Wikinews:CheckUser policy

CheckUser is an interface for users with the checkuser permission. A user with the CheckUser permission can, in particular, check if a user is a of another user on the English Wikinews. CheckUsers are able to:


 * Determine from which IP addresses that an account has performed edits, logged actions, or password resets on the English Wikinews;
 * Determine all edits, logged actions, login attempts, and password resets that were performed on the wiki from a specific IP address (including users who were logged in with an account);
 * Determine whether the account being checked has sent an email using the MediaWiki interface to any other user. The time of the event is logged; the destination email address and destination account is obscured.

This information is only stored for a short period (currently 90 days), so edits made prior to that will not be shown via the CheckUser tool. A log is kept of who has made queries using the tool. This log is available to those with the checkuser-log permission.

Use of the tool
The tool is to be used to fight vandalism, spamming, to check for sockpuppet abuse, and to limit disruption of the English Wikinews. It must be used only to prevent damage to the English Wikinews.

The tool should not be used for political control, to apply pressure on editors, or as a threat against another editor in a content dispute. There must be a valid reason to use the CheckUser tool to investigate a user. Note that alternative accounts are not forbidden, so long as they are not used in violation of the policies (examples of violations include double-voting, increasing the apparent support for any given position, or to evade blocks or bans).

Notification to the account that is checked is permitted but is not mandatory. Similarly, notification of the check to the English Wikinews community is not mandatory, but may be done subject to the provisions of the privacy policy.

Privacy policy
See also: Global privacy policy and Access to nonpublic personal data policy On the English Wikinews, privacy policy considerations are of tremendous importance. Unless someone is violating policy with their actions (e.g. bot vandalism or spam) and revealing information about them is necessary to stop the disruption, it is a violation of the privacy policy to reveal their IP, whereabouts, or other information sufficient to identify them, unless they have already revealed this information themselves.

Information release
Even if the user is committing abuse, it is best not to reveal personal information if possible.
 * Generally, do not reveal IPs. Only give information such as same network/not same network or similar. If detailed information is provided, make sure the person you are giving it to is a trusted person and will not reveal it.
 * If the user has said they're from somewhere and the IP confirms it, it is not releasing private information to confirm it if needed.
 * If you are in any doubt, give no detail.

Access to CheckUser
Only stewards, ombuds, some Wikimedia Foundation staff, and a very small number of other users are allowed to have CheckUser access. Users can only have CheckUser status locally (except for the ombuds and those staff members with access).

On the English Wikinews checks should generally be handled by local CheckUsers. In emergencies, or for multi-project CheckUser checks (as in the case of cross-wiki vandalism), stewards may perform local checks. Stewards should remove their own CheckUser access on the projects upon completion of the checks and notify the local CheckUsers.

Requests can be made to the CheckUsers to perform checks (such as "is User:X a sockpuppet of User:Y"). To do so, add the request to Wikinews:Requests for CheckUser listing the users and explain the need for the check (with links). Depending on the nature of the request, the CheckUser may deny it, may ask for more information, or may answer about the likelihood of the users in question having the same IP, same proxy, same network, same country, or being completely unrelated.

Appointing local CheckUsers
On any wiki, there must be at least two users with CheckUser status, or none at all. This is so that they can mutually control and confirm each others actions. In a case where only one CheckUser is left on a wiki (when the only other one retires, or is removed), the community must appoint a new CheckUser immediately (so that the number of CheckUsers is at least two) or the permission must be removed from the remaining CheckUser.

The community may approve local CheckUsers (stewards not counting as local CheckUsers) per consensus. The CheckUser candidate must request it at Wikinews:Requests for permissions and advertise this request at the Water Cooler. A request can be made for a Site Notice to advertise the candidacy. The candidate must be familiar with the global privacy policy. After gaining consensus (at least 70% support in pro/con voting or the highest number of votes in multiple choice elections), and with at least 25 users' approval, the successful candidate should request access on Meta-Wiki with a link to the page with the community decision. If there are an insufficient number of votes for at least two CheckUsers, there will be no CheckUsers on this wiki.

Mailing list
There is a closed mailing list (CheckUser-l) to which CheckUsers should have access. Email the list moderators to gain access. Use this mailing list to ask for help, ideas and second opinions if you are not sure what the data means.

IRC channel
There is a private IRC channel to which CheckUsers who use IRC should have access. This channel serves the same purpose as the mailing list, but in real-time. Contact any channel member to gain access; a channel manager will grant permanent access. Ask a steward if you need help gaining access.

Removal of access
Any user account with CheckUser status that is inactive for more than one year will have the CheckUser access removed.

In case of abusive use of the tool, the CheckUser privilege will be immediately removed. This will in particular happen if checks are done routinely on users without a serious motive to do so (links and proofs of bad behavior should be provided).

Suspicion of abuses of CheckUser should be discussed by the community, which can hold a vote to remove access.

Complaints of infringement of CheckUser, Access to Nonpublic Information Policy or Privacy Policy breaches are handled by the Ombuds commission.