1 |
On 09/27/2018 10:13 AM, Rich Freeman wrote: |
2 |
> On Thu, Sep 27, 2018 at 9:52 AM NP-Hardass <NP-Hardass@g.o> wrote: |
3 |
>> |
4 |
>> But that's really besides the point... The current status quo (as is the |
5 |
>> case with me) is that a committer may be pseudonymous under the |
6 |
>> condition that the Foundation have that individual's name in the event |
7 |
>> of a copyright issue. So, I still don't understand how forcing everyone |
8 |
>> to publicly use a real name achieves something that we aren't currently |
9 |
>> achieving... Is that incorrect? |
10 |
> |
11 |
> Interesting point. |
12 |
> |
13 |
> If we were going to go down this road I'd still suggest that the |
14 |
> Foundation have a policy on when the real names of contributors can be |
15 |
> disclosed, either privately or publicly. If we were to use the |
16 |
> defense that we have a statement from a contributor that they checked |
17 |
> the copyright and it was ok, the first question somebody will respond |
18 |
> with is, "who?" An answer of "we know who it is but can't tell |
19 |
> anybody, even a court" probably isn't going to work. |
20 |
> |
21 |
> I think there are other arguments to be made against anonymity. |
22 |
> You're hardly a list troll, but anonymity can breed this sort of |
23 |
> thing. From a strictly copyright standpoint I don't see why the |
24 |
> identity of contributors needs to be publicly disclosed, as long as it |
25 |
> can be disclosed where legally necessary. Of course, if that is a |
26 |
> court then depending on the jurisdiction it may become public anyway. |
27 |
> Also, if we were going to go down this route then we also need to have |
28 |
> better archives of such things, as trying to dig up some trustee email |
29 |
> from 10 years ago is not the right solution. A secured repository of |
30 |
> identities/etc would be better (the Foundation already has a place to |
31 |
> store stuff like bank account details). |
32 |
> |
33 |
> Another practical argument against anonymity. If everybody agrees |
34 |
> everything is public, then we don't have any personal information we |
35 |
> need to protect under various privacy laws. As soon as we agree to |
36 |
> keep some info private, then we potentially have obligations under |
37 |
> such laws. Also, legally the Foundation is a US organization - so I'm |
38 |
> not sure if things like the US-EU Safe Harbor provisions start to |
39 |
> apply if we want to collect this sort of info from EU citizens. It is |
40 |
> just a can of worms you can avoid simply by not hanging onto this kind |
41 |
> of information. I believe that many of these privacy protections |
42 |
> cannot be simply waived - we can't get some EU citizen to agree that |
43 |
> they don't apply to us. If the laws apply then we need to follow |
44 |
> them. Now, we're obviously not a big fish, so enforcement may never |
45 |
> happen. Maybe compliance isn't burdensome - I only know enough about |
46 |
> such things to know that I'd want to know more before going down that |
47 |
> road... |
48 |
> |
49 |
|
50 |
But enforcing committers only to be named doesn't really avoid the |
51 |
issues you are espousing wrt copyright issues... All it does is give you |
52 |
someone to blame (who isn't the perpetrator of the copyright violation). |
53 |
Any random person can submit code under the new proposed copyright |
54 |
policy, and as long as they aren't making a commit, there is no force |
55 |
for using a real name. |
56 |
|
57 |
So, unless we are outlawing all anonymous and pseudonymous contributions |
58 |
of any sort (authorship, not just a commit), there is really no point in |
59 |
forcing committers to be publicly named. |
60 |
|
61 |
-- |
62 |
NP-Hardass |