| 1 |
On 09/27/18 10:13, Rich Freeman wrote: |
| 2 |
> On Thu, Sep 27, 2018 at 9:52 AM NP-Hardass <NP-Hardass@g.o> wrote: |
| 3 |
>> |
| 4 |
>> But that's really besides the point... The current status quo (as is the |
| 5 |
>> case with me) is that a committer may be pseudonymous under the |
| 6 |
>> condition that the Foundation have that individual's name in the event |
| 7 |
>> of a copyright issue. So, I still don't understand how forcing everyone |
| 8 |
>> to publicly use a real name achieves something that we aren't currently |
| 9 |
>> achieving... Is that incorrect? |
| 10 |
> |
| 11 |
> Interesting point. |
| 12 |
> |
| 13 |
> If we were going to go down this road I'd still suggest that the |
| 14 |
> Foundation have a policy on when the real names of contributors can be |
| 15 |
> disclosed, either privately or publicly. If we were to use the |
| 16 |
> defense that we have a statement from a contributor that they checked |
| 17 |
> the copyright and it was ok, the first question somebody will respond |
| 18 |
> with is, "who?" An answer of "we know who it is but can't tell |
| 19 |
> anybody, even a court" probably isn't going to work. |
| 20 |
> |
| 21 |
> I think there are other arguments to be made against anonymity. |
| 22 |
> You're hardly a list troll, but anonymity can breed this sort of |
| 23 |
> thing. From a strictly copyright standpoint I don't see why the |
| 24 |
> identity of contributors needs to be publicly disclosed, as long as it |
| 25 |
> can be disclosed where legally necessary. Of course, if that is a |
| 26 |
> court then depending on the jurisdiction it may become public anyway. |
| 27 |
> Also, if we were going to go down this route then we also need to have |
| 28 |
> better archives of such things, as trying to dig up some trustee email |
| 29 |
> from 10 years ago is not the right solution. A secured repository of |
| 30 |
> identities/etc would be better (the Foundation already has a place to |
| 31 |
> store stuff like bank account details). |
| 32 |
> |
| 33 |
> Another practical argument against anonymity. If everybody agrees |
| 34 |
> everything is public, then we don't have any personal information we |
| 35 |
> need to protect under various privacy laws. As soon as we agree to |
| 36 |
> keep some info private, then we potentially have obligations under |
| 37 |
> such laws. Also, legally the Foundation is a US organization - so I'm |
| 38 |
> not sure if things like the US-EU Safe Harbor provisions start to |
| 39 |
> apply if we want to collect this sort of info from EU citizens. It is |
| 40 |
> just a can of worms you can avoid simply by not hanging onto this kind |
| 41 |
> of information. I believe that many of these privacy protections |
| 42 |
> cannot be simply waived - we can't get some EU citizen to agree that |
| 43 |
> they don't apply to us. If the laws apply then we need to follow |
| 44 |
> them. Now, we're obviously not a big fish, so enforcement may never |
| 45 |
> happen. Maybe compliance isn't burdensome - I only know enough about |
| 46 |
> such things to know that I'd want to know more before going down that |
| 47 |
> road... |
| 48 |
> |
| 49 |
|
| 50 |
We should just publish all e-mail addresses (including those explicitly |
| 51 |
marked to not publish), all private messages, and all IP adresses of |
| 52 |
every forum, wiki, github, telegram, slack, discord, zulip, facebook, |
| 53 |
google+, twitter, and reddit user that any Gentoo account has access to, |
| 54 |
and a full archive of the -core list (which is expressly not public), |
| 55 |
and all information stored in Gentoo's LDAP, and private wikis, and all |
| 56 |
mailing list subscribers who have not actually posted to the list(s) to |
| 57 |
which they are subscribed because... you think that it might be more |
| 58 |
convenient for you? Are you sure that is a road that you want to go |
| 59 |
down? Because that seems, to put it gently, completely insane. |
| 60 |
|
| 61 |
Before you plead strawman, consider that your claim is that retaining |
| 62 |
any private information is too problematic. Gentoo already retains |
| 63 |
private information, where and as it is useful. Gentoo is not likely to |
| 64 |
stop retaining such information to at least some extent, given that some |
| 65 |
of it is necessary for fairly basic functions. Gentoo is not well served |
| 66 |
by pointless double standards, not that anyone is. |
| 67 |
|
| 68 |
Actively dissuading developers who would, for whatever reason, prefer to |
| 69 |
use an identifier that is not their legal name seems counterproductive |
| 70 |
given the apparent constant search for additional contributors. |
Archives