Requests for Comment/User accounts and addresses

Hello, this is an RfC with multiple related proposals based on this discussion.

Please feel free to comment on proposals below, or add new ones. As usual, there is not really a minimum number of votes for RfCs to pass/fail, and it's usually the arguments taken into account not really just the number of 's or 's

Proposal 1
Open proxies (or similar networks, such as web hosts) that MAY be used abusively will be hard/auto blocked immediately, regardless of use, misuse, or even lack of use.

Support

 * History and experience tell me 90% of Open Proxy users are just there to show their destructive manner. The remaining 10% are given GIPBE. &mdash; revi  07:25, 9 January 2017 (UTC)
 * What is "GIPBE"? acronymfinder.com gives zero results for the term. --Robkelk (talk) 14:34, 10 January 2017 (UTC)
 * Global IP Block Exempt. &mdash; revi  14:51, 10 January 2017 (UTC)

Proposal 2
Open proxies (or similar networks, such as web hosts) that MAY be used abusively will be blocked immediately, regardless of use, misuse, or even lack of use; but registered users may continue to edit.

Support

 * I generally distrust open proxies, but think that users using them may be given a chance first. If there's a combination of decent use and abuse from an open proxy, the proxy should be blocked and users should be added to the global ip block exempt group. -- Cheers, NDKilla ( Talk • Contribs ) 03:42, 9 January 2017 (UTC)
 * many people have good intentions, but using open proxies. H1 (talk) 06:00, 9 January 2017 (UTC)
 * Open proxies don't have to be blocked immediately, but if there is a serious sign it will be misused, blocking them shouldn't be a problem. Southparkfan (talk) 16:48, 9 January 2017 (UTC)
 * I prefer registered users regardless of which IP they come from, however open proxies should still be carefully monitored. LulzKiller (talk) 18:19, 9 January 2017 (UTC)
 * Spammers will calmly throw away blocked accounts, create new ones, and continue spamming - blocking accounts is not an effective anti-spam measure. Blocking the open proxies that they use actually has an effect on reducing spam. --Robkelk (talk) 14:47, 10 January 2017 (UTC)
 * If you need to use an open proxy, creating an account shouldn't be a problem. Reception123 (talk) ( contribs  ) 14:27, 11 January 2017 (UTC)

Proposal 3
Open proxies will not be blocked immediately, but will be immediately blocked / hard blocked at the first sign of misuse/abuse, depending on whether the suspected abuser is anon or logged in.

Support

 * I prefer #2 above, but would be okay with this too. -- Cheers, NDKilla ( Talk • Contribs ) 03:42, 9 January 2017 (UTC)
 * at the first sign of misuse/abuse. And reduce steward to play block tools H1 (talk) 06:07, 9 January 2017 (UTC)
 * I really like this. --- DeltaQuad  (talk contribs email), 17:44, 9 January 2017 (UTC)

Proposal 4
Open proxies will not be blocked at all, but individual accounts will be globally blocked at the signs of abuse.

Support

 * Maybe disable block ip. H1 (talk) 06:08, 9 January 2017 (UTC)

Oppose

 * Spammers will calmly throw away blocked accounts, create new ones, and continue spamming - blocking accounts is not an effective anti-spam measure. Blocking the open proxies that they use actually has an effect on reducing spam. --Robkelk (talk) 14:50, 10 January 2017 (UTC)

Proposal 1
Accounts are not to be shared under any circumstances.

Support

 * per below -- Cheers, NDKilla ( Talk • Contribs ) 04:05, 9 January 2017 (UTC)
 * H1 (talk) 06:09, 9 January 2017 (UTC)
 * &mdash; revi  07:26, 9 January 2017 (UTC)
 * Sharing accounts removes the ability to track who made which contribution, which would put us in default of our standard CC:BY/SA license. --Robkelk (talk) 14:58, 10 January 2017 (UTC)

Oppose

 * Shared accounts should be allowed, as long as the sharing is publically declared on the global user page. Also, signatures should be different between the users to make edits easier to distinguish. --- DeltaQuad  (talk contribs email), 17:44, 9 January 2017 (UTC)
 * Logged actions cannot be differentiated. &mdash; revi  18:24, 9 January 2017 (UTC)

Proposal 2
User accounts may be shared.

Support

 * lgtm --Labster (talk) 03:51, 9 January 2017 (UTC)
 * Allow sharing if people desire it. Southparkfan (talk) 16:49, 9 January 2017 (UTC)
 * Per oppose vote on proposal 1 above. --- DeltaQuad  (talk contribs email), 17:44, 9 January 2017 (UTC)

Oppose

 * (Hypothetical) account A says 'revi sucks and he should die now' and they're blocked. Later he claims he shares account with B and the incident is B's. Still, we can't verify that. Maybe not that good example but I believe one account should be only used by one human behind the monitor. &mdash; revi  07:29, 9 January 2017 (UTC)
 * Who talks like that? hahahaa H1 (talk) 09:24, 9 January 2017 (UTC)
 * That's why there is (Hypothetical) in front of the page, if you can't guess. &mdash; revi  18:25, 9 January 2017 (UTC)


 * This makes it hard to reliably track contributions, and creates issues with permissions, among other things. -- Cheers, NDKilla ( Talk • Contribs ) 03:42, 9 January 2017 (UTC)
 * we can't lack contrib. per above. H1 (talk) 06:11, 9 January 2017 (UTC)

Proposal 3
Shared accounts may not be given any global permissions (only if proposal 2 passes above).

Support

 * Sounds very sane and logical.
 * Yes. H1 (talk) 06:12, 9 January 2017 (UTC)
 * If this won't pass, it is important to keep in mind that permissions should be revoked (due to abuse), regardless of the natural person who abused them. Southparkfan (talk) 16:48, 9 January 2017 (UTC)
 * If for some strange reason we allow account sharing, the people who share an account with elevated permissions would have no accountability in the use of those permissions - each could claim it was (one of the) other account user(s) who used an elevated tool. Lack of accountability is a Bad Thing. --Robkelk (talk) 14:52, 10 January 2017 (UTC)

Oppose

 * Any user account should be allowed to request global permissions, however more scrutiny should be given to shared accounts to make sure that all users are trustworthy. --- DeltaQuad  (talk contribs email), 17:44, 9 January 2017 (UTC)
 * Because I believe Proposal 2 must not pass. &mdash; revi  18:26, 9 January 2017 (UTC)

Proposal 4
When it comes to any kind of discussion or vote where community consensus is supposed to be determined, shared accounts or multiple accounts may be used to comment, but only one vote per IP address will count. (Whether or not any of the above pass.)

Comments

 * - I'm against the idea of performing a CheckUser on all voters, but I'm not against an idea to prevent abuse from multiple accounts (using the same IP address). Southparkfan (talk) 15:09, 10 January 2017 (UTC)

Support

 * Oppose shared accounts in general, but supporting this addition as a supplment to multiple accounts below. -- Cheers, NDKilla ( Talk • Contribs ) 03:42, 9 January 2017 (UTC)
 * - also for open proxies. Even with that, it is still easy enough to pretend you're someone else. Southparkfan (talk) 16:48, 9 January 2017 (UTC)
 * - This vote applies if shared accounts are allowed, as if they are; this would be paramount to avoid potential rigging. LulzKiller (talk) 18:18, 9 January 2017 (UTC)

Oppose

 * What if users open proxy. Use of multiple accounts but different people. H1 (talk) 09:27, 9 January 2017 (UTC)
 * Ensuring that there is only one vote per IP address would require multiple frequent CheckUsers for registered users. Privacy alert! --- DeltaQuad  (talk contribs email), 17:44, 9 January 2017 (UTC)
 * IP can be shared. Only one human being in charge of an account can ensure only one person can vote. &mdash; revi</tt>  18:27, 9 January 2017 (UTC)
 * For the same reasons as DeltaQuad. --Robkelk (talk) 14:56, 10 January 2017 (UTC)

Proposal 1
Multiple accounts are allowed but may be blocked on an individual basis on suspected abuse.

Support

 * per revi's comments on linked discussion. -- Cheers, NDKilla ( Talk • Contribs ) 03:42, 9 January 2017 (UTC)
 * My account (Revi) has extremely powerful permissions (sysadmin and admin@meta) and sometimes I believe even 2FA is not enough on some places. (And until late 2016 there was no 2FA) So I use Revi-alt for that purpose (logging in on unsecure environment). I also have a bot, but it's not working due to technical problems (and it's low priority). Use cases like this might be acceptable but I believe obvious socking is socking. (Note that this is pasted comment) &mdash; revi</tt>  07:32, 9 January 2017 (UTC)
 * H1 (talk) 09:30, 9 January 2017 (UTC)
 * Southparkfan (talk) 16:48, 9 January 2017 (UTC)

Proposal 2
Multiple accounts are allowed but all accounts besides the main one will be blocked upon misuse.

Support

 * Block depends on how bad the abuse is IMO. -- Cheers, NDKilla ( Talk • Contribs ) 03:42, 9 January 2017 (UTC)
 * SupportH1 (talk) 09:29, 9 January 2017 (UTC)

Proposal 3
Multiple accounts are not allowed.

Support

 * I see no need for one person to have multiple accounts. Also, if someone with elevated rights has multiple accounts, that person's transparency in dealing with ordinary editors is reduced. (Not everyone knows of the existence of the global user page, let alone reads it.) And, as NDKilla has already pointed out elsewhere in this RfC, this would make it difficult to track contributions reliably. --Robkelk (talk) 14:46, 10 January 2017 (UTC)

Oppose

 * Per revi's comments on the linked discussion. I like to use my accounts with lesser permissions when in public places. -- Cheers, NDKilla ( Talk • Contribs ) 03:42, 9 January 2017 (UTC)
 * H1 (talk) 09:28, 9 January 2017 (UTC)

Proposal 4
Multiple accounts may be individually blocked, or all accounts but the main one blocked upon misuse, depending on the pattern of misuse and how distributed it is. Bot accounts are considered separately in this policy, and may be maintained in addition to a main account unless they are also misused.

Proposal 5
Multiple accounts are allowed under all circumstances, and none of them will ever be blocked and/or locked unless CheckUser data confirms abuse. However, alternate account must be disclosed on the global user page at the least, and preferably each individual local user page as well.

Support
This is the ideal scenario. --- DeltaQuad  (talk contribs email), 17:40, 9 January 2017 (UTC)

Oppose

 * CU datas are easy to forge if you are knowledgable. It shouldn't be the only factor deciding whether or not it's a sock. &mdash; revi</tt>  22:13, 9 January 2017 (UTC)