On GaijinPot Wiki, CheckUser is a tool allowed to be used by a small number of users who are permitted to examine user IP information and other server log data under certain circumstances, for the purposes of protecting GaijinPot Wiki against actual and potential disruption and abuse. CheckUser itself simply produces log information for checking; it can require considerable skill and experience to investigate cases even with the tool.

Contents 1 Policy 1.1 Grounds for checking 1.2 Notifying the account that is checked 2 Privacy 2.1 IP information disclosure 2.2 IP information retention 2.3 Guidance given to CheckUsers 2.4 "Fishing" 3 CheckUser operation 3.1 Usage 3.2 Hints and tips 3.3 Reasons and communication 3.4 Logging 3.5 Complaints and misuse 4 Users with CheckUser permissions 5 See also

Policy

The CheckUser feature is approved for use to prevent disruption, or investigate legitimate concerns of bad faith editing.

Grounds for checking

The tool is to be used to fight vandalism, to check for sockpuppet activity, to limit disruption or potential disruption of any project, and to investigate legitimate concerns of bad faith editing.

The tool should not be used for political control; to apply pressure on editors; or as a threat against another editor in a content dispute.

Note that there are legitimate uses of alternative accounts, so long as they are not used in violation of the policies (for example, to double-vote or to increase the apparent support for any given position).

Notifying the account that is checked

Notification to the account that is checked is permitted but is not mandatory. Similarly, notification of the check to the community is not mandatory, but may be done subject to the provisions of the privacy policy.

Some wikis allow an editor's IPs to be checked upon his or her request if, for example, there is a need to provide evidence of innocence against a sockpuppet allegation; note, however, that requesting a checkuser in these circumstances is sometimes part of the attempt to disrupt.

Privacy

The CheckUser feature accesses non-public information. GaijinPot takes the privacy of its editors extremely seriously, and there may at times be a conflict between the high priorities given to both protecting the Wiki from damage and disruption, and privacy - even of problematic users. This is a very delicate area and at times no solution is ideal; the following cover some of the principles and common practices on GaijinPot Wiki.

1. CheckUsers have a wide range of discretion to use their access provided it is for legitimate purposes - broadly, those which relate to preventing or reducing potential or actual disruption, and to investigation of legitimate concerns of bad faith editing. (CheckUser policy)
2. CheckUsers may accept requests publicly or otherwise, as they see fit.
3. Requests should not be accepted on the basis of "fishing" - that is, requests by users without a good and specific cause. On their own cognizance they may however perform privately as part of their role, any checks within the bounds of CheckUser policy - that is to say, any check which is reasonably performed in order to address issues of disruption or damage to the project.
4. Disclosure of CheckUser results is subject to privacy policy, which broadly states that identifying information should not be disclosed under any but a few circumstances. These include:

   • "With permission of the affected user",
   • "Where the user has been vandalizing articles or persistently behaving in a disruptive way, data may be released to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers", and
   • "Where it is reasonably necessary to protect the rights, property or safety of the GaijinPot Wiki, its users or the public."

IP information disclosure

It is not normally considered a breach of privacy policy to state that different named accounts are operated from the same IP or range if details of the range are not given, or if a generic description only is given (country, large ISP etc) that in no way is very likely to identify a specific person. It is undesirable to link an IP to a named account, since an IP is often much more tightly linked to a specific person. (This is often less so for larger IP ranges: the larger the range, the less obvious the connection will often be to any specific person.) CheckUsers will employ a variety of means to avoid doing this, but in some cases it is hard to avoid and "norms are not a suicide pact" - a user who is disruptive and needs to be addressed as such may have to accept that the price of disruption is that their IP becomes linked to their account.

This can happen in several ways:

• A user is disruptive through multiple IPs, or a mixture of IPs and accounts. It is hard to block all of these (often on the same article) without obvious inference being drawn by onlookers.
• A user is disruptive on multiple accounts, and it is reasonably plausible they will create more accounts, requiring the blocking of the underlying IP range that these accounts are using.

CheckUsers will often use a variety of techniques to avoid drawing such connections (new checkusers should ask and pick these up), but in many cases it is hard to avoid in a practical sense. Users who engage in problematic conduct to the point that requests for administrative action or blocking are raised and considered valid for CheckUser usage, and where CheckUser then determines that the user probably has engaged in such conduct, must expect that the protection of the project is given a higher priority than the protection of those who knowingly breach its policies on editorial conduct, if the two conflict or there is a problematic editing history.

IP information retention

CheckUser keeps IP and other information on users for a certain time only, to prevent abuse of older information. In general if a matter is not current, it is less likely to require administrative intervention.

Guidance given to CheckUsers

Even if the user is committing abuse, it's best not to reveal personal information if possible.

• Generally, do not reveal IPs. Only give information such as same network/not same network or similar. If detailed information is provided, make sure the person you are giving it to is a trusted person and will not reveal it himself.
• If the user has said they're from somewhere and the IP confirms it, it's not releasing private information to confirm it if needed.
• If you're in any doubt, give no detail. ("If you're in any doubt at all, give no detail and answer like a Magic 8-Ball.")

A further ideal is: if you are requested to perform a check, always ask for the evidence of the user that a check is needed and appropriate, and confirm for yourself that there is indeed a valid basis that you can explain if needed. Do not assume, no matter who asks.

"Fishing"

"Fishing" is broadly defined as performing a check on account where there is no suspicion of sockpuppetry. Such an action is inappropriate. Checking an account where the alleged sockmaster is unknown, but there is reasonable suspicion of sockpuppetry is not fishing. A checkuser need not suspect who is behind the abusive behaviour of an account before checking, but they must suspect there is abusive sockpuppetry. Please note that a check coming up negative does not mean that the original basis for the check was invalid.

CheckUser operation

Usage

A user with CheckUser access will get an extra "CheckUser" option under Special:SpecialPages.

Hints and tips

• CheckUser is a technical tool, and requires a significant degree of familiarity with IPs, IP ranges, and related principles, to be correctly used.
• CheckUser is not magic wiki pixie dust. Almost all queries about IPs will be because two editors were behaving the same way or an editor was behaving in a way that appears suggestive of possible disruption. An editing pattern match is the important thing; the IP match is really just extra evidence (or not).
• Most dialup and a lot of DSL and cable IPs are dynamic. They might change every session, every day, every week, every few months or hardly ever. Unless the access times are right next to each other, be cautious in declaring a match. After a while, you get to know which ISPs change fast or slow. If it's a proxy, it might not be a match, depending on the size of the organization running the proxy (per whois output). If it's an ISP proxy, it is not so likely to indicate a match. (Note - some users, particularly those involved in technical matters, can help identify whether an IP is likely to be a proxy, or is likely to be static, fast, or slow changing.)

Reasons and communication

CheckUsers are expected to have policy-compliant grounds for CheckUser actions, identification, and blocks, and to discuss openly and fully with other CheckUsers their rationale if asked.

Logging

CheckUser requests are logged privately with a comment for each. The full log of all searches is visible to other CheckUsers at Special:CheckUser. The log lists who made a request, when, what the request was, and a provided comment. They do not list the results of the check, nor do they store any user IP data.

Complaints and misuse

Any user account with CheckUser status that is inactive for more than a year will have their CheckUser access removed.

In case of abusive use of the tool, the Steward or the editor with the CheckUser privilege will immediately have their access removed. This will in particular happen if checks are done routinely on editors without a serious motive to do so (links and proofs of bad behavior should be provided).

Suspicion of abuses of CheckUser should be discussed by each local wiki. On wikis with an approved ArbCom, the ArbCom can decide on the removal of access... Removal can only be done by Stewards. A Steward may not decide to remove access on their own, but can help provide information necessary to prove the abuse (such as logs). If necessary, and in particular in case of lack of respect towards the privacy policy, the Board can be asked to declare removal of access as well.

Complaints of abuse of CheckUser or privacy policy breaches may also be brought to the Ombudsman committee.

The Ombudsman usually considers breaches of privacy policy. Complaints about misuse that do not result in privacy breaches should therefore be referred to the Arbitration Committee initially.

Users with CheckUser permissions

An automatic list is available at Special:Listusers/checkuser.

See also