-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, Some confusion has come to light about a published expulsion procedure[1] and whether it is what DAMs themselves follow for the suspension or revocation of Debian membership. While that is the procedure that Debian Members can use to force DAMs to consider taking action on a member, DAMs can and do take action independently. In the past such action has been rare and that is a good thing. But we have also heard Developers' concerns about transparency and expectations, and although we will still deal with cases on their individual merits we feel this is an appropriate time to set out some expectations and background. This is the status quo as it has been for some time, plus input from recent feedback - for which we have been grateful. It is more a description of possibilities rather than a linear process; removing membership from a developer is still a last resort for us. # Background According to the constitution, DAMs are delegated by the DPL and are responsible for membership in Debian. DAM actions are taken with the goal of keeping membership status aligned with majority project expectations. DAM is not the team in charge of mediation or conflict resolution. Keeping Debian a good and sustainable space to work in is the responsibility of the whole community, with the anti-harassment team being the default contact point when issues arise. DAM intervenes on membership when all else has failed, and it becomes evident that a Developer/Maintainer is not being a constructive member of the Debian community. We expect people to take issues raised to them seriously: they should not wait until DAM intervenes to acknowledge that there is a problem. # How DAMs take non-routine action ## Starting a discussion If individual members or teams feel like a person's behaviour is harming Debian, other Debian contributors, or other people in Debian's name or using Debian's infrastructure, they can bring the issue to DAM by sending an email to <da-manager@debian.org>. DAM will treat reported issues with all possible confidence[2]. We do find it helpful to receive information we can use to evaluate the situation (for example, previous mediation or conflict resolution attempts, traces of issues being raised, and warnings sent). However, that should not be a barrier to talking to us if there is a genuine problem unfolding. There is no further formal requirement to initiate a discussion. DAMs may also decide to take action on an issue that they witnessed themselves, without waiting for others to initiate the procedure. ## Taking a decision All DAM decisions are discussed within the team, and resolutions are made by general consent. When making a statement or decision we consider (depending on the case) the Debian Social Contract, Debian Machine Usage Policy, Debian Code of Conduct, Debian Diversity Statement, and other foundation documents. We also take into account the safety of Debian members and venues, the damage done via actions in Debian's name, and the project's reputation. This list is informative, but not normative. Decisions are taken regardless of the level or amount of activity of a member in Debian. After evaluating a situation, we consider what the best action to take might be. Possible actions include - no action, - sending a warning message to the person - suspending or revoking the person's membership. This list is not exhaustive, as each case is unique. For each case we seek what measures are appropriate for the issues raised. ## No action We may come to the conclusion of taking no action. It could be, for example, because we conclude that our intervention is not appropriate, or that this is a problem which is already being handled by others, or that it is a problem that does not warrant immediate action. ## Sending a warning message If we come to the conclusion that a warning could be sufficient, we send an email to the person explaining how their behaviour is not acceptable in Debian, and seek their input on how they intend to improve it. ## Suspension If we come to the conclusion that previous resolution attempts are not being taken seriously, or keep failing, we may decide to suspend a person's membership to give a clear signal that the current situation, while not requiring an indefinite revocation, must change. The suspension time is decided on a case by case basis. There is currently no infrastructure for a timed temporary change of Debian membership. Thus, in order to suspend an account temporarily, we change the membership and invite the person to reapply with a simple mail to DAM after a given time if they still wish to do so [3]. Assuming that no further issues have arisen since, upon reapplying the NM process is skipped (though we do require the person to sign the usual documents again). Should further issues have arisen, we will deal with the case individually. ## Revocation With a revocation we recognise that a person is not a constructive member of Debian. This can happen if all attempts to engage with the person constructively have failed, if they are violating DMUP or other core rules, or if they are putting Debian or other Debian members at risk. In case of a revocation the account is closed indefinitely. We may decide to invite the person to reapply again in the future, requiring them to provide an active, visible and durable change of the situation that caused the revocation in the first place, resulting in a detailed review by DAM before making a decision on the reactivation of the account. ## Preserving limited upload rights When suspending or revoking membership, if there has been no problem involving package maintenance we may choose to keep the Debian Maintainer status for the person. This is a technical hack to minimise the impact of their membership change on their technical work. ## Communicating the decision After sending a warning, or suspending or revoking a person's membership for non-routine reasons, DAM will send a short e-mail to debian-private@ with a simple notification of the event. Further details in most cases are only sent to the person involved and may be disclosed at their discretion. [4] If the issue has already been discussed in wider Debian channels or if we understand that there is a significant request for further information, DAM may at our discretion follow up to debian-private with what summary can be provided, bearing in mind the confidentiality of all the people involved. ## Reviewing the decision We have announced a new procedure for appealing a DAM decison on the debian-project mailing list[5]. It will be announced formally to debian-devel-announce following minor tweaks. [1] https://lists.debian.org/debian-devel-announce/2005/08/msg00005.html [2] It's difficult for us to promise absolute confidence given various legal requirements, but we will always try hard to maximise confidence. [3] Reactivation is elective because we do not want to assume someone will return; their priorities and wishes may have changed in the meantime. [4] we leave disclosure up to them so that their interactions are not unduly prejudiced for years to come [5] https://lists.debian.org/debian-project/2019/01/msg00116.html For the Debian Account Managers, Enrico, Joerg and Jonathan: - -- Jonathan Wiltshire jmw@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 -----BEGIN PGP SIGNATURE----- iQJKBAEBCAA0FiEEV3MSJKl2LqFVqypTDKjRW7JNlvIFAlw1JE8WHGRhLW1hbmFn ZXJAZGViaWFuLm9yZwAKCRAMqNFbsk2W8sjAD/9t7d+U7TlUv28/OxSnlPOLgK39 yAVQ70IZrkkBehahzVr0vXIxKD6LQ1KJr1eKS6QEJK1ySdkG7zHAT4E53wmYL95Z 0pFO8Adkl8htUPHQqEX5m41wwrt2D05v4jUOAJgQ1BU2g/2OvyzMeUgMRAJKIy54 lKsVR9in+05HHOZprlTXstrxyOG7ao9RbQO0u7Oo4yWdqs12mK0DnvkEZswP97sw jISiCRcMA9Raqs7tIpKbT2EfZ1OC4Ka+ZaPebt2K+v/V39YymbeE67Mv021TZfBI FcYDdPeVDWyCw82rsobDaAyvCXyxOnQVSzF1WHBGdMLZNYzRlNkRwgDxHY3EIklk XknY7vX9NjfzW22fNsrdEqQ6NOJvh17UCwtorKyaL0aIBug7AE1f9So/Fz7WD2YY 41rBaLH/bRSHlReW+LXNCYDa0cLstzWhJmiVWLae2NdnS6hi4nOzT2MDgbP+qvPL hAg+6exuw5K/lM+2/l2CslBrU2iplo5YvGqMyVO3GtAWbOENYCG57W2gUWDRByOY 7l+gZNsV4pgLQn7vN8p78TaHdCfHuPG6HsZFGLFrfnIobiubtQgMlabxBT0ErZLR ogU0I1dSoA0gcri1Po7BMj4H6Z+N/WvUhGCUkknrPGIf+NKlhWnJGILh1tI0T8Sk fNkeOJzPPf+Ku6qnHQ== =Vu+C -----END PGP SIGNATURE-----
Attachment:
signature.asc
Description: PGP signature