Wikipedia talk:Arbitration Committee/Checkuser requests

Questions on requirements.

2. Good standing. What level of good standing?
3. Technical expertise. What gives? What level of expertise do we need? What language?
4. Why is this needed? {Slash-|-Talk} 03:42, 28 March 2007 (UTC)[reply]

I assumed 3 is to do with being able to interpret WHOIS results correctly. --Deskana (talk) 03:44, 28 March 2007 (UTC)[reply]

(2) Trusted by the community to handle sensitive IP data. This is probably a level of trust greater than most other on-wiki jobs.

(3) Knowledge of basic networking. How IP masks work, what DNS is and how to run reverse DNS, how to tell a proxy, etc.

(4) Because checkuser, if improperly used, has the capacity to get the Foundation into real legal trouble. Raul654 03:45, 28 March 2007 (UTC)[reply]

really big legal trouble. See the m:Privacy policy and m:CheckUser policy. Cbrown1023 talk 00:27, 29 March 2007 (UTC)[reply]

Shouldn't we set up a process like Requests for Adminship? It'll be hard on the bureaucrats and stewards to find out everything by themselves. {Slash-|-Talk} 03:54, 28 March 2007 (UTC)[reply]

No, we shouldn't. This process is explicitly designed NOT to be like RFA. It will be a one time signup, and the only people who get to vote are the arbitrators (so I don't know what you mean by stewards and bureaucrats). Raul654 04:46, 28 March 2007 (UTC)[reply]

To clarify, stewards and bureaucrats have absolutely no bearing here. This is, and will always be on the English Wikipedia, a matter up to the Arbitration Committee, and only the Arbitration Committee. The ArbCom looks at this list, sees who they can trust, and then picks whoever they want and gives them the rights. Cbrown1023 talk 00:20, 29 March 2007 (UTC)[reply]

Is this page only for CheckUsers, or will the users here acquire oversight rights? If not, will oversight be available in a way similar to this? Titoxd^{(?!? - cool stuff)} 04:18, 28 March 2007 (UTC)[reply]

We have not discussed oversight. Raul654 04:45, 28 March 2007 (UTC)[reply]

Here's what Essjay gave me when I first inquired about gaining checkuser access.

This is what I usually tell people: If all of the following questions
make sense to you, and you could answer them thoroughly if asked, then
checkuser may be right for you. If none of it makes any sense, then
probably not.

Technical questions:

Do you know about the operation of IP addresses? Can you spot a dynamic
IP vs. a static or semi-static one? Do you know how to confirm an open
proxy? Are you familiar with the major ISPs and how they operate (for
example, which ones use proxy pools and which use transparent proxies,
and indeed, what those are)? Do you know where to go to find more
information about an IP? Do the terms DNS, traceroute, whois, IMAP,
ping, and reverse lookup have any special meaning to you? Are you
familiar with the operation of IP ranges? What do the terms /8, /16,
and /24 mean to you? What does 0.0.0.0/0 represent?

Policy questions:

Are you familiar with the checkuser policy and the privacy policy? Are
you willing to provide your real name and proof of identification to the
Foundation's counsel, and to accept any liability that may result from
your actions with checkuser? Are you aware of the various levels of
consequences concerned with releasing a contributor's IP address, for
you, the Foundation, and the contributor?

Practical questions:

Do you know how to say no? Are you the kind of person who would rather
do something than tell someone they are out of line? Do pushy editors
make you particularly uncomfortable and stressed? Are you comfortable
accessing and retaining extremely dangerous personal information? Do you
have the time to dedicate several hours a week to running checks and the
resulting investigation? How much time and investigating do you think
goes into the average check?

And the last one, which, even when I don't ask for answers to the above,
I still like to hear the answer to:

What kind of output do you expect you'll see when you click "Check user"
for the first time?

You needn't answer any of the above questions (though, as I say, I'm
always interested in the last one), just think about them, and whether
or not you could answer them. If you can confidently go down the list
and answer them all, then go for it. If most make sense but you want to
know more, ask one of us that has it and we'll be happy to tell you.
(And, of course, if you get it, we're happy to walk you through your
first few checks, and are always available to double check if you need
it.) If none of the technical questions makes any sense, and the
practical ones are anxiety inducing, then the tool and the
responsibility (burden?) that comes with it might not be a good match
for you.

Feel free to email me or any of the other checkusers privately if you
want to discuss it more.

After doing the task for a few months, I find these to be a very good starting point. Also, ask yourself: do you have a large appetite for tedium, and a good tolerance for unhappy people? Because one way or another, doing this job involves making people unhappy -- and it's remarkably tedious, though I bet someone clever could whip up some scripts to make the process more automated. --jpgordon^∇∆∇∆ 05:48, 28 March 2007 (UTC)[reply]

Not to mention the countless nags about "why did you decline Wikipedia:Requests from checkuser/Case/x" on your talk, citing UC's current talk page as Exhibit 1; you will also need a well-tuned bullshit sensor, because a large portion of the people who end up at RFCU are wikilawyers (as SSP failed). And wha Jpgordon said :) Daniel Bryant 22:40, 28 March 2007 (UTC)[reply]

It's no secret I made some mistakes regarding IPs in my early days as an administrator, but I've learned from them and I'm unlikely to make them again. How will arbcom determine if a user has the relevant knowledge? - Mgm|^(talk) 11:22, 29 March 2007 (UTC)[reply]

• See the previous. --jpgordon^∇∆∇∆ 14:53, 29 March 2007 (UTC)[reply]
  • I assume you don't want 25 emails answering Essjay's questions, but will privately contact applicants you are considering. Thatcher131 14:55, 29 March 2007 (UTC)[reply]
    • Assumptions themselves are a useful shibboleth. --jpgordon^∇∆∇∆ 15:08, 29 March 2007 (UTC)[reply]

I think it is important that the ArbCom have more information about the folks proposing themselves for CU than just a bare name. It might be useful to have the list turned into a table that collects other information (adminship on other projects, whether or not the user is a 'crat on other projects, whether or not the user is a steward, whether or not the user has an OTRS ID, whether or not the user has a wikimediafoundation wiki account, whether or not the user has (or had) CU on any other project, and perhaps other information) All of these things are potentially indicators of trust by other communities, and many of them are also indicators that the user already has some expertise in handling sensitive matters, which is an important factor for consideration. I suggest that the list be converted to a tableish format similar to meta:OTRS/personnel which has a lot of information of this sort already collected. If this idea is adopted, probably the folks who indicated interest ought to be notified so they can revise their entry, it potentially would not be fair to early signers to not get a complete picture of everyone. There are some highly qualified candidates on the list already, and perhaps not all arbcom members are aware of exactly why they are so qualified. ++Lar: t/c 12:05, 29 March 2007 (UTC)[reply]

• Certainly, and I can tell you right out that we're not going to select anybody based solely on their entering their name on the list. This should not be a public process; it was a mistake making it one like this. --jpgordon^∇∆∇∆ 14:54, 29 March 2007 (UTC)[reply]

I would suggest candidate statements such as was done on m:Stewards/elections 2006-2, though without the vote. Users would explain why they want checkuser access, how they can help, what prior experience they may have had, indicate positions of responsibility in the community, et cetera. This is far more open than a table, which requires that we think of everything that can be said ahead of time. —{admin} Pathoschild 17:54:20, 29 March 2007 (UTC)

I can't speak for the other arbitrators on this, but I'll certainly ignore any public statements. This job is about discretion, not about public image. --jpgordon^∇∆∇∆ 18:00, 29 March 2007 (UTC)[reply]

The idea isn't to build a public image, but to provide information. How do you know whether a user is in good standing, or whether they have already proven their identity to the Foundation? Research on each individual candidates would work, of course, but simply asking the candidates to provide the information when they apply would be easier. —{admin} Pathoschild 18:46:51, 29 March 2007 (UTC)

Well, I was going to post about it. The thing is, if the arbcom asks the candidates, they're confirming to the arbcom, not to the foundation. But I suppose the arbcom could just ask the foundation. And many of us have already had our identity verified by the foundation. -- drini ^[meta:] _[commons:] 19:40, 29 March 2007 (UTC)[reply]

However I agree that this list wasn't the best idea. Creates unnecessary work (wanna take bets on how many people will sign up duringthe week? It's even been mentioned on mailing list) and really not about discretion-- drini ^[meta:] _[commons:] 19:41, 29 March 2007 (UTC)[reply]

• Soliciting a list of interested candidates is not a bad idea, even when done in a public forum. Obviously all additional steps of selection will be handled privately, and the selected candidates may be based more on the personal knowledge of arbitrators of the work of the various individuals than on a more comprehensive review of the candidates. And that is OK, we just need a group of qualified checkusers, not a perfect selection process. Personally I am pleased that ArbCom has decided to end the era of the shortage of checkusers. Hear, hear :). NoSeptember 00:03, 30 March 2007 (UTC)