Re: Code of Conduct - links to why they are needed etc

[Noah Slater <ns...@apache.org>]

Jan,

Late to the party here, sorry. But I wanna reply to your point that the CoC
is not meant to be enforceable.

That is not the case, as I understand it. Indeed, an unenforceable or
not-regularly-enforced CoC is not worthless, it's actually *harmful* and
dangerous for marginalised people in our community. Because we are
communicating to them that we have certain standards, and then not taking
any action to make sure that those standards are met.

A community is, in many ways, defined by whatever its leaders are prepared
to tolerate. Our CoC is, and should continue to be, a document that
outlines what we do not tolerate. And for that to mean anything, we need to
put our money where our mouth is and enforce it.

And this shouldn't be optional for podlings or projects. This should apply
across the board, for the whole org, like the foundation's bylaws
themselves. Or again, it is useless.

To make that work, we need to add three things:

1. A clear way for the document to be updated. We have a model on CouchDB
(which is where the doc came from) and we can simply port that the
Community PMC, where people can come to discuss changes.

2. We need a foundation-level reporting mechanism (again, presumably
coordinating this through the Community PMC)

3. We need clearly defined enforcement guidelines or punitive measures, so
that people know what action will be taken, and when


On Sat, 20 Dec 2014 at 21:14 jan i <ja...@apache.org> wrote:

> On 20 December 2014 at 20:55, Louis Suárez-Potts <lu...@gmail.com> wrote:
>
> > Hi,
> > > On 20 Dec 2014, at 09:50, Jim Jagielski <ji...@jagunet.com> wrote:
> > >
> > > This is great and, as noted, long overdue. Although the code
> > > itself "simply" codifies what had been the tribal knowledge
> > > of the ASF, and how we'd expected people to behave, NOT having
> > > it written down was pretty sad.
> > >
> > > Thx to all for making it happen.
> > >
> > >> On Dec 20, 2014, at 6:33 AM, sebb <se...@gmail.com> wrote:
> > >>
> > >> There are some useful links in the CoC blog:
> > >>
> > >>
> > https://blogs.apache.org/foundation/entry/asf_
> publishes_long_overdue_code
> > >>
> > >> For example,
> > >> Ashe Dryden's introductory resource for learning more about how Codes
> > >> of Conduct can help
> > >>
> > >> Perhaps these should be added to the ASF CoC page at
> > >>
> > >> http://www.apache.org/foundation/policies/conduct.html
> > >
> >
> > So, now that it is written down—great—does this mean then that we will be
> > asking all new projects (and podlings and everything else) to
> obligatorily
> > review it? As part of the Apache Way? That is, what is the relationship
> > between this CoC and the Apache Way from the perspective of the new
> member
> > to Apache?
> >
>
> maybe I see it wrong, but to me a "code of conduct" is more a guideline
> than an actual rulebook. It is a description of how we would like to
> interact with other, and therefore not something that should be used as
> "you did not follow the code of conduct, so now I take action".
>
> I think it is important to see both the "apache way" and "code of conduct"
> as guidelines, not something formulated by lawyers to stand up in court.
>
> So in essence we should all be aware of what the intention is and that
> includes podlings coming to apache.
>
> rgds
> jan i.
>
>
> > Louis
> >
> >
>

Re: Code of Conduct - links to why they are needed etc

[Noah Slater <ns...@apache.org>]

*or where ever

On Thu, 26 Mar 2015 at 18:46 Noah Slater <ns...@apache.org> wrote:

> Oh, thanks for the input Shane!
>
> I don't want to make the punitive measures stuff too complex. It should be
> simple and easy to understand for both those who want protection from
> harassment and so on, and those who've been spoken to about adjusting their
> conduct.
>
> A strikes system is one idea. So individuals get warnings for minor
> things, and are told to adjust.
>
> Beyond that, we might consider several things:
>
> - Temporary removal from a mailing list (or whether the behaviour is
> occurring)
> - Longer periods of removal or banning from the same
> - Removal from a PMC, or revocation of committer or member status
>
> People should know that we are perfectly prepared to expel individuals
> from our community who do not work with us to keep it a safe and welcoming
> environment for everybody.
>
> Removing from PMC and revocation of committer status can be done by PMCs
> themselves, should they be the ones enforcing the CoC. If not that, a
> recommendation from the Community PMC to the board to take the appropriate
> action. And failing that, for the Board itself to step in and take such
> action.
>
>
> On Wed, 25 Mar 2015 at 18:20 Shane Curcuru <as...@shanecurcuru.org> wrote:
>
>> On 3/25/15 12:00 PM, Noah Slater wrote:
>> > Yep, thanks for the reply. I'm not sure how to handle the governance
>> side
>> > of this. But I'm sure we can come to an agreement on this list soon.
>>
>> Discussing here makes sense; it's public and there are plenty of helpful
>> voices that are likely to participate; plus this is a key thing we
>> should ensure that newcomers to our communities see.  This group should
>> definitely be able to get consensus on any updates and be able to
>> publish them - if board or President have issues, I'm sure they'll
>> weight in about the documentation if needed.
>>
>> In terms of escalation and reporting, that's tricky, because we are both
>> a Delaware corporation and a volunteer-run community.
>>
>> - For issues within one project, the best first place to escalate is
>> that PMC's private@ list, if the reporter is comfortable doing so.
>>
>> - Otherwise, I'd say the private@community.a.o list would be an
>> effective place to report/escalate, because there are people here who
>> could help working within the community.
>>
>> - Beyond that, we need board or President to agree on whatever further
>> "formal" contact address or escalation path we will support.  Barring
>> anything more specific, I'd start the recommendation being board@.
>>
>> In terms of enforcement, there are plenty of different people
>> (especially Members) at the ASF who can help with enforcement on a
>> community scale, so any ways we can make it more obvious for how to
>> contact them/ask for help is good.
>>
>> But in terms of true enforcement, that goes to the board.  Since PMCs
>> report to the board, it's up to the board to enforce any serious issues,
>> if it comes to that.  Specific issues with infra/press/brand, and
>> probably conferences (i.e. not issues within an Apache project) should
>> escalate to President@, because those officers report to the President.
>>
>> - Shane
>>
>> P.S. This is a good topic - reminds me of a question recently on
>> foundations list elsewhere asking what mediation/personnel issue
>> reporting policies that different Foundations have (or not have).
>>
>>

Re: Code of Conduct - links to why they are needed etc

[Shane Curcuru <as...@shanecurcuru.org>]

On 3/26/15 1:46 PM, Noah Slater wrote:
> Oh, thanks for the input Shane!
> 
> I don't want to make the punitive measures stuff too complex. It should be
> simple and easy to understand for both those who want protection from
> harassment and so on, and those who've been spoken to about adjusting their
> conduct.
> 
> A strikes system is one idea. So individuals get warnings for minor things,
> and are told to adjust.
> 
> Beyond that, we might consider several things:
> 
> - Temporary removal from a mailing list (or whether the behaviour is
> occurring)
> - Longer periods of removal or banning from the same

I would expect both of the above every PMC could/should do for
themselves.  I.e. the PMC and private@ should be the reporting path, and
the PMC can just do the above as they see the need.

Importantly, I think most people would look to PMCs to document their
own systems.  Having an ASF-wide "sample policy" would be good, but I'm
betting some PMCs would still use their own details

> - Removal from a PMC, or revocation of committer or member status

PMCs should be able to remove their own committers, although one would
hope that is rare.  Anything dealing with removing or otherwise
censuring PMC members or ASF Members would need to be done by the board.


> People should know that we are perfectly prepared to expel individuals from
> our community who do not work with us to keep it a safe and welcoming
> environment for everybody.

"Our community" also points to setting the expectation that the group
closest to the community should be enforcing these - hence, the PMCs
whenever possible should police their own projects.


> 
> Removing from PMC and revocation of committer status can be done by PMCs
> themselves, should they be the ones enforcing the CoC. If not that, a
> recommendation from the Community PMC to the board to take the appropriate
> action. And failing that, for the Board itself to step in and take such
> action.

Yup.

- Shane


> 
> 
> On Wed, 25 Mar 2015 at 18:20 Shane Curcuru <as...@shanecurcuru.org> wrote:
> 
>> On 3/25/15 12:00 PM, Noah Slater wrote:
>>> Yep, thanks for the reply. I'm not sure how to handle the governance side
>>> of this. But I'm sure we can come to an agreement on this list soon.
>>
>> Discussing here makes sense; it's public and there are plenty of helpful
>> voices that are likely to participate; plus this is a key thing we
>> should ensure that newcomers to our communities see.  This group should
>> definitely be able to get consensus on any updates and be able to
>> publish them - if board or President have issues, I'm sure they'll
>> weight in about the documentation if needed.
>>
>> In terms of escalation and reporting, that's tricky, because we are both
>> a Delaware corporation and a volunteer-run community.
>>
>> - For issues within one project, the best first place to escalate is
>> that PMC's private@ list, if the reporter is comfortable doing so.
>>
>> - Otherwise, I'd say the private@community.a.o list would be an
>> effective place to report/escalate, because there are people here who
>> could help working within the community.
>>
>> - Beyond that, we need board or President to agree on whatever further
>> "formal" contact address or escalation path we will support.  Barring
>> anything more specific, I'd start the recommendation being board@.
>>
>> In terms of enforcement, there are plenty of different people
>> (especially Members) at the ASF who can help with enforcement on a
>> community scale, so any ways we can make it more obvious for how to
>> contact them/ask for help is good.
>>
>> But in terms of true enforcement, that goes to the board.  Since PMCs
>> report to the board, it's up to the board to enforce any serious issues,
>> if it comes to that.  Specific issues with infra/press/brand, and
>> probably conferences (i.e. not issues within an Apache project) should
>> escalate to President@, because those officers report to the President.
>>
>> - Shane
>>
>> P.S. This is a good topic - reminds me of a question recently on
>> foundations list elsewhere asking what mediation/personnel issue
>> reporting policies that different Foundations have (or not have).
>>
>>
> 

Re: Code of Conduct - links to why they are needed etc

[Noah Slater <ns...@apache.org>]

Oh, thanks for the input Shane!

I don't want to make the punitive measures stuff too complex. It should be
simple and easy to understand for both those who want protection from
harassment and so on, and those who've been spoken to about adjusting their
conduct.

A strikes system is one idea. So individuals get warnings for minor things,
and are told to adjust.

Beyond that, we might consider several things:

- Temporary removal from a mailing list (or whether the behaviour is
occurring)
- Longer periods of removal or banning from the same
- Removal from a PMC, or revocation of committer or member status

People should know that we are perfectly prepared to expel individuals from
our community who do not work with us to keep it a safe and welcoming
environment for everybody.

Removing from PMC and revocation of committer status can be done by PMCs
themselves, should they be the ones enforcing the CoC. If not that, a
recommendation from the Community PMC to the board to take the appropriate
action. And failing that, for the Board itself to step in and take such
action.


On Wed, 25 Mar 2015 at 18:20 Shane Curcuru <as...@shanecurcuru.org> wrote:

> On 3/25/15 12:00 PM, Noah Slater wrote:
> > Yep, thanks for the reply. I'm not sure how to handle the governance side
> > of this. But I'm sure we can come to an agreement on this list soon.
>
> Discussing here makes sense; it's public and there are plenty of helpful
> voices that are likely to participate; plus this is a key thing we
> should ensure that newcomers to our communities see.  This group should
> definitely be able to get consensus on any updates and be able to
> publish them - if board or President have issues, I'm sure they'll
> weight in about the documentation if needed.
>
> In terms of escalation and reporting, that's tricky, because we are both
> a Delaware corporation and a volunteer-run community.
>
> - For issues within one project, the best first place to escalate is
> that PMC's private@ list, if the reporter is comfortable doing so.
>
> - Otherwise, I'd say the private@community.a.o list would be an
> effective place to report/escalate, because there are people here who
> could help working within the community.
>
> - Beyond that, we need board or President to agree on whatever further
> "formal" contact address or escalation path we will support.  Barring
> anything more specific, I'd start the recommendation being board@.
>
> In terms of enforcement, there are plenty of different people
> (especially Members) at the ASF who can help with enforcement on a
> community scale, so any ways we can make it more obvious for how to
> contact them/ask for help is good.
>
> But in terms of true enforcement, that goes to the board.  Since PMCs
> report to the board, it's up to the board to enforce any serious issues,
> if it comes to that.  Specific issues with infra/press/brand, and
> probably conferences (i.e. not issues within an Apache project) should
> escalate to President@, because those officers report to the President.
>
> - Shane
>
> P.S. This is a good topic - reminds me of a question recently on
> foundations list elsewhere asking what mediation/personnel issue
> reporting policies that different Foundations have (or not have).
>
>

Re: Code of Conduct - links to why they are needed etc

[Shane Curcuru <as...@shanecurcuru.org>]

On 3/25/15 12:00 PM, Noah Slater wrote:
> Yep, thanks for the reply. I'm not sure how to handle the governance side
> of this. But I'm sure we can come to an agreement on this list soon.

Discussing here makes sense; it's public and there are plenty of helpful
voices that are likely to participate; plus this is a key thing we
should ensure that newcomers to our communities see.  This group should
definitely be able to get consensus on any updates and be able to
publish them - if board or President have issues, I'm sure they'll
weight in about the documentation if needed.

In terms of escalation and reporting, that's tricky, because we are both
a Delaware corporation and a volunteer-run community.

- For issues within one project, the best first place to escalate is
that PMC's private@ list, if the reporter is comfortable doing so.

- Otherwise, I'd say the private@community.a.o list would be an
effective place to report/escalate, because there are people here who
could help working within the community.

- Beyond that, we need board or President to agree on whatever further
"formal" contact address or escalation path we will support.  Barring
anything more specific, I'd start the recommendation being board@.

In terms of enforcement, there are plenty of different people
(especially Members) at the ASF who can help with enforcement on a
community scale, so any ways we can make it more obvious for how to
contact them/ask for help is good.

But in terms of true enforcement, that goes to the board.  Since PMCs
report to the board, it's up to the board to enforce any serious issues,
if it comes to that.  Specific issues with infra/press/brand, and
probably conferences (i.e. not issues within an Apache project) should
escalate to President@, because those officers report to the President.

- Shane

P.S. This is a good topic - reminds me of a question recently on
foundations list elsewhere asking what mediation/personnel issue
reporting policies that different Foundations have (or not have).

Re: Code of Conduct - links to why they are needed etc

[Noah Slater <ns...@apache.org>]

Yep, thanks for the reply. I'm not sure how to handle the governance side
of this. But I'm sure we can come to an agreement on this list soon.

On Wed, 25 Mar 2015 at 15:13 jan i <ja...@apache.org> wrote:

> On 25 March 2015 at 13:08, Noah Slater <ns...@apache.org> wrote:
>
> > Jan,
> >
> > Late to the party here, sorry. But I wanna reply to your point that the
> CoC
> > is not meant to be enforceable.
> >
> > That is not the case, as I understand it. Indeed, an unenforceable or
> > not-regularly-enforced CoC is not worthless, it's actually *harmful* and
> > dangerous for marginalised people in our community. Because we are
> > communicating to them that we have certain standards, and then not taking
> > any action to make sure that those standards are met.
> >
>
> Maybe I should have spent more words. Of course there are CoC items that
> should and  can be enforced, but to me there
> are also some with quite some elastic built in. For example we have a CoC
> for email, do not use he/she and be polite. The first
> part is easy to enforce, but the second part ? what you see as polite might
> not be polite to me.
>
>
> >
> > A community is, in many ways, defined by whatever its leaders are
> prepared
> > to tolerate. Our CoC is, and should continue to be, a document that
> > outlines what we do not tolerate. And for that to mean anything, we need
> to
> > put our money where our mouth is and enforce it.
> >
> I agree the CoC needs to contain what is not to be tolerated and will be
> enforced. But may the rest is CoC good practice, which
> to me is just as important for new people.
>
>
> >
> > And this shouldn't be optional for podlings or projects. This should
> apply
> > across the board, for the whole org, like the foundation's bylaws
> > themselves. Or again, it is useless.
> >
> > To make that work, we need to add three things:
> >
> > 1. A clear way for the document to be updated. We have a model on CouchDB
> > (which is where the doc came from) and we can simply port that the
> > Community PMC, where people can come to discuss changes.
> >
> +1
>
> >
> > 2. We need a foundation-level reporting mechanism (again, presumably
> > coordinating this through the Community PMC)
> >
> I would not like the community PMC to become judges or police, ideally the
> PMC should deal with it, and if they fail
> we need an escalation mechanism.
>
>
> >
> > 3. We need clearly defined enforcement guidelines or punitive measures,
> so
> > that people know what action will be taken, and when
> >
> +1
>
> I hope that made my point a bit clearer, I do not think we disagree as
> such.
>
> rgds
> jan i.
>
>
> >
> > On Sat, 20 Dec 2014 at 21:14 jan i <ja...@apache.org> wrote:
> >
> > > On 20 December 2014 at 20:55, Louis Suárez-Potts <lu...@gmail.com>
> > wrote:
> > >
> > > > Hi,
> > > > > On 20 Dec 2014, at 09:50, Jim Jagielski <ji...@jagunet.com> wrote:
> > > > >
> > > > > This is great and, as noted, long overdue. Although the code
> > > > > itself "simply" codifies what had been the tribal knowledge
> > > > > of the ASF, and how we'd expected people to behave, NOT having
> > > > > it written down was pretty sad.
> > > > >
> > > > > Thx to all for making it happen.
> > > > >
> > > > >> On Dec 20, 2014, at 6:33 AM, sebb <se...@gmail.com> wrote:
> > > > >>
> > > > >> There are some useful links in the CoC blog:
> > > > >>
> > > > >>
> > > > https://blogs.apache.org/foundation/entry/asf_
> > > publishes_long_overdue_code
> > > > >>
> > > > >> For example,
> > > > >> Ashe Dryden's introductory resource for learning more about how
> > Codes
> > > > >> of Conduct can help
> > > > >>
> > > > >> Perhaps these should be added to the ASF CoC page at
> > > > >>
> > > > >> http://www.apache.org/foundation/policies/conduct.html
> > > > >
> > > >
> > > > So, now that it is written down—great—does this mean then that we
> will
> > be
> > > > asking all new projects (and podlings and everything else) to
> > > obligatorily
> > > > review it? As part of the Apache Way? That is, what is the
> relationship
> > > > between this CoC and the Apache Way from the perspective of the new
> > > member
> > > > to Apache?
> > > >
> > >
> > > maybe I see it wrong, but to me a "code of conduct" is more a guideline
> > > than an actual rulebook. It is a description of how we would like to
> > > interact with other, and therefore not something that should be used as
> > > "you did not follow the code of conduct, so now I take action".
> > >
> > > I think it is important to see both the "apache way" and "code of
> > conduct"
> > > as guidelines, not something formulated by lawyers to stand up in
> court.
> > >
> > > So in essence we should all be aware of what the intention is and that
> > > includes podlings coming to apache.
> > >
> > > rgds
> > > jan i.
> > >
> > >
> > > > Louis
> > > >
> > > >
> > >
> >
>

Re: Code of Conduct - links to why they are needed etc

[jan i <ja...@apache.org>]

On 25 March 2015 at 13:08, Noah Slater <ns...@apache.org> wrote:

> Jan,
>
> Late to the party here, sorry. But I wanna reply to your point that the CoC
> is not meant to be enforceable.
>
> That is not the case, as I understand it. Indeed, an unenforceable or
> not-regularly-enforced CoC is not worthless, it's actually *harmful* and
> dangerous for marginalised people in our community. Because we are
> communicating to them that we have certain standards, and then not taking
> any action to make sure that those standards are met.
>

Maybe I should have spent more words. Of course there are CoC items that
should and  can be enforced, but to me there
are also some with quite some elastic built in. For example we have a CoC
for email, do not use he/she and be polite. The first
part is easy to enforce, but the second part ? what you see as polite might
not be polite to me.


>
> A community is, in many ways, defined by whatever its leaders are prepared
> to tolerate. Our CoC is, and should continue to be, a document that
> outlines what we do not tolerate. And for that to mean anything, we need to
> put our money where our mouth is and enforce it.
>
I agree the CoC needs to contain what is not to be tolerated and will be
enforced. But may the rest is CoC good practice, which
to me is just as important for new people.


>
> And this shouldn't be optional for podlings or projects. This should apply
> across the board, for the whole org, like the foundation's bylaws
> themselves. Or again, it is useless.
>
> To make that work, we need to add three things:
>
> 1. A clear way for the document to be updated. We have a model on CouchDB
> (which is where the doc came from) and we can simply port that the
> Community PMC, where people can come to discuss changes.
>
+1

>
> 2. We need a foundation-level reporting mechanism (again, presumably
> coordinating this through the Community PMC)
>
I would not like the community PMC to become judges or police, ideally the
PMC should deal with it, and if they fail
we need an escalation mechanism.


>
> 3. We need clearly defined enforcement guidelines or punitive measures, so
> that people know what action will be taken, and when
>
+1

I hope that made my point a bit clearer, I do not think we disagree as such.

rgds
jan i.


>
> On Sat, 20 Dec 2014 at 21:14 jan i <ja...@apache.org> wrote:
>
> > On 20 December 2014 at 20:55, Louis Suárez-Potts <lu...@gmail.com>
> wrote:
> >
> > > Hi,
> > > > On 20 Dec 2014, at 09:50, Jim Jagielski <ji...@jagunet.com> wrote:
> > > >
> > > > This is great and, as noted, long overdue. Although the code
> > > > itself "simply" codifies what had been the tribal knowledge
> > > > of the ASF, and how we'd expected people to behave, NOT having
> > > > it written down was pretty sad.
> > > >
> > > > Thx to all for making it happen.
> > > >
> > > >> On Dec 20, 2014, at 6:33 AM, sebb <se...@gmail.com> wrote:
> > > >>
> > > >> There are some useful links in the CoC blog:
> > > >>
> > > >>
> > > https://blogs.apache.org/foundation/entry/asf_
> > publishes_long_overdue_code
> > > >>
> > > >> For example,
> > > >> Ashe Dryden's introductory resource for learning more about how
> Codes
> > > >> of Conduct can help
> > > >>
> > > >> Perhaps these should be added to the ASF CoC page at
> > > >>
> > > >> http://www.apache.org/foundation/policies/conduct.html
> > > >
> > >
> > > So, now that it is written down—great—does this mean then that we will
> be
> > > asking all new projects (and podlings and everything else) to
> > obligatorily
> > > review it? As part of the Apache Way? That is, what is the relationship
> > > between this CoC and the Apache Way from the perspective of the new
> > member
> > > to Apache?
> > >
> >
> > maybe I see it wrong, but to me a "code of conduct" is more a guideline
> > than an actual rulebook. It is a description of how we would like to
> > interact with other, and therefore not something that should be used as
> > "you did not follow the code of conduct, so now I take action".
> >
> > I think it is important to see both the "apache way" and "code of
> conduct"
> > as guidelines, not something formulated by lawyers to stand up in court.
> >
> > So in essence we should all be aware of what the intention is and that
> > includes podlings coming to apache.
> >
> > rgds
> > jan i.
> >
> >
> > > Louis
> > >
> > >
> >
>