| 1 |
On 15/01/17 19:23, Michał Górny wrote: |
| 2 |
> Hello, everyone. |
| 3 |
> |
| 4 |
> Since the things around ComRel seem to have cooled down a bit, I think |
| 5 |
> we can now start a serious discussion on how disciplinary action |
| 6 |
> handling could be improved. While the recent complaints were focused on |
| 7 |
> ComRel, I would like to take a more generic approach since ComRel is |
| 8 |
> not the only body in Gentoo capable of disciplinary action. |
| 9 |
> |
| 10 |
> Therefore, I'd like my proposal to concern all cases of disciplinary |
| 11 |
> action, involving but not limited to: ComRel, QA, Forum moderators, IRC |
| 12 |
> moderators, Wiki admins and any other entity capable of enforcing |
| 13 |
> a disciplinary action against developers and users. |
| 14 |
> |
| 15 |
> Note: throughout the mail 'users' include all people involved on |
| 16 |
> the Gentoo communication channels, developers, users, bystanders |
| 17 |
> and bots alike. |
| 18 |
> |
| 19 |
> |
| 20 |
> Problems |
| 21 |
> -------- |
| 22 |
> 1. Lack of transparency (this seems to be improving but I don't think |
| 23 |
> we have a proper rules for that), that causes two issues: |
| 24 |
> |
| 25 |
> a. Users indirectly involved in disciplinary action are unaware of it |
| 26 |
> which causes unnecessary confusion. Example: user is unaware that |
| 27 |
> a person is banned from Bugzilla, and incorrectly assumes that |
| 28 |
> the developer or user does not wish to reply to him. |
| 29 |
> |
| 30 |
> b. Users presume disciplinary bodies attempt to hide their actions |
| 31 |
> which unnecessary builds tension and accusations. This becomes worse |
| 32 |
> when the subjects of those actions are the only sides speaking upon |
| 33 |
> the matter, and spreading false information. |
| 34 |
> |
| 35 |
> 2. Unclear appeal procedure (outside ComRel). For example, users that |
| 36 |
> get banned on IRC don't have a clear suggestion on where to appeal to |
| 37 |
> a particular decision, or whether there is any appeal possible at all. |
| 38 |
> |
| 39 |
> 3. Lack of supervision. Likewise, most of teams capable of some degree |
| 40 |
> of disciplinary action are not supervised by any other body in Gentoo, |
| 41 |
> some not even indirectly. |
| 42 |
> |
| 43 |
> 4. Lack of cooperation. Most of disciplinary teams in Gentoo operate |
| 44 |
> in complete isolation. Users affected by disciplinary actions |
| 45 |
> sometimes simply switch to another channel and continue their bad |
| 46 |
> behavior under another disciplinary team. |
| 47 |
> |
| 48 |
> |
| 49 |
> In this proposal, I'd like to discuss introducing a few simple rules |
| 50 |
> that would be binding to all teams capable of enforcing a disciplinary |
| 51 |
> actions, and that aim to improve the current situation. My proposed |
| 52 |
> rules are: |
| 53 |
> |
| 54 |
> |
| 55 |
> 1. Secrecy |
| 56 |
> ---------- |
| 57 |
> Due to the nature of disciplinary affairs, the teams involved |
| 58 |
> in performing them are obliged to retain secrecy of the information |
| 59 |
> gathered. This includes both collected material (logs, messages, etc.) |
| 60 |
> and names of the individuals providing them. |
| 61 |
> |
| 62 |
> All the sensitive information involving disciplinary affairs can be |
| 63 |
> *securely* passed only to other members of the disciplinary team |
| 64 |
> involved in the affair and the current Council members, upon legitimate |
| 65 |
> request. The obtained information should also be stored securely. |
| 66 |
> |
| 67 |
> It is only necessary for a single member of the disciplinary team to |
| 68 |
> store the information (or to use a single collective store). |
| 69 |
> The Council members should remove all obtained information after |
| 70 |
> the appeal/audit. |
| 71 |
> |
| 72 |
> It should be noted that an unauthorized disclosure of sensitive |
| 73 |
> information by any party involved would be a base for a strong |
| 74 |
> disciplinary action. |
| 75 |
> |
| 76 |
> Rationale: |
| 77 |
> |
| 78 |
> a. The collected material sometimes contains various bits of private |
| 79 |
> information whose disclosure is completely unnecessary and would only |
| 80 |
> unnecessarily violate individual's privacy. Gentoo ought to respect |
| 81 |
> privacy of users, and do not invade it without necessity. |
| 82 |
> |
| 83 |
> b. Publishing names of individuals involved in a disciplinary action |
| 84 |
> could encourage the subjects to seek revenge. While keeping them secret |
| 85 |
> often does not prevent it (or even worse, causes the individuals to |
| 86 |
> seek revenge on larger group of people), we ought not to encourage |
| 87 |
> it. |
| 88 |
> |
| 89 |
> |
| 90 |
> 2. Transparency |
| 91 |
> --------------- |
| 92 |
> Any disciplinary action should be announced by the team in a manner |
| 93 |
> specific to the appropriate media where the measure applies. |
| 94 |
> The announcement should be visible to all users of that media, |
| 95 |
> and contains: |
| 96 |
> |
| 97 |
> - the name of the user to whom the measure applies, |
| 98 |
> |
| 99 |
> - the description and length of the measure applied. |
| 100 |
> |
| 101 |
> For example, a ban on a mailing list could be announced to the mailing |
| 102 |
> list in question. A ban on Bugzilla could involve adding appropriate |
| 103 |
> note to the user's name, so that all other users see that he can't |
| 104 |
> respond at the time. A ban on IRC could be stored e.g. on wiki page, |
| 105 |
> or noted on a bug. |
| 106 |
> |
| 107 |
> Furthermore, any disciplinary action must be reported to the Council. |
| 108 |
> The reporting is done through a bug that is opened at the first |
| 109 |
> disciplinary measure inflicted on a user, and reused at any following |
| 110 |
> measures. It should contain the information listed above, and have |
| 111 |
> the Council in CC. No private information should be ever included |
| 112 |
> in the bug. |
| 113 |
> |
| 114 |
> Rationale: |
| 115 |
> |
| 116 |
> a. As noted above, the disciplinary measure often affect more users |
| 117 |
> than the subject of the action. It is therefore most advisable to |
| 118 |
> notice them of the action (i.e. that they can't expect the particular |
| 119 |
> user to reply) and their length, while protecting as much privacy as |
| 120 |
> possible. |
| 121 |
> |
| 122 |
> b. It is also beneficial for the subject of the action to have |
| 123 |
> a publicly visible note of the measure applied, and clear statement of |
| 124 |
> its length. |
| 125 |
> |
| 126 |
> c. Opening bugs for all disciplinary actions helps teams keep track of |
| 127 |
> them and their durations, note repeated offenders and finally report |
| 128 |
> all actions to the Council for auditing purposes. |
| 129 |
> |
| 130 |
> |
| 131 |
> 3. Appeal |
| 132 |
> --------- |
| 133 |
> All disciplinary decisions (both actions and refusals to perform |
| 134 |
> action) can be appealed to the Council. In this case, the disciplinary |
| 135 |
> team is obliged to securely pass all material collected to the Council. |
| 136 |
> The Council can either support, modify or dismiss the decision |
| 137 |
> entirely. There is no further appeal. |
| 138 |
> |
| 139 |
> It should be noted that the disciplinary actions must not prevent |
| 140 |
> the appeal from being filed. |
| 141 |
> |
| 142 |
> Rationale: |
| 143 |
> |
| 144 |
> a. Having a single body to handle all appeals makes the procedures |
| 145 |
> simpler to our users and more consistent. This also guarantees that |
| 146 |
> all measures can be appealed exactly once, and no channels are |
| 147 |
> privileged. |
| 148 |
> |
| 149 |
> b. The Council is currently the highest body elected by Gentoo |
| 150 |
> developers with the trust of being able to handle appeals from ComRel |
| 151 |
> decisions. It seems reasonable to extend that to all disciplinary |
| 152 |
> decisions in Gentoo. |
| 153 |
> |
| 154 |
> |
| 155 |
> 4. Supervision |
| 156 |
> -------------- |
| 157 |
> At the same time, Council is assumed to supervise all disciplinary |
| 158 |
> affairs in Gentoo. As noted in 2., all decisions made are reported to |
| 159 |
> the Council for auditing. Those reports combined with appeals should |
| 160 |
> allow the Council to notice any suspicious behavior from particular |
| 161 |
> disciplinary teams. |
| 162 |
> |
| 163 |
> For the necessity of audit, the disciplinary teams should retain all |
| 164 |
> material supporting their disciplinary audit in a secure manner, |
| 165 |
> throughout the time of the disciplinary action and at least half a year |
| 166 |
> past it. The Council can request all this information to audit |
| 167 |
> the behavior of a particular team and/or its member. |
| 168 |
> |
| 169 |
> Rationale: |
| 170 |
> |
| 171 |
> a. Having a proper auditing procedure in place is necessary to improve |
| 172 |
> the trust our users put in our disciplinary teams. It should discourage |
| 173 |
> any members of our disciplinary teams from attempting to abuse their |
| 174 |
> privileges, and help discover that quickly if it actually happens. |
| 175 |
> |
| 176 |
> b. The necessity of storing information supporting disciplinary |
| 177 |
> decisions is helpful both for the purpose of auditing as well as for |
| 178 |
> (potentially late) appeals. Keeping old information is necessary to |
| 179 |
> support stronger decisions made for repeat offenders. |
| 180 |
> |
| 181 |
> |
| 182 |
> 5. Cooperation |
| 183 |
> -------------- |
| 184 |
> While it is not strictly necessary for different disciplinary teams to |
| 185 |
> cooperate, in some cases it could be useful to handle troublemakers |
| 186 |
> more efficiently across different channels. |
| 187 |
> |
| 188 |
> Since all disciplinary actions are published, a team may notice that |
| 189 |
> another team has enforced a disciplinary action on their user. This |
| 190 |
> could be used as a suggestion that the user is a potential troublemaker |
| 191 |
> but the team must collect the evidence of wrongdoing in their own |
| 192 |
> channel before enforcing any action. It should be noted that |
| 193 |
> disciplinary teams are not allowed to exchange private information. |
| 194 |
> |
| 195 |
> When multiple teams inflict disciplinary actions on the same user, they |
| 196 |
> can request the Council to consider issuing a cross-channel Gentoo |
| 197 |
> disciplinary action. In this case, the Council requests material from |
| 198 |
> all involved teams (alike when auditing) and may request a consistent |
| 199 |
> disciplinary action from all disciplinary teams in Gentoo. |
| 200 |
> |
| 201 |
> Rationale: |
| 202 |
> |
| 203 |
> a. Under normal circumstances, a bad behavior on one communication |
| 204 |
> channel should not prevent the user from contributing on another. |
| 205 |
> However, we should have a more efficient procedure to handle the case |
| 206 |
> when user is a repeating troublemaker and moves from one channel to |
| 207 |
> another. |
| 208 |
> |
| 209 |
> b. Preventing information exchange serves the purpose of protecting |
| 210 |
> users' privacy. The access to sensitive information should be |
| 211 |
> restricted as narrowly as possible. Disciplinary teams should perform |
| 212 |
> decisions autonomously to prevent corruption of one team resulting |
| 213 |
> in unnecessary actions from another. |
| 214 |
> |
| 215 |
> |
| 216 |
> Migration |
| 217 |
> --------- |
| 218 |
> It would seem unreasonable to request all disciplinary teams to either |
| 219 |
> report all their past decisions right now, or to lift them immediately. |
| 220 |
> However, if this policy is accepted, all teams would be obliged to |
| 221 |
> follow it for any further decisions. |
| 222 |
> |
| 223 |
> It would also be recommended for teams to appropriate update at least |
| 224 |
> recent decisions or those that are brought up again (e.g. via appeal or |
| 225 |
> repeat offense). |
| 226 |
> |
| 227 |
> |
| 228 |
> What do you think? |
| 229 |
> |
| 230 |
I think this looks good Michal, and thank you for putting it together. A |
| 231 |
clear and concise policy makes it a lot easier for people to understand |
| 232 |
when they have done something wrong (possibly even unknowingly) and the |
| 233 |
consequences of it. Having such a policy helps all parties involved to |
| 234 |
know what is expected of them, and what should be expected at all points |
| 235 |
in the process. |
| 236 |
|
| 237 |
I commend the idea of having a more consistent policy across different |
| 238 |
mediums, and some means for teams to interact and co-ordinate better. It |
| 239 |
is perfectly reasonable to anticipate that actions on one medium may not |
| 240 |
necessarily manifest themselves on another, and as such, any action and |
| 241 |
its impact should be independently assessed. |
Archives