Re: Proposed GR: Repeal the 2005 vote for declassification of the debian-private mailing list
David Kalnischkies writes ("Re: Proposed GR: Repeal the 2005 vote for declassification of the debian-private mailing list"):
> On Thu, Sep 08, 2016 at 05:07:47PM +0100, Ian Jackson wrote:
> > 4. But, any weakening of the privacy expectations must not be
> > retrospective: changes should apply only to messages posted after
> > the rule change has come into force.
> That rule /might/ make sense if we are talking about fully automated
> declassification of everything at once – which is a pretty involved task
> I have a lot of sympathy for nobody tried that so far.
> If on the other hand we consider less than 100% a declassification
> already this rule blocks a lot of potentially interesting things from
> being released to the public about the past.
> Basic example: How many mails are sent to d-private each month? We know
> that for public archived lists. We even know that for less public lists
> like d-companies, but for d-private that is classified information…
> (that is perhaps not "weakening privacy" for an individual, but for the
> dev-body as a whole if your reading is very strict. Many things I am
> thinking of aren't directly related to individuals in fact…)
Well, I can see why you might think that would be interesting. I can
also see reasons for objecting to releasing such information.
I'm afraid I am not going to take on board, in my own proposals in
this GR, any suggestion that explicitly grants, retrospectively, any
more authority for declassification than granted by the 2005 GR.
This is because ISTM that the recent GR attempt was defeated precisely
because to many people it seemed to grant such an authority.
> My personal idea of declassification (I might or might not help with)
> was an archive with thread-view just like for the other lists, [...]
This is a suggestion for a new way of doing things, which I presume
would apply to new postings.
I don't think the GR process is a good way to develop such a
scheme/policy/system/whatever. It is far too heavyweight.
I would like us to agree a GR which explicitly authorises listmaster@
to institute schemes such as you suggest, or such as I have suggested.
I don't want to tie listmaster's hands.
> Or to answer that with my basic example for above again: Do I need
> to propose a GR to have the statistics image show traffic? The
> answer before 2005 is no (listmasters decide), after 2005 it is
> maybe (yes: another process was approved via GR, but no: the GR was
> not needed, but done as it was a major and "perhaps" controversial
> decision) and now it is yes until it is further discussed (and in
> this proposal it would be cemented as yes).
I think that the status quo is that statistics such as you describe
should not be released without a GR. I don't think listmaster would
do so, given the 2005 GR and indeed recent comments here, even if they
might technically have teh authority.
> b) tl;dr: "In listmasters we trust"
That is the option which was explicitly rejected just now.
So in summary: thanks for your comments. I can see where you're
coming from but I think my proposal has a greater chance of broad
support, than it would do if I changed it to agree with your views.
Ian Jackson <email@example.com> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.