[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

DebConf and legal structure for the project (was: General resolution: Condemn Russian invasion of the Ukraine)

Jonathan Dowland <jmtd@debian.org> writes:

> Correct me if I'm wrong, but Debconf is not formally a part of Debian,
> and so cannot be bound by the outcome of a GR anyway.

This is the sort of thing that would be good to clear up as part of the
process of making Debian a more formal organization.  I don't want to harp
on this too much, but this sort of informality can be rather dangerous
under US law because there are all sorts of unwanted liability
implications to not having anything formally in writing that creates
limited liability and shields people from personal liability.  I suspect
the same or similar problems may exist in other countries as well.

There are a bunch of different ways we could structure this that don't
necessarily have to involve putting DebConf in the same organization as
Debian, but we really should have some formal and legal setup and
agreement.  For example, some conventions that move all over the world
form a local legal organization each year that has an agreement with some
permanent standing organization so that the convention liability can be
isolated from the parent organization (which given all the things that can
go wrong with a large physical gathering may be a good idea).

Anyway, a lawyer familiar with non-profit law and with conventions (which
are fairly common for non-profit organizations) will probably have helpful
opinions about all of this and likely would be able to advise us how to
make everything more robust.  I'm sure they see similar problems
regularly; a non-profit dedicated to a particular purpose that holds
associated conventions in various countries each year is a fairly common
setup (I can think of two or three others just off the top of my head).
Maybe Software in the Public Interest is sufficient and they could tell us
that (although I'm dubious).

It's hard to shake the feeling that we've just gotten quite lucky over the
lifetime of the project (which is not very surprising; liability problems
are one of those "low likelihood, high impact" kinds of issues), and
shouldn't rely on that luck continuing.

Russ Allbery (rra@debian.org)              <https://www.eyrie.org/~eagle/>

Reply to: