Wikipedia:Wikipedia Signpost/2015-09-02/Special report



Nearly 400 accounts blocked in largest paid-editing bust ever
Speak to any Wikipedian experienced in new-article patrolling, ask them how big the paid-advocacy problem is, and they'll likely all tell you the same thing: it's out of control. The community has just been given a stunning reminder of this, with the release of evidence of an enormous network of 381 undisclosed promotional paid editors in what is being provisionally dubbed the Orangemoody case, after the username chosen by the first sockpuppet identified as a part of this case. The network (visualized above) is so large and so extensive that a dedicated bot, EgressBot, had to be created and activated to handle all of the necessary blocks.

The full list of users blocked as a part of the investigation includes a few gems like Medicalresearchassistant, Myusernameismohan, Wikiconfession, Youinmyeyes and, disturbingly, Wikipediaismadebypeoplelikeus. To "prevent article subjects from continued shakedowns by bad actors who are causing significant harm to the reputation of this project", almost all of the articles created by the accounts have been deleted en masse. In summarizing this position, Risker stated that:

The socks act in two modes: either as "article creation" socks that were creating the articles in the userspace or in the draft space, or as "helper" socks that were completing series of useless edits to acquire autoconfirmation, using that right to rehost the articles to article space. The sophistication of the operation is striking. Orangemoodies would sift through declined articles for creation submissions and pick out those with financial promise&mdash;usually where there had been notability concerns or promotional content&mdash;and develop them in userspace or draft space. The sockmasters were then contacting the organization responsible for attempting to bring the content onto Wikipedia and, claiming to be experienced Wikipedians, were offering to move the more developed version of the article to the mainspace&mdash;for a fee. After payment, the article would be moved into namespace; soon after, another autopatrolled helper sock would mark the page in question "reviewed", to deflect the new pages patrol.

Some time later the client was again contacted and "advised" that for a monthly fee the "editor" would continue to protect the article from vandalism and deletion. This link in the chain may well constitute extortion; several cases of this extra layer of deceit were uncovered, in which other socks successfully requested the deletion of networks of pages. The articles were neither notable nor sufficiently developed to escape close scrutiny, and the artificially high deletion rates are suspected of serving to motivate others to pay the "service charge" ($30 per month in confirmed examples).

The network was well-organized and well-executed enough to deceive both the community and potential clients, but the Orangemoodies were nevertheless ultimately caught. The investigation that unearthed the network originated in the aggregation of allegations of demands for payment and complaints of article deletion in spite of payment that accumulated across three different channels: in anonymous comments placed on deletion discussions, in emails to the movement's OTRS system, and in complaints directed at individual administrators. Jalexander-WMF and Kalliope of the WMF's Community Advocacy team were directly involved in working with article subjects and complainants. The network was blocked all at once.

What now?
There remains work to be done by the members of the community in undoing the mess that's been made of the pages in which the network was involved. The 254 deleted articles have been compiled and an OTRS info queue, info-orangemoody@wikipedia.org, has been set up. But in a manner of speaking the Orangemoody sockmaster was never caught. Accounts and IPs can be blocked from editing but individual users, particularly those who are malevolent and financially motivated, cannot.

Though the recommendations of the investigation page state that users should "Continue to be vigilant for allegations of similar schemes"&mdash;and though the corresponding blog post states, in an almost cheery tone, that "with this action, volunteer editors have taken a strong stand against undisclosed paid advocacy"&mdash;a concern is whether even cleverer or more robust schemes are as yet undiscovered. It is significant, for instance, that we are not told that any of the paying individuals or organizations (billed as "victims in this situation") came forward unilaterally to bring the situation to the Foundation's attention; instead it was complaints of extortion, the third-party element in the sockmaster's plan, that led to its undoing (The Independent, in an excellent analysis of the situation, reached out to and fielded frustrations from several of the "victims"). In a morally ambiguous scenario, it's hard to determine which of the individuals and businesses targeted by the scam had the uncomfortable feeling that not all was right, which of them simply didn't know better, and which of them felt they had no better choice. Had the sockmaster been less greedy, they might still be active incognito today; there's little to stop this individual or group of individuals from regrouping and returning, possibly with a modified strategy.

Further discussion of this case occurred at the administrator's noticeboard, where T5233 and T106930 were mentioned as possible counteractions; new community-elected WMF Board trustee Doc James has started an ideaboard for brainstorming about the case. He told the Signpost the crucial question is whether the community is now willing to do more to address the issue. "The problem with paid editing is simply the current volume. When the amount was smaller we could deal with it by negotiating the content and references, to come up with a better article. Currently we are simply overrun."

In response to the Signpost's questions about what our investigative infrastructure has learned from the incident, and whether we face a permanent arms race between methods of paid editing and detection, Risker pointed to a serious problem with notability: in some areas, such as businesses and business people, the notability bar is barely higher than a typical Yellow Pages or Who's Who, practically inviting organizations to publish barely disguised advertisements on our site. Good-faith page patrollers, she says, are caught in the middle, risking being branded as deletionists if they tag too many articles as of questionable notability. Checkuser tools usually work well, but are not very efficient for investigating a large number of accounts that each use multiple IP addresses. She added, "I didn't really have a solid sense of how interwoven these accounts were until James Alexander produced the earlier versions of that graphic" (at the top of this page). In Risker's opinion:

For more on the significant media coverage of this case, see this week's "In the media". For more on the fraught history of paid editing on Wikipedia, see the sidebar.