Wikipedia:Arbitration Committee/Audit Subcommittee/Reports
|This page is currently inactive and is retained for historical reference.|
- For statistical reports on Checkuser and Oversight, see Wikipedia:Arbitration Committee/Audit/Statistics.
The Reports and Findings of the Audit Subcommittee will be posted to this page. The Audit Subcommittee procedures approved by the Arbitration Committee state that "The Committee shall announce the results of the investigation on-wiki in as much detail as is permitted by the relevant policies." Until 2009, a summary of all closed investigations was posted here. As of 2010, current practice is:
- The Subcommittee will publish anonymised summaries of its activity. Most complaints received by the Subcommittee are concluded without action, and will only be listed in the summaries of activity. These are listed in the second section of #Summaries of Activity.
- If a complaint leads to a full investigation, the Subcommittee will at its discretion publish a full report. These are listed at #Full reports.
- Only closed matters will be published publicly. Closed complaints will not be published until the next round of statistics are published. Full reports will usually not be published until the matter is closed, although the Subcommittee may announce updates if the matter is of special interest.
- 1 Summaries of Activity
- 2 Full reports
Summaries of Activity
As explained in the preface, before 2010 all complaints were announced publicly in as much detail as possible. The findings for these cases are listed as a Log in the first section, in as much detail as is permitted by the relevant policies. After 2009, the Subcommittee instead published anonymised summaries of reports. With the change in practice after 2009, where a complaints became a full investgation that resulted in action or formal recommendations to the Arbitration Committee, the practice of publishing an additional Full Report was not changed; these can be found under #Full Reports, as explained in the preface.
|2009 Log of activity|
November 2009 to September 2010
|Summary of activity for November 2009 through September 2010|
This summary is prepared in anticipation of future elections/appointments to the AUSC, currently scheduled for October 2010.
Of the requests that were not publicly reported:
Some further information on the distribution of the requests, with approximate time to completion:
October 2010 through June 2011
|Summary of activity for October 2010 through June 2011|
From late October, 2010, through June, 2011, the Audit Subcommittee reviewed a total of eleven cases:
July 2011 through February 2012
|Summary of activity for July 2011 through February 2012|
From July 2011 to February 2012, the Audit Subcommittee reviewed a total of eight cases:
Of these eight cases, one review was requested by another functionary, one review was initiated by a member of the subcommittee, and six were requests by non-functionaries.
March 2012 through April 2013
From March 2012 through April 2013, the Audit Subcommittee heard thirteen cases:
- In one case, the oversighter voluntarily reversed their suppression and no further action was taken.
- In one case, the complaint related to the use of advanced permissions on another Wikimedia Foundation project, and was outside of the subcommittee's remit.
- In one case, a checkuser inadvertently linked an account with an IP address when there were no grounds to do so. The functionary was cautioned and a reminder of best practice was sent to all checkusers. The log entry linking the account with the IP address had separately been suppressed after a request to the oversight team.
- In one case, no further action was required.
- In one case, a steward had blocked an account after mistakenly selecting the "suppress account" option (which they have access to but are not permitted to use except in an emergency). The action was overturned and no further action was required.
- In two cases, the complaint did not relate to the use of advanced permissions and was therefore dismissed.
- In one case, a functionary was instructed to recuse from using their checkuser tools in certain circumstances (which will not be disclosed in this report), but no deliberate misuse of the checkuser permission was detected and no further recommendation to the Arbitration Committee was made.
- In one case, a use of suppression was overturned and the functionary was warned to take greater care in the future.
- In four cases, a functionary's actions were held to be appropriate and correct and no further action was taken.
Of these thirteen cases, six reviews were requested by another functionary, two reviews were initiated by a member of the subcommittee, and five complaints were received from non-functionary editors.
April 2013 through November 2014
From April 2013 until November 2014, the Audit Subcommittee heard twelve cases:
- In two cases, the subcommittee agreed that no policy breach had been committed and the functionary’s decision was upheld.
- In one case, changes to Wikimedia Foundation internal policy were requested and subsequently made.
- In one case, the complaint was dismissed as out of scope because it related to administrator, not functionary, access rights.
- In one case, a complaint was filed that a checkuser block was reversed by a non-checkuser. This complaint was dismissed as out of scope.
- In one case, the subcommittee agreed that no policy breach had been committed, but the functionary being investigated was instructed to (a) recuse in relation to certain matters and (b) better document the rationale for their use of advanced permissions.
- In one case, a request by a non-functionary for checkuser log information to be provided was summarily denied.
- In one case, a minor error of judgment was recognised and communicated to the functionary, the subcommittee agreed that no serious policy breach had been committed, and the functionary’s action was overturned.
- In one case, the complaint was dismissed as out of scope because it was about persistent vandalism.
- In one case, the subcommittee agreed with the functionary’s decision and the complaint was dismissed.
- Two cases are pending and their result is not yet known.
Of these thirteen cases, three reviews were requested by another functionary, one review was a self-review request by the functionary involved, no reviews were initiated by a member of the subcommittee, and eight complaints were received from non-functionary editors.
December 2014 through September 2015
From December 2014 until September 2015, the Audit Subcommittee investigated and closed seventeen cases (they are listed in no particular order, some continued over from the previous report):
- In four cases, AUSC (on auditors' initiative) contacted the Arbitration Committee regarding functionaries who were failing to satisfy the activity requirements in one or both tools.
- In three cases, a request was filed but checkuser or oversight tools had not been used.
- In three cases, the subcommittee agreed that no policy breach had been committed and the checkuser's decision was upheld.
- In one case, the subcommittee agreed that no policy breach had been committed and the oversighter's decision was upheld.
- In one case, a user requested information on whether their account had been checked.
- In one case, there was ongoing discussion about the situation on the Oversight mailing list and the report was referred there as AUSC had established, prima facie, that there had been no misuse of oversight.
- In one case, concerns were raised regarding a suppression performed by a WMF staffer and the matter was referred to WMF Community Advocacy.
- In one case, a checkuser publicly connected an account with an IP address. There was no policy breach but the functionary was advised on best practice to avoid a similar situation.
- In one case, AUSC made a recommendation to the Arbitration Committee (arbitration case)
- In one case, AUSC determined that a use of the CheckUser tool was not appropriate but as it was made in good faith so the checkuser was reminded of best practice.
- Nine cases were reported by community members
- One case was self-reported
- Six cases were initiated by a member of the sub-committee
- One case was referred by the Arbitration Committee
Monthly statistics (including activity investigations)
- September 2014: 5 requests
- October 2014: 1 request
- November 2014: 1 request
- December 2014: 2 requests
- January 2015: 1 requests
- February 2015: 3 requests
- March 2015: 0 requests
- April 2015: 2 requests
- May 2015: 1 request
- June 2015: 0 requests
- July 2015: 1 request
- August 2015: 0 requests
- September 2015: 0 requests
User:Law and User talk:Law
|Full Report for User:Law and User talk:Law|
The audit subcommittee has investigated a complaint dealing with the suppression of four edits on User:Law and 2 edits on User talk:Law. (Issue 09-014)
On August 16, an IP vandal identified Law as The_undertow both on User:Law and User talk:Law; the vandalism included a great deal of extraneous vulgarity. The edits were immediately reverted. On August 20, Law deleted and selectively restored the pages to delete the vandal revisions. On August 21, an Oversighter suppressed the revisions with the stated reason "outing."
The audit subcommittee has determined that the edits do not qualify for suppression; as Law was not an "approved" alternate account, identification of Law's prior account is not "outing." The suppression has been reversed, although the revisions remain deleted, as it is any user's prerogative to remove vulgar vandalism from their user and user talk pages.
The oversighter has confirmed that Law contacted him/her privately and that he/she knew that Law and The_undertow were the same person, but states that he/she either did not know or forgot that The_undertow had been under a block, and "interpreted his most recent departure (and return under a new name) as a RTV thing." Since the edits were deleted and there was no urgency, consultation on the oversight list or with another oversighter privately would have been best practice. If a stranger contacts oversight asking for allegations of sockpuppetry to be suppressed, this should normally provoke questions. Here, the circumstances (including Law resigning his sysop status immediately after deleting the edits) should have raised questions. Instead, the oversighter did not take steps to confirm Law's status, and essentially gave him the benefit of the doubt. The audit subcommittee finds this to be an error in judgement, but not one so serious as to provoke further inquiry or action. We are unable to independently determine whether the oversighter knew more about Law than he/she has said.
The audit subcommittee has adopted a policy of not disclosing the names of oversighters or checkusers involved in complaints where there is no finding of wrongdoing, although the individual is free to identify themself and post their own explanation.
This report was approved 5-0 with John Vandenberg recusing.
For the Audit Subcommittee, Thatcher 16:02, 5 October 2009 (UTC)
"Randy in Boise" suppressions
|Full Report for "Randy in Boise" suppressions|
For many years, Oversight has been used to remove edits that include privacy violations and a limited number of other material. Removal of these edits was irreversible without intervention from a developer, and had other adverse effects on the database. Therefore the use of this tool was tightly limited and only those edits that were clearly problematic were oversighted. In February 2009, an improved tool, known as "suppression", was made available to oversighters. Suppression is fully reversible, and is now the standard tool for removing privacy violations and other material meeting the suppression criteria. Oversighters are now able to remove potentially problematic edits from public and administrator view at an earlier stage, and review the use of the tool after the fact. This feature is particularly valuable where there is an alleged breach of privacy on a heavily watched, rapidly edited page.
On 12 November 2009, during a discussion on Administrator noticeboard/Incidents, an editor posted a comment that included a reference to a Wikipedia critique from some years ago; this reference was incorrectly but reasonably interpreted by another editor as being an attempt to reveal personal details about the second editor. The second editor, aware that there is a significant time factor involved in suppressing edits to AN/I, alerted both the Oversight mailing list (Oversight-L) and contacted another administrator on IRC to try to locate an oversighter for suppression of the edit that was mistakenly thought to be an outing attempt. While the request was being discussed on Oversight-L and the link to the Wikipedia critique article was identified, the administrator on IRC had contacted a steward and had requested suppression. The steward acted on the request for suppression, as per standard procedure. The suppression was reviewed on Oversight-L and, several hours later, was reversed by a Wikipedia oversighter.
The Audit Subcommittee finds that all parties acted in accordance with policy during the course of this event, but that several misunderstandings and gaps in practice complicated the situation.
|Full Report for Noroton/JohnWBarber|
This report is solely concerned with the use of CheckUser by Versageek; the involvement of Lar and the administrative actions by Versageek are outside of the scope of the investigation. There is no evidence of improper use of CheckUser by Versageek. The check was reasonable and within CheckUser discretion.
Passed 3-0 with Risker , Rlevse and Kirill Lokshin recusing.
For the Audit Subcommittee,
DeltaQuad and Int21h
|Full Report for DeltaQuad and Int21h|
On 4 March 2013, the Audit Subcommittee received a complaint by Surturz against DeltaQuad related to DeltaQuad's use of their checkuser permissions to check and block Int21h. The results of our investigation and our recommendations concerning this complaint are as follows.
Checkusers are expected to only take actions when they have a reasonable basis in fact to conclude that the action is permitted under the Checkuser Policy and that its performance will advance the purposes of the project. A reasonable basis in fact is evidence such that an impartial third-party possessing the same information as the Checkuser could reach the same conclusion as the Checkuser. The concurrence of other Checkusers as to an action may tend to indicate it had a reasonable basis in fact, but will not relieve the Checkuser who took the action of responsibility. If a Checkuser possesses a reasonable basis in fact to take an action, takes the action in good-faith, and the action is later determined to have been incorrectly taken, the Checkuser has erred, but not abused their access to the tool. Repeated or regular errors, even if they are based on a reasonable belief and taken in good-faith, may serve as grounds for removal of Checkuser status due to lack of competency.
Use of open proxies, including Tor, is strongly discouraged. However, good cause may exist for an editor to participate via open proxies under exceptional circumstances. A user who has requested the IP block exemption flag is deemed to have consented to periodic monitoring with the Checkuser tool given the high risk of abuse. A user who has requested the IP block exemption flag is not deemed to have consented to disclosure of their private information beyond what is necessary to monitor their use of the IP block exemption flag.
Int21h requested the IPBE flag via the unblock-en-l mailing list to edit via Tor and was granted the right on December 27, 2011. DeltaQuad Checkusered Int21h on December 27, 2012.
Based on our review of all materials available to us, DeltaQuad had a reasonable basis in fact to Checkuser Int21h and we have found no evidence that DeltaQuad did so in bad faith.
DeltaQuad blocked Int21h on December 28, 2012 with the block log
reason of "
Based on our review of all materials, DeltaQuad made a reasonable investigation to obtain relevant facts to support a block of Int21h. DeltaQuad further acted reasonably in blocking Int21h as a result of the facts that were available to them at the time. While there were facts unknown to DeltaQuad that resulted in the block being invalidated, DeltaQuad did not err in failing to obtain extraordinary information beyond the knowledge of the average Checkuser in forming the basis for the block.
The blocking policy
blocking administrators to leave notice on the blocked user's talk
page regarding the terms of the block. This policy exists to provide
notice to the blocked users and other users who may review the block
as to the reason for the block. DeltaQuad
left] notice on Int21h's talk page regarding the block. We find
DeltaQuad satisfied their duty to provide notice to Int21h and other
users as to the relevant terms of the block through his use of the
All administrators are required "to respond promptly and civilly to queries about their Wikipedia-related conduct and administrator actions and to justify them when needed." A Checkuser is not required to disclose alternate accounts they find to a blocked user nor are they required to disclose to the blocked user the precise evidence they used as the basis of the block. While a Checkuser must disclose the information used as the basis of a block to fellow Checkusers and the Arbitration Committee, it is left to their discretion as to the amount of information to disclose to the blocked user.
Int21h attempted to appeal the block to a mailing list and via an [http://en.wikipedia.org/w/index.php?title=User_talk:Int21h&oldid=530581411#Block obscene message] on his user talk page on December 31, 2012. Int21h refused to communicate with DeltaQuad via email. MaxSem summarily denied the on-wiki block appeal on December 31, 2012. DeltaQuad was not active on the English Wikipedia while the block appeal was pending on Int21h's talk page. Int21h failed to re-file the unblock request on-wiki or to contact DeltaQuad via email.
As a matter of best practice, DeltaQuad should have responded on-wiki to Int21h. However, DeltaQuad did not breach their duty under WP:ADMINACCT as they was not active when the block appeal was made and rejected, nor were they contacted by the blocked user to contest the block via another means. DeltaQuad's failure to initiate communication in response Int21h's terminated obscene block appeal was not an abusive error or misconduct.
We conclude that DeltaQuad acted reasonably in Checkusering and blocking Int21h. Even though the block was subsequently invalidated, DeltaQuad's block was appropriately made based on a reasonable interpretation of the evidence available at the time. DeltaQuad failed to promptly respond to Int21h's rejected obscene block appeal. DeltaQuad's failure was not the result of abuse, misconduct or indicative of incompetence in holding Checkuser status. Therefore, the AUSC has completed its investigation and is submitting this report to the Arbitration Committee with a recommendation that no further action be taken.
For the Audit Subcommittee,