Meta talk:CheckUsers

From Meta, a Wikimedia project coordination wiki

Only is admin required to become a checkuser?[edit]

Hello dear Meta users. Our Meta:Checkuser policy clearly doesn't write that you need to be an administrator to be a checkuser. But in our local oversighter and bureaucrat policies, being an admin is a must. As @MarcoAurelio: said a few months ago, the removal of admin rights leads to the removal of such other advanced rights. As a I looked at all the former and now checkusers, it is clear that some Meta admins have been a checkuser after being selected as a admin. Here, too, as @DannyS712: said, he was surprised that there was no such requirement in this policy. see, a talk for removed checkuser rights between Marco and Danny on October 2020 similar to this topic Can we add an expression to the policy that only admins can have the checkuser rights because none of the users except admins have checkuser? Our bureaucrat and oversight policy stipulated this. On most wikis, most checkusers are an local admin on own wikis. Thus, checkusers can directly block users. Also other checkusers @Ajraddatz, Sotiale, Trijnstel, and Vermont: I specifically wanted to get an opinion from users who are directly related to this topic. If it will be a condition be an admin in this policy, we can answer similar questions in the future a little bit easier. Regards. --Uncitoyentalk 16:06, 8 February 2021 (UTC)[reply]

I'm not sure that this is really needed. In practice most users who are CUs will be local admins, but I generally don't like hard requirements. Either way, CU tools can be removed by the inactivity process whether the person is an admin or not. – Ajraddatz (talk) 17:18, 8 February 2021 (UTC)[reply]
The issue is that OS is an extension of RevDel - restricting the access to deleted copies /revs of content to even more people with an even stricter criteria - so having admin access is beneficial. CU on the other hand is a technical tool, which there isn't a need for the user to be an admin to do, and in some cases, having a CU separate from admins can be beneficial, some wikis do this to make sure a block can be reviewed by 2 persons before executing. So although both involve private data, the nature isn't, one is reactively hiding private data while another is proactively seeking private data. The 1st one is just an extension of admin duties, the 2nd isn't. My 2 cents. Camouflaged Mirage (talk) 17:23, 8 February 2021 (UTC)[reply]
In fact, on some wikis don't have to be an admin to become a checkuser. On my home wiki we are a community that has experienced this separately for both checkuser and oversighter on trwiki. If I don't remember wrong, I know that some big projects such as English, French and Commons have an admin condition for these rights. I wanted to mention this because there is no non-admin as a checkuser in the archives so far. This may be partly because the community trusts admins more. Sometimes, some users, including me, can confuse whether becoming a checkuser or removing in Meta is directly linked to the admin right. Perhaps, as you said, seeing a non-admin checkuser can also be useful for Meta. I'm wondering if it would be right to turn an unwritten custom into a rule. Thanks for your comments. :) It will be good to see other users opinions as well. --Uncitoyentalk 17:47, 8 February 2021 (UTC)[reply]
Neither Meta:CheckUsers nor Meta:Oversighters are policy pages on Meta. They document current practices and are simply information pages.
In any case, I think only administrators should be permitted access to the CU and OS toolkits as they're natural extensions of the sysop permissions. You can't fully and autonomously use those tools to accomplish your work without having access to others that come bundled with adminship (e.g. see deleted revisions or blocking, etc.). Please take note that pursuant to this interpretative statement from the OC "there must be no one else who has access to the same or same type of information you do that you can disclose the information to in a timely manner" (emphasis mine). This means that e.g. a non-admin CU that needs to have an IP or IP range blocked will need to shift part of his work burden either to other CUs that are admins, or to the stewards; and that doing otherwise likely means an infringement on a basket of policies to name the CU policy, ANIP, the privacy policy and the terms of use. Selecting CUs and OSs from existing admins also means a pre-vetting process both on trust and performance before letting the candidate dive into other very sensitive areas. Regards, —MarcoAurelio (talk) 11:48, 9 February 2021 (UTC)[reply]
Marco, thanks for your comments. Yes, I was surprised that there is no deletedhistory, deletedtext right for checkuser and oversighter in the ListGroupRights. As you said, non-admin CUs can't access these informations (deletedhistory, deletedtext etc.) here? In the some content wikis, such rights are given for checkusers and oversighters. Since there is no non-admin CU in this wiki, I thought we could add new information to this page. --Uncitoyentalk 12:10, 12 February 2021 (UTC)[reply]