1 |
The only thing that I can say is that obfuscating one's real identity could |
2 |
cause problems in the following areas: |
3 |
|
4 |
1. Accountability in terms of any problems caused, either by malice or |
5 |
incompetence. For analogy, using caller ID to trace someone who may or may |
6 |
not have been spoofing their ID |
7 |
2. copyright law, which is likely to be obvious in terms of grants or |
8 |
licenses, especially in the face of the GPL (of any version), and who owns |
9 |
which copyright can possibly be traced by the inclusion of real life |
10 |
identity. This also relates to point 1. |
11 |
3. people doing gentoo work on company time may well forfeit their |
12 |
copyright interest to their employer under "work for hire", depending on |
13 |
jurisdiction and/or what arrangements are made. Said employer may be able |
14 |
to veto the wishes of the actual author, and may have their own legal |
15 |
department/law firm on retainer, and have deeper legal pockets to sue with |
16 |
if they want to object. In my opinion, having a "paper trail" of sorts to |
17 |
follow is essential both to track down legal problems and discourage anyone |
18 |
from causing them, also in relation to points 1 and 2 above. |
19 |
|
20 |
The details of how this is achieved is of course up to the proper people, |
21 |
but my personal opinion is that requiring a linux kernel style "sign-off" |
22 |
that at a minimum includes the real, legal name of the author of the change |
23 |
being committed is an important part of the process that at a minimum makes |
24 |
sure that said author is involved in the process of accountability, |
25 |
especially if any problems arise from it (legal or technical or otherwise) |
26 |
|
27 |
On Tue, Apr 9, 2019 at 1:56 PM Rich Freeman <rich0@g.o> wrote: |
28 |
|
29 |
> On Tue, Apr 9, 2019 at 4:45 PM Alec Warner <antarus@g.o> wrote: |
30 |
> > |
31 |
> > That being said I don't intend to forge a policy that is bullet-proof. |
32 |
> If I cannot trust fellow project members to act well, they might as well |
33 |
> just leave the project now. |
34 |
> |
35 |
> ++ |
36 |
> |
37 |
> Ultimately if somebody with commit access wants to create trouble |
38 |
> there are a lot of things they can do that are far more harmful than |
39 |
> using a fake name. I think we just need to be reasonable. |
40 |
> |
41 |
> Usually the standard that is used in courts at least in the US is |
42 |
> reasonable care, and it has no hard definition, other than basically |
43 |
> being the amount of care a normal person would exercise to do the |
44 |
> right thing. If you want to find out whether something is or isn't |
45 |
> reasonable care the easiest way is to get sued, or sue somebody else, |
46 |
> and then after a few years you get an answer, and maybe a judgment. |
47 |
> |
48 |
> I think there are probably some legal benefits to requiring a real |
49 |
> name, but personally I think there are more benefits beyond that. I |
50 |
> think it tends to create a more professional atmosphere when people |
51 |
> are conversing with "Alec Warner" and not "Boaty McBoatface" or |
52 |
> whatever. Also, having some kind of reputational risk probably does |
53 |
> help cut down on the trolling somewhat. Maybe... |
54 |
> |
55 |
> If you wanted to put Gentoo on your resume would you really want a |
56 |
> potential employer to Google it and find articles by people like |
57 |
> "420forlife?" I think this sort of thing can help set the tone for |
58 |
> the community. |
59 |
> |
60 |
> That's just my opinion... |
61 |
> |
62 |
> -- |
63 |
> Rich |
64 |
> |
65 |
> |