Jump to content

Wikimedia Access to Temporary Account IP Addresses Policy

From Wikimedia Foundation Governance Wiki

Access to the IP addresses of temporary accounts helps users protect the Wikimedia projects. This access is different from access to the IP Information tool, which was designed to empower a broader range of users. As a condition of access, users who have not agreed to the Access to nonpublic personal data policy must agree to the following guidelines.

Background

Wikimedia projects are the collaborative product of a global community of volunteer users. The projects can be edited with or without logging into a Wikimedia account. Those who edit without logging into a Wikimedia account do so using a temporary account, which does not have log-in credentials.

Purpose

The Wikimedia Foundation gives certain logged-in users access to the IP addresses of temporary accounts to enable these users to enforce or investigate potential violations of Wikimedia Foundation or user community-based policies. Access is used to fight vandalism and spamming, to check for sockpuppet abuse, and to limit disruption to Wikimedia projects.

Use and disclosure of temporary account IP addresses

Use of temporary account IP addresses is limited to certain circumstances and contexts. This section covers the situations in which these IP addresses may be used and when they may be disclosed.

Use of temporary account IP addresses

Use of temporary account IP addresses is solely for the investigation of or enforcement against vandalism, abuse, spam, harassment, disruptive behavior, and other violations of Wikimedia Foundation or community policies. Access to temporary account IP addresses should be on an as-needed basis and in compliance with these guidelines, the Privacy Policy, and more restrictive local policies applicable to the relevant project.

Access should not be used for political control, to apply pressure on editors, or as a threat against another editor in a content dispute. There must be a valid reason to investigate a temporary user. Note that using multiple temporary accounts is not forbidden, so long as they are not used in violation of policies (an example of a violation includes to evade blocks or bans).

Those with access to temporary account IP addresses are able to:

  • Determine from which IP addresses a temporary account has performed edits or logged actions on a Wikimedia wiki.

This information is only stored for a short period (currently 90 days), so IP addresses used prior to that will not be shown. The IP addresses are accessible by clicking the reveal button next to a temporary account username on log, history, and recent changes pages. The IP addresses are also available through the IP Information tool.

Disclosure

Even if a user is violating policy, avoid revealing personal information if possible. Use temporary account usernames rather than disclose IP addresses directly, or give information such as same network/not same network or similar.

In the course of keeping the projects and other users safe, users may still need to disclose temporary account IP addresses to third parties. Permissible disclosures are limited to the following circumstances:

  • Users with access to temporary account IP addresses may privately disclose the IP addresses to other users who have the same access rights. To check if a user has access, please confirm the user is in the relevant group through Special:ListUsers (for local groups), Special:GlobalUsers (for global groups), or Special:CentralAuth (for both local and global groups).
  • When it is reasonably believed to be necessary, users with access to temporary account IP addresses may also disclose the IP addresses in appropriate venues that enable them to enforce or investigate potential violations of our Terms of Use, the Privacy Policy, or any Wikimedia Foundation or user community-based policies. Appropriate venues for such disclosures include pages dedicated to Long-term abuse. If such a disclosure later becomes unnecessary, then the IP address should be promptly removed.
  • Users who have agreed to the separate Access to nonpublic personal data policy may also disclose temporary account IP addresses as permitted under that policy.

If temporary account IP addresses need to be disclosed in connection to a threat of imminent physical harm, immediately email emergency@wikimedia.org with details of the request so that it can be evaluated for possible Foundation disclosure.

Minimum requirements for access

Access is available only to logged-in users. To gain access, users must fulfill the requirements applicable to their user group, which are outlined below. Users who qualify for both global access and local access, need only meet the requirements associated with global access.

Global access

Members of certain global user groups and certain local user groups require access to temporary account IP addresses across all Wikimedia projects in order to adequately perform their roles. Requirements for access depend on the user group. Users who are members of more than one of the below user groups only need to fulfill the requirements of one of their user groups. For example, a member of both the Ombuds and Abuse filter maintainers user groups will receive automatic access through the Ombuds requirements; such a user's access would still be for both roles.

Stewards, Ombuds, and Staff

Access is automatically granted to users who are members of any of the following global user groups: Stewards, Ombuds, and Staff. Stewards and Ombuds are expected to treat the IP addresses consistent with these guidelines and the Access to nonpublic data policy. Staff are expected to treat the IP addresses consistent with their NDA.

Global sysops, Global rollbackers, and Abuse filter maintainers and helpers

Members of the Global sysops, Global rollbackers, Abuse filter maintainers, and Abuse filter helpers user groups may opt-in globally through Special:GlobalPreferences. These users must then agree to use the IP addresses in accordance with these guidelines, solely for the investigation or prevention of vandalism, abuse, or other violations of Wikimedia Foundation or community policies. Alternatively, these users may choose not to opt-in globally; global access will then not be granted so long as the users are not also members of global user groups that have automatic access.

CheckUsers and Oversighters

Users who are members of local CheckUsers or Oversighters user groups may opt-in globally through Special:GlobalPreferences. These users are expected to treat the IP addresses consistent with these guidelines and the Access to nonpublic data policy.

Local access

Certain users require access to temporary account IP addresses on individual "local" Wikimedia projects in order to protect those projects. Requirements for access depend on the local user group. Users who are members of more than one of the below user groups only need to fulfill the requirements of one of their user groups. For example, a member of both the local CheckUsers and Bureaucrats user groups will receive automatic access through the CheckUsers requirements; such a user's access would still be for both roles.

CheckUsers and Oversighters

Local access is automatically granted to users who are members of the local CheckUsers or Oversighters user groups. These users are expected to treat the IP addresses consistent with these guidelines and the Access to nonpublic data policy.

Administrators and Bureaucrats

Local Administrators and Bureaucrats may opt-in through Special:Preferences on the local project and agree to use the IP addresses in accordance with these guidelines, solely for the investigation or prevention of vandalism, abuse, or other violations of Wikimedia Foundation or community policies. Alternatively, these users may choose not to opt-in; access will then not be granted so long as the users are not also members of user groups that have automatic access.

Patrollers and other users

Users who are not a member of one of the above groups may nonetheless need access to the IP addresses of temporary accounts to assist in patrolling, sock puppet investigations, or other work to protect Wikimedia projects.

To request access, these users must:

  1. Opt-in through Special:Preferences on the local project,
  2. Agree to use the IP addresses in accordance with these guidelines, solely for the investigation or prevention of vandalism, abuse, or other violations of Wikimedia Foundation or community policies,
  3. Meet all of the following general requirements:[Note 1]
    1. User account is a minimum of 6 months old, and
    2. User account has made a minimum of 300 edits to the local project.

After opt-in, access is automatically granted to users who meet the requirements. In order to maintain access to the IP addresses of temporary accounts, users in this category must edit or take a logged action to the local project at least once within a 365-day period.

Removing access

Users may voluntarily give up their access at any time by visiting Special:Preferences. Users who are blocked from editing a Wikimedia project will lose access to temporary account IP addresses on that project.

Concerns about potential abuse of access to temporary account IP addresses may be brought to a steward by placing a request on Steward requests/Permissions#Removal of access. Stewards are authorized to terminate a user's access if the user is determined to have misused the temporary account IP addresses. If necessary, requests for review by Trust & Safety staff can be made through ca@wikimedia.org, and user access removed in line with the Office actions policy. Complaints about infringements of the Privacy Policy will be escalated for review by the ombuds commission.

To ensure accountability, a log is kept of which users have access to temporary account IP addresses.

Notes

  1. These general requirements are adapted from requirements traditionally used to determine eligibility to vote in the Board Elections.

See also