[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Proposed GR: Repeal the 2005 vote for declassification of the debian-private mailing list

Lars Wirzenius writes ("Re: Proposed GR: Repeal the 2005 vote for declassification of the debian-private mailing list"):
> If we're going to have another discussion and vote about this, I
> think it might be good to vote with a full spectrum of choices on the
> ballot.

I don't object to this, but (despite what seems to be some quite deep
divisions in people's attitudes) I think there is a possibility that
we can find a settlement that will be broadly acceptable.

As I read the messages the principles which are partly in conflict (or
which seem to be in conflict) are:

 * We do not want to introduce any new barriers to declassification.

 * We do not want to promise something we are not delivering.

 * People who have previously posted messages to -private under the
   previous policy (the regime established by the previous GR) should
   not have the promise of privacy retrospectively breached.

 * -private ought to be used as little as possible.

 * If someone proposes a better way to handle -private, we do not want
   them to have to go to a further GR.

(Note, I am stating these views as I understand them from the messages
of people who've written on the subject.  I do not necessarily agree
with them.)

It seems to me that a just approach, which may find broad favour,
would be to explicitly recognise that we have had different policies
(and policies with different levels of explicitness) at different
times, and that the poster of such messages is entitled to expect that
the policy in force at the time they posted the message will apply.

That does not mean that the policy cannot be changed, or that changing
the policy needs a GR.  It just means that the policy ought not to be
changed _retrospectively_, at least without very great care and
consideration.  For example, the level of care and consideration that
are evident in the 2005 GR.

So, how about something like this:

 Title: Acknowledge difficulty of declassifying debian-private

 1. The Debian Project regrets the non-implementation of the 2005
    General Resolution titled "Declassification of debian-private list
    archives".  That General Resolution is hereby repealed.

 2. In case volunteers should come forward: Permission remains for the
    list archives (of any messages, whether posted before or after
    this resolution) to be declassified, provided that the
    declassification process is at least as respecting of the privacy
    of posters to debian-private as the process set out in the 2005
    General Resolution.

 3. Furthermore, the Debian listmasters remain empowered (subject to
    the usual consultation processes within the Debian project) to
    revise the rules governing the privacy and declassification of
    messages to -private.  This includes making measures to make
    declassification more widely applicable, or easier to automate.

 4. But, any weakening of the privacy expectations must not be
    retrospective: changes should apply only to messages posted after
    the rule change has come into force.

 5. In particular, we reaffirm this rule: no part of a posting made to
    -private, which explicitly states that it should not be
    declassified, may be published (without its author's explicit
    consent).  This rule may be changed by the listmasters (para.3,
    above), but only for future messages (para.4, above), and only
    following consultation, and only with ample notice.

 5. Participants are reminded to use -private only when necessary.


Ian Jackson <ijackson@chiark.greenend.org.uk>   These opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.

Reply to: