1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.DEV

  • Bits from the Debian Account Managers: taking non-routine actions

    From Jonathan Wiltshire (DAM)@21:1/5 to All on Tue Jan 8 23:50:01 2019
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Hi,

    Some confusion has come to light about a published expulsion procedure[1]
    and whether it is what DAMs themselves follow for the suspension or
    revocation of Debian membership. While that is the procedure that Debian Members can use to force DAMs to consider taking action on a member, DAMs
    can and do take action independently.

    In the past such action has been rare and that is a good thing. But we have also heard Developers' concerns about transparency and expectations, and although we will still deal with cases on their individual merits we feel
    this is an appropriate time to set out some expectations and background.

    This is the status quo as it has been for some time, plus input from recent feedback - for which we have been grateful. It is more a description of possibilities rather than a linear process; removing membership from a developer is still a last resort for us.

    # Background

    According to the constitution, DAMs are delegated by the DPL and are responsible for membership in Debian. DAM actions are taken with the goal
    of keeping membership status aligned with majority project expectations.

    DAM is not the team in charge of mediation or conflict resolution. Keeping Debian a good and sustainable space to work in is the responsibility of the whole community, with the anti-harassment team being the default contact
    point when issues arise.

    DAM intervenes on membership when all else has failed, and it becomes
    evident that a Developer/Maintainer is not being a constructive member of
    the Debian community. We expect people to take issues raised to them
    seriously: they should not wait until DAM intervenes to acknowledge that
    there is a problem.

    # How DAMs take non-routine action

    ## Starting a discussion

    If individual members or teams feel like a person's behaviour is harming Debian, other Debian contributors, or other people in Debian's name or
    using Debian's infrastructure, they can bring the issue to DAM by sending
    an email to <da-manager@debian.org>.

    DAM will treat reported issues with all possible confidence[2].

    We do find it helpful to receive information we can use to evaluate the situation (for example, previous mediation or conflict resolution attempts, traces of issues being raised, and warnings sent). However, that should not
    be a barrier to talking to us if there is a genuine problem unfolding.

    There is no further formal requirement to initiate a discussion.

    DAMs may also decide to take action on an issue that they witnessed
    themselves, without waiting for others to initiate the procedure.

    ## Taking a decision

    All DAM decisions are discussed within the team, and resolutions are made
    by general consent.

    When making a statement or decision we consider (depending on the case) the Debian Social Contract, Debian Machine Usage Policy, Debian Code of
    Conduct, Debian Diversity Statement, and other foundation documents. We
    also take into account the safety of Debian members and venues, the damage
    done via actions in Debian's name, and the project's reputation. This list
    is informative, but not normative.

    Decisions are taken regardless of the level or amount of activity of a
    member in Debian.

    After evaluating a situation, we consider what the best action to take
    might be. Possible actions include
    - no action,
    - sending a warning message to the person
    - suspending or revoking the person's membership.

    This list is not exhaustive, as each case is unique. For each case we seek
    what measures are appropriate for the issues raised.

    ## No action

    We may come to the conclusion of taking no action. It could be, for
    example, because we conclude that our intervention is not appropriate, or
    that this is a problem which is already being handled by others, or that it
    is a problem that does not warrant immediate action.

    ## Sending a warning message

    If we come to the conclusion that a warning could be sufficient, we send an email to the person explaining how their behaviour is not acceptable in
    Debian, and seek their input on how they intend to improve it.

    ## Suspension

    If we come to the conclusion that previous resolution attempts are not
    being taken seriously, or keep failing, we may decide to suspend a person's membership to give a clear signal that the current situation, while not requiring an indefinite revocation, must change.

    The suspension time is decided on a case by case basis.

    There is currently no infrastructure for a timed temporary change of Debian membership. Thus, in order to suspend an account temporarily, we change the membership and invite the person to reapply with a simple mail to DAM after
    a given time if they still wish to do so [3].

    Assuming that no further issues have arisen since, upon reapplying the NM process is skipped (though we do require the person to sign the usual
    documents again).

    Should further issues have arisen, we will deal with the case individually.

    ## Revocation

    With a revocation we recognise that a person is not a constructive member
    of Debian. This can happen if all attempts to engage with the person constructively have failed, if they are violating DMUP or other core rules,
    or if they are putting Debian or other Debian members at risk.

    In case of a revocation the account is closed indefinitely.

    We may decide to invite the person to reapply again in the future,
    requiring them to provide an active, visible and durable change of the situation that caused the revocation in the first place, resulting in a detailed review by DAM before making a decision on the reactivation of the account.

    ## Preserving limited upload rights

    When suspending or revoking membership, if there has been no problem
    involving package maintenance we may choose to keep the Debian Maintainer status for the person. This is a technical hack to minimise the impact of
    their membership change on their technical work.

    ## Communicating the decision

    After sending a warning, or suspending or revoking a person's membership
    for non-routine reasons, DAM will send a short e-mail to debian-private@
    with a simple notification of the event. Further details in most cases are
    only sent to the person involved and may be disclosed at their discretion.
    [4]

    If the issue has already been discussed in wider Debian channels or if we understand that there is a significant request for further information, DAM
    may at our discretion follow up to debian-private with what summary can be provided, bearing in mind the confidentiality of all the people involved.

    ## Reviewing the decision

    We have announced a new procedure for appealing a DAM decison on the debian-project mailing list[5]. It will be announced formally to debian-devel-announce following minor tweaks.


    [1] https://lists.debian.org/debian-devel-announce/2005/08/msg00005.html
    [2] It's difficult for us to promise absolute confidence given various
    legal requirements, but we will always try hard to maximise confidence.
    [3] Reactivation is elective because we do not want to assume someone will
    return; their priorities and wishes may have changed in the meantime.
    [4] we leave disclosure up to them so that their interactions are not unduly
    prejudiced for years to come
    [5] https://lists.debian.org/debian-project/2019/01/msg00116.html


    For the Debian Account Managers, Enrico, Joerg and Jonathan:
    - --
    Jonathan Wiltshire jmw@debian.org
    Debian Developer http://people.debian.org/~jmw

    4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51

    -----BEGIN PGP SIGNATURE-----

    iQJKBAEBCAA0FiEEV3MSJKl2LqFVqypTDKjRW7JNlvIFAlw1JE8WHGRhLW1hbmFn ZXJAZGViaWFuLm9yZwAKCRAMqNFbsk2W8sjAD/9t7d+U7TlUv28/OxSnlPOLgK39 yAVQ70IZrkkBehahzVr0vXIxKD6LQ1KJr1eKS6QEJK1ySdkG7zHAT4E53wmYL95Z 0pFO8Adkl8htUPHQqEX5m41wwrt2D05v4jUOAJgQ1BU2g/2OvyzMeUgMRAJKIy54 lKsVR9in+05HHOZprlTXstrxyOG7ao9RbQO0u7Oo4yWdqs12mK0DnvkEZswP97sw jISiCRcMA9Raqs7tIpKbT2EfZ1OC4Ka+ZaPebt2K+v/V39YymbeE67Mv021TZfBI FcYDdPeVDWyCw82rsobDaAyvCXyxOnQVSzF1WHBGdMLZNYzRlNkRwgDxHY3EIklk XknY7vX9NjfzW22fNsrdEqQ6NOJvh17UCwtorKyaL0aIBug7AE1f9So/Fz7WD2YY 41rBaLH/bRSHlReW+LXNCYDa0cLstzWhJmiVWLae2NdnS6hi4nOzT2MDgbP+qvPL hAg+6exuw5K/lM+2/l2CslBrU2iplo5YvGqMyVO3GtAWbOENYCG57W2gUWDRByOY 7l+gZNsV4pgLQn7vN8p78TaHdCfHuPG6HsZFGLFrfnIobiubtQgMlabxBT0ErZLR ogU0I1dSoA0gcri1Po7BMj4H6Z+N/WvUhGCUkknrPGIf+NKlhWnJGILh1tI0T8Sk fNkeOJzPPf+Ku6qnHQ==
    =Vu+C
    -----END PGP SIGNATURE-----

    -----BEGIN PGP SIGNATURE-----

    iQIzBAABCAAdFiEEADLdyLGMneGYn8dtRNMqtfom+MkFAlw1JWcACgkQRNMqtfom +MkljBAAh48KzeZHQJz1hV0iuGDnuZq8AUEvQCWrOzFceahySEueOszacXqFRBQZ MtS3vFpNxl2YltwcIcSECNF4dH4A+NXQ+sU0bQt+fO6Qyh5MjYsSjwqeodtP3BWs deYUBBbqOE0IyYw9ZY2opZE8wRHPpIR0FrFR6iptT3qCNQFVvztglVLSJ6NTREiW UszjQEvMDYbyXutb5LHBwQAOGPsse8/6c7ThuE5R6byc7ezC7UgOxvHTSfUn4bxf 74DOhHC8Mg91UA2iVcMv+/r542BFtDj3tRXt48fH0PKCRAhuYX7zPv8N9JTm6IXW duIbPkkrtuzY8mdeaufEoO4viozt20W2RqZK6jfzmQPhNctHjfCWVgTOaj7Kh7bI a0np9+7FYZSAHQqmhvstHuBfXJFYZ9dKRUr5tdID768VvW68dWHXzbHW+a3Sdlhk wmy5FSK0FGrW6LMCVT3s+zxCR5fvM4OTQumGZ8y+9MceR0H6yXxAYBe9lRGM2VIP TrrdnAOLHagoUvUevIU7i7uV/EXIKpRSoip400Tonpv/NgQrbbMBUjukMXy0Qwa/ +TOWmkOf4Va7BN6Zx5b7Fan7ewgTeeqXa8eMk3loPMWlgxH7K8hmaon36I/TRWUE Hvp4Bicrq5XUG9k3vCH2vZ11jxXuhc5nkZCZGbtYhzHR70DKcak=
    =cKPU
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)