Re: Debian contributor Register of Interests

To: debian-project@lists.debian.org
Subject: Re: Debian contributor Register of Interests
From: Luca Filipozzi <lfilipoz@debian.org>
Date: Tue, 9 May 2017 14:59:38 +0000
Message-id: <[🔎] 20170509145938.qrnvjfydplqzpabb@snafu.emyr.net>
In-reply-to: <[🔎] 22801.45432.251855.995302@chiark.greenend.org.uk>
References: <[🔎] 20170509081621.GA908@chew.redmars.org> <[🔎] 22801.45432.251855.995302@chiark.greenend.org.uk>

On Tue, May 09, 2017 at 01:09:28PM +0100, Ian Jackson wrote:
> Jonathan Dowland  <jmtd@debian.org> wrote:
> > However in the interests of transparency I feel that a voluntary,
> > opt-in "Register of Interests" is a good idea for the project. I feel
> > that such a list (populated) would demonstrate the transparency and
> > openness that are part of our project's values.
> 
> I think this is a good idea.

AOL

> >> This is a voluntary, opt-in register of Debian contributor's "Interests"
> >> (such as: employer).
> 
> It would be a good idea to make an annex, giving a list of kinds of
> "interest" that do not need to be mentioned; and ones that should be
> mentioned.
> 
> Things that are _not_ interests worthy of disclosure:
> 
>   * Holding positions of responsibility within the Debian project,
>     or a Debian Trusted Organisation

Arguably, holding a position of responsibility within the Debian project or a
Debian Trusted Organization is what might trigger the completion of a CoI form.

>   * Involvement with political parties (even ones focusing on
>     technology or information rights)
> 
>   * Using Debian or one of its derivatives, on one's personal
>     systems
> 
>   * Holding positions of responsibility in Free Software projects,
>     other than positions of financial responsibility for projects with
>     assets or annual income of more than Eur1,000.
> 
>   * Mere membership of charities, pressure groups, industry
>     associations, etc.
> 
> Things that _are_ interests worthy of disclosure:
> 
>   * Being paid to work on Debian
> 
>   * Being paid to work on hardware that Debian runs on or might run on
> 
>   * Being in a position of influence or authority regarding technology
>     purchasing decisions.  Exceptions: your own personal purchasing
>     and that of your household and your friends; Debian and Debian's
>     TOs.; spends of less than Eur1,000 per year.
> 
>   * Holding a formal position of influence or authority in charities,
>     pressure groups or industry associations which relate to software
>     or computing hardware, information rights, or state-granted
>     information monopolies ("intellectual property").
> 
> I would like to settle the boundaries before we start populating the
> list.

Fully agree.

> >> || '''User''' || '''Interest''' || '''From''' || '''Until''' ||
> >> || JonDowland || Red Hat || 2015 || - ||
> 
> The list should have a date at which the user's entry was last
> updated and signed off by them as complete.

Just as delegations are meant to be refreshed annually, I wonder whether CoIs
should be refreshed annually.

Also, perhaps the CoI 'form' should be an email template that submitters
complete and mail somewhere (GPG-signed). This 'somewhere' could be presented
in a list on some webpage or other. I'm not solutioning, here. I'm questioning
whether we want the non-repudiation that a GPG-signed email provides (or
similar mechanism).

Thanks,

Luca

-- 
Luca Filipozzi
http://www.crowdrise.com/SupportDebian

Reply to:

References:
- Debian contributor Register of Interests
  - From: Jonathan Dowland <jmtd@debian.org>
- Re: Debian contributor Register of Interests
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>

Prev by Date: Re: Debian contributor Register of Interests
Next by Date: Debian Maintainers Keyring changes
Previous by thread: Re: Debian contributor Register of Interests
Next by thread: Re: Debian contributor Register of Interests
Index(es):
- Date
- Thread