-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi,
Some confusion has come to light about a published expulsion procedure[1]
and whether it is what DAMs themselves follow for the suspension or
revocation of Debian membership. While that is the procedure that Debian
Members can use to force DAMs to consider taking action on a member, DAMs
can and do take action independently.
In the past such action has been rare and that is a good thing. But we have
also heard Developers' concerns about transparency and expectations, and
although we will still deal with cases on their individual merits we feel
this is an appropriate time to set out some expectations and background.
This is the status quo as it has been for some time, plus input from recent
feedback - for which we have been grateful. It is more a description of
possibilities rather than a linear process; removing membership from a
developer is still a last resort for us.
# Background
According to the constitution, DAMs are delegated by the DPL and are
responsible for membership in Debian. DAM actions are taken with the goal
of keeping membership status aligned with majority project expectations.
DAM is not the team in charge of mediation or conflict resolution. Keeping
Debian a good and sustainable space to work in is the responsibility of the
whole community, with the anti-harassment team being the default contact
point when issues arise.
DAM intervenes on membership when all else has failed, and it becomes
evident that a Developer/Maintainer is not being a constructive member of
the Debian community. We expect people to take issues raised to them
seriously: they should not wait until DAM intervenes to acknowledge that
there is a problem.
# How DAMs take non-routine action
## Starting a discussion
If individual members or teams feel like a person's behaviour is harming
Debian, other Debian contributors, or other people in Debian's name or
using Debian's infrastructure, they can bring the issue to DAM by sending
an email to <da-manager@debian.org>.
DAM will treat reported issues with all possible confidence[2].
We do find it helpful to receive information we can use to evaluate the
situation (for example, previous mediation or conflict resolution attempts,
traces of issues being raised, and warnings sent). However, that should not
be a barrier to talking to us if there is a genuine problem unfolding.
There is no further formal requirement to initiate a discussion.
DAMs may also decide to take action on an issue that they witnessed
themselves, without waiting for others to initiate the procedure.
## Taking a decision
All DAM decisions are discussed within the team, and resolutions are made
by general consent.
When making a statement or decision we consider (depending on the case) the
Debian Social Contract, Debian Machine Usage Policy, Debian Code of
Conduct, Debian Diversity Statement, and other foundation documents. We
also take into account the safety of Debian members and venues, the damage
done via actions in Debian's name, and the project's reputation. This list
is informative, but not normative.
Decisions are taken regardless of the level or amount of activity of a
member in Debian.
After evaluating a situation, we consider what the best action to take
might be. Possible actions include
- no action,
- sending a warning message to the person
- suspending or revoking the person's membership.
This list is not exhaustive, as each case is unique. For each case we seek
what measures are appropriate for the issues raised.
## No action
We may come to the conclusion of taking no action. It could be, for
example, because we conclude that our intervention is not appropriate, or
that this is a problem which is already being handled by others, or that it
is a problem that does not warrant immediate action.
## Sending a warning message
If we come to the conclusion that a warning could be sufficient, we send an
email to the person explaining how their behaviour is not acceptable in
Debian, and seek their input on how they intend to improve it.
## Suspension
If we come to the conclusion that previous resolution attempts are not
being taken seriously, or keep failing, we may decide to suspend a person's
membership to give a clear signal that the current situation, while not
requiring an indefinite revocation, must change.
The suspension time is decided on a case by case basis.
There is currently no infrastructure for a timed temporary change of Debian
membership. Thus, in order to suspend an account temporarily, we change the
membership and invite the person to reapply with a simple mail to DAM after
a given time if they still wish to do so [3].
Assuming that no further issues have arisen since, upon reapplying the NM
process is skipped (though we do require the person to sign the usual
documents again).
Should further issues have arisen, we will deal with the case individually.
## Revocation
With a revocation we recognise that a person is not a constructive member
of Debian. This can happen if all attempts to engage with the person
constructively have failed, if they are violating DMUP or other core rules,
or if they are putting Debian or other Debian members at risk.
In case of a revocation the account is closed indefinitely.
We may decide to invite the person to reapply again in the future,
requiring them to provide an active, visible and durable change of the
situation that caused the revocation in the first place, resulting in a
detailed review by DAM before making a decision on the reactivation of the
account.
## Preserving limited upload rights
When suspending or revoking membership, if there has been no problem
involving package maintenance we may choose to keep the Debian Maintainer
status for the person. This is a technical hack to minimise the impact of
their membership change on their technical work.
## Communicating the decision
After sending a warning, or suspending or revoking a person's membership
for non-routine reasons, DAM will send a short e-mail to debian-private@
with a simple notification of the event. Further details in most cases are
only sent to the person involved and may be disclosed at their discretion.
[4]
If the issue has already been discussed in wider Debian channels or if we
understand that there is a significant request for further information, DAM
may at our discretion follow up to debian-private with what summary can be
provided, bearing in mind the confidentiality of all the people involved.
## Reviewing the decision
We have announced a new procedure for appealing a DAM decison on the
debian-project mailing list[5]. It will be announced formally to
debian-devel-announce following minor tweaks.
[1] https://lists.debian.org/debian-devel-announce/2005/08/msg00005.html
[2] It's difficult for us to promise absolute confidence given various
legal requirements, but we will always try hard to maximise confidence.
[3] Reactivation is elective because we do not want to assume someone will
return; their priorities and wishes may have changed in the meantime.
[4] we leave disclosure up to them so that their interactions are not unduly
prejudiced for years to come
[5] https://lists.debian.org/debian-project/2019/01/msg00116.html
For the Debian Account Managers, Enrico, Joerg and Jonathan:
- --
Jonathan Wiltshire jmw@debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
-----BEGIN PGP SIGNATURE-----
iQJKBAEBCAA0FiEEV3MSJKl2LqFVqypTDKjRW7JNlvIFAlw1JE8WHGRhLW1hbmFn
ZXJAZGViaWFuLm9yZwAKCRAMqNFbsk2W8sjAD/9t7d+U7TlUv28/OxSnlPOLgK39
yAVQ70IZrkkBehahzVr0vXIxKD6LQ1KJr1eKS6QEJK1ySdkG7zHAT4E53wmYL95Z
0pFO8Adkl8htUPHQqEX5m41wwrt2D05v4jUOAJgQ1BU2g/2OvyzMeUgMRAJKIy54
lKsVR9in+05HHOZprlTXstrxyOG7ao9RbQO0u7Oo4yWdqs12mK0DnvkEZswP97sw
jISiCRcMA9Raqs7tIpKbT2EfZ1OC4Ka+ZaPebt2K+v/V39YymbeE67Mv021TZfBI
FcYDdPeVDWyCw82rsobDaAyvCXyxOnQVSzF1WHBGdMLZNYzRlNkRwgDxHY3EIklk
XknY7vX9NjfzW22fNsrdEqQ6NOJvh17UCwtorKyaL0aIBug7AE1f9So/Fz7WD2YY
41rBaLH/bRSHlReW+LXNCYDa0cLstzWhJmiVWLae2NdnS6hi4nOzT2MDgbP+qvPL
hAg+6exuw5K/lM+2/l2CslBrU2iplo5YvGqMyVO3GtAWbOENYCG57W2gUWDRByOY
7l+gZNsV4pgLQn7vN8p78TaHdCfHuPG6HsZFGLFrfnIobiubtQgMlabxBT0ErZLR
ogU0I1dSoA0gcri1Po7BMj4H6Z+N/WvUhGCUkknrPGIf+NKlhWnJGILh1tI0T8Sk
fNkeOJzPPf+Ku6qnHQ==
=Vu+C
-----END PGP SIGNATURE-----
Attachment:
signature.asc
Description: PGP signature