[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Evaluation criterias for (prospective) Trusted Organizations


On Fri, 17 Jan 2014, Lucas Nussbaum wrote:
> So, first things first, I would welcome your feedback on the TO
> criterias[1]. Soft deadline: 2014-02-01.
> [1] https://wiki.debian.org/Teams/DPL/TrustedOrganizationCriteria

I didn't find anything really problematic in the criteria, at least not
wrt Debian France. Let me still add some comments.

> == The organization should share Debian's general visions ==
> The organization's activities and political stance should generally
> match Debian's own political and philosophical stances.

"activities" might be a bit broad. TO might have (Debian-related)
activities that Debian is (purposedly) not doing, and this should
not be a blocker IMO.

IMO we should simply tell that the TO bylaws, activities and
political stance should not be in conflict with Debian's
social contract.

> == The organization should remain loyal to Debian ==
> The organization should be considered fully trustworthy, or provide
> guarantees that Debian's assets will be managed according to the Debian
> Project's decisions.
> Some examples of possible implementations:
>  * The organization has a long history of successfully holding a
>    similar role for other Free Software projects
>  * The organization is managed by highly respected members of the
>    Free Software community
>  * The organization has a leadership structure that ensures a
>    minimum number and/or a majority of Debian developers
>  * The organization has decision-making processes that explicitely
>    delegate decisions on Debian assets to the Debian Project Leader

Right, in the case of Debian France we delegate the decisions on Debian
assets to the DPL via the "Règlement intérieur" (internal rules) but
those rules can be easily modified by the board.

That said the board is composed of at least 2/3 of Debian developers (also
a requirement imposed by the "internal rules").

> == The organization should provide accountability on assets held in trust ==
> Some examples of possible implementations:
>  * The organization provides, on a regular and frequent basis (e.g.
>    quarterly), detailed reports of assets tranfers and balance sheets,
>    in a machine-parsable format.
>  * The organization provides access to Debian's accounts live data,
>    in a machine-parsable format.

We do use "ledger" to keep our own accounting in a git repository and
intend to give access to this repository to the Debian auditors. ledger
has some facilities to do some "analytical" accounting and we intend to
use that.

It would be good to know what exactly are the minimal requirements.
Can we have a single "Debian" account with an history of debit/credits
or do you want/need a full double accounting output with each operation
balanced between the asset account and another expense/income account ?

> == The organization should be reliable, sustainable, and reactive ==
> Some examples of possible implementations:
>  * The organization is managed by a large group of active Debian
>    Developers
>  * The organization's managers have been involved in Debian or other
>    Free Software projects for a long time, and have a high reputation
>    of being reliable.
>  * The organization has several people sharing the role of treasurer in
>    order to react quickly to requests in all circumstances

In Debian France, Sylvestre Ledru is the treasurer and there's no other
treasurer. That said, as the president, I also have the power to do
banking operations and I do occasionnaly help Sylvestre to manage the
accounting side.

The board contains other Debian developers, but none of them would be
able to help when it comes to do a wire transfer or something like that.

> == The organization should provide a reasonable financial framework ==
> For example, it is desirable that:
>  * Donations and sponsorship are tax-deductible for the donor
>  * Donations, sponsorship, income from sales and transfers from other
>    TOs are not subject to income tax
>  * There are no major restrictions on what kind of expenses can be made,
>    either due to the organization's bylaws or to the legal framework of
>    the organization
>  * There are no major restrictions on how the organization could transfer
>    assets to another TO
> Some properties are often mutually exclusive (e.g.; ''tax-deductible for
> the donor'' and ''no major restrictions''). This is fine -- the goal here
> is to understand beforehand what will be possible for a specific TO.

We can provide receipts for tax-deductibility, they are valid in France at
least. I don't know their status in other countries.

The only restriction that we have put is that we want a "supporting
statement" (required for proper accounting) for any operation that we are
going to handle in behalf of the Debian project. That said if the DPL
asks us the reimburse some jewelry, we might require more than an invoice
to explain how buying that jewelry serves the purpose of the Debian
project and hence of Debian France.

> == Additional opportunities ==
> Some organizations might offer additional services to their affiliated
> organizations, such as legal counsel.
> Some organizations have might plans that result in possible income
> for Debian, such are giving to Debian some of the result of the sale of
> merchandising.

In Debian France, we keep the assets of the Debian project clearly
separate from the Debian France assets. The earnings of the merchandising
go into the Debian France assets. That said if we have benefits, we
might decide to give a part of those to the Debian project.

Raphaël Hertzog ◈ Debian Developer

Discover the Debian Administrator's Handbook:
→ http://debian-handbook.info/get/

Reply to: