This policy or procedure is maintained by the Wikimedia Foundation.
Please note that in the event of any differences in meaning or interpretation between the original English version of this content and a translation, the original English version takes precedence.
Access to the IP addresses of temporary accounts helps users protect the Wikimedia projects. This access is different from access to the IP Information tool, which was designed to empower a broader range of users. As a condition of access, users who have not agreed to the Access to nonpublic personal data policy must agree to the following guidelines.
Wikimedia projects are the collaborative product of a global community of volunteer users. The projects can be edited with or without logging into a Wikimedia account. Those who edit without logging into a Wikimedia account do so using a temporary account, which does not have log-in credentials.
The Wikimedia Foundation gives certain logged-in users access to the IP addresses of temporary accounts to enable these users to enforce or investigate potential violations of Wikimedia Foundation or user community-based policies. Access is used to fight vandalism and spamming, to check for sockpuppet abuse, and to limit disruption to Wikimedia projects.
Use and disclosure of temporary account IP addresses
Use of temporary account IP addresses is limited to certain circumstances and contexts. This section covers the situations in which these IP addresses may be used and when they may be disclosed.
Use of temporary account IP addresses
Access should not be used for political control, to apply pressure on editors, or as a threat against another editor in a content dispute. There must be a valid reason to investigate a temporary user. Note that using multiple temporary accounts is not forbidden, so long as they are not used in violation of policies (an example of a violation includes to evade blocks or bans).
Those with access to temporary account IP addresses are able to:
- Determine from which IP addresses a temporary account has performed edits or logged actions on a Wikimedia wiki.
This information is only stored for a short period (currently 90 days), so IP addresses used prior to that will not be shown. The IP addresses are accessible by clicking the reveal button next to a temporary account username on log, history, and recent changes pages. The IP addresses are also available through the IP Information tool.
This section is incomplete
Even if a user is violating policy, avoid revealing personal information if possible. Use temporary account usernames rather than disclose IP addresses directly, or give information such as same network/not same network or similar.
In the course of keeping the projects and other users safe, users may still need to disclose temporary account IP addresses to third parties. Permissible disclosures are limited to the following circumstances:
- Users with access to temporary account IP addresses may privately disclose the IP addresses to other users who have the same access rights. To check if a user has access, please confirm within the local project's Special:Log/rights page for the ip-viewer right.
- Users who have agreed to the separate Access to nonpublic personal data policy may also disclose temporary account IP addresses as permitted under that policy.
If temporary account IP addresses need to be disclosed in connection to a threat of imminent physical harm, immediately email emergencywikimedia.org with details of the request so that it can be evaluated for possible Foundation disclosure.
Minimum requirements for access
Access is available only to logged-in users. To gain access, users must fulfill the requirements applicable to their user group, which are outlined below. Users who are members of more than one of the below user groups only need to fulfill the requirements of one of their user groups. For example, a user who is both a steward and administrator only needs to fulfill the steward requirements, and a user who is both an administrator and a patroller only needs to fulfill the admin requirements.
Steward and CheckUser
Access is automatically granted to users who are members of the steward and checkuser user groups. These users are expected to treat the IP addresses consistent with the Access to nonpublic data policy.
Opt-in through Special:Preferences. Administrators (including global sysops) must then agree to use the IP addresses in accordance with these guidelines, solely for the investigation or prevention of vandalism, abuse, or other violations of Wikimedia Foundation or community policies.
Patrollers and other users
Users who are not a member of one of the above groups may nonetheless need access to the IP addresses of temporary accounts to assist in patrolling, sock puppet investigations, or other work to protect Wikimedia projects.
To request access, these users must:
- Opt-in through Special:Preferences,
- Agree to use the IP addresses in accordance with these guidelines, solely for the investigation or prevention of vandalism, abuse, or other violations of Wikimedia Foundation or community policies,
- Meet all of the following general requirements:[Note 1]
- User account is a minimum of 6 months old,
- User account has made a minimum of 300 edits to Wikimedia projects, and
- User account is not currently blocked from editing more than one Wikimedia project; if blocked on one project, that project cannot be the project where IP address access is requested.
- If there are local requirements applicable to the project, users must also:
- Meet all of the local requirements, and
- Submit a request on the project where access is needed.
When there are no local requirements, access is automatically granted for users who meet requirements 1–3. When there are local requirements, automatic access is disabled to allow the users associated with those projects to review requests.
Communities are encouraged to create local requirements. Local requirements must be more restrictive than the general requirements outlined in point three above.
Examples of more restrictive requirements
If local requirements have been created, they should be clearly outlined and include instructions on where users submit requests. Communities may choose to handle requests via an existing process or set up a new page. A configuration change must then be requested in order to disable the automatic access grant.
Communities can set higher requirements on their own, but exceptions to set lower requirements must be approved in writing by the Wikimedia Foundation Legal Department. To request an exception, please email privacywikimedia.org with an explanation and evidence of your community consensus on the matter.
Maintaining or removing access
In order to maintain access to the IP addresses of temporary accounts, users must edit or take a logged action at least once within a 365-day period and follow any local activity requirements.
Removal of access
Users may voluntarily give up their access at any time by visiting Special:Preferences.
To ensure accountability, a log is kept of which users have access to temporary account IP addresses.
- These general requirements are adapted from requirements traditionally used to determine eligibility to vote in the Board Elections.