Wikimedia Meta-Wiki

Commission des médiateurs/2025/Conseils aux vérificateurs

< Ombuds commission
This page is a translated version of the page Ombuds commission/2025/Advice to Checkusers and the translation is 3% complete.
Other languages:

During the normal course of their duties, checkusers are frequently asked questions by members of their local community. Here are some examples of questions you might get and acceptable ways you might answer them:

About the commissionMake a reportEmail the commissionDiscuss the commission
Rapports d’activités : 202420232022Earlier
Published decisions

On 25 March 2025, the Ombuds Commission published the following public statement:

Dear checkuser,

It has come to the attention of the Ombuds Commission that a number of checkusers, across several projects, are not correctly applying the constraints on information sharing imposed by the Access to Nonpublic Personal Data Policy (commonly known as the ANPDP). The goal of this letter is to remind all checkusers (by which we mean anybody with checkuser access) about one issue that we commonly see: the sharing of IP addresses which have been used by registered accounts as exposed by the checkuser tool. In a nutshell, a checkuser may not publicly connect an IP address with a registered account when that connection is informed by CheckUser data. The only people you may share this information with are other checkusers, and then only through communication channels which are private. Acceptable channels include:

  • Direct email to another checkuser
  • The checkuser-l@lists.wikimedia.org mailing list
  • The #wikimedia-checkuser channel on IRC
  • The private checkuser wiki (checkuser.wikimedia.org)

Examples of unacceptable channels include:

  • Posting to any public wiki
  • Posting to any mailing list, IRC, Discord, etc which is not specifically configured to handle this kind of information securely
  • Email (IRC, Discord, etc) to any non-checkuser, even if they are an admin, patroller, or other trusted position on your project other than checkuser.
Q: Is User:X a sockpuppet of User:Y?
A: Based on check data, those two accounts appear to be (or not to be) the same person
Q: What IP addresses is User:X using?
A: I cannot provide that information
Q: Is User:X using IP address w.x.y.z?
A: I cannot provide that information
Q: Are the IP addresses a1.a2.a3.a4 and b1.b2.b3.b4 being used by the same person?
A: I cannot provide that information
Q: In what country is User:X located?
A: This one is a bit of a grey area. There are some situations where it is permissible to disclose geolocation information, but our best advice is to be more conservative and just say that you cannot provide that information.

Also note that the past history of the user does not alter the privacy mandate. For example, none of the following are valid exceptions to the privacy policy:

  • The user is a vandal
  • The user is a long-term abuser
  • The user has already been blocked, globally locked, or banned
  • The user is previously known to use sockpuppets

Roy Smith

For the Ombuds Commission

Retrieved from "https://meta.wikimedia.org/w/index.php?title=Ombuds_commission/2025/Advice_to_Checkusers/fr&oldid=28454250"