| 1 |
On 09/27/2018 10:13 AM, Rich Freeman wrote: |
| 2 |
> On Thu, Sep 27, 2018 at 9:52 AM NP-Hardass <NP-Hardass@g.o> wrote: |
| 3 |
>> |
| 4 |
>> But that's really besides the point... The current status quo (as is the |
| 5 |
>> case with me) is that a committer may be pseudonymous under the |
| 6 |
>> condition that the Foundation have that individual's name in the event |
| 7 |
>> of a copyright issue. So, I still don't understand how forcing everyone |
| 8 |
>> to publicly use a real name achieves something that we aren't currently |
| 9 |
>> achieving... Is that incorrect? |
| 10 |
> |
| 11 |
> Interesting point. |
| 12 |
> |
| 13 |
> If we were going to go down this road I'd still suggest that the |
| 14 |
> Foundation have a policy on when the real names of contributors can be |
| 15 |
> disclosed, either privately or publicly. If we were to use the |
| 16 |
> defense that we have a statement from a contributor that they checked |
| 17 |
> the copyright and it was ok, the first question somebody will respond |
| 18 |
> with is, "who?" An answer of "we know who it is but can't tell |
| 19 |
> anybody, even a court" probably isn't going to work. |
| 20 |
> |
| 21 |
> I think there are other arguments to be made against anonymity. |
| 22 |
> You're hardly a list troll, but anonymity can breed this sort of |
| 23 |
> thing. From a strictly copyright standpoint I don't see why the |
| 24 |
> identity of contributors needs to be publicly disclosed, as long as it |
| 25 |
> can be disclosed where legally necessary. Of course, if that is a |
| 26 |
> court then depending on the jurisdiction it may become public anyway. |
| 27 |
> Also, if we were going to go down this route then we also need to have |
| 28 |
> better archives of such things, as trying to dig up some trustee email |
| 29 |
> from 10 years ago is not the right solution. A secured repository of |
| 30 |
> identities/etc would be better (the Foundation already has a place to |
| 31 |
> store stuff like bank account details). |
| 32 |
> |
| 33 |
> Another practical argument against anonymity. If everybody agrees |
| 34 |
> everything is public, then we don't have any personal information we |
| 35 |
> need to protect under various privacy laws. As soon as we agree to |
| 36 |
> keep some info private, then we potentially have obligations under |
| 37 |
> such laws. Also, legally the Foundation is a US organization - so I'm |
| 38 |
> not sure if things like the US-EU Safe Harbor provisions start to |
| 39 |
> apply if we want to collect this sort of info from EU citizens. It is |
| 40 |
> just a can of worms you can avoid simply by not hanging onto this kind |
| 41 |
> of information. I believe that many of these privacy protections |
| 42 |
> cannot be simply waived - we can't get some EU citizen to agree that |
| 43 |
> they don't apply to us. If the laws apply then we need to follow |
| 44 |
> them. Now, we're obviously not a big fish, so enforcement may never |
| 45 |
> happen. Maybe compliance isn't burdensome - I only know enough about |
| 46 |
> such things to know that I'd want to know more before going down that |
| 47 |
> road... |
| 48 |
> |
| 49 |
|
| 50 |
But enforcing committers only to be named doesn't really avoid the |
| 51 |
issues you are espousing wrt copyright issues... All it does is give you |
| 52 |
someone to blame (who isn't the perpetrator of the copyright violation). |
| 53 |
Any random person can submit code under the new proposed copyright |
| 54 |
policy, and as long as they aren't making a commit, there is no force |
| 55 |
for using a real name. |
| 56 |
|
| 57 |
So, unless we are outlawing all anonymous and pseudonymous contributions |
| 58 |
of any sort (authorship, not just a commit), there is really no point in |
| 59 |
forcing committers to be publicly named. |
| 60 |
|
| 61 |
-- |
| 62 |
NP-Hardass |
Archives