Site Management Group

From Tempebrennan

Revision as of 10:50, 11 July 2007

Bureaucrats

Within Wikimedia projects, a bureaucrat is a user who has the technical ability to:

• Promote other users to administrator or bureaucrat
• Grant and revoke a user's bot flag
• Rename a user

Stewards fulfill these roles on wikis without bureaucrats using the requests for permissions page.

The default configuration of the MediaWiki software permits bureaucrats with access to Special:UserRights to remove rights; however, this function is restricted to stewards in all Wikimedia Foundation projects.

Promoting users

If you are a bureaucrat, to give another user administrator access, go to Special:Makesysop in 1.4 and below or goto Special:Userrights on 1.5 and above on the wiki where you are a bureaucrat. There is a link to this on the list of special pages.

Type the user's name into the box and then press the make this user into a sysop button. To make them a bureaucrat as well as a sysop, tick the Set bureaucrat flag box. You will see a confirmation message telling you that the user has been made a sysop (note, the message says they have been made a sysop even if they have also been made a bureaucrat).

The user will gain administrator access immediately and the action will be recorded at Special:Log/rights.

If you make a mistake and need to remove access from someone you accidentally made a sysop, please contact a steward or developer.

Go to the User Rights Management (Special:Userrights) and enter the name of the user you want to give Bureaucrat rights and click the button Edit User Groups. Then on the following page simply select the groups you want him to be part of. In this case, selected the Bureaucrat group. Finally click the Save User Groups button.

System Operators

A sysop (also known as an administrator) is a user with the technical ability, within a particular Wikimedia wiki, to delete and undelete pages, and view deleted revisions of pages; block and unblock users, individual IP addresses, and ranges of IP addresses; protect and unprotect pages; and edit the interface (the MediaWiki namespace).

The role and expectations of sysops, as well as the policies surrounding their behavior, vary widely among the different projects. Some wiki sites may not even have adopted written policies for sysops or candidates for becoming a sysop. This is usually due to limited users and activities.

Check-Users

CheckUser is a interface for users with the checkuser permission. An editor with CheckUser status on a wiki can in particular check if a user isn't a sockpuppet of another user on that wiki (not on all wikis). By using it, users are able to:

• Determine from which IPs a user has edited the Wikimedia wiki
• Determine the edits on the Wikimedia wiki of a specific IP (even when logged in)

This information is only stored for a short period, so edits made prior to that will not be shown via CheckUser. A log is kept of who has made which queries with the tool. This log is available to those with the checkuser permission:

Use of the tool

The tool is to be used to fight vandalism, to check for sockpuppet abuse, and to limit disruption of the project. It must be used only to prevent damage to one or several of Wikimedia projects.

The tool should not be used for political control; to apply pressure on editors; or as a threat against another editor in a content dispute. There must be a valid reason to check a user. Note that alternative accounts are not forbidden, so long as they are not used in violation of the policies (for example, to double-vote or to increase the apparent support for any given position).

Notification to the account that is checked is permitted but is not mandatory. Similarly, notification of the check to the community is not mandatory, but may be done subject to the provisions of the privacy policy.

An editor's IPs may be checked upon his or her request if, for example, there is a need to provide evidence of innocence against a sockpuppet allegation, but note that requesting a checkuser in these circumstances is sometimes part of the attempt to disrupt.

Privacy policy

On this project, considerations are of tremendous importance. Unless someone is violating policy with their actions (e.g. massive bot vandalism or spam) and revealing information about them is necessary to stop the disruption, it is a violation of the privacy policy to reveal their IP, whereabouts, or other information sufficient to identify them, unless they have already revealed this information themselves on Wikipedia. The relevant section of the privacy policy is:

Policy on release of data derived from page logs

It is the policy of Wikimedia that personally identifiable data collected in the server logs, or through records in the database via the CheckUser feature, may be released by the system administrators or users with CheckUser access, in the following situations:

1. In response to a valid subpoena or other compulsory request from law enforcement
2. With permission of the affected user
3. To the chair of Wikimedia Foundation, his legal counsel, or his designee, when necessary for investigation of abuse complaints.
4. Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues.
5. Where the user has been vandalising articles or persistently behaving in a disruptive way, data may be released to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers
6. Where it is reasonably necessary to protect the rights, property or safety of the Wikimedia Foundation, its users or the public.

Information release

Even if the user is committing abuse, it's best not to reveal personal information if possible.

• Generally, do not reveal IPs. Only give information such as same network/not same network or similar. If detailed information is provided, make sure the person you are giving it to is a trusted person and will not reveal it himself.
• If the user has said they're from somewhere and the IP confirms it, it's not releasing private information to confirm it if needed.
• If they're on a large national or international ISP (e.g. AOL, NTL, BT, Telstra) where they're one of millions of users, saying so is unlikely to be personally identifiable.
• Revealing the country is generally not personally identifiable (e.g. "User:Querulous is coming in from the UK, User:Sockpuppet is coming in from Canada").
• If you're in any doubt, give no detail.

Access to checkuser

As of 11 April 2007, Checkusers must be 18 years of age, of legal age in their place of residence, and willing to provide identification to the Wikimedia Foundation in order to qualify.

Only stewards and a very few editors are allowed to have the CheckUser status. Editors will only have CheckUser status locally.

On a wiki with a (Wikimedia-approved) Arbitration Committee (ArbCom), only editors approved by the Arbitrators may have CheckUser status. There should be at least two so that they can mutually control their activity. After agreement, simply list the candidate on Requests for permissions.

On a wiki with no Arbitration Committee, two options are possible:

The community must approve at least two CheckUsers per consensus. Activity will be checked mutually. The user requesting check user status must request it within his local community and advertise this request properly (village pump, mailing list when available, ...). The editor must be familiar with the privacy policy. After gaining consensus (70%-80%) in his local community, with at least 25-30 editors' approval, the user should list himself under Requests for permissions with a link to the page with the community's decision.

If an insufficient number of voters do not allow to vote for two checkusers on a wiki, there will be no checkuser on that wiki. Editors will have to ask a Steward to check if UserX is a sockpuppet of UserY. To do so, simply add your request to Requests for CheckUser information listing these users and explaining why you ask for such a check (with links). You also need a community consensus (like above). The Steward will answer you if these two users are from the same IP, same proxy, same network, same country, or are they completely unrelated (see discussion for what the Steward should more precisely say to the editor).

Removal of access

Any user account with checkuser status that is inactive for more than a year will see their checkuser access be removed.

In case of abusive use of the tool, the Steward or the editor with the CheckUser privilege will immediately have their access removed. This will in particular happen if checks are done routinely on editors without a serious motive to do so (links and proofs of bad behavior should be provided).

Suspicion of abuses of checkuser should be discussed on each local wiki. On wikis with an arbcom, the arbcom can decide on the removal of access. On wikis without arbcom, the community can vote removal of access. Removal can be done by Stewards. The Stewards may not decide alone of removal, but can help provide the information necessary to prove the abuse (log). If necessary, and in particular in case of lack of respect towards the privacy policy, the board of Wikimedia Foundation can be asked to declare removal of access as well.

Complaints of abuse of checkuser or privacy policy breaches may also be brought to the User Investigation Commission.

In case only one checkuser is left on a wiki, the community should elect a new checkuser (so that the number of checkusers is at least two).