User:Dreamy Jazz/Clerking

Hello, Dreamy Jazz! I've put together this page (sorry for the delay...remote work issues dealing with OPCUA ate my time!) to coordinate the training process.

You can start clerking any cases you feel comfortable working on, since this isn't really a hugely formal process or a test.

Questions
Here are a few questions to get you started! This isn't a formal test&mdash;it's more of a way to identify if you have any misunderstandings of either the policies or how checkuser works.

Policies
The relevant local and global policies that you have read are:


 * The sock puppetry policy
 * The local checkuser policy
 * The global checkuser policy
 * The roles and responsibilities of SPI clerks


 * 1) What is investigated at SPI?
 * Answer: Whether two or more accounts / IPs are being abusively operated by the same person
 * 1) Are sock puppets ever allowed outside of obvious joke accounts? If yes, when?
 * Answer: Sockpuppets, in my understanding, are alternative accounts used abusively. Using my understanding of the term, using sockpuppets for any reason is not acceptable.
 * Using alternative accounts, however, is allowed. A list of legitimate reasons for using alternative accounts is WP:VALIDALT, but as long as the alternative account is clearly linked (unless doing so would defeat the purpose of the legitimate account, such as privacy while editing controversial topics) and the account is not used to mislead, deceive, disrupt, or undermine consensus alternative accounts are allowed.
 * 1) Is it ever acceptable for a checkuser to publicly link an account and an IP address? If yes, when?
 * Answer: Except in very rare circumstances, per the privacy policy and check user policies, it is not acceptable for a checkuser to publicly link an IP address and account(s). This rare circumstance is defined in global policy as serious disruption, and our local check user policy allows CheckUsers to prioritise compliance with Wikipedia policy over the personal privacy of a user who has abusively edited the encyclopedia.
 * 1) Name the four main uses of checkuser.
 * 1: To investigate / prevent sockpuppetry, such as checking for sleeper accounts or seeing if technical data links two accounts
 * 2: To prevent or limit disruption to any Wikimedia project (such as in the case of possibly compromised accounts)
 * 3: To respond to / prevent vandalism
 * 4: To investigate and respond to legitimate concerns about bad faith editing
 * 1) For how long is technical data stored?
 * Answer: Currently 90 days
 * 1) Are undisclosed alternative accounts permitted to edit project space? What about if the main account has not participated in the discussion?
 * Answer: Undisclosed alternative accounts are not allowed to edit project space, per WP:SOCK and Requests_for_arbitration/Privatemusings. It does not matter if the main account has participated in the discussion: any undisclosed alternate account is not permitted to edit project space.
 * 1) You disagree with a checkuser block placed as part of an SPI. (You do not believe that the accounts are related.) What do you do? Can you simply reverse a checkuser block?
 * Answer: A checkuser block may not be reversed or changed by a non-checkuser without first consulting a checkuser per CheckUser. I would instead first talk to the checkuser who made the checkuser block with my concerns, then I still had concerns I would then email the functionaries team, and as a last resort email the Arbitration Committee.
 * In general, emailing ArbCom would be better over emailing functionaries-en. I'm pretty sure it would just get bumped to ArbCom anyway since they review checkuser blocks. Reaper Eternal (talk) 18:00, 5 June 2020 (UTC)
 * 1) When, if ever, is a user allowed to have more than one sysop account?
 * Answer: Per the bullet point from the sockpuppetry policy on operating multiple sysop accounts, an administrator may not have more than one account with administrator privileges, unless the other account(s) are bot account. The only exception to this rule is that WMF staff are allowed to have more than one sysop account, but they need to ensure that it is known that they operate multiple sysop accounts.
 * 1) Are "meat puppets" blocked as part of an SPI?
 * Answer: Meat puppets can be blocked as part of an SPI. A random example of a SPI case where the accounts were blocked for meatpuppetry is Sockpuppet investigations/FredTheBiped2/Archive
 * 1) A user requests checkuser on an account with no specific alleged sock or master. He claims that the user is probably socking or a sock, but provides no concrete evidence. Can a checkuser check the account to confirm or deny the suspicion?
 * Answer: The checkuser tool cannot be used for "fishing": i.e. the tool is only to be used when there is credible evidence which suggests sockpuppetry. Without proper evidence a check should not be run, so in this case a check should not be run until credible / concrete evidence is found to suggest sockpuppetry.
 * 1) When should you tag sockpuppets? Is there ever any reason to not tag a sock? What tags do you use and when? (Link the code of the template you'd use to tag.)
 * Answer: Tagging sockpuppets is useful, as it clearly states that a user may be / is a sockpuppet. However, there comes a point where further tagging may just give the sockmaster the recognition they are wanting (such as their sockpuppet category being large, which is filled by tagging accounts) so denying recognition by not tagging further socks is the best way forward. The sock template is the best way to tag a sockpuppet and the second unnamed parameter allows you to customise the tag:
 * I have never used this tag, but if the account is a suspected sockpuppet and is not blocked then you would use
 * If the account is a blocked suspected sockpuppet, then the tag to use is
 * If the behaviour proves beyond reasonable doubt that the user is a sock (WP:DUCK) and there is no confirmed CU result, the tag to use is (although I like to use this tag sparingly and often opt for blocked even if the sock looks like a duck)
 * If a CU has confirmed that the accounts are connected, the tag to use is
 * 1) Is the local checkuser policy more or less restrictive than the global policy? How?
 * Answer: The local checkuser policy is more restrictive than the global policy. For example our local checkuser policy does not allow users to request a check on themselves, and the minimum activity level for a checkuser locally is 5 logged checkuser actions in the last 3 months and globally is 1 year of inactivity.

Good answers. Reaper Eternal (talk) 18:32, 5 June 2020 (UTC)

SPI actions
These are some situations that you may find yourself in when dealing with SPIs. Some are more or less common, but they've all happened. Think about these for a bit, since most of the questions don't really have a "right" answer....


 * 1) Someone files an SPI while complaining about three revert rule violations. It is very unlikely that the accounts are socks. What do you do?
 * Answer: If the account(s) have violated 3RR by themselves (i.e. an individual account has broken 3RR), then I would deal with that (warning / block as appropriate). Because it is unlikely that the accounts are socks, I would close the case without action.
 * While blocking people for edit warring is certainly allowed per the blocking policy, I personally try to avoid blocking for anything other than blatant vandalism or abuse at SPI (besides obviously socking). I like to give people the opportunity to defend themselves (for example, at the edit warring noticeboard), and SPI doesn't really give them much room since it's a fairly-structured process intended only for preventing abuse of multiple accounts. Reaper Eternal (talk) 19:12, 15 June 2020 (UTC)
 * 1) When can you close a case?
 * Answer: When everything has been dealt with. This includes blocking, tagging, deleting pages created (where applicable) under G5. Also includes reverting edits which are not constructive.
 * Yeah, this pretty much covers it. You don't have to tag, and it can even be counterproductive in cases where the user is just going for a "high score". Reaper Eternal (talk) 19:12, 15 June 2020 (UTC)
 * 1) A checkuser unambiguously ✅ that a vandal sock is a long-term otherwise-respectable editor. What do you do? Is there any difference if there's only one disruptive sock versus many?
 * Answer: The editor has violated the sockpuppetry policy. No editor is above the sockpuppetry policy, which means that just because the editor is a long term respectable editor shouldn't unduly affect how they are dealt with.
 * Obviously the sock(s) should be blocked and tagged. With a long-term editor who is using a WP:BADHAND sock, you can't reasonably assume good faith, but the nature and extent of disruption should be also taken into account. A indefinite block for the main account in this case is probably what I would go for as the WP:BADHAND sock is not something I can AGF over and also because an indefinite block is not forever (as it can be appealed).
 * You'll find that this is a bit of a divide among the checkusers and clerks. Some, like you, support indefblocks for first-time socks. On the other hand, others, like me, tend to give a single second chance and issue a temporary block if there was only one disruptive puppet and the puppet wasn't blatantly abusive. Which is better? I don't know.... Reaper Eternal (talk) 19:12, 15 June 2020 (UTC)
 * 1) In an SPI, you deduce that the alleged master account is indeed operating a sock. There is no overlap between edits, and neither account is disruptive. How do you handle this situation?
 * Answer: Because the account is not being used disruptively and there is no overlap, they have not violated the sockpuppetry policy and so the case should be closed without action. This is because the sock might have been an account for privacy (such as to make edits to pages which might be controversial within their real life circles) or they might have wanted a clean start.
 * You are absolutely correct. While it is uncommon compared to the alternatives, finding non-abusive socks does happen, and we need to be careful to not just mindlessly block someone for simply having two accounts. The accounts must be abusive. This is one reason why checkuser is not for fishing. Reaper Eternal (talk) 19:12, 15 June 2020 (UTC)
 * 1) A checkuser notes that a number of single-purpose accounts all voting keep in an AFD are all  to ❌. How do you handle this situation?
 * Answer: I would look at their behaviour to see if there was a link between them, as CU evidence does not always preclude sockpuppetry. If I could not find a behavioural link between them that would suggest sockpuppetry or meatpuppetry, then I would tag their AfD votes with Single-purpose account if they had not been already tagged.
 * In general, you'll see this pattern when someone who doesn't understand Wikipedia makes a post on a 3rd-party forum. It's usually canvassing, but the user doesn't usually mean any harm, and there's a template that can be placed on the AFD reminding people that AFDs are not simply vote counts. (I forget what the template is called, though.) Reaper Eternal (talk) 19:12, 15 June 2020 (UTC)
 * 1) A checkuser declines a request for checkuser. When, if ever, can you endorse the request?
 * Answer: My thoughts are that CUs make the final decision over running a check, so my endorsing is only a opinion for the checkuser to see, however, re-endorsing a check would be ignoring the decision of the checkuser who declined the request. My opinion is that when a check has been declined by a CU, a clerk can endorse a check again if circumstances have changed so that a check would now be valid under the CU / privacy policies. For example, if a non-stale account is found when the case only had stale accounts when the check was declined.
 * 1) A checkuser notes that three alleged socks are not, in fact, socks of the master (❌). However, he marks the socks as all ✅ to each other. What would you do here?
 * Answer: Move the socks to their own investigation page, using the oldest sock as the master (and name of the page).
 * 1) An SPI sits for 3 weeks with no edits, so you decide to do something about it. Credible, but not clear and convincing evidence is presented. What, if anything, do you do here?
 * Answer: I would likely investigate further by looking for evidence. If I was unable to find further evidence, I would first ask the filer for clarification or/and more evidence, and would change the status to "moreinfo". If the filer does not respond in a reasonable time-frame or the clarification(s) still don't make things clear then, depending on how unconvincing the evidence is, would either close the case or leave it for someone else.
 * 1) Someone is angry that you closed a case with no action taken. He claims that the sockpuppetry is "blatant" and "obvious". How do you handle the situation?
 * Answer: The most important thing to do is remain civil and calm. I would engage in discussion to ensure that he understands why I closed the case and also to answer any questions they have (such as why I closed the case). I would also probably go over the case again to make sure I have not missed anything. I would also consider asking other clerks/CUs/editors to join in the discussion to help explain why the case was closed or disagree with my case closure.

Technical clerking
These are just some simple questions regarding the more routine, technical (and messy) aspects of clerking.


 * 1) How do you archive a case?
 * Answer: If using the script it's a simple press of the button marked "Archive" or the checkbox for "Archive". The archiving process is moving, by cutting and pasting, a closed case to the Archive subpage after the case has been double checked by the clerk who archives it. The SPI case status template needs to be removed when archiving the case.
 * 1) A checkuser notes that an alleged sockpuppet is ❌ to the accused sockpuppeteer, but is actually a sock of a different sockpuppeteer. He requests that the case be moved to the correct master. How do you handle this? (Assume both masters are indefinitely blocked for past socking, so you can ignore them.)
 * Answer: Following an adapted set of instructions at WP:HISTSPLIT, I would:
 * Delete the page where the listed master is unrelated
 * Restore the revisions relating to the case
 * Move and overwrite the page to the correct master without leaving a redirect
 * Restore the deleted revisions on the pages for the unrelated master and the correct master
 * Correct the SPIarchive notice template on the correct master's SPI page
 * 1) A checkuser ✅ some socks are related to two "different" master accounts. In other words, all accounts are operated by one person. How do you handle merging these cases?
 * Answer: Determine which of the two master accounts is the oldest (by creation date). Merge the archives and main case page (by cutting and pasting to the new archives as history merging might cause the sequence of revisions to clash on the main page and definitely in the archives?) for the newer master into the older master. If the socks are at a unrelated master, follow the steps as detailed in the above answer. If the socks are at a page for one of these now confirmed socks (i.e. one of these checked socks is the listed master), merge the case to the oldest master leaving a redirect and replace the resulting redirect with