Re: Code of Conduct: Let's revamp it.

From: jonsmirl@xxxxxxxxx
Date: Fri Sep 28 2018 - 15:38:53 EST


On Fri, Sep 28, 2018 at 11:56 AM Alan Cox <gnomes@xxxxxxxxxxxxxxxxxxx> wrote:
>
> > Well, then I have to repeat myself: Signed-off source code (in form of
> > patches) in a well-known programming language for a (nowadays)
> > well-known GPLv2 licensed project mailed on "everyone can subscribe"
> > mailinglists, (thus) to be found in several $SEARCH_ENGINE-indexed
> > mailinglist archives, if accepted to be found in lots of publicly
> > accessible git repos can be not intended to be published?
> >
> > I wonder what else must happen.
>
> There is a bigger problem in the ambiguity.

Alan, I think there is much wisdom in the Linux community writing
their own CoC. This CoC would go through the same RFC process that any
kernel commit goes through and be discussed on LKML. I fully expect
this CoC would contain many of the concepts from Contributors Covenant
but as an independently developed document it would not bring external
baggage into the community. The kernel community is full of very smart
people and has access to fine lawyers. Developing a Linux specific CoC
that expresses the community's views, is compatible with laws in the
varied countries and which respects the GPL is a worthy goal.


>
> It's easy to deal with signed off by lines because I had the sense to
> make sure that the DCO covered us for EU data protection and thus it's
> explicit.
>
> It's relatively easy to deal with the case of 'I contributed some code'.
>
> It's really not at all obvious what happens with 'I got some code from
> another project that contains it's authors name'.
>
> The wording IMHO just needs tightening up - and that's a useful
> discussion that ought to he bad. I tihnk everyone understands the *inent*
> of such wording - don't go around doxing people, or posting their home
> address on facebook and calling for people to attend with pitchforks.
>
> There's a second related area that needs sorting out in wording which is
> the implication of any kind of privacy in a complaint - which is really
> bad in two ways
>
> As it is set up now the tab is not a lawyer so the tab could not claim
> any kind of legal privilege. That means in the event of a complaint the
> tab would be powerless not to release almost all the info in the
> complaint if hit by a data protectin request in many jurisdictions. Sure
> they'd have to (and be required to) remove some of the information that
> might identify the complainant.
>
> Secondly one thing that we've learned repeatedly (and notably from the
> church scandals) is that there are some complaints that should upon
> receipt be handed directly to law enforcement, but there is no carve out
> for this.
>
> The other issue is that whoever handles any complaint system needs a
> budget and lawyers because they will potentially have to field judicial
> reviews and other challenges. That means the TAB needs to have
> exemplary record keeping and process because anyone who stands up in a
> legal challenge and says 'Umm.. we read it and talked about it and kind
> of decided X but I don't remember why and there are no minutes and there
> is on process document' is going to get fried. Someone needs to have that
> process in place well in advance.
>
> Alan



--
Jon Smirl
jonsmirl@xxxxxxxxx