Ferret

Nomination statement

I am applying for the CheckUser permission, and have been an administrator since January 2017. In the course of my patrolling and gnoming efforts, I often interact with checkusers to verify sockpuppets I've identified. I'd like to help take some of the burden off those individuals.

Standard questions for all candidates (Ferret)

1. Please describe any relevant on-Wiki experience you have for this role.

   Within my work as an admin and general editing / patrolling, I regularly encounter sockpuppetry and work with a couple of different checkusers as needed. I am not an SPI clerk, but have responded to and worked with SPI cases in the past and handled tagging, and performed behavioral analysis many times.

2. Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

   My professional background is in Information Security, specifically Identity and Access Management. I am responsible for the technical implementation of computer policies and assisting with reporting and auditing compliance. My role frequently places me in interaction with Human Resources and Audit departments, and I regularly handle confidential information and personal data/PII.

3. Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

   I do not hold any advanced permissions or OTRS permissions at this time.

Questions for this candidate (Ferret)

Editors may ask a maximum of two questions per candidate.

1. As I write this, there are approximately 120 VRT "tickets" in the paid editing queue. Can you tell us a little bit about your experience in addressing undisclosed paid editing, and are you intending on working to address the backlog in this queue? Risker ( talk) 02:43, 27 September 2021 (UTC) reply

   I do not have access to VRT so I do not know the exact format or nature of these tickets. I do sometimes come across undisclosed conflict of interest editors, some of whom have socked. Typically editing personal projects or their own companies. I have not spent much time on general non-specific UPE though, people who are simply editing for pay, and I do not at this time have any strong plan to get involved in the area. Once my feet are wet though, I may look into it. I'm always open for any user to approach me with an issue or case that I may be able to assist with though. -- ferret ( talk) 12:52, 27 September 2021 (UTC) reply

2. You are active on the unofficial Wikipedia Discord. To what extent, if any, do you think it is appropriate to discuss CheckUser investigations there or on similar off-wiki channels? –  Joe ( talk) 08:50, 27 September 2021 (UTC) reply

   Joe, I think some basic discussion around an SPI/socking case is allowable, as long as any information being revealed or results being reported would typically be public or would be openly posted at SPI or user talk. Common public results such as confirmed, possible, same continent, using proxies, etc. Any actual checkuser information or data would be inappropriate to discuss, just as it would be on wiki, and I would consider that to extend to private messaging outside of the known Wikimedia servers as well. If I need to confer with CUs about specific data, even if there are other CUs on Discord, we have venues for that (My understanding, both a mailing list and a private CU wiki). -- ferret ( talk) 12:40, 27 September 2021 (UTC) reply

3. How would you would evaluate an IPBE request in the context of WP:IPECPROXY. SQL ^{Query Me!} 13:16, 29 September 2021 (UTC) reply

   Specifically in the context of the IPECPROXY section and not the broader procedure: The key is going to be a demonstrated need as well as trust. I'd like to confirm with the user if not stated whether they are deliberately proxying, or if not, that they've done their due diligence to determine if the proxy can be disabled from their side. I'll do a typical review of their editing history, logs, SUL, etc to determine trustworthiness, which is a bit of a line in the sand that will differ for many people. A long history without disruption on any projects is good to see. If a history of editing cannot be established, the requested need is going to be need to be stronger, and will likely focus more towards editors in country's that are limiting access to the project (i.e. China). I'll need to take a look at the specific proxy in question, if there's any note or history around it that would suggest it shouldn't be granted. Frankly I'm not aware of the current brightlines, so any efforts here will start with observation and questions to more experienced CUs. -- ferret ( talk) 15:29, 29 September 2021 (UTC) reply

4. How, and where do you intend to use the tools if granted? SQL ^{Query Me!} 13:33, 5 October 2021 (UTC) reply

   My immediate goal is to be able to verify suspected sockpuppets without adding workload on existing checkusers. From there I'd like to get more involved in assisting SPI and potentially the VRT queue that I wasn't very much aware of before. In any case, I plan to start slow and learn what I'm doing. -- ferret ( talk) 15:41, 5 October 2021 (UTC) reply

Comments (Ferret)

Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-cwikimedia.org. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided.

• This isn't a name that regularly pops up at SPI as far as I can tell, so this gives the impression of wanting the tools more for drive-by purposes (i.e. spot a possible sock while doing regular anti-vandalism patrol). While I don't think that's a serious concern, I'm a bit wary of such "drive-by" (AKA discretionary) use of CU, as outside of SPI there is no where that CU investigations are publicly documented. I've never been a fan of the idea that functionaries are essentially only accountable to ARBCOM, and therefore only indirectly accountable to the community through ARBCOM, whereas regular admins are directly accountable to the community. I realize that it has to be this way due to privacy concerns, but in my opinion the least we can do is not hand out the tools to people who would primarily be using them in ways which leave no public trace of said use. I understand that said tasks have to be done by someone, but I'd prefer to leave those no-public-trace tasks to the Arbitrators themselves under most circumstances. In other words, I'm neutral here (purposely putting this at the end since the instructions caution against treating this like RFA). 199.8.32.6 ( talk) 21:42, 27 September 2021 (UTC) reply
• Good answer to my question. In particular, I appreciate the willingness to consult with other CU's w/r/t things that you aren't super familiar with. I had to do this a lot too, when I started as a CU (Sorry, other CU's! You know whom you are!). SQL ^{Query Me!} 13:42, 5 October 2021 (UTC) reply
• Given the long experience Ferret has as being an admin and their ability to learn as they go along, I think it would be beneficial to have a checkuser like them. TheGeneralUser ( talk) 22:58, 6 October 2021 (UTC) reply

RoySmith

Nomination statement

I am applying only for CU. I have been an admin since 2005, active at SPI since August 2017, appointed as a clerk trainee in May 2020, and full clerk in December 2020. I applied for CU in 2019, which was declined. Feedback at the time indicated that I needed more experience at SPI. I made extensive statements about my background and experience in 2019; rather than repeat all that, I'll just refer people to WP:CUOS2019. One of my side projects over the past couple of years has been a suite of tools for helping to analyze SPI reports. It's available at https://spi-tools.toolforge.org/spi/.

Standard questions for all candidates (RoySmith)

1. Please describe any relevant on-Wiki experience you have for this role.

   In addition to my admin duties, I have been active at SPI for over two years. First as a patrolling admin, later as a clerk. Prior to my involvement at SPI, I was working at AfC, where socking is rampant. It was this experience which led to my interest in the more formal aspects of sock hunting.

2. Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

   From a technical standpoint, I have spent most of my professional career in network management, both hands-on and writing network management software. Regarding data security, my roles at Songza and Google gave me access to customer log data, which needed to be kept secure and confidential. Procedures included providing justification for access, reducing the scope of access to the minimum required for the task, and exercising diligence to protect access to confidential data under my control.

3. Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have VRT permissions? If so, to which queues?

   None of the above.

Questions for this candidate (RoySmith)

Editors may ask a maximum of two questions per candidate.

1. As I write this, there are approximately 120 VRT "tickets" in the paid editing queue. Can you tell us a little bit about your experience in addressing undisclosed paid editing, and are you intending on working to address the backlog in this queue? Risker ( talk) 02:43, 27 September 2021 (UTC) reply

   Working SPI, I see a lot of what is clearly UPE. I am philosophically opposed to most forms of paid editing, but accept that as long as the proper disclosures are made, WMF policy allows it. Using behavioral evaluation alone, it is often difficult to distinguish between several accounts being socks vs being different UPE actors working from the same job description. CU can be a useful tool in those cases.

   As noted above, I do not currently have OTRS/VRT access. At least initially, my intention is to work exclusively on the SPI backlog. -- RoySmith (talk) 03:11, 27 September 2021 (UTC) reply

2. How would you would evaluate an IPBE request in the context of WP:IPECPROXY. SQL ^{Query Me!} 13:16, 29 September 2021 (UTC) reply

   I would determine if they have a demonstrated need and can be trusted. I would examine their editing history, block log, edit filter log, user talk page, see if they've been dragged through WP:ANI, etc. I would also look at central auth to see if they've been blocked on other projects. Do a search of all subpages of WP:SPI for the user name. And of course, I would check the block log and CU logs for the IP(s) in question to see if there's any special instructions (i.e. "Do not grant any IPBE on this range"). If the block was placed by a another CU, I would consult with them before granting anything. A user working under the supervision of an established project such as WikiEd or an event coordinator would receive special consideration, as would somebody located in a country (i.e. China) where unfettered internet access is difficult. Finally, if I granted an exemption, I would log it at WT:IPBELOG. -- RoySmith (talk) 15:03, 29 September 2021 (UTC) reply

Comments (RoySmith)

Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-cwikimedia.org. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided.

• From my reading, the concerns raised in 2019 were not only related to needing more SPI experience, but were also related to an apparent general administrative (and editing) principle that every single new user that shows up at an AFD or other project discussion is automatically suspicious. That is simply not true - for AFD in particular, as long as we have a giant red notice at the top of the article in question with a bold link to the discussion page, we need to expect that casual drive-by readers who stumble upon the article one way or another might comment, even if they have little or no editorial experience/background. Sure, such comments may not hold as much weight as comments from experienced editors, but they are still equally valid and are not automatically "suspicious" in any way. The belief that any new account that finds internal project discussions quickly is automatically even considered a possible sock is not a good one, as it creates a short slippery slope to problematic and abusive "fishing". I'd be uncomfortable granting CU to someone who has knowingly held these beliefs in the past without a definitive statement saying that they no longer hold these views and don't plan to ever hold them again. 199.8.32.6 ( talk) 21:50, 27 September 2021 (UTC) reply
• A diligent and attentive SPI clerk. RoySmith is more than capable of becoming a CU. Dr. Swag Lord ( talk) 04:23, 2 October 2021 (UTC) reply
• The project is currently in very strong need of additional checkusers who have administrative experience in WP:SPI, and RoySmith fits this bill. Regarding his previous unsuccessful application in WP:CUOS2019, circumstances have clearly changed from then as he now has a wealth of experience analyzing SPI cases and dealing with sockpuppetry matters in general. He has demonstrated a willingness to accept feedback and adapt accordingly. I think he would be a good addition to the team. Mz7 ( talk) 06:04, 5 October 2021 (UTC) reply
• Okay. A few false starts in the past but seems to have the right experience now, and helps in keeping the technical side of SPI afloat. -- Rs chen 7754 06:45, 5 October 2021 (UTC) reply
• Great answer to my question, thank you! SQL ^{Query Me!} 13:34, 5 October 2021 (UTC) reply
• RoySmith has been a long time admin for many years and also has good experience at SPI where they are a full time clerk now. Given their experience, I think they would be a great addition to the checkuser team. TheGeneralUser ( talk) 23:04, 6 October 2021 (UTC) reply
• Fully qualified. He does great work at SPI, and giving him CU would simply enable him to do that work more effectively: a no-brainer, in my view. Extraordinary Writ ( talk) 23:21, 6 October 2021 (UTC) reply

GeneralNotability

Nomination statement

Hello! I'm GeneralNotability, and I'm applying for the checkuser and oversight permissions. For checkuser, I have been an SPI clerk since I became an administrator and have a good deal of experience dealing with sockpuppet investigations. I have a good understanding of both the abilities and limitations of the tool. I've also been active in tackling abuse from open proxies, including peer-to-peer proxies. I expect that I would mainly use the checkuser tool at SPI, but I also intend to work on CU-related backlogs, particularly the paid-en queue and requests for IPBE. I also intend to continue training SPI clerks. I would also be interested in developing scripts to streamline the checkuser process. As for oversight, I am active in the revdel request channel on IRC and would be willing and able to help tackle the suppression requests that come through the channel, especially since some revdel requests end up needing suppression. I expect I would also make use of it at SPI from time to time - there have been occasional cases where I had to ask an oversighter for help since some of the material common to two accounts was suppressed.

Standard questions for all candidates (GeneralNotability)

1. Please describe any relevant on-Wiki experience you have for this role.

   I've been a fairly active SPI clerk since shortly after I became an administrator. In that time, I've gained a fairly good understanding of what CheckUser is and is not useful - as the saying goes, it's certainly not magic pixie dust, and I have both declined to block CU-confirmed accounts and have blocked accounts as sockpuppets even though CU found them unrelated. I'm also the current maintainer of spihelper, a tool used by a lot of SPI regulars, so I've got a pretty good handle on the day-to-day tasks at SPI. At a more technical level, I'm active at the WikiProject on Open Proxies and have learned a lot about identifying proxies. In particular, I was heavily involved behind the scenes with the recent work to proactively block residential proxies. As part of my WPOP work, I wrote a tool called bullseye to help identify possible proxies (and the tool has been quite helpful at SPI, too). Finally, I have one SPI clerk trainee and am backup trainer for two others, and I plan to continue training clerks if selected as a checkuser.

2. Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

   I'm a general-purpose software engineer, and over the years I've had the opportunity to do work in the networking and computer security areas, both fairly relevant to the CheckUser tool. I have also worked in jobs dealing with sensitive data, such as data protected by NDA or data with legal/regulatory handling requirements.

3. Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have VRT permissions? If so, to which queues?

   I do not hold advanced permissions on any other projects. I have access to the info-en VRT queue.

Questions for this candidate (GeneralNotability)

Editors may ask a maximum of two questions per candidate.

1. As I write this, there are approximately 120 VRT "tickets" in the paid editing queue. Can you tell us a little bit about your experience in addressing undisclosed paid editing, and are you intending on working to address the backlog in this queue? Risker ( talk) 02:42, 27 September 2021 (UTC) reply

   Risker, I think I've got a fair amount of experience at identifying and dealing with UPE (including dealing with a couple of our more prolific suspected UPE farms). As for the queue, I will quote directly from what I said in the ArbCom questionnaire: I would absolutely be interested in working the paid queue - it has a reputation for never getting responses but is the "official" way to report UPE using off-wiki evidence.. The current state of affairs is that experienced editors emailing paid-en will often CC a friendly admin on their report to actually take whatever action is needed. That is not a good situation for the official way to report private evidence of paid editing, especially for those folks who don't know a friendly admin. I want to do my part to fix the problem. GeneralNotability

2. You are active on the unofficial Wikipedia Discord. To what extent, if any, do you think it is appropriate to discuss CheckUser investigations or use of oversight, there or on similar off-wiki channels? –  Joe ( talk) 08:51, 27 September 2021 (UTC) reply

   Joe Roe, my understanding is that the Discord terms of service and privacy policies are not compatible with our own privacy policies, so it would not be appropriate to discuss privacy-sensitive information there (for example, specific IPs from a CU investigation). I believe it would be appropriate to discuss anything that I would say publicly on-wiki (so again for a CU investigation, "so-and-so accounts are confirmed to each other from a technical perspective"), and I don't see anything wrong with informal requests not involving sensitive data ("hey, could you take a look at these three accounts"). For the same reason, people shouldn't request suppression on Discord. I am also active on IRC, and my understanding is that it is acceptable to discuss private information on IRC, either in private messages or in designated checkuser/oversight channels. The caveat to all of this, of course, is that the global and enwiki privacy policies apply; I wouldn't go sharing private data anywhere with someone who didn't have the requisite permissions. GeneralNotability ( talk) 12:57, 27 September 2021 (UTC) reply

3. How would you would evaluate an IPBE request in the context of WP:IPECPROXY. SQL ^{Query Me!} 13:16, 29 September 2021 (UTC) reply

   SQL, I'll break my answer down into two parts.

   First, for editors who are intentionally using a proxy - I don't really know what the norms are for granting those (though I'm guessing the main use case is getting around blocks on Wikipedia in one's own country), so my answer would really have to be "ask a more experienced CU what they think". I would generally be inclined to grant it to people getting around a country-level block, I'm just not sure what the normal thresholds are for users who show they can contribute to the encyclopedia, and existing users with a history of valid non-disruptive contribution.

   The second part is editors who are caught by collateral damage from a proxy block (previously this wasn't a huge concern, since most proxies/VPNs were on colocation ranges, but with the increasing prevalence of residential proxies this is going to be more of an issue). In those cases, we have to decide whether the user is actually using the proxy or just happens to share an IP with a proxy. I would evaluate data such as the country of origin and ISP (to determine how likely it is that they're, for example, behind carrier-grade NAT) and whether the editor's CU data indicates that they are actually making use of the proxy (I can make some educated guesses about what proxy use would look like). If the data suggested they were not using the proxy and the user seemed to be in reasonably good standing (no history of socking, for example), I would grant the request. GeneralNotability ( talk) 13:38, 29 September 2021 (UTC) reply

Comments (GeneralNotability)

Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-cwikimedia.org. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided.

• As GN has observed from the other side, the paid-en VRT queue has been hopelessly backlogged for a long time. When I find the time to process tickets there, I often find actionable reports of UPE and/or sockpuppetry (though others unfortunately can't be investigated because too much time has passed), so it would be productive if we had more CUs interested in helping with it. GN is already one of the most active and effective admins working in COI/PAID enforcement, so it's great to hear that he would pitch in if appointed. –  Joe ( talk) 08:59, 27 September 2021 (UTC) reply
• No real concerns here. 199.8.32.6 ( talk) 21:54, 27 September 2021 (UTC) reply
• The project is currently in very strong need of additional checkusers who have administrative experience in WP:SPI, and anyone who has worked at SPI over the past year will easily recognize GeneralNotability's name as one of our most active clerks. GN is the current maintainer of the SPI helper script that is integral to administrative work at SPI. I believe the project would benefit immensely from his addition to the CU team. Mz7 ( talk) 06:04, 5 October 2021 (UTC) reply
• Excellent, verbose answer to my question, thank you! SQL ^{Query Me!} 13:35, 5 October 2021 (UTC) reply
• Given GeneralNotability's vast experience at SPI (in addition to being an SPI clerk) and their excellent knowledge on the workings of it, I think they would be a great addition to the checkuser team. TheGeneralUser ( talk) 23:18, 6 October 2021 (UTC) reply
• GN has done great work at SPI over the last year, and I trust him implicitly. Giving him CU would be wholly beneficial to the project. Extraordinary Writ ( talk) 23:24, 6 October 2021 (UTC) reply

Girth Summit

Nomination statement

In the time I've spent editing Wikipedia, I've formed the opinion that while admins perform multiple tasks which are vital to the smooth running of the project, the one which is most important to deal with urgently is the protection of our contributors, and of the subjects of our articles about living people, from harm. I've come across numerous cases of harassment, doxxing and threats of violence, and want to do whatever I can to help deal with such situations. I've done what I can with the normal admin toolset, and I became involved in SPI clerking last December in hopes of becoming more effective in this area. I believe that access to the CU and OS privileges would allow me to be more effective in this area, so if the functionaries team believe that I would be able to use them competently and not to abuse them, I would like to be given the opportunity to serve in these roles.

Abuse of multiple accounts causes disruption beyond harassment and doxxing of course - now that I'm familiar with the SPI process, I think I could also use CU to help process all types of cases and keep the backlogs down.

Standard questions for all candidates (Girth Summit)

1. Please describe any relevant on-Wiki experience you have for this role.

   I've been contributing as an SPI clerk (trainee) since December 2020, and believe that I have gotten to grips with how the process works, and with analysing the behaviour of different accounts to determine whether socking is likely, and whether a CU check would be appropriate and policy-compliant.

   Arbcom’s announcement indicated that they are particularly interested in appointing people who are willing to work in mentoring other editors in SPI; I have a fair amount of experience in mentoring other editors through the CVUA program, which would be relevant experience in this area. I also have a fair amount of experience in pushing back against UPE through my work in NPP, and I would be interested in contributing more in that area with the CU toolset.

2. Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

   In real life I am a teacher – amongst other things, I teach children and teenagers about the importance of keeping their personal information private on-line, about the dangers of cyberbullying and abuse, and generally about what we call 'internet safety'. I wouldn't really consider that 'technical expertise' for this kind of role, but I know from personal experience how harmful online harassment can be for people, and I consider that to be a powerful impetus for me to use these tools responsibly and effectively.

3. Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have VRT permissions? If so, to which queues?

   No, EnWiki is the only project on which I hold advanced permissions.

   I was granted permission to the info-en queue on OTRS in 2019, but I confess that I did very little with it – I found the interface confusing, and was concerned about messing things up in a public-facing role. Another editor kindly offered to talk me through it on a call, but we didn’t manage to pin down a mutually convenient time, and I wandered off into other areas of the project. I would be willing to pick this up again.

Questions for this candidate (Girth Summit)

Editors may ask a maximum of two questions per candidate.

1. As I write this, there are approximately 120 VRT "tickets" in the paid editing queue. Can you tell us a little bit about your experience in addressing undisclosed paid editing, and are you intending on working to address the backlog in this queue? Risker ( talk) 02:42, 27 September 2021 (UTC) reply

   I often come across paid editors through work at NPP, and in SPI cases. If someone would be willing to hold my hand and get me up to speed with the processes at VRT, I would be willing to help out in this area. Girth Summit _(blether) 06:02, 27 September 2021 (UTC) reply

2. How would you would evaluate an IPBE request in the context of WP:IPECPROXY. SQL ^{Query Me!} 13:16, 29 September 2021 (UTC) reply

   To begin with at least, I wouldn't evaluate IPDE requests - I don't intend to rush into anything I'm not sure about. So, if for some reason I wanted to evaluate such a request, I'd probably reach out to an experienced CU and ask them for their thoughts on the case. However, I don't want to completely duck the question, so I'll give some general thoughts: first off, I'd ask whether they are intentionally using a proxy - is it perhaps just a default setting in their browser which could be switched off to avoid the block? Next, I'd look at the contribution history of the account - are they the type of 'trusted user' that IPECPROXY refers to? Do they have a decent track record of contributing, have concerns about their edits been raised before (and was there any merits to those concerns), etc? If I satisfied myself that they were an editor in good standing, that's when I'd probably reach out to another CU and say 'What are your thoughts on this request? The account's history looks OK to me, but this is an area I'm not experienced in, I'd appreciate your thoughts'. Girth Summit _(blether) 05:48, 30 September 2021 (UTC) reply

Comments (Girth Summit)

Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-cwikimedia.org. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided.

• While I don't see or know of any concerns/red flags that blatantly stick out, I would prefer to see the user become a full SPI clerk (they indicate in their statement that they are only a trainee) and work as a full clerk for a few months before I'd unconditionally support granting CU. 199.8.32.6 ( talk) 21:57, 27 September 2021 (UTC) reply

  I'd be the first to admit that I still have things to learn; however, while the duties of clerks and CUs overlap, they aren't identical. I've never had to perform a complex manual histmerge on two concurrent SPI cases, so I still need to learn how to do that and demonstrate competence since it's something a full clerk needs to be able to fly solo on. I don't think that lacking certain specific experience essential to clerking unusually complicated cases would prevent me from using the CU tools effectively to handle more typical cases. Girth Summit _(blether) 22:23, 27 September 2021 (UTC) reply

  I wasn't planning to comment on other candidates, but since this came up and Girth Summit is my trainee - I agree with everything he's said above. At this point he operates basically autonomously, asking for help as needed, but I trust him to make good decisions on his own. He is a trainee, but I believe he's learned all the skills he would need to operate effectively as a CU. GeneralNotability ( talk) 12:29, 28 September 2021 (UTC) reply

• The project is currently in very strong need of additional checkusers who have administrative experience in WP:SPI, and Girth Summit is yet another administrator that fits this bill. Girth Summit is one of the most level-headed administrators on the project, and I suspect that I am not alone in my impression of him. It is not necessary to become a full SPI clerk before becoming a checkuser—many checkusers, myself included, were never SPI clerks at all before becoming checkusers. Mz7 ( talk) 06:04, 5 October 2021 (UTC) reply
• Seems to have a great handle on the IPBE process as it relates to WP:IPECPROXY. Good answer, thank you! SQL ^{Query Me!} 13:36, 5 October 2021 (UTC) reply
• Even though Girth Summit is an SPI clerk trainee, their more than basic experience in SPI shows that they are more than capable of becoming a good and useful checkuser. TheGeneralUser ( talk) 23:25, 6 October 2021 (UTC) reply

Dreamy Jazz

Nomination statement

I am applying for the CheckUser permissions. My RfA was in December 2019 and I’ve been a SPI clerk since May 2020. Furthermore I’m a VRT agent, ArbCom clerk and have been previously active in accounts for creation. SPI has a backlog of cases, which as I write this statement is mostly comprised of checkuser requests, which I could help address if I am appointed. I’m also willing to help in ACC and UTRS. You can reach me over IRC for off-wiki communication and if I am appointed, I will respond to request for checkuser over IRC. I am familiar with the relevant policies from my time as a SPI clerk and already signed the relevant agreements. As a SPI clerk, I’m very familiar with IP addresses, ranges and identifying sockpuppets from their edits. If you have any questions for me, please feel free to ask them below.

Standard questions for all candidates (Dreamy Jazz)

1. Please describe any relevant on-Wiki experience you have for this role.

   As mentioned in my nomination statement I have been a SPI clerk since May 2020, and I’ve been a full once since February 2021. Through my work as a SPI clerk, I’ve been working alongside CUs and so I think I am familiar with what a CU needs to do before they can run a check and how they can report results. As a SPI clerk I also have been dealing with reported IP addresses and making range blocks. I feel that I also meet several of the "particular need" points mentioned by ArbCom for this year’s appointments including currently using IRC and VRT, and analysing behavioural evidence at SPI.

   I was also an ACC team member a while back where I dealt with private information such as IP addresses of those requesting an account. I no longer have access to the tool due to inactivity. As such I am already familiar with how to handle private information such as IP addresses.

   As a side note, I've attempted to keep the answers to these standard questions shorter. However, if you would like more information from me about matters relating to questions 1 and 3 please ask a question below.

2. Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

   I study Computer Science at university. From my degree, and from my general understanding of computer science, I’ve have a good understanding of tech in general. I’ve also had a CS internship in the public sector which gave me access to information which needed credentials to access and was not always publicly accessible through other sources.

3. Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have VRT permissions? If so, to which queues?
   • I do not hold and have never held any of these advanced permissions.
   • I am a member of the info-en and info VRT queues.

Questions for this candidate (Dreamy Jazz)

Editors may ask a maximum of two questions per candidate.

1. As I write this, there are approximately 120 VRT "tickets" in the paid editing queue. Can you tell us a little bit about your experience in addressing undisclosed paid editing, and are you intending on working to address the backlog in this queue? Risker ( talk) 02:42, 27 September 2021 (UTC) reply

   I've never dealt with a off-wiki report of paid editing. However, I have used edits and other actions made onwiki by accounts (including their username) to determine if I think a user could be making edits for undisclosed payments. I've also dealt with users reporting a sockpuppet with onwiki evidence of undisclosed paid editing. To respond to these concerns / reports, I've left uw-paid warnings and blocked users for suspicion of undisclosed paid editing when I've also blocked them for WP:UPOL violations or sockpuppetry (so that these concerns should be addressed in any unblock request). If you would like specific examples, then I can detail some in a follow up answer, but alternatively you can view these by searching for the phrase "paid" in the log of blocks I have made.

   Although my experience of off-wiki reports is very limited (which is what this queue deals with) I am willing to help to reduce this backlog but would want to be helped by an functionary who is experienced in dealing with tickets in the paid editing queue while I learn how to deal with the reports. Dreamy Jazz ^{talk to me | my contributions} 10:45, 27 September 2021 (UTC) (modified for clarification 15:19, 27 September 2021 (UTC)) reply

2. How would you evaluate an IPBE request in the context of WP:IPECPROXY. SQL ^{Query Me!} 13:16, 29 September 2021 (UTC) reply

   My answer presumes you are asking about my response to a request for IPBE to edit using a anon proxy. I can go into more detail about other valid reasons for IPBE in a follow up question if you would like.

   Being able to use anon proxies to edit is a easy avenue for abuse. For example, a good hand IPBE account could use an anon proxy while their bad hand accounts could all use their normal IP address. If 3 months have passed or the bad hand accounts use a different IP to what was previously used by the Good hand account, CU data may not give a technical connection between the good hand and bad hand accounts (as the IP addresses used will be different). As such, and as is specified in IPECPROXY, IP block exemption is granted only to trusted users.

   I have not had much experience with granting IPBE and so would consult with experienced CUs as to how to deal with requests if appointed. However, this is the process I think I would follow to evaluate an IPBE request to edit using a proxy.

   • I would first check the block log for the proxy they are trying to use to look for information such as notes left in the block log. If this raises a concern, I would then discuss with the CU who left the note or alternatively other CUs as to decide what action to take.
   • Then I would see if the user who wants to use IPBE is actually meaning to edit using a proxy. For example, they may use Apple's new beta Private Relay feature which routes their traffic through an anon proxy without meaning to. Checking this ensures that IPBE is only then handed out to users who are deliberately meaning to use an anon proxy.
   • After that I would check to see if the user is trusted. This would include checking their block log, contributions, edit filter log, user talk page / archives, if they are mentioned in any SPI case, and searching for any reports about them at noticeboards (e.g. AN or ANI). I would also check CentralAuth to see if they had any active blocks on other wikis and to see if they are trusted on other wikis (such as having ip block exempt on other wikis). I would place less emphasis on minor, not relevant or old issues, but would see sockpuppetry or recent blocks as a major issue.
   • I would finally consider whether the reasoning they provide in the request justifies the need for IPBE to edit through an anon proxy. For example, I would see a trusted user who needs to use an anon proxy to edit because of restrictions in their country (such as the Great Firewall of China) as valid reason. However, requesting it because they want to use an anon proxy to bypass a hard block on their normal IP which is not meant for them wouldn't be a valid reason. This is because they should request to have IPBE to use their normal IP address and not for using an anon proxies.

   Using this information I would determine what action to take. If the IPBE right was granted I would then note it at Wikipedia talk:IP block exemption/log with any relevant information that can be posted onwiki. Thanks for your question and apologies if my answer is too long. Let me know if you would like more detail. Dreamy Jazz ^{talk to me | my contributions} 13:52, 30 September 2021 (UTC) reply

Comments (Dreamy Jazz)

Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-cwikimedia.org. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided.

• I'm slightly concerned that this user is rushing into things a little too quickly. The short amount of time between their RFA, them becoming an SPI trainee, and then even becoming an ARBCOM clerk (!) is a little too short in my humble opinion to support a request for yet another advanced permission now. I would probably support in a year or two as long as no serious concerns arise between now and then. 199.8.32.6 ( talk) 22:00, 27 September 2021 (UTC) reply

  Thanks for your input. I do agree that my candidacy can be seen as me rushing into things. My intention to go for CU now, instead of in a few years time, was because of the backlog of CU requests at SPI which I think I can help to address. As such my intention was not to rush into this and is to put myself forward to help. However, I do respect your opinion and understand that compared to all apart from one here I am the newest admin.

  As I did not mention the dates of my clerking with ArbCom, I became a trainee ArbCom clerk in January 2020 and have been a full one since August 2020. Dreamy Jazz ^{talk to me | my contributions} 11:37, 28 September 2021 (UTC) reply

• As I mentioned for other candidates, this project currently has a very strong need for additional checkusers who have administrative experience in WP:SPI, and Dreamy Jazz fits this bill. While their activity in SPI this past year has not been as active as some of the other candidates here, I maintain that adding them to the team would be a net positive to the project. Mz7 ( talk) 06:04, 5 October 2021 (UTC) reply
• Very thorough answer to my question. I've known DJ for some time, and trust them. SQL ^{Query Me!} 13:38, 5 October 2021 (UTC) reply
• Given Dreamy Jazz's experience as a full time SPI clerk for over a year and additional experience in other related areas, they would be a great addition to the checkuser team. TheGeneralUser ( talk) 23:30, 6 October 2021 (UTC) reply

GeneralNotability

Nomination statement

Hello! I'm GeneralNotability, and I'm applying for the checkuser and oversight permissions. For checkuser, I have been an SPI clerk since I became an administrator and have a good deal of experience dealing with sockpuppet investigations. I have a good understanding of both the abilities and limitations of the tool. I've also been active in tackling abuse from open proxies, including peer-to-peer proxies. I expect that I would mainly use the checkuser tool at SPI, but I also intend to work on CU-related backlogs, particularly the paid-en queue and requests for IPBE. I also intend to continue training SPI clerks. I would also be interested in developing scripts to streamline the checkuser process. As for oversight, I am active in the revdel request channel on IRC and would be willing and able to help tackle the suppression requests that come through the channel, especially since some revdel requests end up needing suppression. I expect I would also make use of it at SPI from time to time - there have been occasional cases where I had to ask an oversighter for help since some of the material common to two accounts was suppressed.

Standard questions for all candidates (GeneralNotability)

1. Please describe any relevant on-Wiki experience you have for this role.

   I'm active in the IRC revision-deletion channel and request suppression semi-regularly (either because somebody requested normal revision-deletion but I think suppression is necessary, or because I found something suppressible myself). Most of my requests are simple cases of users posting too much personal information, but I also have had to request it for OUTING at the Conflict of Interest Noticeboard or during sockpuppet investigations.

2. Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

   As mentioned in my CU section, I have worked in jobs dealing with sensitive data, such as data protected by NDA or data with legal/regulatory handling requirements.

3. Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have VRT permissions? If so, to which queues?

   I do not hold advanced permissions on any other projects. I have access to the info-en VRT queue.

Questions for this candidate (GeneralNotability)

Editors may ask a maximum of two questions per candidate.

1. Recently you said As several oversighters I've argued with (plus current ArbCom, whom I've emailed complaining about this) are well aware, I am unhappy with the current state of affairs in which off-wiki OS consensus apparently includes suppressing threats of harm [1]. Could you elaborate on what you mean by this? -- Rs chen 7754 02:58, 27 September 2021 (UTC) reply

   Rschen7754, certainly. First, I want to say this up front: I am not opposed to suppressing threats of violence and self-harm. My issue is with transparency in what suppression can be used for.

   So: over the past couple of months, I became aware that there was longstanding consensus among oversighters that these sorts of threats of harm should be suppressed. I gave several people, including ArbCom, an earful about this, because I did not think that it clearly met any part of WP:OSPOL. I was also quite unhappy to discover the existence of not-publicly-documented "oversighter consensus" at all. Following the discussion you linked, I have come to agree with TonyBallioni's statement that if someone lacks the capacity to reveal information that would otherwise be suppressed, we will suppress. If someone is making a threat of self-harm on the project, we can safely assume they lack that capacity. However, I do not believe that derivation of OSPOL is immediately obvious to the average editor, and so it should be made clear on-wiki.

   I've come to understand that OSPOL is a policy with a lot of flexibility, and that not every situation needs to be spelled out explicitly. However, in a situation like this (longstanding consensus to suppress in a particular situation but the way OSPOL applies is not immediately obvious), I think it's appropriate to publicly document that situation for the benefit of the community. Not everything needs to be documented, of course, since suppression is (by nature) there to protect peoples' privacy. I just want a little more transparency where it's possible to do so without compromising privacy. GeneralNotability ( talk) 03:43, 27 September 2021 (UTC) reply

2. Here's a situation that I encounter relatively often. A minor who's 13-14 years old is disclosing personal information about themselves, such as their name, their birthday, their social media accounts and what school they go to. What, if any, of the previous facts about themselves are eligible for oversight? Do you oversight all of them, none of them, or some of them?

   All of those are private information, and they should all be suppressed (well, birthday on its own might not be suppressible on its own, I'd probably check with someone else, but I don't think I've ever seen birthday not accompanied by other PII). The policy reasoning, as I understand it, is that we expect that a minor to not understand the consequences of self-outing like that, and so we suppress as a matter of their safety. GeneralNotability ( talk) 13:43, 2 October 2021 (UTC) reply

3. As an extension of this, let's say someone has created a draft with large amounts of unsourced/poorly sourced (e.g. sourced to social media accounts) personal information about a minor under the age of 13. It's not possible to tell if the editor actually is the minor in question. Do you oversight? Chess ( talk) (please use {{ reply to|Chess}} on reply) 03:51, 2 October 2021 (UTC) reply

   Yes, I would oversight. I've actually encountered exactly that situation - someone very aggressively promoting a young "aspiring musician" with a lot of unsourced/poorly-sourced biographical details (it's one of the few times I've seen an OversightBlock applied). GeneralNotability ( talk) 13:43, 2 October 2021 (UTC) reply

Comments (GeneralNotability)

Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-cwikimedia.org. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided.

• I've gone back and forth a few times on reading the answer to my question and it seems I'm running out of time before this thing closes. On one hand transparency is important especially with OS - keeping only what must be private from the community. On the other - precedent and consensus is important especially with a tool like OS. If elected I hope you will take the time to listen to your fellow team members - while challenging the status quo is an important capability there is a right and a wrong way to do it. -- Rs chen 7754 06:49, 5 October 2021 (UTC) reply

  Rschen7754, no idea if I'm breaking an unspoken rule by replying to your comment, but I entirely understand what you're saying, and I definitely wouldn't be charging ahead and sharing things openly without talking to the rest of the team to get consensus. I have my opinions, but my opinions don't override consensus, especially in one of the project's most sensitive areas. GeneralNotability ( talk) 13:37, 5 October 2021 (UTC) reply

• The questions I asked weren't really hypotheticals and I believe General notability did a good job of answering them, although I will say I've seen OSes not suppress self disclosed PII about minors over the age of 13, although in those cases they were more in the range of 16-17. There should probably be a clearer standard. Chess ( talk) (please use {{ reply to|Chess}} on reply) 13:21, 5 October 2021 (UTC) reply
• Given GeneralNotability's vast experience at SPI (in addition to being an SPI clerk), their excellent knowledge on the workings of it and their plentiful experience in handling revision-deletion requests, I think they would be a good addition to the Oversight team as well. TheGeneralUser ( talk) 23:41, 6 October 2021 (UTC) reply

Girth Summit

Nomination statement

In the time I've spent editing Wikipedia, I've formed the opinion that while admins perform multiple tasks which are vital to the smooth running of the project, the one which is most important to deal with urgently is the protection of our contributors, and of the subjects of our articles about living people, from harm. I've come across numerous cases of harassment, doxxing and threats of violence, and want to do whatever I can to help deal with such situations. I've done what I can with the normal admin toolset, and I became involved in SPI clerking last December in hopes of becoming more effective in this area. I believe that access to the CU and OS privileges would allow me to be more effective in this area, so if the functionaries team believe that I would be able to use them competently and not to abuse them, I would like to be given the opportunity to serve in these roles.

Standard questions for all candidates (Girth Summit)

1. Please describe any relevant on-Wiki experience you have for this role.

   While patrolling recent changes and new pages, or while working SPI cases, there are occasions when I come across material that needs to be suppressed rather than just revdelled. I usually e-mail the OS team for them to take a look, or sometimes reach out on IRC; I believe I'm now at the point where I could deal with such things myself rather than asking for someone else to step in.

2. Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

   I'm a teacher - I handle personal/sensitive information about minors as part of my day job, and I teach children and teenagers about keeping themselves safe online; this has made me aware of the importance of keeping private information private.

3. Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have VRT permissions? If so, to which queues?

   No, EnWiki is the only project on which I hold advanced permissions.

   I was granted permission to the info-en queue on OTRS in 2019, but I confess that I did very little with it – I found the interface confusing, and was concerned about messing things up in a public-facing role. Another editor kindly offered to talk me through it on a call, but we didn’t manage to pin down a mutually convenient time, and I wandered off into other areas of the project. I would be willing to pick this up again.

Questions for this candidate (Girth Summit)

Editors may ask a maximum of two questions per candidate.

Comments (Girth Summit)

Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-cwikimedia.org. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided.

• I have interacted with Girth Summit extensively over the years, and I have high respect for his judgment and temperament. I do not think I have ever seen Girth Summit lose his cool even in stressful situations. I believe the addition of his levelheadedness to the oversight team can only benefit the project. Mz7 ( talk) 05:48, 5 October 2021 (UTC) reply
• Girth Summit's answers to questions, their knowledge and experience shows that they are extremely careful when working in areas like these and would be a great addition to the Oversight team. TheGeneralUser ( talk) 23:50, 6 October 2021 (UTC) reply

LuK3

Nomination statement

I am applying for the Oversight permission. Before being an administrator, I was extremely active in requesting both revision deletion and oversight. Since my successful request for adminship last September, I have been active in responding with revision deletion requests. I have also been active in requesting suppression, both via email and on IRC. Through my own edit patrolling and responding to the revision delete requests, I believe I have strong knowledge of Oversight policies and procedures. I have signed the Confidentiality agreement for nonpublic information due to my work over at the Account Creation Interface so privacy is of the utmost importance to me.

Standard questions for all candidates (LuK3)

1. Please describe any relevant on-Wiki experience you have for this role.

   Since my successful request for adminship back in September 2020, I have been active in responding to revision deletion requests. Most of those request happen on IRC or through email. In addition, I am active in requesting suppression both on IRC and through email. This happens via my patrolling at WP:AIV, WP:RFPP, WP:UAA or the edit filter logs.

2. Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

   My work does involve non-public information (release dates, etc.) for which I have signed non-disclosure agreements. In addition, my previous work did involve personal private information (phone numbers, addresses, etc.) so privacy is very important to me.

3. Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have VRT permissions? If so, to which queues?

   I do not have any advanced permissions on the English Wikipedia or any other WMF project. I do however have access to the info-en queue on VRT. In addition, I have access to the English Wikipedia Account Creation Interface.

Questions for this candidate (LuK3)

Editors may ask a maximum of two questions per candidate.

Comments (LuK3)

Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-cwikimedia.org. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided.

• LuK3 is active in the areas of the project's maintenance that require him to request oversight frequently, and his judgment is quite sensible. He already had a proficient grasp of the oversight policy to become an oversighter even before he became an administrator. I think he is one of the clearest choices for the oversight team we've ever had. Mz7 ( talk) 05:48, 5 October 2021 (UTC) reply
• I will only note that I will be incredibly astonished if LuK3 does not join the Oversight team this year. Sdrqaz ( talk) 11:15, 5 October 2021 (UTC) reply
• I don't often hold strong opinions with regards to the OS team. I do strongly believe that LuK3 would be a net positive in this context. SQL ^{Query Me!} 13:46, 5 October 2021 (UTC) reply
• Even though Luk3 has been an admin for just over a year, their answers to questions, experience and judgement clearly shows that they will be a great addition to the Oversight team. TheGeneralUser ( talk) 23:11, 6 October 2021 (UTC) reply

Dreamy Jazz

Nomination statement

I am applying for Oversight permissions. As detailed in my statement above in the CheckUser requests section I have been an administrator since December 2019 and I’m also a ArbCom clerk. I’m familiar with RevDel and have made several suppression requests. My requests have included asking for suppression for a user I was supporting through VRT when they made accidental logged out edits on several occasions and requesting oversight for identifying personal information which was self-posted by minors. Although I am not aware that OS has a backlog like SPI, if appointed I would use OS when new page patrolling to hide personally identifying information about minors to skip needing to make an email to request oversight. I’m active on IRC and would respond to requests for oversight made over IRC. As I am already a VRT agent, I would also respond to requests on the oversight email address. If you have questions for me, please feel free to ask them below.

Standard questions for all candidates (Dreamy Jazz)

1. Please describe any relevant on-Wiki experience you have for this role.

   As mentioned in my nomination statement, I am familiar with revision deletion (RevDel) and have used it on many occasions. I have also made several requests to oversight through the oversight email address as mentioned in my nomination statement, so I feel that I have good understanding of when oversight should be applied. As a previous member of the ACC team (leaving due to to inactivity) I have had wiki-related experience in handling private information such as IP addresses. If appointed, I would expect to see requests that include hiding the IP address of accidentally logged out editors. I feel my experience dealing with IP addresses through the ACC tool translates to handling IP addresses when dealing with oversight requests.

2. Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

   As detailed in standard question 2 in my CU section, I had a CS internship in the public sector which gave me access to information which needed credentials and was not necessarily public. This information included email addresses and phone numbers which were associated to a person and may not have been released publicly outside this particular public sector system.

3. Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have VRT permissions? If so, to which queues?
   • I do not hold and have never held any of these advanced permissions.
   • I am a member of the info-en and info VRT queues.

Questions for this candidate (Dreamy Jazz)

Editors may ask a maximum of two questions per candidate.

Comments (Dreamy Jazz)

Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-cwikimedia.org. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided.

• Given Dreamy Jazz's experience as an admin (especially in handling revision deletion), as a full time SPI clerk for over a year and additional experience in other related areas, I think it would be beneficial to have them on the Oversight team as well. TheGeneralUser ( talk) 23:34, 6 October 2021 (UTC) reply