1 |
On Thu, Sep 27, 2018 at 9:52 AM NP-Hardass <NP-Hardass@g.o> wrote: |
2 |
> |
3 |
> But that's really besides the point... The current status quo (as is the |
4 |
> case with me) is that a committer may be pseudonymous under the |
5 |
> condition that the Foundation have that individual's name in the event |
6 |
> of a copyright issue. So, I still don't understand how forcing everyone |
7 |
> to publicly use a real name achieves something that we aren't currently |
8 |
> achieving... Is that incorrect? |
9 |
|
10 |
Interesting point. |
11 |
|
12 |
If we were going to go down this road I'd still suggest that the |
13 |
Foundation have a policy on when the real names of contributors can be |
14 |
disclosed, either privately or publicly. If we were to use the |
15 |
defense that we have a statement from a contributor that they checked |
16 |
the copyright and it was ok, the first question somebody will respond |
17 |
with is, "who?" An answer of "we know who it is but can't tell |
18 |
anybody, even a court" probably isn't going to work. |
19 |
|
20 |
I think there are other arguments to be made against anonymity. |
21 |
You're hardly a list troll, but anonymity can breed this sort of |
22 |
thing. From a strictly copyright standpoint I don't see why the |
23 |
identity of contributors needs to be publicly disclosed, as long as it |
24 |
can be disclosed where legally necessary. Of course, if that is a |
25 |
court then depending on the jurisdiction it may become public anyway. |
26 |
Also, if we were going to go down this route then we also need to have |
27 |
better archives of such things, as trying to dig up some trustee email |
28 |
from 10 years ago is not the right solution. A secured repository of |
29 |
identities/etc would be better (the Foundation already has a place to |
30 |
store stuff like bank account details). |
31 |
|
32 |
Another practical argument against anonymity. If everybody agrees |
33 |
everything is public, then we don't have any personal information we |
34 |
need to protect under various privacy laws. As soon as we agree to |
35 |
keep some info private, then we potentially have obligations under |
36 |
such laws. Also, legally the Foundation is a US organization - so I'm |
37 |
not sure if things like the US-EU Safe Harbor provisions start to |
38 |
apply if we want to collect this sort of info from EU citizens. It is |
39 |
just a can of worms you can avoid simply by not hanging onto this kind |
40 |
of information. I believe that many of these privacy protections |
41 |
cannot be simply waived - we can't get some EU citizen to agree that |
42 |
they don't apply to us. If the laws apply then we need to follow |
43 |
them. Now, we're obviously not a big fish, so enforcement may never |
44 |
happen. Maybe compliance isn't burdensome - I only know enough about |
45 |
such things to know that I'd want to know more before going down that |
46 |
road... |
47 |
|
48 |
-- |
49 |
Rich |