Wikiversity talk:CheckUser policy/Archive 1

Do we need a local policy?
I think the Meta policy is all we need - as well as a list of people who have access, a means for requesting such, and what to do with it. That's all Wikipedia has. :-) Cormaggio talk 14:24, 22 April 2007 (UTC)
 * Yes, I think so too. --HappyCamper 16:02, 22 April 2007 (UTC)
 * As written, the Wikiversity policy has some differences from the policy page at Meta. In particular, I suggest that the Wikiversity CheckUser policy should emphasize two things:
 * I think that every CheckUser action should be recorded at Requests for CheckUser or an associated page
 * I feel that there is misuse of the CheckUser tool at other projects that arises from CheckUsers who who call anything they do not like "vandalism" or "disruption". I would prefer that Wikiversity CheckUser explicitly state the conditions under which the CheckUser tool can and cannot be used.
 * also, even if we end up with an identical policy to what is described at Meta, we should have our own page about CheckUser policy. Wikiversity participants should not have to chase around to other websites in order to figure out what is going on. --JWSchmidt 16:52, 22 April 2007 (UTC)


 * While I understand the sentiment, I thinking listing all checkuser functions is a Very Bad Idea. The reason the logs are only available to others with the tool is because if a check turns up nothing, it's better that it not be known about at all, for the sake of avoiding unnecessary embarrasment of the innocent. It's very much an investigational tool: in the case of vandals, it's just used to find if an IP is used by several vandal accounts (or alternatively to make sure we don't block an IP that's being used by positive conrtibutors). In the case of meatpuppets, I personally think it's good to just run a quiet check, and if anything looks suspicious (or the contrary), just leave it up to the checkuser to monitor the situation, warn the puppeteer, and block if necessary.


 * I know it all sounds clandestine, but it's supposed to be clandestine, and it's very difficult to report about any findings without compromising someone's privacy. So that's the shaky part of having the tool: you just have to trust that the people who are using it will do their utmost to protect the privacy of the users at the same time as they are protecting the health of the project. There are always at least two on any project (who can keep tabs on one another), and of course the stewards and the CUs from other wikis can keep tabs as well. --SB_Johnny | talk 22:01, 22 April 2007 (UTC)


 * What I know about CheckUser I've learned at Wikipedia:Requests for checkuser. There is a distinction between saying that the CheckUser tool was used and revealing private information. If there is a good reason to use the CheckUser tool, how can saying that it was used result in "embarrassment of the innocent"? "who can keep tabs on one another" <-- but what happens when they do not keep tabs on one another? --JWSchmidt 00:47, 23 April 2007 (UTC)


 * Is the use of CU something the community should be actively policing then? --HappyCamper 01:00, 23 April 2007 (UTC)
 * I'm interested in the idea that we should be open about what happens within WikiMedia projects. I'm not sure that being open equates to "policing". --JWSchmidt 01:21, 23 April 2007 (UTC)
 * OK. I agree with that. --HappyCamper 01:43, 23 April 2007 (UTC)


 * (edit conflicts :)) Just for clarity, JWSchmidt is aware that I have Checkuser on English Wikibooks, but that might not be clear to everyone else.
 * What I mean by "embarrassing" is that if someone suspects there might be a meatpuppet problem (meaning a sockpuppet used to skew the appearance of consensus or "votes"), a concerned user might send a private message to someone with the CU tool (or the person with the checkuser tool him/herself) asking to check it out quietly. This (at least IMO) is better than throwing around accusations of meatpuppetry on an RFCU page, because accusing people of being meatpuppets (when they aren't, or at least aren't shown to be by performing CU) is a rather nasty business, and serves little purpose other than to kick tensions up a notch. Personally I think requests for CU should be handled in a similar way that requests for oversight are handled on Wikipedia: ask via email, not on a wiki page.
 * In the case of "pattern-following, blatant vandals", listing every instance of the CU tool's use isn't really necessary, since it's just a maintenance job. Adding an additional requirement that CUs publicly notify that the tool was used allows the vandal to get the attention they want, and feel good about making someone do extra work :).


 * You'll just have to take my word on the second point. The sort of people who are interested in the tool -- and become good at using it -- are suspicious by nature, enjoy the challenge of "solving crimes", take the responsibility very seriously, and would consider any who don't to be the worst possible threat to wiimedia. I'm not sure how many do it, but at least a few of us do indeed watch those logs, and take special interest in those who are new to the tools.


 * HappyCamper: I doubt we'd end up with wikipedia-style problems of abuse here, so quite the contrary, I think the use of CU should be something taken for granted, but more or less ignored. It's a rather nasty tool in that it's very use is in some sense contrary to the spirit of our community, but when used well it's very good for stoping certain kinds of disruption, and preventing future occurrances of other kinds. --SB_Johnny | talk 01:20, 23 April 2007 (UTC)


 * What are these "Wikipedia-style problems" everyone is whispering about? I am honestly in the dark on this. I imagine it would be awkward to discuss this here, so maybe me not knowing about this is for the better. You know, I think I am going to just set up a Wiki and play around with this checkuser tool just to see what it really does. --HappyCamper 01:43, 23 April 2007 (UTC)


 * Heh, I'm not sure how it was used, but Wikipedia suffers from Murphy's law of late. The tool doesn't do all that much, it's generally used just to find evidence for sockpupperty (vandal or otherwise). --SB_Johnny | talk 02:36, 23 April 2007 (UTC)


 * But back to the local policy thing...it seems that there are some modifications that people want to consider. One is having RFCU conducted via e-mail. Do we want this then? Another is preventing misuse, or perceived instances of misuse. Does this e-mail system address this problem sufficiently, or are we simply replacing one problem with another more difficult one? --HappyCamper 03:22, 23 April 2007 (UTC)


 * SB Johnny has requested comments from active Wikiversitans on the proposed use of CheckUser at Wikiversity.


 * Your servant believes that CheckUser would be an essential tool at Wikiversity.


 * The initial position of your servant on the need for a local Wikiversity policy is that a local policy might be preferable even though it might mirror Meta policy in the beginning. This would tend to give Wikiversity more flexibility.


 * (s) Dionysios  (talk), Date: 2007-09-03 (September 3, 2007) Time:  1136 UTC

CheckUser problems
I do not think we need to discuss specific problems with CheckUser at Wikipedia. The point to be made is that there are two type of CheckUser actions done for Wikipedia: Sometimes there is a "leak" and it is revealed that there was a secret CheckUser action and there is doubt that the secret CheckUser action was done for reasons that satisfy CheckUser policy and the Wikimedia Foundation privacy policy. I have repeatedly asked Wikimedians who are CheckUsers why there need be any secret CheckUser actions and I have never gotten a satisfactory answer. There is a clear distinction between having a public record of which CheckUser actions have been done and publicly reporting private user information obtained from the database queries. As far as I can tell, if there is a valid reason for doing a CheckUser action then there is no reason why the fact that the CheckUser action was done cannot be made public. The idea that a public record of CheckUser actions would cause, "unnecessary embarrassment of the innocent" makes no sense to me. If someone had good reason for suspecting a sockpuppet then how can a public record of that be a source of embarrassment to anyone? I would have no objection to secret CheckUser actions being conducted at Wikiversity with the aid of IRC or any other communication channel as long as there is eventually a public report that those CheckUser actions were in fact conducted. --JWSchmidt 17:34, 23 April 2007 (UTC)
 * 1) People go to Wikipedia:Requests for checkuser, make a request and there is a public record of what happens.
 * 2) Other CheckUser actions are done without there being a public record.
 * If there has been, in fact, an abuse of the checkuser policy then it needs to be brought to someone's attention. There are individuals known as "Checkuser Ombudsmen" who have access to the checkuser logs but do not perform the checkuser actions themselves.  Abuse of the policies are not tolerated by the Foundation and someone's checkuser access may be immediately revoked.  Individuals appointed as checkusers are done so with serious respect to responsibility.  If you are concerned about specific matters, you are welcome to email me personally at cbass (a) wikimedia.org.  Bastique 13:43, 25 April 2007 (UTC)
 * Thanks for your offer. In my case, "there is doubt" about past CheckUser actions, but rather than bring past matters to the Checkuser Ombudsmen I decided that I would try to work towards changes that would prevent future problems. In my view, the potential for CheckUser abuse is increased by allowing secret Checkuser actions. Towards that end, I am exploring the idea that the CheckUser process can be more open. If there is, in fact, a valid reason for a CheckUser action, then is there any reason not to make known the fact that a CheckUser action was done (as is done at Wikipedia:Requests for checkuser)? One possible reason for resistance to this from people who can perform CheckUser actions is that it would require more work for them to create a public record of their actions. It might make sense to have CheckUser clerks who are as trusted as actual CheckUsers, but the CheckUser clerks would just have the job of making the public list of what CheckUser actions were done. --JWSchmidt 14:18, 25 April 2007 (UTC)

"Disruption"
The only time CU would be helpful there is if someone is using sockpuppets to evade a block... am I missing a possible other use? --SB_Johnny | talk 22:07, 22 April 2007 (UTC)
 * At Wikipedia, CheckUser can be used in cases of suspected "vote fraud". I have seen it used in clandestine fashion at Wikipedia for reasons and in ways that I feel do not satisfy CheckUser and Privacy policy. This is why we need to be explicit about what is allowed. CheckUser can start out as a way to deal with vandalism then end up being abused to invade the privacy of editors. --JWSchmidt 00:56, 23 April 2007 (UTC)
 * JWSchmidt, does that mean you are in favor of using CU in a more restrictive way than that permitted on Meta? --HappyCamper 01:02, 23 April 2007 (UTC)
 * I'm not familiar with how it is used at Meta, but the policy as stated at Meta allows for types of mis-use of CheckUser which I have seen happen at Wikipedia. I want to avoid such mis-use at Wikiversity. --JWSchmidt 01:11, 23 April 2007 (UTC)
 * I wrote that incorrectly - what I meant was "written on meta". This "vote fraud" scenario sounds a little odd. It suggests the possibility of someone creating targeted sockpuppets to purposefully reveal a particular user's IP address to a checkuser. Now, why anyone would want to do that is beyond me, but it does show that privacy is only as good as trust in checkusers. --HappyCamper 01:59, 23 April 2007 (UTC)

One or many
There are a number of circumstances when it is useful to determine whether you are dealing with one person or several. These circumstances can arise in any serious dispute when multiple parties are involved. It is also useful to make a record if blocks or bans are to be imposed. This gives a way to determine if the user is continuing with their activities. Fred Bauder 22:30, 25 April 2007 (UTC)


 * On en:wp, checkuser is frequently used for tracking persistent vandal-trolls as well. Jwschmidt appears not to understand the tool or what it's for. It's a sysadmin-level function - being looked up is not a privacy invasion because sysadmins don't tell. The function was separated out as a MediaWiki function so as to avoid the devs being bugged all the time.


 * On en:wp, RFCU was created to avoid the checkers being bugged. They're not even obligated to look at it. All checks were private up till then.


 * Jwschmidt speaks of claims of leaks of checkusered information. However, the investigated cases I know of have NO cases of this having been proven to be the case.


 * You can put all sorts of impediments to the use of checkuser, but I suspect none of them whatsoever will deal with the general concerns, which appear to come from (1) it existing at all (2) the belief that it's magic pixie dust that is used to abuse everyone in sight. (2) is not in fact the case in much close examination, and (1) would imply the devs who run the servers are not allowed to. You have to understand that Wikimedia is not an anonymiser service - en:User:David Gerard


 * Has anyone in this discussion questioned the value of CheckUser and its use for dealing with vandals and banned users? Has anyone in this discussion suggested that CheckUser is some kind of magic? "Jwschmidt speaks of claims of leaks of checkusered information" <-- The case that I am most concerned about is one for which I'm not sure that CheckUser should have been done and I have doubts about how the IP address information obtained by CheckUser was used. In that case, the information that was "leaked" was that CheckUser had been done to find the IP address corresponding to a username and that the IP address was used in an attempt to obtain information about the real world identity of an editor. I asked to know on what basis (in policy) CheckUser had been used in that way. I was given a reason that struck me as questionable and I was told that there was no reason for me to be concerned, but I was left with doubts. My question is, if there is a valid reason for doing a CheckUser action, then why not have a public record to indicate that it was done and why it was done? --JWSchmidt 03:07, 26 April 2007 (UTC)

Some CU experience from cs:
@JWSchmidt - "There is a clear distinction between having a public record of which CheckUser actions have been done and publicly reporting private user information obtained from the database queries."

In reality it's often possible to derive lot of info just from a log in the form "CU checked A because of X". Consider this scenario: you investigate user Troll for some good reason. On the way you learn that one of addresses he uses is the same / is in the same subnet as address of well established user Bob. Of course you investigate further and you learn some plausible explanation of the proximity other than Troll being Sock of Bob. (For example you reveal from the ips and info they write about themselves real-world identities of both Troll and Bob.)

What I would do as a CU in such case is to use info about Troll in a suitable way, remember that Bob is a "false positive", and publicly report not even the fact he was checked. IMO it's the only possible way to protect his privacy and reputation.

Another reason is, detective work is better done in secrecy. We had a user on cs: amusing himself with really massive sockpuppetry, creating literally more than a hundred accounts, "playing" with the wiki... as some of the puppets were revealed, he gradually improved the methods - started on dynamically assigned block, when it was clear we can track the record even when the ip changes a bit, moved to easily detectable open proxies, when they were blocked, moved to tor,... I won't explain how to anonymize further. Usually I revealed checks permomed and info obtained when it was of some direct use, which may be a long time from the check. If he had immediate knowledge of the check, it would be much harder - if you're hiding, public record of checkuser actions gives you a great feedback, and feedback means faster learning. --Wikimol 23:50, 25 April 2007 (UTC)


 * I may not be using good terminology, but from the perspective of someone on the outside (who has never used the CheckUser tools), I have been thinking of a "CheckUser action" as what I see at Wikipedia:Requests for checkuser: someone explains why they suspect that user "Noob" is a sock of user "Banned". The request might be denied or the answer comes back as either confirming the suspicion or not. At Wikipedia:Requests for checkuser there is certainly no mention of any information pertaining to innocent accounts that may have been seen during a requested CheckUser investigation. It may be that from the perspective of someone using the CheckUser tools there are multiple "CheckUser actions" during an investigation of user "Noob", including actions clarifying that user "Bob" has an IP address that is similar to but unrelated to that of "Noob". Personally, I have no interest in any "CheckUser actions" such as one failing to confirm that user "Bob" is a sock of user "Noob". When I say that there should be a public record of CheckUser actions I am not talking about meaningless coincidences (such as Bob's IP address being similar to Noob's IP address) that might be seen when using the CheckUser tools. Maybe we need a more sophisticated terminology such as type I CheckUser actions and type II CheckUser actions. Type IIa CheckUser actions being those uses of the CheckUser tools that are incidental to a type I CheckUser action and that nobody would ever suggest should be made public because they provide meaningless bits of useless information. A "type I CheckUser action" is what we see at Wikipedia:Requests for checkuser for which particular wiki edits lead to a request for information with the goal of preventing future damage to the wiki project. We could also define "type IIb CheckUser actions" that result in meaningful information such as "user Foo is a previously unrecognized sock of user Banned". Why shouldn't there be a public record such as "while investigating the antics of user "Noob" it was found that users "Noob" and "Foo" use the same fixed IP as user "Banned"? Here is an example where Buridan was suspected of having socks but that was shown not to be true, however additional socks of FreddyTris were found and blocked. "user on cs" <-- I'm not sure what was going on....it sounds like a bunch of socks were being blocked for vandalism. If having a public listing of the CheckUser actions related to these blocks would provide some advantage to the vandal it would make sense to do a time delay in reporting them. If there were "CheckUser clerks" they could take responsibility for delaying CheckUser reports on serial vandals. --JWSchmidt 05:24, 26 April 2007 (UTC)


 * I think the main advantage it gives to the vandal is more along the "not building monuments" line than providing technical information to them. --SB_Johnny | talk 12:22, 27 April 2007 (UTC)
 * I generally support No shrines for vandals as a reasonable goal to be kept in mind when dealing with vandals. My guess is that many Wikiversity vandals are school kids who like to do a prank and then show it to their school chums. When custodians can quickly erase most evidence of the vandalism and there is not much left to show off, I imagine that motivation for additional pranks is reduced. However, I have always argued that "No shrines for vandals" should be kept in perspective and balanced with other priorities. For example, custodians sometimes find it useful to keep track of patterns of vandalism and so we were able to engineer a way for custodians to have pages for tracking vandalism without those pages being "monuments". "No shrines for vandals" was bent so as to adapt to a higher priority. The goal of making sure that CheckUser is not misused is higher on my list of priorities than making sure that a vandal is never mentioned on a wiki page. A public note saying something like, "user account X and user account Y already blocked for similar acts of vandalism and suspected to be socks; CheckUser found previously unrecognized sock accounts that were blocked" is not much of a monument. In this example, the blocking information is already in the block logs, so it is not that we would be going from no record of the vandalism to having a record by keeping a list of CheckUser actions. The purpose of a list of CheckUser actions is not to create a monument to vandalism, it would be to allow members of the community to have a way of making sure that CheckUser is not misused. It is more important to me that we have a way of knowing that CheckUser is not misused; limiting mentioning of vandals on our wiki pages is a good goal, but it is a lower priority for me. --JWSchmidt 16:02, 27 April 2007 (UTC)
 * Not to be flip, but it seems to me that the best way to be sure that CU isn't abused is for you (JWSchmidt) to have the tool and therefore access to the logs, both because you're clearly concerned about its abuse (every good CU is), and you're probably the one most often on the front lines against vandal attacks anyway.
 * There's really 4 major reasons why logs are a bad idea:
 * It can compromise an investigation by telling the meatpuppeteer/vandal that we're on to them.
 * During the use of the tool, we often find "perfectly innocent users" implicated, and there's absolutely no need to create hard feelings for no reason other than due diligence.
 * It creates monuments for vandals
 * CU actions are automatically logged, and if you have to run 5-10 CU actions to get a clear picture of a situation, having to "manually log" each action on a wiki page places an unneccesary burden on the CU operator's time.
 * Like so many other things on wikis, you really have to "Assume Good Faith" and just trust that CUs aren't being abusive. --SB_Johnny | talk 18:42, 27 April 2007 (UTC)

Good Faith, clerks, points 1, 2, 4
"Assume Good Faith" <-- this is a useful reminder when we are working in the open during wiki editing. If we see something odd, we can take a breath and wait to see what is really going on rather than simply assume that someone is not acting in good faith. When we are dealing with CheckUser and the risk of violation of the Wikimedia Foundation privacy policy, it is not an assumption of bad faith to craft checks and balances that reduce the risk of CheckUser tools being used inappropriately. It is a matter of trying to create a system that prevents misuse of a tool.

JWSchmidt to have the tool <-- I do not see this as a solution to the problem I am trying to address. What I desire is a solution that will help ANYONE in the Wikiversity community who might have concerns about CheckUser. It seems like the way to address this is to create checks and balances that prevent misuse of CheckUser tools. Some openness about use of CheckUser seems necessary. I really cannot think of a "wiki way" to prevent misuse of CheckUser tools without some kind of public record of CheckUser actions. A non-wiki approach would involve some sort of external audit, which I do not think is practical.

"most often on the front lines against vandal attacks" <-- I am interested in being efficient when dealing with serial vandals. I am concerned that we not have any "burden on the CU operator's time". One approach that might work is having someone who can function as a "CheckUser clerk". Such a "clerk" would not be able to use the CheckUser tools but would create a public record of how the CheckUser tools are used at Wikiversity. Based on my experience with the amount of Wikiversity vandalism, performing the duties of such a "CheckUser clerk" would not require much time. I'd be willing to do it, but I am not sure that I am the best person for the task. As far as I know, there has not yet been a CheckUser action at Wikiversity and we are only just starting to think about being ready for the day that we need CheckUser.

"compromise an investigation" <-- I'm not sure what argument is being made here. Is the idea that there are vandals who do not know about CheckUser so they have patterns of vandalism that are easy to counter/defeat by making use of CheckUser? If such vandals knew about CheckUser then they would change their method of vandalizing?

"perfectly innocent users implicated" <-- Is this referring to anything other than what is discussed above on this page as the kind of CheckUser action that need never be mentioned in a public log? A CheckUser clerk would (in private) verify that there was reasonable cause to perform such CheckUser actions, that nothing was found that could be used to take action against the innocent accounts and so no public record of these CheckUser actions should be made. The only information revealed in a public CheckUser actions list should be information about accounts/IPs that are involved in clear and persistent vandalism/disruption of Wikiversity, similar to the information found in the block logs.--JWSchmidt 16:14, 28 April 2007 (UTC)


 * I have an idea which I think can solve everything all together...take the recent sneaky vandalism as an example. The custodians who are aware of it are essentially in agreement that there is a pattern of disruption. Also, the inclination to use CU is there. This in itself is already "public disclosure". So in other words, what we might consider is have someone who will only do CU requests based on this sort of discussion. They would evaluate the "consensus" for performing the checks, and only perform checks based on community requests, not on individual requests. We should define situations which necessitate CU on Wikiversity as ones which are malicious with broad and/or chronic implications for the site. In this way, we constrain CU usage appropriately without introducing any fundamental change to the workflows involved with the actual checking and interpretation. Granted, we cannot monitor all CU checks, or how a CU would use it, but I consider this a "feature/flaw" of the software, and not something meant for the community to "police/fix". The good approach with having CU is proper administration, in the sense that the user who has CU has the responsibility to use it in an ethical way so that there is no question by the Wikiversity community that it has been used improperly. This has to be paramount, because the cost of not doing so is tremendous and inexcusable. Note carefully, that CU is now presented as something reactive and not proactive. There's more I want to talk about, but I need a break from all this heavy, heavy policy stuff. --HappyCamper 20:15, 7 May 2007 (UTC)

Probable cause
I know I'm a bit late in the game and probably should have posted earlier. Either way, I still hope someone reads this and finds it worth a thought. What I want to raise goes a bit along the lines of JWSchmidt's comments earlier regarding CU abuse and control. I want to propose that as a requirement for any use of the tool be a clearly formulated request that includes If any of those elements are missing, the request should be denied. Also, if 2 isn't a substantial violation, the request should also be denied. Finally, if 3 doesn't meet the standard of probable cause, the request is also denied. Probable cause here means a reasonable belief that the named accounts belong to the same person based upon specific actions (e.g. similar use of language, similar modus operandi, similar user/script/css pages, involuntary disclosure, accidental edits with the wrong account).
 * 1) account names (user A is a sockpuppet of user B)
 * 2) concrete descriptions of abuse (A did X, Y and Z in violation of 1, 2 and 3) with diff/log links
 * 3) reasons to believe they are sockpuppets (probable cause) with diff/log links

The request should be made either on-wiki or per e-mail to one of the CU users. If they are made per e-mail, all users with CU access should agree that the accusations made and evidence provided warrant use of the tool.

What definitely cannot happen are "fishing expeditions". This includes request like "I wonder if this user has any other accounts" or "this new user's edits feel like they are made from an experienced user. let's find out who the main account is". Also, checkuser actions must be limited to incidents related to sockpuppet abuse. No checkuser action should be performed, for example, on a user who gets blocked for vandalizing a page or attacking other users just to block all his other accounts that may or may not exist.

Results of a request should be anonymized as much as possible. So the response to an accepted request only confirms or denies the accusations made. Especially, no IP address or ranges should be provided on users who only edited pages while signed on (if they didn't sign on, they are releasing their IP on every edit so there's no expectation of that information be private). No incidental results should be published either. Meaning, if user A is accused of being a sockpuppet of user B and both A and B voted somewhere, the results may not show that user C and D are also sockpuppets, if C and D did not vote. This of course would not apply to persistent vandals. sebmol ? 15:49, 3 September 2007 (UTC)


 * I agree with the tone of sebmol's comments. I wonder to what extent we can learn from the existing Wikipedia system. --JWSchmidt 16:29, 3 September 2007 (UTC)

Community Review
This policy is the subject of a Community Review. --JWSchmidt 15:48, 30 July 2010 (UTC)


 * Any user here may request checkuser at meta, and it is subject to meta policy, not Wikiversity policy. The information provided at meta is generally public, so any user here may use the information that stewards choose to provide unless it otherwise violates our policy. For example, there are certain privacy protections. If a checkuser at meta violates privacy (according to our rules), that doesn't mean that any user here may post the privacy-violating information, it depends. The example that JWSchmidt has in mind did not represent a privacy violation, in my opinion. A checkuser was asked to check on what appeared at first glance to a user here to be a sock puppet of a banned user. It turned out to be a sock puppet of another user, and because there were recent problems with that user, the checkuser disclosed this. Was this a privacy violation? Perhaps. Perhaps not. While I'm not aware of any "double voting," for example, there were actions apparently designed to make the account appear to be a distinct and separate account, that is, the puppet master (i.e., original account) greeting the alternative account. This could be a setup for later editing while blocked. I can understand why a sysop here might have been concerned.


 * But our policy page isn't policy, it is more in the nature of information, and if it isn't accurate, the remedy is to fix it. It would not generally bind meta checkusers, who cannot possibly keep track of individual policies on what, I think, amount to hundreds of wikis. If there was a privacy violation, it occurred at meta, not so much here, and if the user improperly posted private information, it wasn't a violation of our checkuser policy. Taking this to a Community Review without attempting to simply fix the page was certainly premature. --Abd 00:45, 9 September 2010 (UTC)