Blablubbs[edit]

Blablubbs (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement

Hi, I am Blablubbs, and I am applying (only) for CheckUser access. I have been an SPI clerk for over a year, and have had the opportunity to learn a great deal about behavioural investigations over the course of my tenure. I have also had the pleasure of serving as a clerk trainer for Tamzin and Spicy. I have spent the majority of my time on Wikipedia tackling abuse that involves sockpuppetry, proxies, or undisclosed paid editing, and I believe that CheckUser would be a valuable tool to help me investigate such cases more effectively. While my primary use of the tools would likely be at SPI, I would also be happy to help out at ACC (where I am an active proxy checker), UTRS, and the paid-en and checkuser-en VRT queues.

Standard questions for all candidates (Blablubbs)[edit]

1. Please describe any relevant on-Wiki experience you have for this role.

   I became a trainee SPI clerk in February 2021, and a full clerk in June of the same year. Since then, I've clerked a large number of cases, including some complex UPE investigations, and I am comfortable evaluating behavioural evidence. Along the way, I've picked up a fair bit of networking knowledge, especially with regard to proxies. I'm comfortable making rangeblocks, and do so frequently. I'm especially active in proxy detection and have made a large number (>8000) proxy- and webhostblocks. To facilitate these efforts, I've also written a tool that searches for IP ranges based on specific descriptors and presents the results in mediawiki table format, and worked with MarioGom to collect provider-specific proxy signatures.

2. Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

   I do not have a networking or computer science background. I do have some programming experience, and I have always been a bit of a "geek" with a strong interest in computers, networks, and online privacy issues. I do not routinely work with legally protected data, but my real life occupation does sometimes include considerations about the privacy of third parties.

3. Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have VRTS permissions? If so, to which queues?

   I have never held any of those permissions on any WMF project. I do have access to VRT's info-en queue.

Questions for this candidate (Blablubbs)[edit]

Editors may ask a maximum of two questions per candidate.

1. Would you be willing to help on requests in the CheckUser queue at the account creation interface? -- LuK3 (Talk) 14:33, 26 September 2022 (UTC)[reply]
   • Yes, absolutely. --Blablubbs (talk) 17:04, 26 September 2022 (UTC)[reply]
2. Since you block a large number of proxies, colos, etc, I'm interested to know how you handle associated collateral. As a checkuser I'm certain you'll see a whole lot more. Can you provide some examples of potential collateral and how you've dealt with it? -- zzuuzz ^(talk) 15:21, 26 September 2022 (UTC)[reply]
   • Generally speaking, I do my best to limit potential collateral of webhostblocks by querying for underlying ranges that may not be assigned to the same provider (whois -aM $RANGE) and looking for specific indicators of hosting activity with Shodan range queries whenever I'm uncertain. I also frequently soften bot-proxyblocks when I see evidence of CGNAT use. A specific example of collateral mitigation that comes to mind is when a steward reached out because he had verified that 213.202.232.64/28, a subrange of the then-hardblocked hosting range 213.202.232.0/21, was being used by a school. I didn't want to lift the block entirely because the underlying range does have lots of hosting on it, so we worked out how to reblock the entire range in small increments and dropped the /28 down to a softblock. --Blablubbs (talk) 17:04, 26 September 2022 (UTC)[reply]
3. You mention that you are active in UPE work, what is the line between investigating UPE and investigating socks with CheckUser in your mind? -- Amanda (she/her) 05:47, 27 September 2022 (UTC)[reply]
   • Just a quick note to acknowledge that I have seen this and hope to answer tomorrow. Apologies for the delay. --Blablubbs (talk) 20:18, 27 September 2022 (UTC)[reply]
   • The two issues are of course distinct in that proving them individually works very differently: CU shows IPs, but it can't reveal intent, and is accordingly not very useful for proving UPE. However, a huge chunk of moderately sophisticated UPE activity^[a] entails socking of one kind or another, be it through block evasion or concurrent use of multiple accounts. In those cases, the line softens: If, in the course of investigating an account for UPE, credible suspicions of illegitimate use of multiple accounts surface, it can still be appropriate to run a check and take action based on the results – a caveat being that CU is often of limited usefulness in UPE cases because of proxy use, "decentralised" meatpuppetry, or difficult ranges. --Blablubbs (talk) 15:47, 28 September 2022 (UTC)[reply]
4. What is your take on blocking IPs and accounts using the {{checkuserblock}}? A lot of these are often applied as indefs or large rangeblocks that often last years at a time and often deny large mobile IP ranges due to a vandalism. Should these be treated as arbcom decisions or office actions where other administrators can't undo or should these be done by consensus? NYC Guru (talk) 11:58, 29 September 2022 (UTC)[reply]
   • I think regulation-wise, the status quo is fine: CU blocks are blocks based primarily on CU data, and so they shouldn't be loosened by people who do not have access to that data. It is impossible, for example, for a non-CU to tell whether a hardblock of an IP that has never made anonymous edits is appropriate or excessive, because there is no way to tell what registered users on that IP are up to, and it would be an NDA violation to publicly disclose that information – and so having anyone but a CU or arbcom review that block would seem somewhat pointless. This makes CU blocks somewhat similar to arbcom blocks and office actions in that the group of people who have enough information to review an appeal is limited, but since CU blocks may be overturned by any individual checkuser (and we have far more of those than we have arbs or case review committee members), appeals are substantially quicker and easier. Broad peer review is of course a good thing though, so I would err on the side of preferring "regular" admin actions over CU blocks whenever I believe that publicly available information is sufficient for any admin to make an informed decision about its appropriateness. I'm afraid I'm not entirely sure what you mean by "consensus" in your question above – if you are referring to a system where any CU block has to be pre-approved (or immediately reviewed) on the checkuser mailing list (if memory serves, Oversight blocks are usually handled this way), then I would be inclined to oppose such a system on the grounds that CU blocks are very common, and requiring panel review of each and every one of them would likely take up an inordinate amount of people's time. --Blablubbs (talk) 16:50, 29 September 2022 (UTC)[reply]

Comments (Blablubbs)[edit]

Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-cwikimedia.org. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided.

• Perhaps I'm biased as his clerk trainee :)... but I believe that Blablubbs is an excellent candidate for the tools. It strikes me that the bullet points below We particularly encourage applicants who fit one or more of the following descriptions to volunteer are essentially a description of him. Spicy (talk) 11:04, 26 September 2022 (UTC)[reply]
• As strong an endorsement as you can get from me. Blablubbs has everything we're looking for in a CU and would be a huge boon to the project. GeneralNotability (talk) 13:21, 26 September 2022 (UTC)[reply]
• Clear endorse - Blablubbs is highly trusted and highly competent in the field. A major benefit to the project as CU Nosebagbear (talk) 13:34, 26 September 2022 (UTC)[reply]
• Endorse. I do not have much to add that hasn't already said. -- ferret (talk) 13:52, 26 September 2022 (UTC)[reply]
• I've worked with Blabbs extensively for over a year at SPI, and have absolutely no qualms about an enthusiastic endorsement. -- RoySmith (talk) 14:07, 26 September 2022 (UTC)[reply]
• Zero reservations here. Blablubbs will do great as a CU. Katie^talk 17:44, 26 September 2022 (UTC)[reply]
• Full support from me. Dreamy Jazz ^{talk to me | my contributions} 20:41, 26 September 2022 (UTC)[reply]
• Full support. I think Blablubbs would be a great help with the paid-en queue, which is chronically understaffed. – Joe (talk) 05:54, 27 September 2022 (UTC)[reply]
• Late to the party here, but just publicly stating what I've said elsewhere - Blablubbs has my full confidence, and would be an asset to the team. I'm not commenting on the other candidates - please don't read that as opposition, I just haven't worked with them so much. Girth Summit _(blether) 11:48, 1 October 2022 (UTC)[reply]
• Support. Blablubbs has been a pleasure to work with. --Malcolmxl5 (talk) 11:57, 3 October 2022 (UTC)[reply]
• I somehow forgot that Blablubbs isn't a checkuser already. Trusted, competent. ~ ToBeFree (talk) 12:34, 3 October 2022 (UTC)[reply]
• Just echoing the support and endorsements above. Based on Blablubbs' work at SPI/ACC/OP, I believe he will be a great addition to the CU team. -- LuK3 (Talk) 14:08, 3 October 2022 (UTC)[reply]
• No reservations from me. Blablubbs has shown himself to be competent with the relevant activities, with a suitable grasp of nuance. I'm sure he'll do fine. -- zzuuzz ^(talk) 11:01, 5 October 2022 (UTC)[reply]

JJMC89[edit]

JJMC89 (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement

I am volunteering to become a CheckUser. I have been editing here since 2015 and became an admin at the beginning of 2019. I am an ACC tool admin, SPI clerk, UTRS tool admin, VRT agent, and member of the Ombuds commission. Working in these areas, I am already familiar with the relevant policies and privacy considerations and have signed the relevant agreements. ACC, SPI, and UTRS are often (or always) in need of additional CheckUser assistance, which I can help with.

Standard questions for all candidates (JJMC89)[edit]

1. Please describe any relevant on-Wiki experience you have for this role.

   I've been a member of the ACC team since May 2016 and became a tool admin in August 2017. I have been an SPI clerk since May 2020 (trainee from October 2019). Before clerking I was involved as an admin acting on behavioral evidence. As a member of the Ombuds commission since February 2021, I am well-versed in the policies that govern the use of the CheckUser tool and access to non-public personal data.

2. Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

   I am experienced with CheckUser, which I use regularly outside of Wikimedia projects. Professionally, I analyze private patient data in a highly regulated environment, including various data privacy regulations (e.g. GDPR).

3. Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have VRTS permissions? If so, to which queues?

   As a member of the Ombuds commission, I have CheckUser access and the ability to view suppressed revisions/logs on all WMF SUL wikis. I am a VRT agent with access to commons, info-en, and permissions.

Questions for this candidate (JJMC89)[edit]

Editors may ask a maximum of two questions per candidate.

1. As an admin, you're required by WP:ADMINACCT to "respond promptly to queries". This of course applies to CUs, and in my opinion, doubly so — often other checkusers will have time-sensitive questions about previous technical data you may have reviewed to make a particular block. Although taking breaks and being busy is a fact of life (and life should always come first), you've recently had bouts of inactivity and a noted lack of replies to important queries — in this case any administrator could have removed/modified the block, but this is not the case for checkuser blocks, and I believe most CUs would feel at least somewhat uncomfortable removing a block you'd made without first consulting you. Do you believe you can commit to remaining active enough to ensure queries are responded to promptly? — TheresNoTime (talk • they/them) 14:32, 26 September 2022 (UTC)[reply]

   Yes – the cause of my recent inactivity (quite busy IRL) should be ending soon. — JJMC89 (T·C) 06:16, 27 September 2022 (UTC)[reply]

2. Would you be willing to help on requests in the CheckUser queue at the account creation interface? -- LuK3 (Talk) 14:33, 26 September 2022 (UTC)[reply]

   Yes – this is top reason why I want access to the CheckUser tool since, at times, ACC requests can sit in the CU queue for a while until a CU comes by to clear it out. — JJMC89 (T·C) 06:16, 27 September 2022 (UTC)[reply]

3. What do you see as any conflicts of interest between being an active community checkuser and being on the Ombuds commission, and if selected how would you manage any such conflict? — xaosflux ^Talk 14:58, 26 September 2022 (UTC)[reply]

   There is the potential to have undue influence on cases involving the English Wikipedia or myself. I don't and wouldn't participate in cases that involve English Wikipedia policy or CUs. I also plan to avoid the routine use of CU until my OC term concludes, as previous enwiki CUs have done while on the OC. — JJMC89 (T·C) 06:16, 27 September 2022 (UTC)[reply]

4. Since you block a large number of proxies, colos, etc, I'm interested to know how you handle associated collateral. As a checkuser I'm certain you'll see a whole lot more. Can you provide some examples of potential collateral and how you've dealt with it? -- zzuuzz ^(talk) 15:22, 26 September 2022 (UTC)[reply]

   I don't recall having any issues with my colo/proxy blocks so far. Regardless, collateral can be dealt with in different ways depending on the situation: hard blocks can be softened, account creation can be permitted, ranges can be broken up into smaller ones with different block settings, or IPBE can be granted. From handling UTRS requests, I have, for example, allowed account creation on some ranges to reduce the collateral to new user registration. (1, 2, 3) — JJMC89 (T·C) 06:16, 27 September 2022 (UTC)[reply]

5. Your previous application in 2020 was unsuccessful: WP:CUOS2020. While I appreciate that often the rationale is not adequately shared with the candidates, did you have any insight from the previous time? --Rschen7754 18:15, 26 September 2022 (UTC)[reply]

   The email I received only stated that there were too many applicants for the few needed appointments without giving me any insights. — JJMC89 (T·C) 06:16, 27 September 2022 (UTC)[reply]

6. This is much the same concern as TheresNoTime expressed above, but I'm specifically interested in User talk:JJMC89#More about your G5 restoration decline. -- RoySmith (talk) 19:20, 26 September 2022 (UTC)[reply]

Comments (JJMC89)[edit]

Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-cwikimedia.org. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided.

• The questions I would have asked have been asked above, but I would like for the questions to be answered before providing some thoughts. Dreamy Jazz ^{talk to me | my contributions} 20:38, 26 September 2022 (UTC)[reply]

  Based on their answers above I would support appointment. However, I'm not sure that holding the CU right and being an OC goes well together. While I trust that JJMC89 would keep usage of CU to a minimum, I am concerned that a user who is looking to report CU tool abuse may be put off if one of the OC's members holds the CU right. Most users probably don't know about WP:AUDIT/STATS to see if a CU has made checks, and so there may be a perceived issue that there is a conflict of interest. I would have a better support once JJMC89 is off the OC. Dreamy Jazz ^{talk to me | my contributions} 08:29, 28 September 2022 (UTC)[reply]

  We have had CUs who are also on the OC (AGK, AmandaNP, to name the most recent two). Genuinely out of curiosity (so I can make a more informed decision), what makes JJMC89 different from these previous editors, or would you have not liked them being on the OC while being CUs either? Primefac (talk) 08:37, 28 September 2022 (UTC)[reply]

  My concern is not specific to any one editor, and in my opinion any OC holding the CU right is not okay. The OC needs to be able to make difficult and possibly controversial decisions about CUs. Of course I trust that any CU would while on the OC would ensure that they focus on the OC, but I think it entirely reasonable for a user reporting abuse of the CU tool to not feel confident in the process if a user part of the OC has CU rights, especially on the wiki the problem occurred on, due to the perceived conflict of interest. Dreamy Jazz ^{talk to me | my contributions} 08:46, 28 September 2022 (UTC)[reply]

  Thanks for the reply. For what it is worth, I believe this is why we exempt OC members from the normal activity requirements, as we do not expect them to be acting on enWiki whilst being on the OC. Primefac (talk) 08:50, 28 September 2022 (UTC)[reply]

  I'm just curious to how this model operates then if we extend Dreamy's line of thinking. If we had it so that no one with the CU flag could be part of the OC on any wiki, then we would have an inexperienced and potentially tone deaf like a certain 2016 decision that was handed down. We need people who are experienced using the tools in the first place to provide the viewpoint of a checkuser. Of course, i'm not speaking when the homewiki applies. Before the OC really became a thing, ArbCom had AUSC which was set to review our own checkusers and functionaries. It was formed of 3 community members and 3 arbs (with CU). Now, with AUSC gone, ArbCom returned that right back to itself. As much as I hate to say it, there have been times, without drudging up any names, where a local oversight committee has benefited the community over having the Ombuds look into a case. Do I respect some people may have reservations about emailing for the appearance that they might leak the case or be involved even when they shouldn't be? Yes. But that is where the selection process handled by the WMF is particularly important to get people who will keep their integrity. So I think it's particularly counter-productive to take aim at being on the OC as a CU, because in reality, outside of recusals, it's enhancing the OC. -- Amanda (she/her) 12:18, 28 September 2022 (UTC)[reply]

  The way that I see it is that the OC needs to have a clearly visible view that all their members are separated from any case that could come before them. Of course people who go and join the OC won't change their opinions on people based on whether or not they hold CU rights, but from my point of view if I was a new user I would want to see "separation of powers" even if this is just a perception thing.

  However, this is just a minor concern and not a reason I would use to oppose anyone outright; While I wouldn't hold CU/OS while being a OC, I wouldn't be particularly bothered if someone else did. Dreamy Jazz ^{talk to me | my contributions} 14:11, 28 September 2022 (UTC)[reply]

  Having OC not include active functionaries would not necessarily lead to inexperienced and potentially tone deaf members as it could still certainly contain former functionaries, including ones that become former functionaries the day they joined the OC. And of course the reasons why communities with CUOS's are required to have multiple CUOS's is so that the first line of audit is the other CUOS's - which is not dependent on the existence of any committees. — xaosflux ^Talk 15:57, 28 September 2022 (UTC)[reply]

• I've worked with JJMC89 on various technical things, including Pywikibot, they're knowledgeable, collegial and in general, it's always a pleasure to work with them. Legoktm (talk) 00:12, 27 September 2022 (UTC)[reply]
• Although there was not a "bad" response to by question answered above, I still have reservations about COI with OC members. I think there should be an arms-length break there, so this should be either/or. — xaosflux ^Talk 20:41, 27 September 2022 (UTC)[reply]

  Xaosflux, same question I asked Dreamy Jazz above. Primefac (talk) 08:37, 28 September 2022 (UTC)[reply]

  @Primefac as the number of functionaries is rightfully limited, adding a functionary whose appointment will limit their ability to exercise their ability (either here for our community, or in their capacity as oversight of our community). I also don't think the prior examples were appropriate; the OC is very limited in capacity and setting up a situation where they are less effective in the audit of actions in our community is something I see as a negative. None of this reservation is specific to the candidate. WP:CUOS is an arbitrary process from the enwiki communities perspective, so there is no reason it has to happen "now". A possible workaround would be that arbcom can appoint this candidate when they are no longer elsewise engaged in the OC. I would also prefer that existing functionaries that want to join the OC in the future resign from being local functionaries during their term, specifically so they don't have to recuse from potential conflicts and can better serve the communities. — xaosflux ^Talk 09:54, 28 September 2022 (UTC)[reply]

  I'm a little surprised by this. Resigning your bits doesn't make you impartial. As a steward, for example, just because we hang up our bits at our homewiki, it doesn't make us impartial from the situation and magically we can operate in that territory. We have already formed opinions on members of the community and that will be reflective in the work that is done. The reason why we have to recuse from our homewiki is because of the relationships, not the bits. Further, the idea that self-recusal from the OC would somehow lose effectiveness or ability because one member has to step out is misguided. The operation of the OC is meant to extend the right of review to all wikis, not just enwiki. The number of cases that I saw affecting an enwiki functionary during my OC term vs. the rest of our case load was a fraction. Enwiki is not the be all, end all of wikis, there is still plenty of other work to be doing on the OC in the meantime while you sit out a homewiki case. -- Amanda (she/her) 12:00, 28 September 2022 (UTC)[reply]

  The part where this candidate said they will be avoiding acting here because of their own conflict with OC is my primary concern; that the candidate is volunteering to do a job that they then say they won't do. They said they would do it later, so I think they should volunteer again when they aren't conflicted. Like most things here, there are no deadlines. — xaosflux ^Talk 12:25, 28 September 2022 (UTC)[reply]

  My impression was similar to Amanda's, FWIW. --Rschen7754 04:09, 29 September 2022 (UTC)[reply]

• For what it's worth, my experience with JJMC89 in their Ombuds capacity has been overwhelmingly positive, and I believe that they would make a great addition to the English Wikipedia's CheckUser team. And in reading the above discussion...I am concerned that there seems to be an idea that the Ombuds Commission shouldn't include active functionaries. The reason the Ombuds Commission has capacity and accuracy issues, to a large extent, is because it has so few experienced functionaries. Recusal or mixed responsibilities is minimal and does not affect capacity to the extent described above, especially in view of the added experience and understanding of CU processes that can benefit both the OC's function and enwiki's CU-ing. I also want to note, as it isn't stated clearly above, that the concerns discussed seem exclusively to be on the idea of functionaries being on the OC, rather than any specific feedback on JJMC89. Best, Vermont (🐿️—🏳️‍🌈) 04:06, 29 September 2022 (UTC)[reply]

  Thank you for your comment, Vermont. I won't address JJMC89's candidacy (or that of other candidates) because I have not worked closely enough with any of the candidates to formulate a useful opinion on their qualification for the role. I will, however, address the issue of the OC. I agree that it is a good thing for experienced functionaries to be part of the Ombuds Commission; in fact, I don't think the OC could function without them. I think if I was to express any concern, it would be that newly appointed English Wikipedia functionaries are expected to focus considerable time and energy on learning their new roles, and that could adversely affect their other roles, including membership on the OC. It is very important that English Wikipedia be well-represented on the OC, because our functionaries are collectively the heaviest users of CU and OS on any individual project; in fact, for most of the history of Wikimedia, English Wikipedia has been responsible for more than half of the CU and OS activities throughout the Wikimedia projects. (This isn't a sign of misuse, but is a reflection of the reality that this project is much more heavily targeted with abuse and problem editing compared to most other projects.) I find it somewhat reassuring that, despite the heavy use of tools on this project (comparatively speaking), AmandaNP reports that most OC matters do *not* involve English Wikipedia.

  From my personal perspective, I think it's important for the health of the English Wikipedia project and community that JJMC89 remains an active part of the OC, if for no other reason than to provide some wiki-specific cultural background to the rest of the Ombuds when they are reviewing a case - something that is still possible even though recused. Risker (talk) 05:28, 1 October 2022 (UTC)[reply]

• My following comment is made regarding some concerns I've had regarding problematic responsiveness and nuance by the Ombuds commission, especially in the opening months of this year. Now, as an individual member of the OC, JJMC shares a personal but reduced aspect there (that is, where no-one handles an issue, all members should have, but don't bear all the responsibility for such) - and comments from those with full vision, such as Vermont above, should certainly weight against the previous concern. However, I did believe it worth noting. Separately, I also accept Risker's points directly above. Nosebagbear (talk) 17:30, 2 October 2022 (UTC)[reply]
• Normally, I'd have no hesitation in saying that I'd support JJMC89 as CU, which I probably did last time. This time, there's been a couple of things to consider. We must first mention the /28 block which was in place near the start of the process. It's almost impossible to block a /28 with due diligence, and it should have raised a red flag if not immediately then with the first talk page comment about it. However, the explanation (a lack of diligence) was reasonable even if it wasn't desirable, the end result was satisfactory, and I'm not aware of this being a repeat problem. We also need to mention that Q6 was actually answered elsewhere, for some reason, and not above. Unlike some others, I don't see a properly managed COI on the OC as being any kind of problem. That COI needs to be worried about by the OC anyway, and not by us. On the plus side, JJMC89 has been clerking at SPI, and has been active at ACC since forever. I still lean towards support. -- zzuuzz ^(talk) 11:24, 5 October 2022 (UTC)[reply]

Firefly[edit]

Firefly (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)

Nomination statement

Hello! I'm applying for the CheckUser permission. I am a regular patrolling administrator at Sockpuppet Investigations and have a solid base of experience in handling SPI cases. I am confident pursuing both behavioural investigations and assessing freely-available technical information (e.g. IP owner and geolocation, peer-to-peer proxy flags). I would put the CU tool to use mostly at SPI but would also assist with the email queues, specfically the paid editing queue, as I am aware the bus factor for this queue is extremely low and it is in desperate need of more attention - I have experience detecting and combating UPE, so feel I could make myself useful there. I am aware of the technical constraints of the CheckUser tool and would not consider it a "magic sock detector" - CU results must always be assessed alongside other evidence.

Standard questions for all candidates (Firefly)[edit]

1. Please describe any relevant on-Wiki experience you have for this role.

   Much of my on-wiki work is in the field of SPI, and dealing with socking more generally; I have filed a number of SPIs, and investigated many more. I am comfortable reviewing even complex behavioural evidence to distinguish between actionable issues and "noise". Along the way I have made a fair few rangeblocks and have a solid understanding of IPv4 and v6, along with how to assess proxy flags and signatures. I am keenly aware that a growing portion of the work at SPI is dealing with sophisticated undisclosed paid editing organisations - I have solid experience detecting & combating such editing and would be keen to assist further by processing private evidence if selected as a CU.

2. Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

   I am a software engineer, and previously worked as an IT manager for various organisations - overseeing all aspects of small-to-medium sized networks. As such, I have long-term familiarity with networking concepts and Internet infrastructure (e.g. ASNs). In prior roles I was also often responsible for data protection, and so have experience handling sensitive data within tight regulatory requirements.

3. Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have VRTS permissions? If so, to which queues?

   No advanced permissions. I did hold VRT access (info-en and permissions), but my account was disabled for inactivity recently.

Questions for this candidate (Firefly)[edit]

Editors may ask a maximum of two questions per candidate.

1. Would you be willing to help on requests in the CheckUser queue at the account creation interface? -- LuK3 (Talk) 14:33, 26 September 2022 (UTC)[reply]

   Thanks for the question! I did help out at ACC in the dim and distant past, but am not familiar with current processes and procedures there. If there is a need for additional CU capacity at ACC I would be entirely happy to learn what I need to know to help out, but this study would take time. I wouldn't be an immediate capacity boost, as I wouldn't want to go rushing in to something I don't have good familiarity with. firefly ( t · c ) 15:09, 26 September 2022 (UTC)[reply]

2. Would you consider re-enabling your VRT account to assist with the CU queues there? — TheresNoTime (talk • they/them) 20:56, 26 September 2022 (UTC)[reply]

   Absolutely. I would definitely look to assist with the CU VRT queues as I know these are often under-staffed and rely on one or two people. firefly ( t · c ) 21:01, 26 September 2022 (UTC)[reply]

3. You mention that you are active in UPE work, what is the line between investigating UPE and investigating socks with CheckUser in your mind? -- Amanda (she/her) 05:48, 27 September 2022 (UTC)[reply]

   Thanks for the question Amanda. Undisclosed paid editing does not have to involve sockpuppetry, but in practice almost always does - in the simplest case, as there is a financial motive behind whatever editing the operator of the account is trying to achieve, they will try to evade a block in order to achieve their ends and get payment. However a fair amount of UPE is more sophisticated, involving whole farms of accounts operated by multiple people that are 'aged' to make them seem more legitimate (for a particularly complex example we have the Orangemoody case). In these cases CheckUser can be of limited utility, as the operators will often use novel proxies and/or work from disparate locations. There may well still be technical "tells" that can be used to connect accounts that are behaviourally linked, but it requires more work than simple sockpuppetry.

   I think all this ultimately distills down to: if a case involves a suspected undisclosed paid editing operation, weight behavioural evidence more highly and bear in mind the potential setup of such organisations when reviewing technical evidence. Conferring with CheckUsers experienced in detecting UPE would also be a solid idea. firefly ( t · c ) 08:15, 28 September 2022 (UTC)[reply]

4. Aside from suspecting sockpuppetry, what do you believe are standard criteria for applying an indef {{checkuserblock}} to an established user or long term multi-year {{checkuserblock}} to a busy mobile range? NYC Guru (talk) 05:11, 1 October 2022 (UTC)[reply]

   I think you mean {{checkuserblock-account}} for the account, but it's a minor difference for your question. -- Amanda (she/her) 08:21, 1 October 2022 (UTC)[reply]

   The {{checkuserblock}} series templates should be used where private technical evidence is used as the basis for a block. It marks that block as one that administrators should not loosen without consulting a CheckUser as they will not have access to the information used to place it (e.g. a range that looks completely unused anonymously may have multiple abusive sockpuppets using it). When blocking wide or busy ranges extreme care must be taken to avoid or limit collateral damage. In some cases it may be unavoidable - in such cases assigning the IP block exempt permission to affected users may be a solution. firefly ( t · c ) 10:37, 2 October 2022 (UTC)[reply]

5. I hope you'll excuse the outing, but I see you've launched. Can you talk briefly about how being in orbit will affect your checkuser experience, particularly regarding off-wiki and off-planet evidence? -- RoySmith (talk) 22:20, 1 October 2022 (UTC)[reply]

   Well I imagine that it'll be harder to keep track of the multiple browser tabs required for a check while being distracted by the views of the Earth from space, but I'll manage somehow. I'm not sure the Privacy Policy directly covers evidence derived from off-planet sources, such as that beamed into peoples' heads by telepathic aliens, but absent any specific guidance I think it should be treated in the same way as any other non-public information. We should probably find a way to document it however, perhaps using a memory engram recorder extension for cuwiki... firefly ( t · c ) 10:37, 2 October 2022 (UTC)[reply]

Comments (Firefly)[edit]

Comments may also be submitted to the Arbitration Committee privately by emailing arbcom-en-cwikimedia.org. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided.

• As a clerk, I've interacted with Firefly many times at SPI and have been impressed by their work as a patrolling admin. I think they would be an asset to SPI with the CU tools. Spicy (talk) 10:53, 26 September 2022 (UTC)[reply]
• Said it privately during funct consultation, will say it publicly too: Firefly has the temperament, technical knowledge, and willingness to learn that would make them an excellent addition to the functs. I acknowledge that they're a relatively new admin, but I trust them to stop and ask questions when needed. And then I will make them run the next check on this group in their first week. GeneralNotability (talk) 13:24, 26 September 2022 (UTC)[reply]
• Endorse. Spicy and GN have already said it, I've no concerns at all. -- ferret (talk) 13:53, 26 September 2022 (UTC)[reply]
• I've seen Firefly around on SPI. I haven't worked with them as much as I have with some other folks who help at SPI, but there's nothing I've seen which gives me any reason for concern. I understand some people are worried about him only being an admin for six months, but I'm totally fine with it. -- RoySmith (talk) 14:19, 26 September 2022 (UTC)[reply]
• Like Roy, I have limited experience with Firefly, but the work I've seen is good and he has the right temperament. A lot of this work is being willing to change your mind, and I think he can do that without ego getting in the way. Katie^talk 17:46, 26 September 2022 (UTC)[reply]
• Similiar to GeneralNotability, but without the making them run a check . Dreamy Jazz ^{talk to me | my contributions} 20:36, 26 September 2022 (UTC)[reply]

  I would respond to the below and say that except from IRC, which is a important part of arbitration clerk coordination, I'm not actively using those forums that are alluded to below and I would say that my support is not based primarily on any personal friendships. My support is primarily based on their on-wiki work at SPI and as an arbitration clerk. Dreamy Jazz ^{talk to me | my contributions} 11:08, 27 September 2022 (UTC)[reply]

• firefly's activities on (public) off-wiki discussion forums have convinced me that he has neither the temperament nor the tact to handle nonpublic information about other editors, and moreover that he might be careless in considering who can read what he writes. He might be an okay admin, but playground cliquishness has no place in closed and privacy-sensitive functionary work, in my opinion. I don't like to cast aspersions, but a recent policy change prevents me from giving any details. In the functs discussion, several people (rightly) disclosed that their support for firefly was based on personal friendship built in the same off-wiki cliques, so I'm disappointed to see that they haven't been as open about that here. – Joe (talk) 06:04, 27 September 2022 (UTC)[reply]

• Cliques, Cabals, you're on a roll. El_C 13:18, 27 September 2022 (UTC)[reply]

• Noting that my experiences with Firefly have been very positive, and I believe they would make a good addition to the CU team. In regards to Joe's comment above, I think Joe's description of his own comment as casting aspersions without evidence is accurate. Best, Vermont (🐿️—🏳️‍🌈) 04:16, 29 September 2022 (UTC)[reply]
• I likewise have strong concerns about Firefly's perennial friendliness, helpfulness, and openness to critique. Checkusers should strive to be aloof and standoffish whenever possible. /s -- Tamzin^{[cetacean needed]} (she|they|xe) 08:23, 2 October 2022 (UTC)[reply]
• I have limited experience with Firefly but I’ve seen them around using their admin tools and they've done good work. P.S. I’m not on Discord nor part of any off-wiki cliches, thank you. --Malcolmxl5 (talk) 12:10, 3 October 2022 (UTC)[reply]

  @Malcolmxl5 even being an on-wiki cliche is pretty fun, if you're willing to think outside of the box Nosebagbear (talk) 23:06, 5 October 2022 (UTC) [reply]

• I believe Firefly has the right stuff and will do well. Being a relatively new admin is not so much of a barrier, as long as they're prepared to learn, which I think is likely. I can't comment on any allegations of off-wiki shenanigans; I trust Arbcom will look at that. -- zzuuzz ^(talk) 11:02, 5 October 2022 (UTC)[reply]