oversight teams; along with EVula, Howcheng, & Mr.Z-man from the Oversight team; and thanks these editors for their diligent service as functionaries and their extensive contributions elsewhere on the project.

At the request of arbitrator Iridescent, checkuser and oversight permissions will be removed from their account until such time as Iridescent is able to return to active participation.

Supporting motion: Casliber; Chase me ladies, I'm the Cavalry; Coren; David Fuchs; Jclemens; John Vandenberg; Kirill Lokshin; Mailer diablo; PhilKnight; Newyorkbrad; Roger Davies; Risker; SirFozzie; Xeno
Not voting/inactive: Cool Hand Luke; Elen of the Roads; Iridescent

For the Arbitration Committee, –xenotalk 13:00, 13 October 2011 (UTC)[reply]

Discuss this


Candidates

[edit]

CheckUser

[edit]

28bytes

[edit]

28bytes (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)

Hello, I am 28bytes, and I would like to help out as a CheckUser. I first began editing Wikipedia part-time in 2006 and became a full-time editor in 2010. I have been active on Wikipedia on at least 350 of the past 365 days; I expect to continue to be a highly-available editor, being on-wiki just about every day to respond to CheckUser requests.

My SPI experience has been "read-only" so far: I have not done any clerking there, but I do regularly read the investigations, and have developed a good sense of when and why a CheckUser is likely to accept or decline a request. I am very familiar with, and wholly supportive of, the CheckUser policy, the WMF privacy policy, and am well over 18 years of age and willing to identify to the Foundation.


Standard questions for all candidates
[edit]

Please describe any relevant on-Wiki experience you have for this role.

A: I became an administrator earlier this year, and prior to that served as a non-admin edit filter manager. Both roles require a degree of trust and discretion in that they provide the ability to access data (i.e. deleted content and private edit filters) not generally viewable, and I have taken very seriously the requirement to use such access responsibility, not disclosing any sensitive data without an extremely good reason. Similarly, I take very seriously the guidance outlined in the CheckUser and privacy policies as to how to balance the need to maintain an editor's privacy and the need to prevent disruption to the project.

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

A: My full-time job in the information systems industry requires a great deal of data analysis and pattern recognition. In particular, analysis of web server log data is a task I perform regularly that I believe will be helpful background for CheckUser tasks. I hold a bachelor's degree in information management and am currently pursuing a graduate degree.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

A: I do not.
Questions for this candidate
[edit]

Being a new checkuser, would you be willing to help with the Checkuser backlog at WP:ACC as there are usually up to 6 requests waiting about 5 days+? -- DQ (t) (e) 19:23, 26 September 2011 (UTC)[reply]

A: Yes, I would be willing to help out there. I have just requested access to the account creation request interface and will start to familiarize myself with it. 28bytes (talk) 21:13, 26 September 2011 (UTC)[reply]

Would you be proactive in looking at the open cases at SPI to see if they could use a checkuser? -- DQ (t) (e) 19:23, 26 September 2011 (UTC)[reply]

A: Yes, I plan to check in on open SPI reports regularly. 28bytes (talk) 21:13, 26 September 2011 (UTC)[reply]

You say you have maintained a watch on SPI cases, can you tell the community something you have learned, and maybe comment on 2 cases before they are processed for CU weather you would endorse or decline? -- DQ (t) (e) 19:23, 26 September 2011 (UTC)[reply]

A: One key thing I've learned from watching SPI cases unfold is the importance of considering multiple explanations for an editor's apparent sockpuppetry. For example, I would decline this currently open SPI request: the request suggests that after the first account was blocked, the editor returned to edit sing the second account. However, since the blocking admin specifically suggested that the editor do that via the uw-softerblock template, there's really no need to investigate further. (At least in regard to sockpuppetry; COI issues may require a closer look.) On the other hand, I would accept this request; looking at the two accounts' contributions, the filer's suspicions are quite plausible, and the alternate explanation (that they are two separate people with an extremely coincidental interest in the same two pages) is not very compelling. 28bytes (talk) 21:13, 26 September 2011 (UTC)[reply]

As a CheckUser, you will likely, from time to time, coordinate and communicate with the Stewards. What cross-wiki experience can you bring that can help out not only the Stewards, but editors, administrators, and CheckUsers on other wikis? –MuZemike 21:22, 26 September 2011 (UTC)[reply]

A: I have a unified login and a very small number of contributions to other WMF projects, but my editing so far has been almost exclusively to en-wiki. However, I would be happy to assist in any cross-wiki investigations as needed, within the bounds of policy; for example by pointing stewards to relevant SPIs, AN/I threads, etc. on en-wiki. 28bytes (talk) 05:46, 27 September 2011 (UTC)[reply]

In your own words, what are the main differences between the WMF's CheckUser policy and the privacy policy? –MuZemike 21:22, 26 September 2011 (UTC)[reply]

A: Both policies stress the importance of disseminating personally identifying data only to the degree it is required to prevent disruption to the project. The main difference is in the emphasis: the privacy policy discusses the collection and potential disclosure of personally identifiable user data in a way that gives site users "fair warning" regarding the collection and use of their data; the CheckUser policy gives CheckUsers guidance as to the technical capabilities of the tool, its purpose and its proper uses.

Under what circumstances do the above policies give on the release of CheckUser data? –MuZemike 21:22, 26 September 2011 (UTC)[reply]

A: The privacy policy's "Policy on Release of Data" subsection, also included in the CheckUser policy and manual, specifies the 6 situations in which CheckUser data may be released: (1) in response to a subpoena; (2) with the user's permission; (3) disclosure to the WMF chair as part of an abuse investigation; (4) to aid in resolving certain technical issues; (5) to assist in targeting IP blocks or complaints to an ISP in response to vandalism or other disruption; and (6) "where it is reasonably necessary to protect the rights, property or safety of the Wikimedia Foundation, its users or the public." The last of these is a bit of a catch-all, and would likely require a more detailed justification in practice. 28bytes (talk) 05:46, 27 September 2011 (UTC)[reply]

Give some examples on when CheckUser requests of a sensitive nature or discovered CheckUser results of interest that would not be posted on-wiki. –MuZemike 21:22, 26 September 2011 (UTC)[reply]

A: If a check turns up a link to an ArbCom-banned editor or a functionary abusing their position (e.g. an administrator or bureaucrat operating an abusive, undisclosed alternate account), it would be wise to pass the data to ArbCom privately rather than posting on-wiki. Another case would be if there is any reason to believe posting a result would cause harm to an editor: for example, if there were threats on-wiki or off-wiki towards the user being investigated, and confirming a link to the user's (multiple) accounts could lead to their personal identity being known; in such a case, it would be best to handle the matter privately. 28bytes (talk) 05:46, 27 September 2011 (UTC)[reply]

Checkuers are often relied on to determine whether someone is using anonymising proxies to perform their sockpuppetry. Please describe your general experience in this area. Please also describe, preferably with an example, how you (would have) suspected, identified, confirmed, and blocked a socking open proxy on Wikipedia. -- zzuuzz (talk) 17:14, 28 September 2011 (UTC)[reply]

A: I have not yet had the need to do much regarding proxies, so my experience is very light in that area. I know the basics of proxies, but I have not yet dug into the instructions and documentation that AGK refers to in his response below. I do tend to pick up such things fairly quickly, and would not be hesitant to consult with a more experienced CU to make sure my understanding of a situation was correct. 28bytes (talk) 17:05, 29 September 2011 (UTC)[reply]
Comments
[edit]
Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-b@lists.wikimedia.org

AGK

[edit]

AGK (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)

I joined the Audit Subcommittee to replace bahamut0013, and in this capacity have made extensive use of the checkuser tool so as to become familiar with its use. Soon, I will be scaling back my use of checkuser - because, as an auditor, I do not intend to routinely use the tools. But from my term on the subcommittee thus far, it is clear to me that we require more checkusers. (There is an especial need for checkusers for routine requests, at SPI, so that the most active checkusers are not shouldering as much of the workload as they presently are.)

My public work with the checkuser tool is reviewable by browsing my contributions to the Wikipedia namespace - the results of most of my checks have been posted to a subpage of Wikipedia:Sockpuppet investigations. As somebody with access already, I have the technical aptitude to use the checkuser tool, and, as a current auditor, I have the sensitivity and knowledge of the privacy and checkuser policies to use the tool with the appropriate discretion.

This is a request to retain access to the checkuser tool after I leave the subcommittee, and an offer to devote the required daily time to this important area. There is a word limit on nomination statements, so I have had to speak briefly and generally, but I am happy to answer questions on any specific areas of interest. Thank you for your consideration.

Standard questions for all candidates
[edit]

Please describe any relevant on-Wiki experience you have for this role.

A: I have been a content contributor for over six years now (and an administrator for five), so I am by now a "seasoned contributor"; this is undoubtedly useful as a general matter, especially when evaluating checks and weighing up the merits of a request for checkuser.

I already have access to the checkuser function. When I joined the subcommittee, I knew probably had the technical knowledge to understand the tool, but I did not ever think that there would be such a workload for the regular users of the tool; nor did I know that I would be able to use it as competently as I can. (I rather imagined I would probably be able to use it just well enough to scrutinise checks and to not break the whole thing.) Now that I have had access to the tool, I know I can be of use; this experience is probably the most relevant thing I can say here.

(Note: The statistics on checkuser use, published to a subpage of WP:AUSC, are updated infrequently, so I am not yet listed there; I imagine I soon will be.) AGK [] 13:21, 26 September 2011 (UTC)[reply]

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

A: I am qualified to the higher, later levels of secondary school in Computing, and I am more familiar with the concepts that relate to user access data than are most laymen. My history of checks have been solid (with the few re-checks I have asked for being concurrent… *knock wood* that I don't mess up my next check now ;)), and I have always asked for a second opinion when I have been unsure of my results. AGK [] 13:21, 26 September 2011 (UTC)[reply]

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

A: I have checkuser and oversight on the English Wikipedia, and an OTRS account with access to the oversight-en-l queue. As part of these roles, I am identified to the foundation. AGK [] 13:21, 26 September 2011 (UTC)[reply]
Questions for this candidate
[edit]

Being a checkuser, would you be willing to help with the Checkuser backlog at WP:ACC as there are usually up to 6 requests waiting about 5 days+? -- DQ (t) (e) 19:24, 26 September 2011 (UTC)[reply]

A: Yes, of course. I have actually already offered to do so, at User talk:OverlordQ, but the ACC interface admin has not been online since my message. AGK [] 21:21, 27 September 2011 (UTC)[reply]

Would you be proactive in looking at the open cases at SPI to see if they could use a checkuser? -- DQ (t) (e) 19:24, 26 September 2011 (UTC)[reply]

A: Yes, and in fact I already am, because I recognise that the clerks are very busy, and that it can speed up the process if the checkusers themselves are actively looking for requests in which CU data has not been requested but might be useful. AGK [] 21:21, 27 September 2011 (UTC)[reply]

You mentioned an SPI backlog, but whenever I look at the page there don't seem to be any cases requiring checkuser attention there. Am I looking in the wrong place? :-) --(ʞɿɐʇ) ɐuɐʞsǝp 19:41, 26 September 2011 (UTC)[reply]

A: As often as not, there are no cases awaiting checkuser data (they would be listed under "Awaiting checkuser"). But very often, there are requests awaiting clerk approval, or even cases that have not included a request for checkuser data, but that would require (or at least could find use for) the input of somebody with CU access. As well as the SPI workload, there is also a lot of use for checkuser data at ACC and at CAT:UNBLOCK. However, our current checkusers work very hard, so there is often not a huge backlog (although there is a sizeable workload); as I am sure you are aware, what is more important is that there are more highly-active checkusers, in order to allow those who run the majority of the checks to not shoulder as much of the burden. AGK [] 21:21, 27 September 2011 (UTC)[reply]

As a CheckUser, you will likely, from time to time, coordinate and communicate with the Stewards. What cross-wiki experience can you bring that can help out not only the Stewards, but editors, administrators, and CheckUsers on other wikis? –MuZemike 21:27, 26 September 2011 (UTC)[reply]

A: From my experience with the tool, most Steward co-ordination takes place on the mailing list, Checkuser-l. Users with CU access on Enwiki can assist the stewards on other wikis by sharing information when needed. If there is an especial need for co-ordination at other venues, I don't think I am aware of it. AGK [] 21:21, 27 September 2011 (UTC)[reply]

In your own words, what are the main differences between the WMF's CheckUser policy and the privacy policy? –MuZemike 21:27, 26 September 2011 (UTC)[reply]

A: The checkuser policy primarily governs the use of the checkuser function, whereas the privacy policy governs the access and dissemination of restricted information (such as IP addresses). There is much overlap between the policies, but essentially the former dictates when the CU tool may be used, whereas the latter dictates when we may access, and in what cases we may release, personally-identifiable data. (Additionally, potential violations of these policies are investigated separately: the CU policy is enforced by the Audit Subcommittee, and the Privacy Policy by the Wikimedia Foundation's Ombudsman Commission.) AGK [] 21:21, 27 September 2011 (UTC)[reply]

Under what circumstances do the above policies give on the release of CheckUser data? –MuZemike 21:27, 26 September 2011 (UTC)[reply]

A: The privacy policy allows the release of checkuser data under the following circumstances: 1) by judicial order (or subpoena); 2) with the consent of the subject of the data; 3) to investigate suspicions of sock-puppetry; 4) where the subject of the data is a rogue web spider; 5) to allow an abuse report to be filed with the ISP of the subject of the data; 6) or in order to "protect the rights, property or safety of the Wikimedia Foundation, its users or the public" (which is simply an emergency provision).

The checkuser policy is more restrictive, and recommends as a general matter that checkuser data is not released. It is as a result of the checkuser policy that users with checkuser access will usually answer "like a magic 8-ball", and that results are generally given only in non-specific terms (eg. "Link between these accounts is confirmed/likely/unlikely", "Users are editing from same region and ISP, so link is likely", and so on). AGK [] 21:21, 27 September 2011 (UTC)[reply]

Give some examples on when CheckUser requests of a sensitive nature or discovered CheckUser results of interest that would not be posted on-wiki. –MuZemike 21:27, 26 September 2011 (UTC)[reply]

A: Off the top of my head, I would imagine that results should not be posted publicly (but instead referred to ArbCom) where they suggest socking by a seasoned contributor and/or a user with restricted access (such as an administrator or functionary). AGK [] 21:21, 27 September 2011 (UTC)[reply]

(relatively minor question, given the circumstances) You were appointed to ArbCom's Audit Subcommittee on September 3, to take over for the now late User:Bahamut0013. Understanding that you have only been in this subcommittee for about 3 weeks, what experience, if any, do you bring from there? I'm not looking for specifics obviously, but general experiences. –MuZemike 21:27, 26 September 2011 (UTC)[reply]

A: At this point, I am probably fully competent in its use (and certainly, I have ran all my checks without issue). The only area in which I am not yet fully competent is the knowledge of which ISPs distribute IP addresses dynamically and which give semi-static or static addresses (although I have picked up the worst offenders); and indeed, I imagine that it would take some months and many checks to fully acquire this knowledge. Therefore, the primary experience that I bring is a full, pre-existing knowledge of how to actually use the tool. Also, coming from a background as an Auditor, I am perhaps more acutely aware than most new CUs of the demands of the privacy policy, and the need to be perpetually evaluating the merits of requests for checkuser at SPI and related processes. The present team is, of course, not to be faulted on this note, and I do not for a moment mean to suggest that any of the candidates would violate the privacy or CU policy if granted access; but I do think that, as a candidate with a background in the AUSC, it is an advantage that I have, since my first day of using the tool, always placed much weight on these policies. AGK [] 21:21, 27 September 2011 (UTC)[reply]

Checkuers are often relied on to determine whether someone is using anonymising proxies to perform their sockpuppetry. Please describe your general experience in this area. Please also describe, preferably with an example, how you (would have) suspected, identified, confirmed, and blocked a socking open proxy on Wikipedia. -- zzuuzz (talk) 17:16, 28 September 2011 (UTC)[reply]

A: A number of tools use honeyproxies to maintain an index of anonymising proxies; these are the easiest option for identifying an open proxy. One could also run a manual check, by opening a manual terminal connection to the address of said suspected proxy, then trying to connect to a web page. If the connection works, then one must ascertain whether the proxy is passing IP information. I would probably use my Chrome extension that allows one to connect through a proxy, and then I would use something like whatismyproxy [dot] com to determine whether the proxy is passing data or not; if it is not, then it is anonymous. I would block with {{Openproxy}} for an appropriate period (proxies can be anonymous for years, can be online for a few days before "closing", or anything in between). One could manually check the proxy using nmap or something similar, in lieu of checking it against an index (which might be useful if the socker is very inventive, and is actively maintaining an open proxy somewhere that is used only for editing WP—and therefore would probably not appear on a honeypot site).

I will not pretend that there are not various, well-written documentation pages for those who are new to, or need a refresher on, OP checking.Wikipedia:WikiProject on open proxies/Guide to checking open proxies explains the process rather much better than I can; open proxy checking for me is a little like the checkuser tool—a lot of puzzling and mulling and digging. It is, however, not something that I find challenging (as I said, I'm more technically adept than the layman), and I am comfortable with the important role it has in the work of somebody with CU access. AGK [] 22:32, 28 September 2011 (UTC)[reply]

Comments
[edit]
Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-b@lists.wikimedia.org
  • Thank you :). I forgot to mention Unblock-en-l; having somebody with the CU tool read e-mails has proven useful, since I re-enabled my subscription a while back. Perhaps… I can tempt you with a free, no-obligation trial subscription…? You can also choose from your choice of free Parker pen or generic cuddly toy! AGK [] 22:27, 29 September 2011 (UTC)[reply]

Courcelles

[edit]

Courcelles (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)

Hello, I'm Courcelles, and I'm applying to retain the checkuser and oversight permissions following the end of my term on the Audit Subcommittee in April of next year. I've been a member of that subcommittee for nearly six months now, and an administrator here for around eighteen. In that time, I've also been semi-active as an operator of both permissions, and am frequently available on-wiki and through IRC to handle requests that come up. If you have any questions, please feel free to ask them.


Standard questions for all candidates
[edit]

Please describe any relevant on-Wiki experience you have for this role.

A: Well, in the six months I've held a CU flag, I've ran a decent number of SPI's, investigated sockpuppets of serial vandals, handled requests at ACC, and participated on the checkuser-l mailing list. Courcelles 21:50, 26 September 2011 (UTC)[reply]

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

A: Well, as I've said before, I'm not a computer professional like some of the candidates, but what I haven't learned professionally, I think I have picked up through experience and lots of reading into various issues over the last few months of using the CU tool. I could already do binary arithmetic, and a lot of the day-to-day things of ranges, ISP behaviour, and user agents are learned by doing, which I have. Courcelles 21:50, 26 September 2011 (UTC)[reply]

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

A: I currently hold the CU and OS flags here as a member of the AUSC. I'm on OTRS, with acccess to oversight-en, info-en, and permissions. Courcelles 21:50, 26 September 2011 (UTC)[reply]
Questions for this candidate
[edit]

Being a checkuser, would you be willing to continue to help with the Checkuser backlog at WP:ACC as there are usually up to 6 requests waiting about 5 days+? -- DQ (t) (e) 19:26, 26 September 2011 (UTC)[reply]

A: I'm never great at remembering to check ACC, but I think I've been willing to take a look every time someone has poked me that there was work needed there. I'm around on IRC, and there's a backlog, just poke me, and I'll come take a look. Courcelles 21:04, 26 September 2011 (UTC)[reply]

Would you be proactive in looking at the open cases at SPI to see if they could use a checkuser after your term ends on AUSC? -- DQ (t) (e) 19:26, 26 September 2011 (UTC)[reply]

A: Of course. The clerk system is a great one at workflow management, but CU's are, and should be, looking at other cases on the SPI page to see if their services would be useful. Courcelles 21:04, 26 September 2011 (UTC)[reply]

As a CheckUser, you will likely, from time to time, coordinate and communicate with the Stewards. What cross-wiki experience can you bring that can help out not only the Stewards, but editors, administrators, and CheckUsers on other wikis? –MuZemike 21:31, 26 September 2011 (UTC)[reply]

A:Well, I'm an administrator on Meta and the Commons, as well as a global rollbacker. I've been somewhat active on the chekcuser-l mailing list and the wikimedia-checkuser channel investigating cross-wiki sockpuppetry, as well as reporting socks, either on small wikis or identified via CU here, to the stewards for global action. Courcelles 22:31, 26 September 2011 (UTC)[reply]

In your own words, what are the main differences between the WMF's CheckUser policy and the privacy policy? –MuZemike 21:31, 26 September 2011 (UTC)[reply]

A: The privacy policy is the overarching policy, and the CU policie is designed to apply the general privacy policy to the pecific case of the CheckUser tool. To say there are any (significant) differences is not something I would agree with, just that the privacy policy has a much bigger focus, covering more types of restricted access and non-publc data than just that accessible through the CU tool. Courcelles 02:05, 27 September 2011 (UTC)[reply]

Under what circumstances do the above policies give on the release of CheckUser data? –MuZemike 21:31, 26 September 2011 (UTC)[reply]

A: Bottom line is that the number of times you can give actual Checkuser data, as opposed to cryptic treasure map answers about your conclusions is fairly limited. Actual raw CU data (which I will define for this answer only as IP's, UA's, or anything derived from the interface, as opposed to answers like {{confirmed}})may only be revealed under subpoena, if the user in question authorises it (and even then, I'd be highly disinclined to post it publicly, as it could compromise another user's privacy in some scenarios), if it is truly and fully necessary to do so to protect the projects, the public, or a user; to file an abuse report with an ISP. The policies allow us to reveal information about web spiders and the like, but is much more, if not entirely, a SysAdmin problem than a CheckUser one. The general overarching rule is that if you must release information, and you rarely have to, keep it as absolutely quiet as you can while still accomplishing what caused the release to be allowable under policy. ANd if you don't absolutely have to, say nothing at all. Courcelles 02:44, 27 September 2011 (UTC)[reply]

Give some examples on when CheckUser requests of a sensitive nature or discovered CheckUser results of interest that would not be posted on-wiki. –MuZemike 21:31, 26 September 2011 (UTC)[reply]

A:Well, as the top of WP:SPI says, any request that involves private information or possible sockpuppetry by an administrator should be breached in e-mail. The converse of course applies, that if a check reveals something either hinting at admin sockpuppetry, or something surprising, alerting other checkusers for advice and double-checking of what you saw on the CU screen either before, or in place of, a public report is best. As we've all seen, sometimes something that looks strange on the CU results screen actually has a perfectly logical explanation that another CU may be able to provide. Courcelles 01:11, 27 September 2011 (UTC)[reply]

In April 2011, you were appointed to ArbCom's Audit Subcommittee. What experiences do you bring from there that would be an asset for you as a full CheckUser? Note that I am not looking for specifics, but more general experiences as a result of your time on the subcommittee. –MuZemike 21:31, 26 September 2011 (UTC)[reply]

A: Well, your third question directly hits against something the AUSC reported on earlier in the year, whether tying an IP to an account was permissible under policy. AUSC work is very much a crash course in everything that functionaries deal with in using these tools, as not only does an AUSC member have to be fully capable of using them (I continue to insist that opining on the validity of a tool's use you don't know how to use is unwise), AUSC members have to be able to determine (though discussion, to be fair) whether certain usages of the tools was legitimate. AUSC members have to learn, quickly, as much as they can about the tools to be any use on that subcommittee, and to internalise the policies related to their use, and what constitutes misuse. Courcelles 02:44, 27 September 2011 (UTC)[reply]

Checkuers are often relied on to determine whether someone is using anonymising proxies to perform their sockpuppetry. Please describe your general experience in this area. Please also describe, preferably with an example, how you (would have) suspected, identified, confirmed, and blocked a socking open proxy on Wikipedia. -- zzuuzz (talk) 17:18, 28 September 2011 (UTC)[reply]

  • My general experience with proxies has been mainly chasing a few sockmasters who use them, so my experience here isn't great. Sometimes, as a checkuser, you already are deeply suspicious of an IP, if an master you know is in one country suddenly appears in the middle of nowhere, for instance, you're going to take a closer look. Also, if XFF data shows up, you're going to look closer. (There are other reasons you might want to run a proxy check, but I'm trying to stay away from WP:BEANS here). Once you dig deeper, you might find the IP or range on a list of proxies, which tells you you're onto something (or see that one of the proxy blocking bots previously blocked it). But that's just an indicator, and at this step, the absence of evidence is not that meaningful. To prove an IP is an open proxy, you really need to connect through it using the browser, either through navigation or changing the proxy settings, if I can di that, it's definitely an open proxy. Given we have a foundational policy against open proxies, if an IP is confirmed as one, it gets hardblocked for a couple months, or longer if it is long-term open. (The blocking is more necessary because the only reason I'm likely to ever check for an open proxy is if there is abuse happening.) Courcelles 14:55, 29 September 2011 (UTC)[reply]
Comments
[edit]
Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-b@lists.wikimedia.org

Elockid

[edit]

Elockid (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)

Hello everyone! I'm Elockid. I've been actively editing Wikipedia since May 2009. Most of what I contribute is statistical data to the encyclopedia. I've also been an SPI Clerk since February 2010 and administrator since April 2010. Being an SPI Clerk, I’m familiar with the CU processes, grounds for checking and what can and can’t be released.

In addition to participating (I still file SPI reports usually for CU assistance) and handling reports at SPI, I help deal with long-term sockpuppeteers such as Sheynhertz-Unbayg (talk · contribs), Polscience (talk · contribs)/Satt 2 (talk · contribs), Grawp (talk · contribs), and MascotGuy (talk · contribs). I also help out with shorter term abusers such as the Ghostface Killah vandal. Also, many of the areas I work with are filled with sockpuppets (contentious areas such as the Indian-Pakistani conflicts), so I have a bit of experience with them.

I have some knowledge regarding ISPs such as the size of the ranges they use, which ones they use, their nature (for example, how dynamic they are), etc. especially those in Northern America (Canada and the U.S.), Western Europe, primarily the U.K. and Italy, South, Southeast, and East Asia and Turkey. I have some knowledge regarding CIDR, the method we use in blocking ranges.

I hope to be of further assistance to those where CU is needed by helping to prevent further disruption such as in situations where a user is quickly evading their block and causing disruption in a relatively short amount of time such as with Jacob Hnri 6 (talk · contribs).


Standard questions for all candidates
[edit]

Please describe any relevant on-Wiki experience you have for this role.

A: I've been an SPI clerk since February 2010. Prior to being a clerk, I was already a regular at SPI. I'm still active at SPI, both reporting sockpuppets (usually for CU assistance) and handling cases. Outside of SPI, I also deal with sockpuppetry. This includes sockpuppetry being reported in places such as the ones that get reported at AIV or ANI/AN. An example is Zealking (talk · contribs). I also deal with sockpuppetry in areas where sockpuppetry is common such as India-Pakistani conflicts/related articles and to some extent, the Arab-Israeli conflict. I also work in areas with long-term abuse sockpuppetry such as with users Wikinger and Karmaisking. Aside from working on sockpuppetry in English Wikipedia, I've also been working with other people from other projects where cross-wiki abuse sockpuppeteers are present such as Polylepsis (talk · contribs).

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

A: I don't hold nor am I working towards a degree in Computer Science. Though I have plenty experience with analyzing data both in real life and in Wikipedia (most of my contributions to the encyclopedia are statistical data). I also have some knowledge in CIDR and have familiarity with different ISPs and places (please see nom). An example of publicly published data that I've worked on can be found at User:Elockid/Notes (IP ranges). I've also been good at analyzing possibilities when there was a conclusion that there was no possibility. The best example is with the Ghostface Killah vandal (please see link in nomination) with comparison to Long term vandal 10 on my notes page. Off-wiki experiences, I again request for CU or Steward assistance (by email or IRC) and get help with finding sleepers and such. One of the reasons I do this is not to publicly report critical evidence that would result in a sockpuppeteer changing their MO.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

A: No for both questions.
Questions for this candidate
[edit]

Being a new checkuser, would you be willing to help with the Checkuser backlog at WP:ACC as there are usually up to 6 requests waiting about 5 days+? -- DQ (t) (e) 19:27, 26 September 2011 (UTC)[reply]

A: Yes, I'd be willing to help out at WP:ACC. Assisting at WP:ACC could help prevent further disruption from sockpuppets, especially ones that try and use the Request an account process to get through a block.

Would you be proactive in looking at the open cases at SPI to see if they could use a checkuser? -- DQ (t) (e) 19:27, 26 September 2011 (UTC)[reply]

A: Absolutely! I still plan on helping out at SPI.

As a CheckUser, you will likely, from time to time, coordinate and communicate with the Stewards. What cross-wiki experience can you bring that can help out not only the Stewards, but editors, administrators, and CheckUsers on other wikis? –MuZemike 21:32, 26 September 2011 (UTC)[reply]

A: I can help by presenting information such as behavioral evidence and what to look for when trying to identify whether an account or IP is a sockpuppet, present any relevant data published locally (such as information published at SPI) or any current reports occurring to other users from other projects. I'm familiar with a number of sockers here and it's not uncommon for them to move from one project to the next. This information coupled with my experience with cross-wiki sockpuppeteers (see above info) could further assist other users in other projects.

In your own words, what are the main differences between the WMF's CheckUser policy and the privacy policy? –MuZemike 21:32, 26 September 2011 (UTC)[reply]

A: WMF's privacy policy primarily deals with who has access to more advanced permissions (Oversight and Checkuser), the kind of data the system collects and why we keep such information and how to handle the data, as in, when and what kind of information can be released. Though the CU policy makes a reference towards the privacy policy such as in the release in data, it goes on to describe when the tool should be used such as in preventing disruption and when it should not be used such as Fishing.

Under what circumstances do the above policies give on the release of CheckUser data? –MuZemike 21:32, 26 September 2011 (UTC)[reply]

A: Release of sensitive data as in the location or the IPs a user has been editing should generally not be done. However, there are circumstances as you pointed out. Examples of those circumstances include but are not limited to are upon request or permission from the user the data pertains to, to protect the Foundation, the users, or the public, assisting in abuse response (private information for ISPs), or requests from law enforcement.

Give some examples on when CheckUser requests of a sensitive nature or discovered CheckUser results of interest that would not be posted on-wiki. –MuZemike 21:32, 26 September 2011 (UTC)[reply]

A: In general, though interesting, any Checkuser results that shows the IPs, the location a user has been editing from on Wikipedia, or other sensitive data should not be posted or reported on wiki especially on high profile pages such as WP:ANI and AN. For example, if User A found some interesting CU results, that should be reported privately through email or IRC (private chat). Any published results such as these should be deleted immediately and oversighted when necessary. Data that would attract attention should not be reported. If for example User B posts sensitive requests that would attract both unnecessary and unwanted attention, then that is something that should not be posted on here. If User B's request is going to cause drama, something we don't any more of, then the request should probably not be posted here also.

Checkuers are often relied on to determine whether someone is using anonymising proxies to perform their sockpuppetry. Please describe your general experience in this area. Please also describe, preferably with an example, how you (would have) suspected, identified, confirmed, and blocked a socking open proxy on Wikipedia. -- zzuuzz (talk) 17:18, 28 September 2011 (UTC)[reply]

A: Sockpuppetry sometimes results with open proxy usage. An example of a sockpuppet I've dealt with that used open proxies was 23prootie (talk · contribs). Here's the method I've used with open proxies. If I suspect an IP or range is an open proxy, I do a search to find whether or not the IP or range in question is an open proxy. Suspicions can arise from the kind of behavior the IP or range exhibits (does it follow a known MO). Blocks, for example, blocks from ProcseeBot (talk · contribs) help me to solidify whether an IP or range is still open. I also consult with other users both publicly and privately to confirm whether or not an IP or range is open. For public discussions, please see Zzuuzz's talk page archives.

Does this edit reflect the way you intend to deal with sockpuppets in the future? Why or why not? Gimmetoo (talk) 17:26, 28 September 2011 (UTC)[reply]

A: It really depends on the circumstance and I handle each sock differently. For this user, he/she has repeatedly made bogus and false claims such as this in which WMF was removing their ban or this in which they claim they're a new user, using disruptive edit summaries that personally attack a user, repeatedly harassing members in the community, causing drama at ANI and AN, and so on. So, per the banning policy and what the community does, reverting any edits this user makes especially on noticeboards is done and whatever they say or write isn't trusted as shown above or is just passed of as sock drama. Reverting is done to help deter the sockpuppeteer from returning and this is my general way of handling banned socks (per banning policy again). For socks that are banned, I delete any pages they make that follow the criteria of CSD G5. However, if another user (non sock) contests the deletion or wants me to restore the page, I have no problems with this. An example of this occurring can be found at User:Elockid#Category:School of Paris. This goes for reverts also.
(Followup) Policy allows you to "revert any edits" by a banned user. Sometimes the edits are beneficial edits, and you can't always be sure an edit comes from a banned editor. Why did you undo the edit linked above, and then why did you not redo it yourself? Was it not a beneficial edit? Gimmetoo (talk) 12:58, 4 October 2011 (UTC)[reply]
Based on technical and behavioral evidence, that was the banned user and other editors seemed to have shared this thought also. For other edits where there are doubts, I do ask for second, third, etc. opinions. I also file SPIs for CU confirmation for that extra piece of evidence. My policy for not undoing banned user edits is more policy based and the edits the banned user has been editing did not follow the criteria of undoing vandalism, removing any information that is potentially libelous such as in BLPs, reverting another banned user (in this case, I'd revert any contributions they've both been editing), or any other policy based edits. Perhaps it was a beneficial edit, but it didn't really go in line with the other policies such as the ones I stated above where an edit a banned user made may be kept. In general, I do share the opinion that even keeping good edits from a banned user may further encourage them to edit. But as I said previously, I won't oppose if some non-sock wants to keep the edit. Also, based on this edit (Jimbo unblocked one of their IPs for the sole reason of talking to them), any sort of encouragements is probably going to lead to further disruption from this user. So I don't really want to participate in encouraging them.
Comments
[edit]
Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-b@lists.wikimedia.org

HelloAnnyong

[edit]

HelloAnnyong (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)

Hey. I'm HelloAnnyong, and I'm offering my assistance to the project as a checkuser.

I've been active as an editor since early 2007, and have been an administrator since September 2010. I've been a sockpuppet investigations clerk for roughly a year now, and in that time have become one of the most active clerks. I've looked at and made judgments on hundreds of cases using both checkuser data and behavioral evidence. As such, I've got quite a bit of experience in analyzing edit patterns, working with rangeblocks and IP geolocation, and so on. I've worked with the checkusers extensively and understand what sort of information the checkuser tool can provide. Additionally I've been involved with the identification and handling of several of the larger and more prolific sockfarms.

I believe I've served my position of SPI clerk well, and will continue to do so in the future. As a checkuser I would be able to assist even further with cases, as well as help in other situations where sockpuppetry issues arise. In terms of availability, I'm around almost every day and can be contacted by email or on IRC.

Standard questions for all candidates
[edit]

Please describe any relevant on-Wiki experience you have for this role.

A: I've been an SPI clerk for more than a year now. As one of the most active clerks there, I've handled hundreds of cases spanning all sorts of issues. I've evaluated behavioral evidence, handled checkuser results, and analyzed edit patterns, particularly when it comes to rather prolific sockfarms. I've built and blocked rangeblocks when circumstances have called for them.

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

A: I hold a bachelor's degree in computer science, and my day job is in that field. I've built several tools on the Toolserver and have extensive knowledge with IP, browsers and user agent strings, CIDR and IP ranges, and so on.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

A: I don't have advanced permissions elsewhere, and I'm not on OTRS.


Questions for this candidate
[edit]

Being a new checkuser, would you be willing to help with the Checkuser backlog at WP:ACC as there are usually up to 6 requests waiting about 5 days+? -- DQ (t) (e) 19:29, 26 September 2011 (UTC)[reply]

A: Sure! I've never really been involved in that domain, but am absolutely willing to help out.

Would you be proactive in looking at the open cases at SPI to see if they could use a checkuser? -- DQ (t) (e) 19:29, 26 September 2011 (UTC)[reply]

A: Yes. I'm still plan to be as heavily involved with SPI as I am now - part of which is looking at open cases to see if a checkuser is warranted. In many cases, I've added a checkuser request when I feel a checkuser would be beneficial.

As a CheckUser, you will likely, from time to time, coordinate and communicate with the Stewards. What cross-wiki experience can you bring that can help out not only the Stewards, but editors, administrators, and CheckUsers on other wikis? –MuZemike 21:34, 26 September 2011 (UTC)[reply]

A: I've not really had much experience on other Wikis. I've done some editing on the Japanese Wikipedia and have been around on Commons for image uploads (and once dealing with a sockpuppeteer), but that's about it.

In your own words, what are the main differences between the WMF's CheckUser policy and the privacy policy? –MuZemike 21:34, 26 September 2011 (UTC)[reply]

A: The privacy policy explains what data is collected, who has access to that data, and under what circumstances that data can be released. By comparison, the checkuser policy explains under what circumstances the tool should be used, who has access to the tool itself, and what sort of data can be released. The privacy policy is more general in its description; the checkuser policy more clearly defines how the privacy policy applies to the CU tool.

Under what circumstances do the above policies give on the release of CheckUser data? –MuZemike 21:34, 26 September 2011 (UTC)[reply]

A: Checkuser data can be released when it is requested from law enforcement, for abuse complaints (including for reports made to ISPs), or when necessary to protect the Foundation. Other circumstances include when a user specifically states to release it, or for technical issues with bots.

Give some examples on when CheckUser requests of a sensitive nature or discovered CheckUser results of interest that would not be posted on-wiki. –MuZemike 21:34, 26 September 2011 (UTC)[reply]

A: I can recall a few times when Checkuser results were withheld due to surprising or unexpected results. For example, if a longterm editor or administrator comes up as possibly being involved, the results aren't divulged. Similarly, checkuser requests involving issues with administrators would probably not be released openly.

Checkuers are often relied on to determine whether someone is using anonymising proxies to perform their sockpuppetry. Please describe your general experience in this area. Please also describe, preferably with an example, how you (would have) suspected, identified, confirmed, and blocked a socking open proxy on Wikipedia. -- zzuuzz (talk) 17:18, 28 September 2011 (UTC)[reply]

A: Admittedly I don't have a lot of experience in rooting out proxies, though I've blocked a few that were confirmed. I know you can use nmap or other tools built on nmap to check for proxies, though I've not used them. I suppose you could suspect an IP of being a proxy if you have a previous history of socking for a particular master, and have a new IP that seems to match the master behaviorally but geolocates to a very different area. You could also just Google the IP to see if it comes up on any lists of open proxies.

First of all, thank you for all your hard work at SPI. As a regular reviewer of unblock requests I have examined a good deal of your work and generally you do a great job. However, I have to ask if you could comment further on the most recent report in Wikipedia:Sockpuppet investigations/The Legendary Ranger/Archive. (note that all blocks have since been overturned by other admins, including myself, who found the behavioral evidence unconvincing.) Beeblebrox (talk) 18:24, 30 September 2011 (UTC)[reply]

Sure. First, this is the first I've heard about the case after dealing with it; no notes were left on there about the unblocks, and I was never contacted about it. Anyway, to the case. I'd point out that all of the IPs geolocate to the same city (New York) and their focus is the NYC train system. I didn't block all four IPs as socks of the master. As I wrote, I think the 128 IP and the master were the same based on behavioral grounds: the 128 IP came out of basically nowhere and, over roughly ten minutes, undid quite a few edits. That doesn't strike me as someone who's particularly new to Wikipedia. The other IPs struck me as also being not new; one of the IPs left a comment on the sockpuppet case without ever having been notified of it, which is fairly suspicious. Perhaps the evidence linking the other IPs is more tenuous, though. I'm not infallible, and everyone makes mistakes from time to time - so if I made a mistake, I'll apologize to the editors. — HelloAnnyong (say whaaat?!) 21:19, 30 September 2011 (UTC)[reply]
Comments
[edit]
Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-b@lists.wikimedia.org
  • HelloAnnyong has been active and displays consistent good judgment in the current role of SPI clerk. Seems like a fine candidate for CheckUser. --Orlady (talk) 14:07, 26 September 2011 (UTC)[reply]
  • In my visits to SPI, I have observed HelloAnnyong to be fairly active and good faith. I don't know this user well enough to make a strong statement of support but I can say that I have no objection at this time. Pinetalk 19:29, 30 September 2011 (UTC)[reply]
  • Already a highly dedicated user in the realm of SPI, knows the ins and outs of it better than most. Answer to my question is satisfactory as well. No objections. Beeblebrox (talk) 21:22, 30 September 2011 (UTC)[reply]
  • I concur with the assessments above. HelloAnnyong seems to be very solid, trustworthy, consistent, and competent in everything that (s)he has done. (S)he has been active, communicative, and informative at ANI whenever SPI incidents come to the fore, and his dedication to doing things not only right, but above reproach is greatly appreciated. I can think of nothing that would tarnish HelloAnnyong's ability to be a similarly outstanding CheckUser. VanIsaacWScontribs 10:46, 1 October 2011 (UTC)[reply]
  • Would hate to lose your clerk work (as you'll probs be running the checks now) at SPI, but I would support you in moving on. -- DQ (t) (e) 18:47, 3 October 2011 (UTC)[reply]
  • From online and offline experience of this user, a fine addition to a strong team. Daniel Case (talk) 02:51, 5 October 2011 (UTC)[reply]
  • Agree with DQ and Daniel Case. A pity how we often lose good clerks to the annoying checkusers :) T. Canens (talk) 04:15, 5 October 2011 (UTC)[reply]

Keegan

[edit]

Keegan (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)

I would like to continue to serve the English Wikipedia as a CheckUser after the my term on the audit subcommittee expires. My work on Wikipedia always has been and always will be back-end maintenance and accountability- something that CheckUser continues to offer me. I've processed SPI cases with diligence to the substance, circumstance, and policy without issue to accept and process or decline requests. I am knowledgeable of the practice and application of the Wikimedia Foundation privacy policy, already serving as an OTRS administrator, English Wikipedia community elected administrator and oversighter, and one of three community selected members of the AUSC. I can be trusted to use the Checkuser tool in a knowledgeable and beneficial way to the English Wikipedia.

Standard questions for all candidates
[edit]

Please describe any relevant on-Wiki experience you have for this role.

A: I've been registered and active on Wikipedia for six years now, and in routine editing, reverting and reviewing vandalism, comparing account behavior and other duties administration takes has seasoned me for processing SPI reports and private reports. I know how to work behavioral evidence and technical evidence to come to the proper conclusion in requests for CheckUser.

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

A:None, really. On the job experience here.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

A: I am one of a handful of Volunteer Response Team leaders (OTRS admin), an English Wikipedia community elected oversighter and a bureaucrat on ten wiki. Ten doesn't count for much :)


Questions for this candidate
[edit]

Being a checkuser, would you be willing to help with the Checkuser backlog at WP:ACC as there are usually up to 6 requests waiting about 5 days+? -- DQ (t) (e) 19:30, 26 September 2011 (UTC)[reply]

A: The ACC team does a fine job. Frankly, I'm unlikely to participate in this aspect of CheckUser. I'm subscribed to unblock-l on an alternate email, and I see the volume it takes for ACC. Unfortunately, I don't quite have the time in the day to fit in another interface between email, Wikipedia itself, and OTRS.

Would you be proactive in looking at the open cases at SPI to see if they could use a checkuser when your term with AUSC committee? -- DQ (t) (e) 19:30, 26 September 2011 (UTC)[reply]

A: This I have been proactive in and will continue to do so. Processing SPI requests is my primary interest, and particularly paying attention to the fact that all endorsements do not mean a check is warranted. It is important read over the evidence and not hop through the hoop.

As a CheckUser, you will likely, from time to time, coordinate and communicate with the Stewards. What cross-wiki experience can you bring that can help out not only the Stewards, but editors, administrators, and CheckUsers on other wikis? –MuZemike 21:35, 26 September 2011 (UTC)[reply]

A: I've gained experience already on the AUSC, being subscribed to the CU mailing list and the CheckUser Wiki. I've familiar with whom to contact with local questions and how different projects interact. Additionally, when I worked for the Wikimedia Foundation last year on Fundraising 2010 one of my jobs was community outreach, working with nearly a hundred different wikis assigned to me (including Commons and Wiktionary).

In your own words, what are the main differences between the WMF's CheckUser policy and the privacy policy? –MuZemike 21:35, 26 September 2011 (UTC)[reply]

A: The CheckUser policy outlines when it is appropriate to gather information. The Privacy Policy covers when and how non-public information can be disclosed.

Under what circumstances do the above policies give on the release of CheckUser data? –MuZemike 21:35, 26 September 2011 (UTC)[reply]

A: Pretty much just user consent- though I would still avoid actually releasing data- and legal compelment. In the case of the former, we don't use CheckUser to prove innocence (it can't). For the latter, legal requests to me are properly referred to certified mail to the Wikimedia Foundation's registered agent.

Give some examples on when CheckUser requests of a sensitive nature or discovered CheckUser results of interest that would not be posted on-wiki. –MuZemike 21:35, 26 September 2011 (UTC)[reply]

A: Nothing beans related, such as discovering a virtual private network, TOR node, or other proxy that is hard to read and could be problematic. Administrators caught socking would be another example, as well as block/ban evasion that is best handled by the Arbitration Committee.

In April 2011, you were appointed to ArbCom's Audit Subcommittee. What experiences do you bring from there that would be an asset for you as a full CheckUser? Note that I am not looking for specifics, but more general experiences as a result of your time on the subcommittee. –MuZemike 21:35, 26 September 2011 (UTC)[reply]

A: Having the experience of already using the tool and how we process it on the English Wikipedia. Basically, it's like I've been to a training camp before coming to tryouts.

Checkuers are often relied on to determine whether someone is using anonymising proxies to perform their sockpuppetry. Please describe your general experience in this area. Please also describe, preferably with an example, how you (would have) suspected, identified, confirmed, and blocked a socking open proxy on Wikipedia. -- zzuuzz (talk) 17:19, 28 September 2011 (UTC)[reply]

A: I'm quite familiar with how proxies work and that they exist outside of TOR. I personally have never bothered to try to use a proxy, but know how they are set up and operate. I'm not sure how to adequately explain general experience other than having checked for proxies in a non-checkuser capacity but as an admin of five years.
As for the second part, I'll be careful to not get too beansy. A great amount of misuse by proxies come from either Anonymous or long-term abusers. UserAgent data (the information our computer sends to every website we visit) from a proxy contains additional data that can be used to match other information from the check when the IPs are vastly unrelated. For detecting open proxies, whatismyipaddress.com/proxy-check does a nice clean job of checking reverse DNS, TOR, and a few other methods. I'm not computer smart enough to run Nmap and understand all of its data, but I do have a couple other bookmarks for online port scans. Overall, open proxies are either quacking or are quite complex to get to the root. Either way the response would be to block and if it's complicated, pass it along with pertinent information to a CU with deep experience in the field. We have several and hopefully a more soon.
Comments
[edit]
Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-b@lists.wikimedia.org

Kww

[edit]

Kww (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)

My main administrative activity on Wikipedia has always been dealing with sockpuppetry in its various forms. I think anyone reviewing my record at WP:SPI will note both my diligence and my accuracy rate. I believe sockpuppetry to be both the most severe and most common form of abuse on Wikipedia. "Severe", because it undermines the basic faith we all need to have that we are actually reaching group consensus, and "common" because I find that in every long term disruption, someone resorts to it in an effort to prevail.

Standard questions for all candidates
[edit]

Please describe any relevant on-Wiki experience you have for this role.

A: As noted above, review my record at SPI. I'm a frequent contributor, and my record at accurately detecting socks speaks for itself.

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

A: I received my Computer Engineering degree over 30 years ago, and have been active in communications and networking ever since. I'm fully technically competent to understand and analyze all data presented to a Checkuser.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

A: No.
Questions for this candidate
[edit]

Being a new checkuser, would you be willing to help with the Checkuser backlog at WP:ACC as there are usually up to 6 requests waiting about 5 days+? -- DQ (t) (e) 19:31, 26 September 2011 (UTC)[reply]

A: Yes, although I would like to gain a better understanding of exactly why the backlog exists. That tends to imply that the checks are more laborious, and the reason for that isn't obvious to me.

Would you be proactive in looking at the open cases at SPI to see if they could use a checkuser? -- DQ (t) (e) 19:31, 26 September 2011 (UTC)[reply]

A: Absolutely. Many users are reluctant to request a checkuser, and their case winds up taking far longer to process than it should.—Kww(talk) 21:27, 26 September 2011 (UTC)[reply]

As a CheckUser, you will likely, from time to time, coordinate and communicate with the Stewards. What cross-wiki experience can you bring that can help out not only the Stewards, but editors, administrators, and CheckUsers on other wikis? –MuZemike 21:36, 26 September 2011 (UTC)[reply]

A: Not much. I have edited on Commons and the Dutch Wikipedia, and communicated with admins on Commons for purposes of tracking puppeteers (Chace Watson was very active on Commons, as well as English Wikipedia]].—Kww(talk) 00:49, 27 September 2011 (UTC)[reply]

In your own words, what are the main differences between the WMF's CheckUser policy and the privacy policy? –MuZemike 21:36, 26 September 2011 (UTC)[reply]

A: Two different, but closely related, topics. The CheckUser policy focuses on who will have access to private data, while the privacy policy focuses on when and how that private data will be collected.

Under what circumstances do the above policies give on the release of CheckUser data? –MuZemike 21:36, 26 September 2011 (UTC)[reply]

A: The release has to be a necessary response to the abuse. The user has to be violating policy and the release has to be necessary to combat the disruption. In general, it isn't necessary to reveal sufficient personal information to allow identification. Linking two accounts, for example, doesn't reveal anything that the user hasn't already revealed, but it's enough to allow dealing with most abuse. In general, it's revealing IP addresses that is considered unnecessary: it's very rarely necessary to release the IP address to combat the disruption.—Kww(talk) 00:49, 27 September 2011 (UTC)[reply]
Just to complete the answer: there are other cases that don't come up much: a valid subpoena, the user in question actually requesting that the information be released; a threat to the rights, property, or safety of the foundation; releasing the information to ISPs and similar entities when vandalism is persistent. The one remaining case in the policy is one I would need to have an example of before I could speak to properly: I'm not sure how a problem with a spider could require release of information to anyone but the owner of the spider.—Kww(talk) 03:55, 28 September 2011 (UTC)[reply]

Give some examples on when CheckUser requests of a sensitive nature or discovered CheckUser results of interest that would not be posted on-wiki. –MuZemike 21:36, 26 September 2011 (UTC)[reply]

A:Checkuser requests against admins are normally dealt with via e-mail.—Kww(talk) 00:49, 27 September 2011 (UTC)[reply]

Checkuers are often relied on to determine whether someone is using anonymising proxies to perform their sockpuppetry. Please describe your general experience in this area. Please also describe, preferably with an example, how you (would have) suspected, identified, confirmed, and blocked a socking open proxy on Wikipedia. -- zzuuzz (talk) 17:19, 28 September 2011 (UTC)[reply]

A: I won't pretend to more experience than I actually have in this area. I understand the theory of proxying, and have dealt with sockpuppeteers that used it. Primarily Brexx, and I discuss his use of proxies here and here. In that case, it was convincing behavioural evidence combined with IP addresses that simply made no sense: a UAE editor editing out of Atlanta. As a checkuser, I would expect to have to learn to deal with technical testing of proxies, and would require help from other checkusers in the beginning. I'm familiar with Procseebot and Torbot, and would expect to use their results to help guide me.—Kww(talk) 23:00, 28 September 2011 (UTC)[reply]
Comments
[edit]
Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-b@lists.wikimedia.org
  • The user claims a record of accuracy. User has in the past misread a faked autoblock request, and used SPI seemingly outside CU criteria. The issue is not simply the mistakes - mistakes happen - but that I haven't seen anything that shows how the user is going to avoid these and related issues in the future. Gimmetoo (talk) 14:35, 26 September 2011 (UTC)[reply]
  • I claimed a record of accuracy, not inerrancy. If you have specifics regarding your belief that I have gone outside CU criteria, I'm interested in knowing examples so that I may discuss them.—Kww(talk) 15:11, 26 September 2011 (UTC)[reply]
Extended discussion
    • Which CU criterion supports using CU on an admin's alt account? Gimmetoo (talk) 15:30, 26 September 2011 (UTC)[reply]
      • F:"Request doesn't fit any of the criteria but you believe a check is warranted anyway". At the time the CU was requested, you had refused to acknowledge the existence of Gimmetoo from the Gimmetrow account, and were simply claiming to be Gimmetrow without providing any evidence whatsoever that you were, indeed, Gimmetrow. You were given explicit permission to unblock the Gimmetoo account from the Gimmetrow account as a method of taking ownership. You were asked to make edits acknowledging the relationship between the two accounts from the Gimmetrow account. You refused to do so. You have, to date, refused to explain your reason for refusing to acknowledge the relationship between the two accounts from your admin account. Eliminating the possibility of admin impersonation is very much a legitimate reason to request checkuser. You have, since that time, demonstrated that Gimmetoo has access to data sent to Gimmetrow, so everyone proceeds on the assumption that Gimmetoo is, indeed, a legitimate alternate. That it was very difficult to come to that conclusion is entirely your responsibility.—Kww(talk) 16:03, 26 September 2011 (UTC)[reply]
        • There are multiple problems with this response. First, at the time the CU was requested - by you - I was blocked with no talk page access, and nobody had tried to contact me before the block without warning. So, did you or did you not think this account was an alt account of an admin? If not, then there was no sock. If so, then it was an alt account, declared as such, and not a sock. But if you thought it was a sock of an admin, CU criteria says to report it to the arb committee. Also, you explcitly threatened me not to unblock with the gimmetrow account. (And, you were WP:INVOLVEd) Your failure to acknowledge or understand any of this doesn't make me more confident. Gimmetoo (talk) 16:24, 26 September 2011 (UTC)[reply]
          • First, note that I did not block either account, and no, I did not believe Gimmetoo to be a sock of an admin. I believed Gimmetoo to be an editor impersonating an admin. My only action on the block was to deny the unblock request. Note, as well, that the very fact that the checkuser was run shows that other people believed my suspicions to be valid and that the checkuser was appropriate. A checkuser is not a robot: it is always the checkuser's responsibility to ensure that the request being made is valid.—Kww(talk) 18:06, 26 September 2011 (UTC)[reply]
            • Really? You really believed this account was an impersonator? Do I need to show diffs where you say otherwise? And yes, you had blocked the account previously and inappropriately, so as far as I'm concerned you were and will forever remain WP:INVOLVEd and barred from administrative action with regards to me. Denying an unblock is an administrative action, and quite a significant one. This all happened over a year ago. You should have just acknowledged now that you messed up back then. You did not and have not, and that means I consider you, at present, unfit for the CU role. Gimmetoo (talk) 18:47, 26 September 2011 (UTC)[reply]
              • If you are referring to the July 30 block, that was for edit warring, and I will stand by that one as well. WP:INVOLVED doesn't say "once an admin blocks an account, he can never take administrative actions against that account again". At that time, I wasn't aware that Gimmetrow was refusing to acknowledge the existence of Gimmetoo. That came up at later at ANI, and I based later actions upon later knowledge. Most of the back and forth is here for people that are interested. I don't believe that I messed up in either case. I'm sorry that you still don't seem to recognize that your own refusal to acknowledge the Gimmetoo account from the Gimmetrow account was the primary cause of the problem. Even when I offered you a way out (by e-mailing something to Gimmetrow for Gimmetoo to say), you wouldn't do it until directly asked at ANI. I still don't understand why you were so determinedly uncooperative.—Kww(talk) 19:03, 26 September 2011 (UTC)[reply]
                • If people want communication and cooperation, then they should start with that, and not "block first and ask questions later" without a basis in policy. You're old enough to understand human nature. Yes, you blocked me - who you were well aware was an admin - for "EW" for removing improperly sourced and verifiably false information from a biography of a living person. I do think that once an admin makes an inappropriate block, and especially when that admin refuses to acknowledge it, that admin has a COI with regard to further administrative actions about that editor. Gimmetoo (talk) 19:58, 26 September 2011 (UTC)[reply]
                  • To me this looks like sour grapes. I'm much more interested in the opinions of disinterested parties, rather than those with reason to bear a grudge. Jehochman Talk 12:41, 4 October 2011 (UTC)[reply]
                    • I'm more interested in the opinions of people who support Wikipedia policies, rather than those who (for instance) use or support the use of admin tools to retain poorly sourced and verifiably false information in a biography of a living person. This user still defends that action. That alone should give pause, but Kww has also misread an autoblock notice, filed a false SPI, supported the silencing of an editor without basis in policy, and has edit-warred to remove verifiable information from an article. Kww defends all those actions. That's too many problems, and that's just from a sample size of 1. How many editors have disappeared due to Kww that we don't know about? Based on past experience with this user, I don't trust this user with privileged "checkuser" blocks. I also don't trust this user with access to private data. Gimmetoo (talk) 12:50, 4 October 2011 (UTC)[reply]
  • Kevin has, in my opinion, shown an outstanding ability to do the right thing (per rules etc.) rather than the thing he'd prefer. I've by no means watched all of his admin actions, but those I do run across I've felt have been of very high quality. This from someone who opposed him at RfA at all but his last one. Good guy, I trust him. Hobit (talk) 17:30, 26 September 2011 (UTC)[reply]
  • I want to head this off before it even starts. We are not the same user, despite our names looking somewhat similar (this was brought up at least once in the past, only bringing this up again since it's for CU access). Kwsn (Ni!) 18:22, 26 September 2011 (UTC)[reply]
  • I support Kww, especially on the issue of CU/SPI. I have known his work for a few years now and I completely agree with Hobit on the subject of removing his personal beliefs or interests from the decision making process. Protonk (talk) 02:14, 28 September 2011 (UTC)[reply]
  • Support per Hobit. Kww tends to adhere strictly to formal rules which is desirable in a checkuser. He is a fine candidate. Eluchil404 (talk) 23:20, 29 September 2011 (UTC)[reply]
  • Thanks for your dedicated work to SPI and I wish you luck. :) -- DQ (t) (e) 19:10, 3 October 2011 (UTC)[reply]
  • I think Kww will be a great addition to the CU team. For personal characteristics, the fact that even Hobit (pretty much on the other side of the inclusion-delection ideological spectrum) supports him is telling; there really is no question about his experience in SPI-related matters. T. Canens (talk) 04:18, 5 October 2011 (UTC)[reply]
  • I've had a number of disagreements with Kww over what does or does not constitute a promotional link, or indicate promotionalism more generally. But none of that affects CU, so I wanted to come here to say that I strongly support his application--I admire his SPI work in general and with this tool he will be able to help us considerably. DGG ( talk ) 01:57, 9 October 2011 (UTC)[reply]

Mentifisto

[edit]

Mentifisto (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)

Hi! I have considered applying for the checkuser tool on the English Wikipedia, as it would serve most useful. As part of my global steward work I encounter vandals, often recurrent potential socks, from across all languages and projects; this wiki, being the largest, inevitably gets the most activity. As such, I was regularly having the need to consult local checkusers, primarily to verify the presence of sleepers.

I utilize checkuser for mostly the same reason on simplewiki, although to a lesser degree (most disruption tends to aggregate here). In that position and as a steward I am already identified, and have been following the relevant (privacy) policies - therefore I feel that that won't be a problem here.

Thanks.

Standard questions for all candidates
[edit]

Please describe any relevant on-Wiki experience you have for this role.

A: For the past half a year I've assisted, along with the rest of the steward group, with mostly routine vandal sockpuppetry. I do not normally handle the most intricate cases, but checkuser could still be useful for blatantly obvious vandals (whose names I think will be better omitted). The editing patterns and behaviours may be easy to determine in such cases, but it's usually even more destructive than other sockpuppetry (especially one case that affects public perception greatly).

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

A: I have a personal interest in computer networking, which has helped me in my work on wikis. I became more familiar with the checkuser tool ever since I could first use it in an active wiki environment, on simple, and more so since using it routinely as a steward (although, there it is mostly used just for finding out vandals' IPs for global blocking). I do have a basic knowledge of CIDR, but I'm still in the process of understanding all of the mathematics concerning it. Otherwise, I do know how IPv4 mostly works.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

A: Steward, checkuser on Simple English Wikipedia, and bureaucrat on Meta. I have access to the info-en, permissions, photosubmissions, and stewards queues (mostly work on info-en).
Questions for this candidate
[edit]

Being a new checkuser (to enwiki), would you be willing to help with the Checkuser backlog at WP:ACC as there are usually up to 6 requests waiting about 5 days+? -- DQ (t) (e) 19:33, 26 September 2011 (UTC)[reply]

A: I would be willing if I'm knowledgeable and confident enough about the cases, but as I'm not very familiar with ACC I will probably require some time, I must admit.

Would you be proactive in looking at the open cases at SPI to see if they could use a checkuser? -- DQ (t) (e) 19:33, 26 September 2011 (UTC)[reply]

A: For now, until I'm more certain about specific cases, I plan to use checkuser (as mentioned above) more as an assistance to my steward work, in a similar manner as I do now on small wikis with no checkusers (and just like in my requests to current checkusers). But, if in the future I naturally end up investigating the persistent cases (this tends to happen as I learn more about cross-wiki ones) I will be proactive in aiding with the day-to-day backlog at SPI - hope that's acceptable.

As a CheckUser, you will likely, from time to time, coordinate and communicate with the Stewards. What cross-wiki experience can you bring that can help out not only the Stewards, but editors, administrators, and CheckUsers on other wikis? –MuZemike 21:37, 26 September 2011 (UTC)[reply]

A: Well, as a steward I've already spent some time editing in different environments on other wikis, and I'm aware of the importance of collaboration. I've frequently asked functionaries on other wikis for help with cross-wiki problems (as we need to rely on locally active users, if they're available, especially if we lack knowledge of the language).

In your own words, what are the main differences between the WMF's CheckUser policy and the privacy policy? –MuZemike 21:37, 26 September 2011 (UTC)[reply]

A: The checkuser policy specifically tackles the usage of the checkuser tool, what is acceptable or not, while the privacy policy handles all the privacy implications that usage of the checkuser tool, or oversight might have.

Under what circumstances do the above policies give on the release of CheckUser data? –MuZemike 21:37, 26 September 2011 (UTC)[reply]

A: These circumstances rarely occur, and no information should be released at any other time, but generally if the foundation receives a subpoena, or if ISPs could be willing to prevent abuse of their services (if their clients are disrupting wikis), information can be released to the relevant people. Mostly these are exclusively legal circumstances, but others allow release if the users being investigated give their consent.

Give some examples on when CheckUser requests of a sensitive nature or discovered CheckUser results of interest that would not be posted on-wiki. –MuZemike 21:37, 26 September 2011 (UTC)[reply]

A: Generally, as above, the actual checkuser results should not be published on-wiki, but they could be discussed on the mailing list etc. In circumstances where a long-term established user is found to be a banned user, the case is referred to the Arbitration Committee.

Checkuers are often relied on to determine whether someone is using anonymising proxies to perform their sockpuppetry. Please describe your general experience in this area. Please also describe, preferably with an example, how you (would have) suspected, identified, confirmed, and blocked a socking open proxy on Wikipedia. -- zzuuzz (talk) 17:20, 28 September 2011 (UTC)[reply]

A: I've dealt with quite a few open proxies, especially on simplewiki. I think the most basic way to identify one, and what normally proves reliable is simply to try to access the IP through HTTP, as OPs often seem to have web servers installed (either for the control of the proxy itself or for some obscure private usage). Other than that, if that fails or more accuracy is desired (especially with regards to what other ports are potentially open) a port scanner could be used. There are also various lists online that compile such IPs that may be used for confirmation.
Other than that, the checkuser results may attempt to check for some proxies by using XFF data.
Comments
[edit]
Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-b@lists.wikimedia.org
It's admittedly disappointing that I'm the only one who got no feedback or commentary here, and at the very least frustrating, as I always try to invite feedback and never (to my knowledge) reacted negatively to anything that has been said in the past few years.
As I wrote in my editor review (not that I expect anyone to remember about that from so long ago), I can only improve by taking into account people's concerns. If there weren't any 'approvals' in this nomination, then logically some people must have had concerns, or perhaps doubts (I'm very doubtful myself about a lot of things! Though, mostly things that are of a philosophical nature.) Even if the expression of such doubts is a meta-reflection on that very state - I think that could still be better than nothing.
I am expressing this myself, of course, with the view that Wikipedia isn't some solipsistic universe-system that is merely a fragment of my dreams, and the lack of commentary stemming from the fact that I cannot, ultimately, comment with any sort of objectivity about myself. But, if that was true then all existence would probably self-destruct in about... now. (Due to excessive self-analysis.) :-P
But seriously, for anyone who is possibly reading this: please don't hesitate to say what concerns you may have, maybe next time. Thank you. -- Mentifisto 18:03, 14 October 2011 (UTC)[reply]

WilliamH

[edit]

WilliamH (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)

I'm Will and I have been an editor for 5 and a half years, an admin for 3, and have OTRS access. I live in GMT/BST. I am offering to be a CheckUser because I believe I can assist in this area. I understand how CheckUser works, what it may and may not be used for, and what’s beyond its scope. I can easily be reached, and am frequently available in IRC, often at odd hours. I am over 18 and already identified to the foundation.

information From candidate: I am currently packing for a flight tomorrow. I look forward to getting stuck into these questions once I have reached my destination. WilliamH (talk) 21:29, 26 September 2011 (UTC)[reply]

information From candidate: I have reached my destination, thanks for your patience. I'm on holiday, but will do my best to be timely. WilliamH (talk) 23:54, 28 September 2011 (UTC)[reply]
Standard questions for all candidates
[edit]

Please describe any relevant on-Wiki experience you have for this role.

A: Considering that CheckUser can only provide technical information, I believe that my prosaically motivated mind, well-versed in dealing with controversial subjects, lends itself very well to scrutinising editors potentially abusing multiple accounts, such as in their arguments and idiosyncrasies, as well as considering when a check is warranted. Unsurprisingly given my experience dealing with difficult subjects, there have been instances of suspect behaviour in protracted disputes where CheckUser was necessary, and yet at the other end of the spectrum, I've got no problem calling an account a duck if it looks and quacks like one. I do keep tabs on SPI and I've also dealt with large coordinated vandalism raids. WilliamH (talk) 23:54, 28 September 2011 (UTC)[reply]

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

A: In addition to considering WHOIS and geolocation information and understanding rangeblocks, I was a voluntary assistant manager to MSN's official community for teenagers before MSN Groups was disbanded, prior to me editing Wikipedia and Wikimedia subjects. In my role, I was permitted to run a bot in the IRCx based chat room and was thus privy to the list of IP addresses and ranges banned for unacceptable conduct, and could adjust it accordingly. Occasionally I would have to forward an IP to MSN's Head Office, as well as send screenshots of particularly abusive behaviour. WilliamH (talk) 23:54, 28 September 2011 (UTC)[reply]

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

A: I have OTRS access to info-en, Junk, Junk (non-spam) and permissions. WilliamH (talk) 23:54, 28 September 2011 (UTC)[reply]


Questions for this candidate
[edit]

Being a new checkuser, would you be willing to help with the Checkuser backlog at WP:ACC as there are usually up to 6 requests waiting about 5 days+? -- DQ (t) (e) 19:34, 26 September 2011 (UTC)[reply]

A: Yes. I'm always willing to take a look at something. I think many people on IRC would agree with that. WilliamH (talk) 23:56, 28 September 2011 (UTC)[reply]

Would you be proactive in looking at the open cases at SPI to see if they could use a checkuser? -- DQ (t) (e) 19:34, 26 September 2011 (UTC)[reply]

A: Definitely. As I said, I do keep tabs on SPI, and whether as a CheckUser or an editor, I'll always be willing to offer my perspective. WilliamH (talk) 23:56, 28 September 2011 (UTC)[reply]

I see your also running to become a steward, do you think you could be taking on too much at once right now? (obviously you don't have to give details) -- DQ (t) (e) 19:34, 26 September 2011 (UTC)[reply]

A: No, I don't feel that way and there isn't really anything more to add to that. At any rate, I felt like I could be a good Steward. I wasn't particularly optimistic given my small amount of cross-wiki contributions, but I was encouraged to run by a few people that I've had varying amounts of correspondence with, but are at the least familiar with what I do on Wikipedia, and perhaps more importantly, the manner in which I do it. WilliamH (talk) 23:56, 28 September 2011 (UTC)[reply]

As a CheckUser, you will likely, from time to time, coordinate and communicate with the Stewards. What cross-wiki experience can you bring that can help out not only the Stewards, but editors, administrators, and CheckUsers on other wikis? –MuZemike 21:37, 26 September 2011 (UTC)[reply]

A: As previously hinted, I wouldn't describe myself as the most prolific cross-wiki contributor. However, I speak German to de-3 and Italian to it-1. I can read basic Dutch and French, and a few other Romance/Germanic languages at a very basic level. I am very confident when it comes to navigating my way across other projects, and can always find what I want. Liasing with other Stewards is no problem. (Being a native English speaker that has proficiency in a language other than English means I’m often considered a bit of a curiosity.) WilliamH (talk) 00:21, 30 September 2011 (UTC)[reply]

In your own words, what are the main differences between the WMF's CheckUser policy and the privacy policy? –MuZemike 21:37, 26 September 2011 (UTC)[reply]

A: I see that the Privacy Policy is an umbrella under which the CheckUser policy falls, namely that the CheckUser tool must treat derived user data in accordance within the Privacy policy. WilliamH (talk) 00:21, 30 September 2011 (UTC)[reply]

Under what circumstances do the above policies give on the release of CheckUser data? –MuZemike 21:37, 26 September 2011 (UTC)[reply]

A: Such circumstances are few and far between, but the policy on the release of data is quite clear. They are a 1) legitimate subpoena (Freedom of Information requests do not apply), 2) with the permission of the affected user, 3) investigating abuse of multiple accounts, 4) concerning the data collected by a web crawler and its “dissemination is necessary to illustrate or resolve technical issues”, 5) in order to substantiate a complaint to an ISP or assist in the targeting of IP blocks in cases of chronic vandalism/abuse, and 6) a general provision allowing for the reasonable protection of “the rights, property or safety of the Wikimedia Foundation, its users or the public.”
As for CheckUser policy, I think that a Magic 8-Ball is a good summation. I believe it is a prerequisite to respect privacy where it is possible to do so, and that still goes for cases of multiple accounts being used abusively. CheckUsers should block the IPs of sockpuppeteers discretely, and obviously do not reveal IPs when linking accounts. My view and how I would act here is: be frugal, and do not reveal any more than is necessary. WilliamH (talk) 00:21, 30 September 2011 (UTC)[reply]

Give some examples on when CheckUser requests of a sensitive nature or discovered CheckUser results of interest that would not be posted on-wiki. –MuZemike 21:37, 26 September 2011 (UTC)[reply]

A: An obvious example is the correspondence and results concerning sockpuppetry by an administrator. I would also be inclined to say that anything relating to sensitive IP addresses is also best handled off-stage. In general, I think that controversy should be handled professionally and tactfully, and that drama should not be an inherent part of dealing with controversy. I personally dislike drama because it detracts people from what we’re here to do: build a great encyclopedia. WilliamH (talk) 00:21, 30 September 2011 (UTC)[reply]

Checkuers are often relied on to determine whether someone is using anonymising proxies to perform their sockpuppetry. Please describe your general experience in this area. Please also describe, preferably with an example, how you (would have) suspected, identified, confirmed, and blocked a socking open proxy on Wikipedia. -- zzuuzz (talk) 17:20, 28 September 2011 (UTC)[reply]

A: I would prefer to understate than overstate the small amount of experience I have in this area on Wikipedia, but I do understand proxying and its use by vandals and sockpuppeteers to circumvent sanctions (although not everyone uses a proxy for purposes detrimental to Wikipedia), and I believe I have a sound understanding of how to identify them.
Obviously first of all, I would have to have reason to suspect that an IP is a proxy. For example, if a proponent of a contention or argument, or a certain style of vandalism is from a known country or ISP, and then another IP randomly chimes in doing the same thing from a different country, then that would definitely rouse my suspicions. I would Google the IP and scrutinise the results. I've got years of experience sifting through search engine results looking for obscure books and other publications based on their ISBN number, so looking for a potential means of access based on an IP address would be effortless for me. Then I would try to connect to the proxy and visit a website such as whatismyipaddress.com. Also, previewing my signature on Wikipedia would be conclusive. WilliamH (talk) 00:21, 30 September 2011 (UTC)[reply]
Comments
[edit]
Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-b@lists.wikimedia.org
  • I have concerns about the long period of inactivity. While I certainly understand that real life often interferes with on-wiki activity, the point of these appointments is to find people who can actually commit the time to doing the work for some time to come. The recent inactivity period does not give me confidence that WilliamH will be able to do so. T. Canens (talk) 04:23, 5 October 2011 (UTC)[reply]


Oversight

[edit]

Courcelles

[edit]

Courcelles (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)

Hello, I'm Courcelles, and I'm applying to retain the checkuser and oversight permissions following the end of my term on the Audit Subcommittee in April of next year. I've been a member of that subcommittee for nearly six months now, and an administrator here for around eighteen. In that time, I've also been semi-active as an operator of both permissions, and am frequently available on-wiki and through IRC to handle requests that come up. If you have any questions, please feel free to ask them.


Standard questions for all candidates
[edit]

Please describe any relevant on-Wiki experience you have for this role.

A: Well, I've wielded the suppression tools as needed for the last six months, and the revision delete one for about a year longer than that. I personally don't think counting logged actions means much, but I have made fairly substantial use of both tools in the time I've had access to them. Courcelles 22:10, 26 September 2011 (UTC)[reply]

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

A: Oversight, unlike Checkuser, is a technically simple tool. Any admin that has operated the Revision Delete tool will be able to pick up the mechanics of it inside ten minutes. Oversight is all about knowing what should, and what should not be, suppressed. I think I've picked this up in my 18 months of sending OS requests in, and six months of handling them myself, reading oversight-l, oversight OTRS tickets, and reviewing other usage of the OS tool in my capacity as a member of the AUSC. Courcelles 22:10, 26 September 2011 (UTC)[reply]

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

A: I currently hold the CU and OS flags here as a member of the AUSC. I'm on OTRS, with acccess to oversight-en, info-en, and permissions. Courcelles 22:10, 26 September 2011 (UTC)[reply]
Questions for this candidate
[edit]
Comments
[edit]
Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-b@lists.wikimedia.org

Fluffernutter

[edit]

Fluffernutter (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)

I would like to nominate myself for the position of Oversighter. I’m an experienced Wikipedian of more than 3 years’ tenure. I am a new administrator (I was promoted in August 2011, with unanimous support). I have a history of calm, reasoned actions and good judgment, and have never had any objections to my use or request of revdelete, or had any oversight requests declined.

Standard questions for all candidates
[edit]

Please describe any relevant on-Wiki experience you have for this role.

A: As I noted in my nomination statement, I am a fairly new admin, so my in-practice experience in actually carrying out revision deletions is more limited than some other candidates' might be. I have 52 logged revision deletions since I became an administrator (according to the latest dump on WP:LOGACTIONS), none of which have, to date, been disputed. I also have placed a fair amount of oversight requests (both before and after being promoted), all of which, to my knowledge, have been acted upon. I regularly use Huggle, which brings me in contact with oversight-able vandalism and new pages fairly often.

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

A: To be truthful, my general answer to “what technical expertise do you have” is “not much”. I’m computer-savvy and have a good intuitive sense of interfaces, but mostly I just have quite a lot of experience being calm and methodical, in general, and learning new tasks quickly. I have (somewhat limited, by virtue of being a new admin) experience with operating revdel, and I believe I’ve used it appropriately. It appears that the oversight tool front-end works very much like the revdel tool, so I believe the learning curve there shouldn’t be too steep.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

A: I don't hold advanced permissions on any other project. I do have OTRS permissions, with full info-en access.


Questions for this candidate
[edit]
  • As a relatively new administrator, have you gained any experience in dealing with the type of material that oversight handles, either through revdeleting or requesting oversight yourself. Can you describe said experience (without revealing details of course) and how it has aided you in understanding Wikipedia's privacy policy? Beeblebrox (talk) 16:56, 26 September 2011 (UTC)[reply]
A: As I noted in my answer above, I have had experience requesting and carrying out revision deletion, and with requesting oversight. Since my promotion, I've become more comfortable with making final judgments for myself about whether a revision needs to be hidden under the revision deletion criteria, and I actually find the oversight criteria to be more straightforward than the revdel criteria. I suspect this is because oversight is pushing the boundaries of our privacy and history-keeping policies, and the closer you get to the edge, the more confidence you need to have in any action taken that pushes those boundaries. Revision deletion criteria can be a bit fuzzier (whether something is "purely disruptive" or "grossly insulting" is left to the individual admin to determine, essentially), but oversight has firm criteria which set a definite line in the sand.
  • How much Experience would you say you have with the revision delete tools as an admin? (And of course this is an opinion question, more like do you feel fully comfortable using it) -- DQ (t) (e) 19:42, 26 September 2011 (UTC)[reply]
A: To regurgitate numbers for you, I have, as of the last database dump, 52 logged revision deletions. A modest number, yes, but I feel my experience is fairly wide in general, when you take into account pre-admin requests, post-admin actions, and issues that I've discussed with other admins and oversighters.
A: Numerically, I'm at a disadvantage, but I've never been a numbers player, quite frankly. I will never be the most active at anything, and I will never rival the astronomical log lengths of some other administrators. I think that my strength lies in my methodical, thoughtful approach to admin actions and my willingness to consult other trusted users on issues that I find to be outside my experience. I don't take hasty actions on the basis of "well, this might be ok"; I think about what I'm doing before I do it. This doesn't mean that I can't or don't act quickly when it's necessary, but it does mean that I strive to not act hastily.
Comments
[edit]
Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-b@lists.wikimedia.org
  • I reluctantly have to oppose Fluffernutter's appointment for now. I believe (s)he is a competent and promising administrator who is a serious asset to the project. The problem is one of experience - more specifically discovering what kind of admin Fluffernutter is going to become. Fluffernutter's activities over the last month or so of adminship show someone still trying to gain their footing after jumping in to a successful RfA, and I don't know where exactly (s)he is going to make their landing.</metaphor> I think in six months, they'll probably be a shoe-in, but I'd like to see more history before I can be sure. If we could postpone the appointment review until wintertime, I think we would have a much better idea of what kind of an admin we are working with here. VanIsaacWScontribs 09:19, 30 September 2011 (UTC)[reply]
  • I am satisfied both with the answer to my question and with the candidate in general. Sure 50 revdeletions isn't a ton, but generally if you've done something 50 times and not caused any serious problems, you've probably got a solid handle on it. As the candidate noted, suppression is just a high powered form of revdelete with stricter standards for implementation. I'm confident that in this case we've got someone who can work within those standards. Word of advice should you get in: when in doubt, leave it for someone else or discuss it on the mailing list, especially during your first few weeks. Beeblebrox (talk) 18:01, 30 September 2011 (UTC)[reply]
  • At this time I must oppose because I believe that Fluffernutter needs more time to earn the trust in his or her very new admin role before trying for another leadership position. In six months or a year, if Fluffernutter demonstrates that he or she can handle the responsibilities and workload of being an admin, then we can consider assigning additional responsibility. Pinetalk 19:36, 30 September 2011 (UTC)[reply]
Where did you get the idea that oversight is a "leadership position"? It's an extra tool that is used as quietly and as infrequently as possible and seldom if ever discussed openly on Wikipedia. There's is nothing remotely related to leadership involved. Beeblebrox (talk) 20:50, 3 October 2011 (UTC)[reply]
You may choose to define the term differently. Pinetalk 08:45, 5 October 2011 (UTC)[reply]
Someone else had a question on my comment so I'll reply more extensively. The way I'm looking at this is that OS involves shapes the community's level of vision into the events on WP. Also, any user with special permissions has abilities to make changes in a way that will affect users who cannot override the user with special permissions. Perhaps a better word choice would have been for me to say, "additional responsibilities and special permissions." Pinetalk 22:36, 5 October 2011 (UTC)[reply]
  • I'm going to have to go directly against Pine here. OS is pretty invisible; the flag itself confers no extra authority (and a lot of extra work!) All that matters is that the candidate is discreet and has good judgement under pressure. From what I've seen of Fluffernutter's work, she fits the bill. From experience (granted, on a much smaller project), the wobbles of the first two months of adminship or so are not because of poor judgement but a lack of confidence. That comes with time, but I'd much rather have as a 'sighter an admin who is always ready to double-check an action than one who sees it as a "leadership position" and thinks they can't do any wrong. sonia05:19, 4 October 2011 (UTC)[reply]
I think that's the concern, whether 'nutter is going to evolve into someone who believes they can't do any wrong, or whether they will always be ready to double-check their actions. Right now, we just haven't been able to see where (s)he'll settle on that spectrum. VanIsaacWScontribs 13:47, 4 October 2011 (UTC)[reply]
  • In my rush to finish commenting the other day, I forgot to comment here to say Fluffernutter would be an excellent choice to add to the O/S team and i've seen great work through OTRS, IRC and onwiki. -- DQ (t) (e) 10:53, 5 October 2011 (UTC)[reply]
  • I have no issues with Fluffernutter; I would prefer for prospective oversighters to have slightly more tenure as an administrator though. JORGENEV 17:49, 5 October 2011 (UTC)[reply]
  • I'm not worried about Fluffernutter experience, remember Elen of the Roads had about the same amount of tenure as an administrator when she got elected to ArbCom last year. Being highly trusted is what matters, and she has proven that. Secret account 03:30, 6 October 2011 (UTC)[reply]
  • Though Fluffernutter only recently became an admin, she could if she had been willing become one much earlier. She had unanimous support from the unusually high number of 152 editors, and her work since then has shown the expected ability to learn quickly. Some new admins have made rather a mess of their first few actions, but I wouldn't say this of her--she's done as well as any admin could be expected to do. I'm sure she'll learn equally quickly here, & I completely trust her integrity and judgement. DGG ( talk ) 02:03, 9 October 2011 (UTC)[reply]

WilliamH

[edit]

WilliamH (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement (250 words max.)

Hi again. In case you missed it, I’m Will and I have been an editor for 5 and a half years and an admin for 3. I live in GMT/BST and have OTRS access. I’d like to offer assistance as an Oversight because I believe that my nature and experience would be only advantageous to Wikipedia in this role, and it would be a pleasure to assist the good work the Oversight team already do. I have the utmost respect for privacy. As previously stated, I am frequently available, often at odd hours. I am over 18 and already identified to the foundation.

information From candidate: I am currently packing for a flight tomorrow. I look forward to getting stuck into these questions once I have reached my destination. WilliamH (talk) 21:31, 26 September 2011 (UTC)[reply]

information From candidate: As mentioned, I have reached my destination and have been working through questions as best as I can. WilliamH (talk) 00:59, 1 October 2011 (UTC)[reply]
Standard questions for all candidates
[edit]

Please describe any relevant on-Wiki experience you have for this role.

A: I've been an admin for three years and inevitably have had experience requesting Oversight. In particular, I am a helper and operator in #wikipedia-en-help, where a perennial issue is helping new and inexperienced users with their first edits/articles. This combination understandably results in the manifestation of edits that should be suppressed. WilliamH (talk) 00:59, 1 October 2011 (UTC)[reply]

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

A: One of the most pertinent things I can put forward is that I have a proven legacy of several years never having violated the privacy of any of the Wikipedians I know in real life, but as mentioned, I was a voluntary assistant manager to MSN's official community for teenagers before MSN Groups was disbanded, prior to me editing Wikipedia and Wikimedia projects. Given the nature of this community, there were instances where individuals posted sensitive material about themselves that had to be removed in the forums, either because they wished it to be removed, or because it had to be removed per policy or the law. As an example, sometimes it would be people who had been outed by an angry ex-boyfriend or girlfriend, and their details had to be removed. Material seldom had to be redacted, but when it did, the scope for doing so was virtually identical to Oversight policy here.
I have also worked for a couple of local schools, employed by the local county authority and cleared by the UK Home Office's Criminal Records Bureau. If I had disseminated the information I had access to, I would've lost my job very quickly indeed. WilliamH (talk) 00:59, 1 October 2011 (UTC)[reply]

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

A: I have OTRS access to info-en, Junk, Junk (non-spam) and permissions. WilliamH (talk) 00:59, 1 October 2011 (UTC)[reply]


Questions for this candidate
[edit]
  • How much Experience would you say you have with the revision delete tools as an admin? (And of course this is an opinion question, more like do you feel fully comfortable using it) -- DQ (t) (e) 19:43, 26 September 2011 (UTC)[reply]
  • You have only logged one action with RevDel according to WP:ADMINSTATS; why do you think you have the experience and the technical aptitude required to be an oversighter?
A: I'll answer both of those questions in one since they overlap, and I think that User:DeltaQuad touches on what I think is most relevant.
The expertise for oversighting edits is minimal, on par with blocking in my opinion. Admins cannot have had previous experience with blocking before being inaugurated, and Oversighters were obviously appointed before RevisionDelete was enabled for administrators in 2010. So I think that the technical aptitude aspect is a bit of a misnomer and yes, I feel comfortable using it.
As for experience, to me this translates as understanding: knowing what should and shouldn't be oversighted. For your consideration, I offer the sort of requests where I anticipate issuing a suppression, namely and mainly disclosures of non-public personal information in various contexts, for example (and not exhaustively) a) accidentally, where a logged-out editor makes an edit in such a way that his IP is linked to his account, b) good faith, where a user acting in good faith and perhaps unaware at the time of the consequences of their actions submits something like a home or work address, and c) in bad faith, where an editor outs another editor. Since first requesting Oversight over 2 and a half years ago, I reckon I have a pretty solid understanding of its scope. WilliamH (talk) 00:59, 1 October 2011 (UTC)[reply]
  • Looking at your contributions, it seems that the majority of your activity was back in 2008 and early 2009, and then you were inactive (or almost inactive) until July this year. Is this a fair interpretation of the statistics, and if so, would you mind telling us (without going into any detail you're not comfortable with) why you were inactive for so long and whether you think you'll have sufficient time to undertake this role in future?
No problem. I wouldn't say it was a completely accurate interpretation. There is the aspect of real life, which I can't expect anyone to edit exclusively away from. I tried to keep things ticking over and many of my contributions do not leave a paper trail, such as assisting users in IRC and checking deleted contributions. Additionally, in terms of content building, I do not tend to make incremental edits on wiki, but write in Wordpad and preview my work, which often results in large edits seemingly out of nowhere.
Real life circumstances did not lend themselves to contributing much before the summer of this year, but that was then and this is now. An important aspect is that Oversighting is not time consuming. New e-mails reach me very quickly and to take care of a request is no problem at all. On a side note, I don't like to see editors burning out. As far as I'm concerned, I'm a Wikipedian for the long haul. There's still many more things I'd like to do here, and I don't believe that going at them full tilt is a healthy philosophy. WilliamH (talk) 00:59, 1 October 2011 (UTC)[reply]
Comments
[edit]
Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-b@lists.wikimedia.org

Results

[edit]

The Arbitration Committee has resolved to appoint five editors to the CheckUser team and three editors to the Oversight team pursuant to the CheckUser and Oversight appointment procedures and following the 2011 CUOS appointments process.

Subject to their providing identification satisfactory to the Wikimedia Foundation, the Arbitration Committee hereby resolves to:

(a) appoint the following editors as checkusers:

(b) appoint the following editors as oversighters:

† Previously identified member of the Audit Subcommittee who will retain the specified permission(s) upon the conclusion of their terms.

The committee thanks the other candidates (28bytes, HelloAnnyong, Kww, and Mentifisto); those who applied but were not put forward as candidates; and the community in bringing this appointment process to a successful conclusion.

The committee also recognizes the departures of Dominic and Nishkid64 from their dual roles on the CheckUser and Oversight teams; along with EVula, Howcheng, & Mr.Z-man from the Oversight team; and thanks these editors for their diligent service as functionaries and their extensive contributions elsewhere on the project.

At the request of arbitrator Iridescent, checkuser and oversight permissions will be removed from their account until such time as Iridescent is able to return to active participation.

Supporting motion: Casliber; Chase me ladies, I'm the Cavalry; Coren; David Fuchs; Jclemens; John Vandenberg; Kirill Lokshin; Mailer diablo; PhilKnight; Newyorkbrad; Roger Davies; Risker; SirFozzie; Xeno
Not voting/inactive: Cool Hand Luke; Elen of the Roads; Iridescent

For the Arbitration Committee, –xenotalk 13:00, 13 October 2011 (UTC)[reply]

Archived discussion