Wikipedia:Arbitration Committee/CheckUser and Oversight/2011 CUOS appointments/CU/Elockid

Elockid

 * Nomination statement (250 words max.)

Hello everyone! I'm Elockid. I've been actively editing Wikipedia since May 2009. Most of what I contribute is statistical data to the encyclopedia. I've also been an SPI Clerk since February 2010 and administrator since April 2010. Being an SPI Clerk, I’m familiar with the CU processes, grounds for checking and what can and can’t be released.

In addition to participating (I still file SPI reports usually for CU assistance) and handling reports at SPI, I help deal with long-term sockpuppeteers such as, /, , and. I also help out with shorter term abusers such as the Ghostface Killah vandal. Also, many of the areas I work with are filled with sockpuppets (contentious areas such as the Indian-Pakistani conflicts), so I have a bit of experience with them.

I have some knowledge regarding ISPs such as the size of the ranges they use, which ones they use, their nature (for example, how dynamic they are), etc. especially those in Northern America (Canada and the U.S.), Western Europe, primarily the U.K. and Italy, South, Southeast, and East Asia and Turkey. I have some knowledge regarding CIDR, the method we use in blocking ranges.

I hope to be of further assistance to those where CU is needed by helping to prevent further disruption such as in situations where a user is quickly evading their block and causing disruption in a relatively short amount of time such as with.

Standard questions for all candidates
Please describe any relevant on-Wiki experience you have for this role.
 * A: I've been an SPI clerk since February 2010. Prior to being a clerk, I was already a regular at SPI. I'm still active at SPI, both reporting sockpuppets (usually for CU assistance) and handling cases. Outside of SPI, I also deal with sockpuppetry. This includes sockpuppetry being reported in places such as the ones that get reported at AIV or ANI/AN. An example is . I also deal with sockpuppetry in areas where sockpuppetry is common such as India-Pakistani conflicts/related articles and to some extent, the Arab-Israeli conflict. I also work in areas with long-term abuse sockpuppetry such as with users Wikinger and Karmaisking. Aside from working on sockpuppetry in English Wikipedia, I've also been working with other people from other projects where cross-wiki abuse sockpuppeteers are present such as.

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.


 * A: I don't hold nor am I working towards a degree in Computer Science. Though I have plenty experience with analyzing data both in real life and in Wikipedia (most of my contributions to the encyclopedia are statistical data). I also have some knowledge in CIDR and have familiarity with different ISPs and places (please see nom). An example of publicly published data that I've worked on can be found at User:Elockid/Notes (IP ranges). I've also been good at analyzing possibilities when there was a conclusion that there was no possibility. The best example is with the Ghostface Killah vandal (please see link in nomination) with comparison to Long term vandal 10 on my notes page. Off-wiki experiences, I again request for CU or Steward assistance (by email or IRC) and get help with finding sleepers and such. One of the reasons I do this is not to publicly report critical evidence that would result in a sockpuppeteer changing their MO.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?
 * A: No for both questions.

Questions for this candidate
Being a new checkuser, would you be willing to help with the Checkuser backlog at WP:ACC as there are usually up to 6 requests waiting about 5 days+? -- DQ  (t)   (e)  19:27, 26 September 2011 (UTC)
 * A: Yes, I'd be willing to help out at WP:ACC. Assisting at WP:ACC could help prevent further disruption from sockpuppets, especially ones that try and use the Request an account process to get through a block.

Would you be proactive in looking at the open cases at SPI to see if they could use a checkuser? -- DQ  (t)   (e)  19:27, 26 September 2011 (UTC)
 * A: Absolutely! I still plan on helping out at SPI.

As a CheckUser, you will likely, from time to time, coordinate and communicate with the Stewards. What cross-wiki experience can you bring that can help out not only the Stewards, but editors, administrators, and CheckUsers on other wikis? –MuZemike 21:32, 26 September 2011 (UTC)
 * A: I can help by presenting information such as behavioral evidence and what to look for when trying to identify whether an account or IP is a sockpuppet, present any relevant data published locally (such as information published at SPI) or any current reports occurring to other users from other projects. I'm familiar with a number of sockers here and it's not uncommon for them to move from one project to the next. This information coupled with my experience with cross-wiki sockpuppeteers (see above info) could further assist other users in other projects.

In your own words, what are the main differences between the WMF's CheckUser policy and the privacy policy? –MuZemike 21:32, 26 September 2011 (UTC)
 * A: WMF's privacy policy primarily deals with who has access to more advanced permissions (Oversight and Checkuser), the kind of data the system collects and why we keep such information and how to handle the data, as in, when and what kind of information can be released. Though the CU policy makes a reference towards the privacy policy such as in the release in data, it goes on to describe when the tool should be used such as in preventing disruption and when it should not be used such as Fishing.

Under what circumstances do the above policies give on the release of CheckUser data? –MuZemike 21:32, 26 September 2011 (UTC)
 * A: Release of sensitive data as in the location or the IPs a user has been editing should generally not be done. However, there are circumstances as you pointed out. Examples of those circumstances include but are not limited to are upon request or permission from the user the data pertains to, to protect the Foundation, the users, or the public, assisting in abuse response (private information for ISPs), or requests from law enforcement.

Give some examples on when CheckUser requests of a sensitive nature or discovered CheckUser results of interest that would not be posted on-wiki. –MuZemike 21:32, 26 September 2011 (UTC)
 * A: In general, though interesting, any Checkuser results that shows the IPs, the location a user has been editing from on Wikipedia, or other sensitive data should not be posted or reported on wiki especially on high profile pages such as WP:ANI and AN. For example, if User A found some interesting CU results, that should be reported privately through email or IRC (private chat). Any published results such as these should be deleted immediately and oversighted when necessary. Data that would attract attention should not be reported. If for example User B posts sensitive requests that would attract both unnecessary and unwanted attention, then that is something that should not be posted on here. If User B's request is going to cause drama, something we don't any more of, then the request should probably not be posted here also.

Checkuers are often relied on to determine whether someone is using anonymising proxies to perform their sockpuppetry. Please describe your general experience in this area. Please also describe, preferably with an example, how you (would have) suspected, identified, confirmed, and blocked a socking open proxy on Wikipedia. -- zzuuzz (talk) 17:18, 28 September 2011 (UTC)
 * A: Sockpuppetry sometimes results with open proxy usage. An example of a sockpuppet I've dealt with that used open proxies was . Here's the method I've used with open proxies. If I suspect an IP or range is an open proxy, I do a search to find whether or not the IP or range in question is an open proxy. Suspicions can arise from the kind of behavior the IP or range exhibits (does it follow a known MO). Blocks, for example, blocks from help me to solidify whether an IP or range is still open. I also consult with other users both publicly and privately to confirm whether or not an IP or range is open. For public discussions, please see Zzuuzz's talk page archives.

Does this edit reflect the way you intend to deal with sockpuppets in the future? Why or why not? Gimmetoo (talk) 17:26, 28 September 2011 (UTC)
 * A: It really depends on the circumstance and I handle each sock differently. For this user, he/she has repeatedly made bogus and false claims such as this in which WMF was removing their ban or this in which they claim they're a new user, using disruptive edit summaries that personally attack a user, repeatedly harassing members in the community, causing drama at ANI and AN, and so on. So, per the banning policy and what the community does, reverting any edits this user makes especially on noticeboards is done and whatever they say or write isn't trusted as shown above or is just passed of as sock drama. Reverting is done to help deter the sockpuppeteer from returning and this is my general way of handling banned socks (per banning policy again). For socks that are banned, I delete any pages they make that follow the criteria of CSD G5. However, if another user (non sock) contests the deletion or wants me to restore the page, I have no problems with this. An example of this occurring can be found at User:Elockid. This goes for reverts also.


 * (Followup) Policy allows you to "revert any edits" by a banned user. Sometimes the edits are beneficial edits, and you can't always be sure an edit comes from a banned editor. Why did you undo the edit linked above, and then why did you not redo it yourself? Was it not a beneficial edit? Gimmetoo (talk) 12:58, 4 October 2011 (UTC)


 * Based on technical and behavioral evidence, that was the banned user and other editors seemed to have shared this thought also. For other edits where there are doubts, I do ask for second, third, etc. opinions. I also file SPIs for CU confirmation for that extra piece of evidence. My policy for not undoing banned user edits is more policy based and the edits the banned user has been editing did not follow the criteria of undoing vandalism, removing any information that is potentially libelous such as in BLPs, reverting another banned user (in this case, I'd revert any contributions they've both been editing), or any other policy based edits. Perhaps it was a beneficial edit, but it didn't really go in line with the other policies such as the ones I stated above where an edit a banned user made may be kept. In general, I do share the opinion that even keeping good edits from a banned user may further encourage them to edit. But as I said previously, I won't oppose if some non-sock wants to keep the edit. Also, based on this edit (Jimbo unblocked one of their IPs for the sole reason of talking to them), any sort of encouragements is probably going to lead to further disruption from this user. So I don't really want to participate in encouraging them.

Comments

 * Comments may also be submitted to the Arbitration Committee privately by emailing 


 * I support Elockid's application and appreciate his continued SPI support. -- DQ  (t)   (e)  18:16, 3 October 2011 (UTC)
 * Great SPI clerk - and much more active than I am right now. No concerns whatsoever. T. Canens (talk) 04:13, 5 October 2011 (UTC)
 * Abuse response is now only for IP. I would apply IAR in some cases though as I did for the JAT gang.    Ebe 123   (+) $talk Contribs$ 10:42, 5 October 2011 (UTC)