David Gerard wrote:
Ray Saintonge (saintonge(a)telus.net) [050413 02:35]:
David Gerard wrote:
>I should also point out that I *barely* use it - its availability to the Ac
>directly is somewhat controversial, but I've some experience of net-abuse
>tracing and know what the results mean or don't, and I only use it when
>there's clearly some important issue. (Last use was to check on an apparent
>sock of Rienzo. Use before that was to check the zillion abusive socks in
>the Baku Ibne arb com case.) I get a lot of people asking me to check
>something casually and I have to say "no". Although if people on en: think
>it's relevant to an arb com case, the "Requests for clarification"
section
>on WP:RFAr is the right place to suggest. The edit evidence had better be
>there, though, I'm not going on fishing expeditions.
This sounds like a wise approach. Some
ultra-zealous vandal chasers are
much too quick to jump to conclusions when finding fault.
The problem I find in practice is that there is no guideline, and I'm not
quite sure sometimes myself. I've added a question to [[m:CheckUser]]
asking for suggestions on when it's appropriate to look this stuff up.
Then I'll probably take those and see if something that's clearly good
sense emerges from them.
- d.
People who've asked me for sock puppet checks in the past probably know
that I'm much more permissive than this. My personal guidelines have been:
1. Only research bad people. The first thing I do when I get a request
is to look up the user's contributions and make sure that they have
indeed been vandalising. The privacy of good users should be sacrosanct,
even if they are using sock puppets. (The exception to this is RFA)
2. Do not give away IP addresses unless it's necessary. In 90% of cases
I interpret the IP evidence myself and give the requester a statement
such as "yes they are probably the same person" or "they share the same
ISP".
There are two cases where it is necessary to give away IP addresses. One
is where an anonymous (logged-out) user is involved, and a link between
the anonymous contributions and the logged-in contributions is required.
The other is when there is a desire to make a complaint to the user's
ISP. I encourage this course of action in extreme cases, despite the
fact that it has never actually worked. There's at least a slight chance
that the vandal will see some real-life consequences for their actions,
even if it's just a stern phone call from their ISP.
I've always been sympathetic to requests for sock puppet checks, because
shortly before I got shell access, I was nearly driven crazy by a user
with 9 sock puppets, each claiming to be a separate person. Each would
demand my attention, make their own arguments and even post bogus real
names and addresses to "prove" their identity. All these identities were
active in the same week. It's hard to describe how hard this was for me,
but suffice to say looking up the guy in the apache logs was the first
thing I did when I got shell access. I resolved at that point to try to
help anyone who was in a similar situation.
Requests to fulfill curiosity might seem gratuitous, but it's amazing
how much a simple yes or no can do for the sanity of an embattled
Wikipedian. Even if you give them no solid evidence that they can repeat
publically, it's still enough to allow them to deal with the problem
rationally rather than be overwhelmed with uncertainty.
In recent times, the number of requests for sock puppet checks has been
rising, and I've had less time on my hands, so I've had to ignore many
of them. I'd be very happy if a small group of users, with public
logging for oversight, could take over the role that I've been filling.
There are many dangers; like Ray says, some people are very quick to
jump to conclusions. The danger comes when you present tenuous evidence
of sock puppetry as ammunition in an argument -- that should be avoided
at all costs. People with checkuser access should be careful to
emphasize the uncertain nature of IP evidence.
-- Tim Starling