StrategyWiki:Guide/CheckUser policy

All bureaucrats at StrategyWiki have access to the CheckUser tool. This tool allows them to view potentially confidential information, such as the underlying IP address of accounts and X-Forwarded-For headers. This policy exists to clarify the correct use of this tool and when releasing results to the public is acceptable.

Violation of this policy will at the least result in one's bureaucrat access being revoked.

Acceptable uses
CheckUser should only be used when the following circumstances are met:
 * When a user or IP is potentially abusing multiple accounts, and proof is needed of such activity.
 * When a user account has been potentially compromised, to discover what IP address compromised the account.
 * When a valid request has been placed on Requests for checkusers stating at least one of the reasons outlined above.

The tool should not be used for political control; to apply pressure on editors; or as a threat against another editor in a content dispute. There must be a valid reason to check a user (listed above, testing is not a valid reason). Note that alternative accounts are not forbidden, so long as they are not used in violation of the policies (for example, to double-vote or to increase the apparent support for any given position).

Notification to the account that is checked is permitted but is not mandatory. Similarly, notification of the check to the community is not mandatory, but may be done subject to the provisions of the privacy policy.

Using the tool
For instructions on the correct use of this tool, please view the extension page

Privacy policy
Unless someone is violating policy with their actions (e.g. massive bot vandalism or spam) and revealing information about them is necessary to stop the disruption, it is a violation of the privacy policy to reveal their IP, whereabouts, or other information sufficient to identify them, unless they have already revealed this information themselves on the project. The only instances where release of confidential information is acceptable is below:
 * In response to a valid subpoena or other compulsory request from law enforcement
 * With permission of the affected user
 * Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues.
 * Where the user has been vandalising articles or persistently behaving in a disruptive way, data may be released to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers
 * Where it is reasonably necessary to protect the rights, property or safety of StrategyWiki, its users or the public.

Even if the user is committing abuse, it's best not to reveal personal information if possible.


 * Generally, do not reveal IPs. Only give information such as same network/not same network or similar. If detailed information is provided, make sure the person you are giving it to is a trusted person and will not reveal it himself.
 * If the user has said they're from somewhere and the IP confirms it, it's not releasing private information to confirm it if needed.
 * If you're in any doubt, give no detail.

Removal of access
All bureaucrats have the ability to view the CheckUser log. In fact, they are encouraged to do so on a regular basis to ensure that nobody has misused the tool. If a bureaucrat has been found abusing the tool, their bureaucrat access will be revoked as soon as the abuse can be confirmed as such. In cases where it is unsure that a specific case is abuse, contact the bureaucrat that performed the CheckUser asking for a more detailed explanation as to why that CheckUser was performed, and use good judgment from there.

''This page uses content from http://meta.wikimedia.org/wiki/CheckUser_policy, which is licensed under the GFDL. The full page history of that page is viewable here''