David Gerard wrote:
Ray Saintonge (saintonge@telus.net) [050413 02:35]:
David Gerard wrote:
I should also point out that I *barely* use it - its availability to the Ac directly is somewhat controversial, but I've some experience of net-abuse tracing and know what the results mean or don't, and I only use it when there's clearly some important issue. (Last use was to check on an apparent sock of Rienzo. Use before that was to check the zillion abusive socks in the Baku Ibne arb com case.) I get a lot of people asking me to check something casually and I have to say "no". Although if people on en: think it's relevant to an arb com case, the "Requests for clarification" section on WP:RFAr is the right place to suggest. The edit evidence had better be there, though, I'm not going on fishing expeditions.
This sounds like a wise approach. Some ultra-zealous vandal chasers are much too quick to jump to conclusions when finding fault.
The problem I find in practice is that there is no guideline, and I'm not quite sure sometimes myself. I've added a question to [[m:CheckUser]] asking for suggestions on when it's appropriate to look this stuff up. Then I'll probably take those and see if something that's clearly good sense emerges from them.
- d.
People who've asked me for sock puppet checks in the past probably know that I'm much more permissive than this. My personal guidelines have been:
1. Only research bad people. The first thing I do when I get a request is to look up the user's contributions and make sure that they have indeed been vandalising. The privacy of good users should be sacrosanct, even if they are using sock puppets. (The exception to this is RFA)
2. Do not give away IP addresses unless it's necessary. In 90% of cases I interpret the IP evidence myself and give the requester a statement such as "yes they are probably the same person" or "they share the same ISP".
There are two cases where it is necessary to give away IP addresses. One is where an anonymous (logged-out) user is involved, and a link between the anonymous contributions and the logged-in contributions is required. The other is when there is a desire to make a complaint to the user's ISP. I encourage this course of action in extreme cases, despite the fact that it has never actually worked. There's at least a slight chance that the vandal will see some real-life consequences for their actions, even if it's just a stern phone call from their ISP.
I've always been sympathetic to requests for sock puppet checks, because shortly before I got shell access, I was nearly driven crazy by a user with 9 sock puppets, each claiming to be a separate person. Each would demand my attention, make their own arguments and even post bogus real names and addresses to "prove" their identity. All these identities were active in the same week. It's hard to describe how hard this was for me, but suffice to say looking up the guy in the apache logs was the first thing I did when I got shell access. I resolved at that point to try to help anyone who was in a similar situation.
Requests to fulfill curiosity might seem gratuitous, but it's amazing how much a simple yes or no can do for the sanity of an embattled Wikipedian. Even if you give them no solid evidence that they can repeat publically, it's still enough to allow them to deal with the problem rationally rather than be overwhelmed with uncertainty.
In recent times, the number of requests for sock puppet checks has been rising, and I've had less time on my hands, so I've had to ignore many of them. I'd be very happy if a small group of users, with public logging for oversight, could take over the role that I've been filling.
There are many dangers; like Ray says, some people are very quick to jump to conclusions. The danger comes when you present tenuous evidence of sock puppetry as ammunition in an argument -- that should be avoided at all costs. People with checkuser access should be careful to emphasize the uncertain nature of IP evidence.
-- Tim Starling