|To contact a checkuser about sensitive matters, see Contacting a checkuser. Otherwise, to open an investigation, go to Wikipedia:Sockpuppet investigations.|
|This page documents a procedural policy of Wikipedia.|
It documents various processes by which the English Wikipedia operates.This local policy supplements—but cannot override—the global community CheckUser policy.
The CheckUser tool is used by a small group of trusted Wikipedia users (called checkusers). The tool allows its users to determine from Wikipedia's servers the IP addresses used by a Wikipedia user account, as well as other technical data stored by the server about a user account or IP address.
Wikipedia's checkuser team uses the tool to establish whether two or more accounts are being operated by one individual or group of people, and to protect Wikipedia against disruptive or abusive behaviour.
Checkusers are able to view a list of all IP addresses used by a user account to edit the English Wikipedia, a list of all edits made by an IP (which includes edits by accounts), or a list of all user accounts that have used an IP address. They may also view a log of CheckUser actions at Special:CheckUserLog.
On the English Wikipedia, CheckUser access is entrusted to a restricted number of trusted users who can execute CheckUser inquiries at their own discretion. The permission is granted by Wikipedia's Arbitration Committee, after community consultation and vetting of the editor by the committee's members and the functionary team. While there is no formal requirement that checkusers also be administrators, the Arbitration Committee has traditionally restricted applications to users who are currently administrators. Checkusers must be 18 years of age or older and have signed the Wikimedia Foundation's confidentiality agreement for nonpublic information before being appointed. The use of the CheckUser tool on the English Wikipedia is monitored and controlled by the Arbitration Committee, and checkusers may have their permissions revoked by the Arbitration Committee for misuse or abuse of the tool.
This policy supplements the global checkuser policy and applies only to the English Wikipedia.
The CheckUser tool may be used only to prevent disruptive editing on the English Wikipedia or to investigate legitimate, credible concerns of bad-faith editing or sockpuppetry.
CheckUser data may be used to investigate, prevent, or respond to:
The tool may never be used to:
The primary purpose of CheckUser is the prevention of sockpuppetry, but community policy provides for several legitimate uses of alternative accounts where the alternative accounts are not being used to violate site policy (such as by double voting or by giving the impression there is more support for a position in a discussion or content dispute).
On some Wikimedia projects, an editor's IP addresses may be checked upon their request, typically to prove innocence against a sockpuppet allegation. Such checks are not allowed on the English Wikipedia and such requests will not be granted.
Checkusers are permitted, but not required, to inform an editor that their account has been checked. The result of a check may be disclosed to the community (on a community process page like Wikipedia:Sockpuppet investigations).
The CheckUser feature facilitates access to non-public information. The Wikimedia Foundation takes the privacy of its users extremely seriously, and there may at times be tension between protecting Wikipedia from damage and disruption, and protecting the privacy of users (even disruptive ones). Checkusers must perpetually weigh these opposing concerns. In order to reach the optimal result, checkusers on the English Wikipedia are required to adhere to the following conventions and practices:
These conventions arise out of practice that has emerged in the years since the checkuser tool was created, and in some cases out of rulings or "statements of best practice" by the Audit Subcommittee (now disbanded) and the Arbitration Committee.
In some situations, while checkusers can endeavour to avoid explicitly connecting an account to an IP address, they will find it difficult or impossible not to do so. For instance, when a user edits disruptively using multiple IPs, or a mixture of IPs and accounts, the checkuser will find it difficult to block the accounts and then the IP addresses without an obvious inference being drawn by onlookers from the series of blocks being made in a short period of time. When a user abusively uses several accounts and it is reasonably plausible they will create more accounts, the underlying IP range must be blocked so further abusive accounts cannot be made. The IP addresses and user accounts must therefore be blocked together.
Users who engage in problematic conduct to the point that requests for administrative action or blocking are raised and considered valid for CheckUser usage—and where a checkuser then determines the user probably has engaged in such conduct—must expect the protection of the project to be given a higher priority than the protection of those who knowingly breach its policies.
Information about users (like their IP address) is retained for a limited period on Wikimedia Foundation sites. Data retention is limited in this way because incidents or actions that are not current rarely require investigation.
m:CheckUser policy advises that even if the user is committing abuse, personal information should if possible not be revealed. Checkusers are advised as follows:
On the English Wikipedia, checkusers asked to run a check must have clear evidence that a check is appropriate and necessary. The onus is on an individual checkuser to explain, if challenged, why a check was run. The CheckUser log is regularly examined by arbitrators. All actions associated with the CheckUser tool, especially public or off-wiki actions, are subject to public view and can result in a complaint being filed with the Arbitration Committee, the Wikimedia Foundation Ombuds Commission, or both. Checkusers who run checks based on an unsubstantiated accusation may be cautioned or subject to sanctions, up to and including the revocation of their permissions; for a previous example of this, see this 2009 investigation by the Audit Subcommittee.
"Fishing" is to check an account where there is no credible evidence to suspect sockpuppetry. Checks are inappropriate unless there is evidence suggesting abusive sockpuppetry. For example, it is not fishing to check an account where the alleged sockmaster is unknown, but there is reasonable suspicion of sockpuppetry, and a suspected sockpuppet's operator is sometimes unknown until a CheckUser investigation is concluded. Checks with a negative result do not mean the check was initially invalid.
Main pages: Wikipedia:Functionaries and Wikipedia:Sockpuppet investigations
Checkusers are seasoned, experienced users, who are vetted and highly trusted to handle sensitive and privacy-related matters, as well as other user issues. Routine sockpuppet and editing issues requiring checkuser review are handled at Wikipedia:Sockpuppet investigations. In keeping with WP:NOTBUREAUCRACY, checkusers are authorized to receive contact by other means, like on their talk pages, by email, on IRC or a mailing list, and so on. If an incident is of a private or sensitive nature, you should never use public means of contact. If an incident is of an urgent nature, you should contact a checkuser you know to be online, or contact multiple active CheckUsers. If an incident is an emergency, you should contact the Wikimedia Foundation. If you require an editor with checkuser access, you may contact:
A user with CheckUser access will get an extra "CheckUser" option under Special:SpecialPages, "check IP addresses" and "recent user checks" options on Special:Contributions, and access to the Special:CheckUser and Special:CheckUserLog special pages, along with other similar functions. On the English Wikipedia, checkusers also receive access to the checkuser-l global mailing list, are subscribed to the functionaries-l mailing list, and receive access to the private IRC channels at their request.
Several scripts exist for English Wikipedia checkusers, including User:Amalthea/culoghelper.js, User:Amalthea/cufilter, ru:MediaWiki:Gadget-markblocked.js, and User:Tim Song/spihelper.js, among others.[note 1]
The Meta checkuser help page gives checkusers the following information:
#wikimedia-checkuser), providing means to consult and get advice on checks and their interpretation, especially in the case of more complex vandalism. Both are used by checkusers on all Wikimedia Foundation projects; they are not just for the English Wikipedia. Access to the IRC channel is by invitation only and the checkuser mailing list does not accept correspondence from non-members – users seeking assistance of a local checkuser should see the § Contacting a checkuser above. Checkusers also have access to a private wiki where they can share data with other members of the global checkuser team. It can also be used to store historical CheckUser data, typically in cases of long-term or complex sockpuppetry.
#wikimedia-privacy, as do oversighters.
Checkusers must be able to provide a valid reason to another checkuser (or the Arbitration Committee) for all checks they conduct.
Checkusers can block accounts based on technical (checkuser) evidence. They will make clear in the block log summary that they have blocked as a "checkuser action", usually by including the ((checkuserblock)), ((checkuserblock-account)), or similar templates. These blocks must not be reversed by non-checkusers. Administrators must not undo nor loosen any block that is specifically called a "checkuser block" without first consulting a checkuser or the Arbitration Committee.[note 2][note 3] However, all checkuser blocks are subject to direct review and significant scrutiny by the other checkusers and the Arbitration Committee. If you are concerned that a checkuser block has been made in error, you should refer the block promptly to the functionaries team, who will carefully review the CheckUser evidence. Checkuser blocks may subsequently be appealed, as a matter of last resort, to the Arbitration Committee.
CheckUser queries cannot be executed on the English Wikipedia without the initiator entering something into the "Reason for check" field, which is akin to the edit summary feature for page-editing. All queries are logged at Special:CheckUserLog, which is visible to other checkusers through Special:CheckUser. Each entry in the log will show who ran the check, when, the check reason, and what type of data was called (the tool can be used to get IPs, edits from an IP, or users for an IP). The log does not display, nor allow for the retention of, data returned from a check.
Main page: Wikipedia:Arbitration Committee/CheckUser and Oversight
Checkuser permissions are assigned by the Arbitration Committee. While many users with checkuser permissions are or were members of the Arbitration Committee, the Arbitration Committee also appoints a number of editors as checkusers, typically around once a year. Users interested in obtaining access should add the ArbCom noticeboard to their watchlists for an announcement or should contact the Committee. Appointments that are confirmed by the Arbitration Committee will be posted on Requests for permissions on Meta-Wiki; a steward will assign the permission once the user has completed and signed the necessary non-public information confidentiality document.
Checkuser permissions can be revoked for not meeting the minimum activity level or for cause. If the Committee feels that an editor has abused CheckUser, such as by inappropriately performing checks or needlessly disclosing privacy related information from a CheckUser inquiry, they will request a Steward to remove the permission from the editor. This may be done by any of the usual ways, including e-mail or a request on requests for permission on Meta. Emergency requests based upon clear evidence may also be made in exceptional circumstances, the same way. In an exceptional case, and for good cause, a steward may temporarily remove the permission, pending a decision by the Committee. The steward should check that the matter is well-founded, and make clear immediately that it is a temporary response only, since such an action could lead to controversy.
Main article: m:CheckUser policy § Removal of access
The Wikimedia Foundation policy on revocation of CheckUser access states in part that:
Any user account with CheckUser status that is inactive for more than one year will have their CheckUser access removed.
In case of abusive use of the tool, the Steward or the editor with the CheckUser privilege will immediately have their access removed. This will in particular happen if checks are done routinely on editors without a serious motive to do so (links and proofs of bad behavior should be provided).
Suspicion of abuses of CheckUser should be discussed by each local wiki. On wikis with an approved ArbCom, the ArbCom can decide on the removal of access (...)
Other complaints or inquiries about potential misuse of the checkuser tool should be referred to the Arbitration Committee.
There are currently 49 users with the CheckUser permission on the English Wikipedia. A complete listing is available at Special:Listusers/checkuser. As of 23 January 2023, the following editors form the Checkuser team on the English Wikipedia:
The list above is served from Template:Functionaries.
User:USERNAME@enwikiin the "Target" box.