Open main menu

The letter below is intended as a mechanism for quickly and helpfully responding to threats of harm by reporting such threats to appropriate law enforcement agencies. It is concise, direct and clear in its writing as well as being businesslike to ensure the reader can take quick and decisive action based on its contents.

To use this letter, copy and paste its contents into a blank email, copy the subject line, fill in the indicated blanks and send to an appropriate law enforcement agency (or agencies), CCed to the Wikimedia Foundation. Further instructions are below.


Form letterEdit

Subject: Threatening comments at [PROJECT] article on [ARTICLE SUBJECT]


Dear Sir or Madam,

I am a volunteer at [PROJECT] and am writing to report a possible threat of violence [or "threat to harm self"] against [TARGET if identifiable] by an anonymous user at IP address [EDITOR IP] in the article on [ARTICLE SUBJECT]. The threat was made at [DATE AND TIME OF THREAT] UTC and was displayed until [DATE AND TIME OF REMOVAL] UTC.
You can view the threat here: [LINK TO DIFF]
You can view the article here: [LINK TO ARTICLE]

The Wikimedia Foundation is the controlling entity of [PROJECT], and should be contacted if you have any questions. The Wikimedia Foundation may be reached by any of the following means:

Phone: (001) 415-839-6885
Fax: (001) 415-882-0495

Please include a copy of this letter in any correspondence to the Wikimedia Foundation to assist in identifying the specific issue. Thank you for your time.

CC: Wikimedia Foundation (


  1. Determine the appropriate law enforcement agency (LEA) (see below)
  2. Copy and paste the above letter into a blank email body and use the recommended subject line
  3. Replace the items in [square brackets] with the appropriate information, this includes:
    • URL to the Diff where the threat is made
    • Dates and times when the threat was made and reverted (can be copied/pasted from article history, always specify "UTC")
    • IP address of editor making threat, if available
  4. CC (not BCC)
  5. Send the email

Determining the appropriate LEAEdit

The most important step is to contact an LEA near the threat's point of origin. In the case of anonymous IPs, this can best be done by using an IP gelocation tool (such as this one). This method is preferred to WHOIS, which more often will give the address and location of a regional ISP office.

The first LEA contacted should be a national or federal-level organization in the country where the threat originated. These are more likely to have the personnel and experience to investigate online threats. Secondary choices would be regional LEAs or special LEAs which deal with computer crimes close to the threat's origin. In some cases, it would be advisable to contact additional LEAs organizationally close to or responsible for the target of the threat, such as when the target is a head of state or important infrastructure.

This is an incomplete list, please expand it as appropriate.

United StatesEdit

At all levels, the first LEA contacted should generally be the Federal Bureau of Investigation (FBI) field office closest to the origin of the threat. This page can help locate the field office responsible for a particular place.

The Internet Crime Complaint Center is another option, but does not provide a direct e-mail address to send complaints.

The United States Secret Service should be contacted if the target is a current or former United States President, Vice-President, candidate or member of their families.

Language concernsEdit

Localized version unavailableEdit

In the event that the best choice LEA is in a nation whose national language is not English, and a localized version is unavailable, you should choose the next best language. This may be a lingua franca or regional language, but may also include the national languages of that country's trade partners or allies.

A last resort would be to contact their diplomatic mission in your country, briefly explaining the situation and requesting that they contact the appropriate LEA. However, this may only be helpful when the threat directly affects their national security.

Threat may be overlookedEdit

Even if the threat is in a language you suspect the LEA will not be able to quickly translate, the language of this letter should be sufficient to clearly indicate that there is a threat. If you have identified the suspected target and source IP address and provided all the suggested links, the LEA should have everything necessary to conduct an investigation.

Providing a localized versionEdit

You can help improve the effectiveness of reporting threats by creating a version of this letter in your own language! It is important to keep in mind that the object should be language localisation as opposed to a direct translation. Thus, a proper version would be written using appropriate business and technical writing techniques for the target language.


Extended content

This letter follows a basic format for business correspondence. Above all, the most important thing is to be concise. The persons reading these messages most likely get thousands of messages every single day, and also very likely have hard and fast rules for messages they simply ignore.

Subject lineEdit

Essential in e-mail, advisable in other forms of correspondence.

Recipient's addressEdit

This is a feature of normal business correspondence. It tells the reader by whom this letter should be read. For example, if you were contacting the FBI, you should usually be writing to particular field office, but may be sending your e-mail to a general catch-all address. Or if reporting to a police department, it will likely go to a single departmental reporting address, where a receptionist will read it and try to forward it to a specific person.


Standard business correspondence issue when writing to an unidentified audience. If you are writing to a particular person, you should use something like "Dear Dr. Smith" or "Dear Ms. Jones". However, it is unlikely this will be the case.

First paragraphEdit

Direct and concise is key here. The reader needs to know who you are and why you're writing.

The first sentence identifies you to the reader, which is essential. Note that it doesn't say that you're an "editor" or "administrator"- unless you are employed by the Foundation, you are a volunteer. "Project" should be replaced by "English Wikipedia", "Simple English Wikipedia", "Wikimedia Commons"... whatever.

Next, you need to clearly identify why you are writing them. You should identify the target of the threat, where the threat was made, and who made the threat (by IP if available). The most important link to include is a diff to the addition of the threat, which will help the person handling the issue to identify the threat as quickly as possible. A link to the plain article may also be helpful.

However, you should directly say the date and time when the threat was introduced, using UTC. As a matter of courtesy, you might wish to convert it to the recipient's local time zone. This helps tell the recipient that this is a recent threat. Stating the time of revert helps tell the recipient that the threat was displayed for a specific amount of time- though strictly you might omit this.

It is also a good idea to put the links immediately before hard newlines (i.e., at the end of the paragraph). This is as a courtesy to those who cannot receive HTML emails, or whose email software does not automatically render URLs; it is far easier to copy and paste a URL like this. Plus it avoids the problem of interrupting the flow of text with a potentially-long URL.

Second paragraphEdit

The purpose of this paragraph is to tell the reader who they should contact if they have further questions. This generally is not going to be you- you're just blowing the whistle and more than likely don't have any specialized information beyond what you've said here.

It is important to include the Foundation's telephone number here as there are still a significant number of people who prefer telephone correspondence, especially with these sorts of issues.

It is also important to tell them to include a copy of the e-mail in any correspondence with the Foundation as, even if you've CC'd the Foundation, this will save time in identifying the problem at the Foundation's end.

Finally, always thank your reader for taking the time to read your e-mail.

Valediction and signatureEdit

In the US, "Sincerely" is a very standard valediction, though some may prefer "Yours faithfully" for cases where the recipient isn't known. This is mostly a stylistic choice, in my opinion.

Personally, I strongly suggest using your real name. This should add credibility that your username won't get you. Keep in mind that this letter won't get reposted all over Wikipedia, and if you don't use your username in the e-mail, you'll avoid giving anybody a way of connecting the two.

You should also include your email address. This assists the reader, especially if s/he only has access to a printout, in further corresponding with you should it be necessary.

Finally you should always CC the appropriate Foundation address and notify the reader that you have done so; this serves as a secondary reminder that the Foundation is a party to your letter and suggestion that they should contact the Foundation.