[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Proposed GR: Repeal the 2005 vote for declassification of the debian-private mailing list

Hash: SHA256

TL,DR: Nice proposal, seconded.

Am 08.09.2016 um 18:07 schrieb Ian Jackson:
> Lars Wirzenius writes ("Re: Proposed GR: Repeal the 2005 vote for
> declassification of the debian-private mailing list"):
>> If we're going to have another discussion and vote about this, I 
>> think it might be good to vote with a full spectrum of choices on
>> the ballot.
> I don't object to this, but (despite what seems to be some quite
> deep divisions in people's attitudes) I think there is a
> possibility that we can find a settlement that will be broadly
> acceptable.
> As I read the messages the principles which are partly in conflict
> (or which seem to be in conflict) are:
> * We do not want to introduce any new barriers to
> declassification.
> * We do not want to promise something we are not delivering.
> * People who have previously posted messages to -private under the 
> previous policy (the regime established by the previous GR) should 
> not have the promise of privacy retrospectively breached.
> * -private ought to be used as little as possible.
> * If someone proposes a better way to handle -private, we do not
> want them to have to go to a further GR.
> (Note, I am stating these views as I understand them from the
> messages of people who've written on the subject.  I do not
> necessarily agree with them.)

First of all thanks to Ian for summarizing the late discussions around
the failed GR so well.

> It seems to me that a just approach, which may find broad favour, 
> would be to explicitly recognise that we have had different
> policies (and policies with different levels of explicitness) at
> different times, and that the poster of such messages is entitled
> to expect that the policy in force at the time they posted the
> message will apply.
> That does not mean that the policy cannot be changed, or that
> changing the policy needs a GR.  It just means that the policy
> ought not to be changed _retrospectively_, at least without very
> great care and consideration.  For example, the level of care and
> consideration that are evident in the 2005 GR.

Exactly, I couldn't express my view better.

> So, how about something like this:
> Title: Acknowledge difficulty of declassifying debian-private
> 1. The Debian Project regrets the non-implementation of the 2005 
> General Resolution titled "Declassification of debian-private list 
> archives".  That General Resolution is hereby repealed.
> 2. In case volunteers should come forward: Permission remains for
> the list archives (of any messages, whether posted before or after 
> this resolution) to be declassified, provided that the 
> declassification process is at least as respecting of the privacy 
> of posters to debian-private as the process set out in the 2005 
> General Resolution.
> 3. Furthermore, the Debian listmasters remain empowered (subject
> to the usual consultation processes within the Debian project) to 
> revise the rules governing the privacy and declassification of 
> messages to -private.  This includes making measures to make 
> declassification more widely applicable, or easier to automate.
> 4. But, any weakening of the privacy expectations must not be 
> retrospective: changes should apply only to messages posted after 
> the rule change has come into force.
> 5. In particular, we reaffirm this rule: no part of a posting made
> to -private, which explicitly states that it should not be 
> declassified, may be published (without its author's explicit 
> consent).  This rule may be changed by the listmasters (para.3, 
> above), but only for future messages (para.4, above), and only 
> following consultation, and only with ample notice.
> 5. Participants are reminded to use -private only when necessary.

Thank you for the new proposal which now addresses my major concerns.
Retrospective policy changes are now explicitly forbidden (#4). And I
totally agree that we should not forbid any future efforts to
declassify debian-private just because we failed to do so for more
than 11 years now (#2).

If this is a proposed GR, I do second it.

Best regards,
Version: GnuPG v2


Reply to: