Background
The IP access policy can be read here: https://foundation.wikimedia.org/wiki/Policy:Access_to_temporary_account_IP_addresses
Who can see IP addresses automatically
It states that some groups of users may have access to see IP addresses without opting in (stewards and checkusers at the time of writing).
AbuseFilter exposes IP addresses of logged-in users to certain users. We'd like to know whether this is consistent with the policy.
How long are IP addresses stored?
The policy also states that IP addresses are stored for a short duration (90 days at the time of writing).
AbuseFilter has a maintenance script for purging IP address data. We'd like to know if this is run consistently with the policy.
What we'd like to know
- Which user groups can see IP addresses of registered users via AbuseFilter?
- Do we need any permissions changes to be consistent with the policy?
- How regularly is maintenance/PurgeOldLogIPData.php run?
- How long does AbuseFilter keep IP data for?