User:Yaris678/Deny automated recognition

Denying recognition is important when dealing with vandals. Various automated and semi-automated tools are also very important. Unfortunately, the tools can unintentionally give the vandals the recognition they crave.

Background
Administrators have the power to block users and this can be requested using the administrator intervention against vandalism (AIV) noticeboard. The page states that a user must have been given sufficient warnings to stop. It does not specify how many warnings is sufficient.

The vandalism policy states that The policy also describes an escalating series of warnings. Their purpose is described but it is not made clear when they should and should not be used.
 * 1) If most or all of a users contributions are vandalism, then AIV can be requested.
 * 2) A warning may be appropriate if intervention does not appear urgent.
 * 3) A user should be nominated if a warning is ignored.

A number of automated and semi-automated tools use the escalating series of warnings. In general, four warnings in a month are required before AIV is requested by the tools. One such tool, ClueBot NG, makes approximately 40 edits per hour to articles and 40 edits per hour to user talk pages.

STiki differs from most antivandal tools in that it can revert vandalism that is days (or even weeks) old. Therefore, for IP edits, the vandal is not warned if the edit is above a certain age. If the IP address relates to a shared computer or is shared across a network the warning may be read by someone other than the vandal, leading to confusion and, potentially, the biting of newcomers. The older the edit, the more likely it is that the wrong person will see the warning.

The essay encouraging editors to deny recognition to vandals (WP:DENY) states that their motivations range from a desire for recognition and infamy, to an aspiration to frustrate the Wikipedia project and community. It states that vandalism is encouraged by offering such users exceptional notice. It encourages its readers to critically appraise information on vandalism for its genuine value - "Stating that a certain individual is involved in very obvious vandalism probably does not enable any better recognition or response to that vandalism, it merely adds to the legend of a specific vandal."

Analysis
The large number of edits by automated and semi-automated tools is a good thing. It means that a lot of vandalism is being detected and reverted. It also means that any improvements to how those tools operate will have their effect multiplied by the large number of edits.

The current system uses the talk page as a way to record acts of vandalism so that, amongst other things, a decision can be made as to whether to request AIV. As with other vandalism-recording projects described in WP:DENY, this can be counter-productive. It may goad people on to vandalise further or encourage them to treat vandalism or the collecting of warnings as a game. It may give them the recognition they crave. Vandals may believe the warnings show that they are disrupting Wikipedia, which will most likely be their intention.

Where an IP address is shared, the current system is particularly worrying. A warning may be read by someone other than the vandal, leading to confusion and, potentially, the biting of newcomers.

Of course, there is the potential for a polite message to encourage someone to stop vandalising. However, a polite message is not the same thing as using a talk page as a vandalism-recording system.

Another consideration is that a human vandal fighter can look at a user's edit history and make a judgement about whether a warning is a sensible thing. So far, no automated or semi-automated tool does that.

Primary recommendation
The vandalism-recording function that is currently undertaken by user talk pages should be accomplished in other ways. Talk pages should be used primarily for communication with the user concerned, which will sometimes mean giving a polite request to stop making unconstructive edits.

Vandalism database
Record vandalism in a database that is not accessible to new users. When a tool or bot reverts vandalism, it records the user and the edits reverted in the database. Users with rollback rights can also view and edit the database. There is also the potential to allow other users to add to the database, but we would have to be careful to avoid abuse. If other users continue to use the existing system there is still a massive improvement because most vandalism is found by tools or bots.

Contribution analysis
Rather than create a separate record, use the contributions of an editor as the record. Design the anti-vandal tools so that they inspect some details of the contributions before deciding whether to provide a warning or request AIV. The method could be based on some or all of the following: In addition, it would help if the method had access to Special:DeletedContributions, a page which is only open to administrators but would have to be made accessible to the tools in question.
 * Edit content, as per ClueBot NG
 * Edit metadata, as per STiki
 * Number of edits that have been reverted/undone
 * A more general measure of edit persistence.

In theory, such a system could remove the need for a separate vandalism-recording system. However, it could be designed to also look at the number of acts of vandalism recorded on the user talk page (and in the vandalism database, if that is implemented).

Cool it with the warnings
A polite request to be more constructive may have the desired effect. An angry message such as uw-vand4 is more likely to be seen as a great lark. A vandal with a large number of warnings collected over a number of months will likely view that with pride. Fewer warnings should be given and these should all be similar to uw-test1. This will mean that on a number of occasions vandalism will be reverted but no warning will be given... but that's fine because the vandalism will be recorded in other ways.

Editor differentiation on amount of vandalism
The current system, requiring five acts of vandalism in a month, exists primarily to stop the blocking of shared IP addresses that may be used by constructive editors. Where a user account has been created, it should be fairly easy to recognise an account that is used mostly for vandalism, even if it does not meet the five-acts-of-vandalism-in-a-month condition.

In contrast, for IP addresses that make a lot of constructive edits, it may make sense to allow more than five acts of vandalism in a month.

Edit summaries
Where possible, edit summaries by anti-vandalism tools should not mention vandalism and warnings. For example, the default edit when STiki reverts an edit should be as below.


 * Reverted edit(s) by XXX using STiki

Similarly, the edit summary for a level one warning should be similar to that given by Twinkle, as below.


 * General note: Nonconstructive editing on XXX

Research into single-contribution IP addresses
Much vandalism is by an IP address with a single contribution. Does it make sense to warn such addresses? Research could be conducted. For example, STiki could be made to only warn 50% of such addresses and then record the number that have acquired a new warning 1 month later. Is it higher for those who were or were not warned for the first offence?