You are viewing a plain text version of this content. The canonical link for it is here.
Posted to legal-discuss@apache.org by Robert Burrell Donkin <rd...@apache.org> on 2010/01/23 19:06:22 UTC
Re: [LEGAL-68] Incident Response Guidelines
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Lawrence Rosen wrote:
>> i'd the like the end point to be a simple list of instructions which
>> can
>> followed by PMC members who read (on a project mailing list) a report
>> by a third party of a potential copyright issue. so, the strawmen also
>> provides a first attempt at a document style so please improve that
>> too.
>
> Rule 1: Avoid speculation about legal issues and possible consequences on
> public ASF lists.
>
> Rule 2: Refer specific legal questions to legal-internal@ or directly to one
> of ASF's lawyers or to the VP Legal Affairs.
so, the long and short is that we now ask project PMCs to keep quiet,
inform apache officials in legal affairs and leave them to formulate the
correct response. would this be a fair summary?
(to check i understand) the guidance to Project PMCs is that they should
tell third parties that they need to refer specific questions to these
authorities in legal affairs.
AIUI the legal-internal list has not widely publicised (AIUI for
historic reasons). is it now fine to advertise this list on the website?
do we need a new mailing lists? (legal-contact@apache.org? or something)
or do we ask the public to contact the VP directly?
the cases i recall from way back when consisted not of questions but of
allegations posted on mailing lists by third parties. is the right
response by a project PMC in this case just to keep quiet and alert the
above authorities to the problem? if so, are we bothered by multiple
reporting? or just making sure that it is reported? do they need to ask
the third party to stop posting these allegations on the list and refer
them to the legal affairs officials? or just ignore and wait for the
legal affairs officials to respond?
- - robert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBCgAGBQJLWzqeAAoJEHl6NpRAqILLwcgQALrs4v7TxoG0PLXLPZknjIYi
wvjZCK6Rt5zuldOCiWBxhsIIoQ9nxIEmp9s3PozHD/R8E6MLfmgKK5NmgKDRmsSp
fpnI5j8ILI/FYNROWD7f82vq6qZyYEGLwG+CdCzFKJiy5SfdQ24D5YTf5Muvc1Gn
IeweOxCEdBHtLMMY3EFSrQSbLHkehuuety9LE+p9QCf5+Hl9g31M2ww54rh2B6pY
YX6jNgaJraw/65lxvpi2dCCJ0RXoH6pqRKB9r1nMNSgOorq4bGVFXSQ4xKKQa1ME
hoMDpPvgqbQoZ4NL0A4Ef6HbyOg01ef4y5Zzt/np/z6JBMIpo7swxeWdVjSKHx/2
NjEXGM/vmf/Zm09dVWzdRD1Lg7qoqM8MvCAy5tec3z7vmLvych5iVGV7+NamsxO/
tfxeSl4kb7CCcRx2j/FIUa5d2N3WrZiIScyA+ezV6+pl4dARzR3XPFh2vuSb9Mvo
hC9EfGsGbjb8rEh23iI9KOl4b3D3MERiLkNMzQvya3VMCFtmKPy5O+mLFBWMMLKd
rYx8KlqxltcNpuwoSDzml/ZMVG96auIIb2KlG7s8CyHbbdVsB8i5axg65FU40Vh3
KEIn++BbMkM3P7GfH4WHS0ho0gQnEuabeyfB5FE1TpA+gCvq0DjV8D6VkWtl8Cfh
wfhc2Fe6feHefcTxe6Nj
=EiNZ
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org