Re: Debian contributor Register of Interests
On Tue, May 09, 2017 at 01:09:28PM +0100, Ian Jackson wrote:
> Jonathan Dowland <jmtd@debian.org> wrote:
> > However in the interests of transparency I feel that a voluntary,
> > opt-in "Register of Interests" is a good idea for the project. I feel
> > that such a list (populated) would demonstrate the transparency and
> > openness that are part of our project's values.
>
> I think this is a good idea.
AOL
> >> This is a voluntary, opt-in register of Debian contributor's "Interests"
> >> (such as: employer).
>
> It would be a good idea to make an annex, giving a list of kinds of
> "interest" that do not need to be mentioned; and ones that should be
> mentioned.
>
> Things that are _not_ interests worthy of disclosure:
>
> * Holding positions of responsibility within the Debian project,
> or a Debian Trusted Organisation
Arguably, holding a position of responsibility within the Debian project or a
Debian Trusted Organization is what might trigger the completion of a CoI form.
> * Involvement with political parties (even ones focusing on
> technology or information rights)
>
> * Using Debian or one of its derivatives, on one's personal
> systems
>
> * Holding positions of responsibility in Free Software projects,
> other than positions of financial responsibility for projects with
> assets or annual income of more than Eur1,000.
>
> * Mere membership of charities, pressure groups, industry
> associations, etc.
>
> Things that _are_ interests worthy of disclosure:
>
> * Being paid to work on Debian
>
> * Being paid to work on hardware that Debian runs on or might run on
>
> * Being in a position of influence or authority regarding technology
> purchasing decisions. Exceptions: your own personal purchasing
> and that of your household and your friends; Debian and Debian's
> TOs.; spends of less than Eur1,000 per year.
>
> * Holding a formal position of influence or authority in charities,
> pressure groups or industry associations which relate to software
> or computing hardware, information rights, or state-granted
> information monopolies ("intellectual property").
>
> I would like to settle the boundaries before we start populating the
> list.
Fully agree.
> >> || '''User''' || '''Interest''' || '''From''' || '''Until''' ||
> >> || JonDowland || Red Hat || 2015 || - ||
>
> The list should have a date at which the user's entry was last
> updated and signed off by them as complete.
Just as delegations are meant to be refreshed annually, I wonder whether CoIs
should be refreshed annually.
Also, perhaps the CoI 'form' should be an email template that submitters
complete and mail somewhere (GPG-signed). This 'somewhere' could be presented
in a list on some webpage or other. I'm not solutioning, here. I'm questioning
whether we want the non-repudiation that a GPG-signed email provides (or
similar mechanism).
Thanks,
Luca
--
Luca Filipozzi
http://www.crowdrise.com/SupportDebian
Reply to: