Establishing a communication channel for embargoed communication #382
Comments
|
/CC @hackygolucky do you have ideas? |
|
I'm not sure what exactly raised this issue on the CommComm side, but since this is also labeled |
|
Yeah, my understanding is that we already do this via our private email
groups when necessary. I don't know how helpful it is for us to build our
-more- mechanisms that encourage private conversation just be existing, as
we have a private session in CommComm meetings when needed and the email
list, and we try to encourage all other conversations to be public, right?
I relate to the outcome that you want, but I think we already get this via
email. Am I missing something here?
Having a slack is great for more realtime conversations. If the discussion
becomes something that needs to be discussed privately due to a sensitive
nature(should be rarely and tends to be related to fiduciary concerns),
then take it to email. Otherwise, CommComm members chatting in slack is
great. Just be wary of what you should and shouldn't be discussing and on
that rare occasion be helpful to remind others if that needs to happen in
private.
Separately, I'm not sure what you mean by "constitutional crisis", as we
try to have a very lean charter, as that requires say and approval by the
Board. Choices such as what tooling or medium we use for communications is
definitely outside of the scope of the Board's perview and should be
flexible for us to be able to change as needed. Understanding the scope of
where we should be communicating sensitive information(i.e. we have been
asked to not communicate publicly information disclosed by another party)
makes sense to document as a best practice. Is that what you are referring
to? Do you mean having rules similar to the Moderation repo that define
scope of communications in certain situations?
…On Tue, Oct 2, 2018 at 12:53 AM Rich Trott ***@***.***> wrote:
I'm not sure what exactly raised this issue on the CommComm side, but
since this is also labeled tsc-agenda: Is there a problem using the
private email lists for conversations that should not be public?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#382 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AB46oK6jZWbjJN3oDtvme2cAiWjTscwXks5ugvFcgaJpZM4W3kWC>
.
|
|
Agreed on all points above. I think email lists and private sessions fulfill our needs well and adding additional tools will only complicate things. |
|
I'll also add that even if it is a bit more work with what we have, we don't actually want to make it too easy to communicate privately as we only want to do it when absolutely necessary. |
|
I see several issues that are IMHO pertinent:
|
|
@hackygolucky, thanks for the reply.
IMHO the spirit of our charter is that of open communication. Understandably we from time to time need to discuss issues privately, but we don't have any formal rules on how to do this. We use email by default, but the rules of engagement are not clear (at least for me, so I'm assuming for some others as well).
Yes. For example, at a meeting an issue was raised to be discussed in private, I did not think it should be done in private, but nor I nor the chair had any rules to fall back upon. |
|
Discussed in TSC meeting today. Will track progress CommComm makes and evaluate if we can adopt any new process/documentation that is developed. Talking off the TSC agenda. |
|
The TSC Charter starts with this:
While that does not forbid private communication, it obviously discourages it. (Certainly, when communicating openly conflicts with communicating ethically, I'd expect us to choose ethically.) If CommComm adopts a tool or process, I imagine TSC will be interested in looking at doing the same. |
|
For me alternative tools are easy: For offline (i.e. not meetings) I suggested using a "google group" instead of our own managed mailing list.
I also suggest we start keeping notes for the private section of meeting, but not publish those. We could keep those in a shared google drive folder, or in a private repository. Alternatively we could fragment the recording of meetings, and not publish the private part to YouTube. P.S. a private repository could also be used for offline communications (instead of "google groups" |
|
My understanding of not using a private repo for these types of discussions
is that until we have bots doing everything(I think we're almost there but
not quite?), administrators of the Node.js GitHub still have access. For
absolutely sensitive things, that doesn't give folks the security they
might be asking for. I think the Google Group would likely be your best bet
here, as the admin would be a neutral IT person in the LF that afaik is not
involved in Node.js in any capacity.
As for taking private session notes, I think this is a good one to file as
a separate issue for a CommComm vote. In prior private sessions, from time
to time. we'll actually ASK whether notes should be taken, and people have
chimed in with a 'no' due to the sensitivity. There is liability in writing
things down(especially as Board Directors such as Myles, William, and I)
where things that are written that we've said can be legally held against
us. I can think of one recent occurrence where someone specifically
requested something not be written for liability's sake as it was extremely
sensitive. If brought up in discussion for these special cases, I think we
can find a work around. The notion of publishing everything that was prior
marked as private at some point is also making the assumption that can
happen. There are certainly cases where there was a time embargo and things
can later be released, but this takes a lot of bandwidth and context to
know what should be released. My assumption of the internet is that if it
is written down, at some point people in the world you didn't intend to
see/interpret it will do so. Without context, that can be hazardous.
I am a little worried about making a ton of rules for things that tend to
be special cases. I think if some PRs were drafted up for examples, I might
be able to visualize the outcome better? I think the example you gave on
Google Groups as a great one!
…On Wed, Oct 3, 2018 at 12:59 PM Refael Ackermann ***@***.***> wrote:
For me alternative tools are easy:
For offline (i.e. not meetings) I suggested using a "google group" instead
of our own managed mailing list.
It has several advantages over the current email threads:
1. It has a archive
2. It can be moderated
3. Members can opt-out of subjects
4. It's easier to manage and audit members
5. Threads are easier to be curated and published
[image: image]
<https://user-images.githubusercontent.com/96947/46425945-107d1280-c70b-11e8-91c4-7c93b2d22115.png>
------------------------------
I also suggest we start keeping notes for the private section of meeting,
but not publish those. We could keep those in a shared google drive folder,
or in a private repository. Alternatively we could fragment the recording
of meetings, and not publish the private part to YouTube.
P.S. a private repository could also be used for offline communications
(instead of "google groups"
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#382 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AB46oAjNIxa9B9t1PY1F5mZqSoQGD7-dks5uhOzZgaJpZM4W3kWC>
.
|
😕 I guess I am this person today. Please interpret my tone as concerned, but polite.
(I am not a lawyer) |
|
I'm not going to step in the seemingly legal argument here, I think it's way too slippery and I don't know enough in the specifics of "which law are we talking about". Just my two cents on the matter of the communication channel for private/embargoed/discreet/whatever discussions: Yes, there isn't any log of the emails we send. Yes, we want preferably to discuss things in public. Having a more efficient private channel for communications would help reduce the first point, but would also encourage reduce the second. Yes, there's something of a loophole in the charter concerning private communications. Close it, and you'll and you'll soon find yourself restrained by it too. I'm not too much into the idea that it's "us versus the board" or that the board may be a threat to our model. But we have to acknowledge the fact that if this charter may seem to give us too much freedom, putting more barriers could also be giving more tools to restrain our vision of the project and its community. This may seem a dramatic way to present thing, and again I'm not saying anyone wishes ill to this project and/or committee, but we have to consider possible future developments. So anyway, I'm -1 on adding any of new communication channels that have been talked about except maybe a Google Group, and I'm a definitive -1 on adding new rules in our governance on the subject at the moment. |
I'm not suggesting changing the charter, rather our by-laws. AFAIK the group's by-laws (i.e. GOVERNANCE.md) is our own to manage. In that I would strongly prefer to be explicit (read transparent) about how we manage ourselves, since that is the spirit of charter (case in point above community expressed concerns). |
|
Starting a POC - https://groups.google.com/forum/#!forum/nodejs-commcomm |
I think your interpretation here of what I said is a prime example ;) No one is doing anything outside of the law here, and then certainly not withholding that type of info. The liability I was referring to lies in people misinterpreting your words. Executives and directors of boards words can directly impact an organization's success financially or otherwise thanks to the level of exposure and responsibility associated with it. That's why we are incredibly careful in what we say(and what is written). It has far-reaching impact beyond what we can imagine in the moment. @refack Thanks for taking initiative! Can you PR this before we move to open the group so that we can get +1s or objections on it? |
Interpretation? I was asking for context on the "sensitive" topics that could be "legally held against you" if put to paper. @hackygolucky, I do not envy the amount of regulatory, bylaw and antitrust laws you, as a director, need to be aware of day-to-day; but, the Node.js foundation oversees millions of dollars in income, I think it's fair to constructively scrutinize an uncharacteristically careless statement by a director. Especially after the apperent violation of by-laws/duties in #380 last week. That's probably another thing that was wrapped up in a private email chain that I, as a community member, did not have access to. Please excuse that last bit if it was already resolved according to accountability expectations, something you were vocal about. Again, I hope this reads as constructive criticism. Even though I am woefully bad at striking the right tone, I still believe in the good work you do. I really hope this issues like this steer CommComm towards more transparency, less "us versus the board" and less "the board may be a threat to our model". None of that helps build community, it fractures it. |
|
Just one (hopefully) quick.
Please do not take what I said out of its context. It is not my intent to say that people feel this way, for I don't know it. Nor do I feel like this myself. I was merely using a trope I have sometimes seen in OSS structures to convey my idea. If people in the CommComm feel like this I am not aware of it. If you really want some context on the need for privacy: from my limited-for-now experience as a CommComm Member, the vast majority of the times we had to discuss things privately was because the board asked us to do so. Do not mistake transparency with lack of privacy. Some companies manage to be transparent and open without publishing their every conversation, they merely report the content and outcome of the discussions. I am not saying that it's what we should do. Just that "transparent and open" can have a whole range of meanings. And this is not a way to hide "opaqueness and closeness" either. Please note that I am not taking a strong side either. I feel we have the need for a private channel of communication, and I feel we do not talk about anything that should be public in private from what I've seen. |
|
@jakeNiemiec thank you for speaking up and bringing up that concern and then sticking around for clarification and discussion. I think it's important to ask these questions so people are not left with the impression that conversations held in private to hide such (legal) things. Most private conversations I have participated in were private to either protect the privacy of certain individuals, inability to operate in scale without first reaching consensus (and then taking it public) or technical stuff people were generally not interested in. In general, there is a lot of work in CommComm (which I'm not a member of) to make things more accessible and transparent to the community - so I think it's good that the concerns are raised. Keep in mind that the people here are volunteering their time to make that happen. So thanks for engaging and I just wanted to point out that CommComm participation is open to people :) |
|
Going to remove the cc-agenda label from this until we have a draft PR to discuss 👍 @refack, feel free to add the agenda label on the PR that will close this ticket once its drafted! |
|
Closing – I believe we've established that existing channels are currently fulfilling this need. We'll keep a close eye on this and see if any process changes are required down the road. |
From time to time we wish to discuss information that is embargoed for various reasons.
At the moment we have a "constitutional crisis" since neither our Charter or our Governance document have provisions for that. As a result we have been in violation of our own policy, and IMHO have a sub par communication on the way.
Charter 4.7
We need to remedy that ASAP, and it seems like the solution is to establish a communication channel that is as good as GitHub, but allows embargoing certain conversations, until we can publish them.
As I see it the requirements are:
I have limited ideas for a solution myself:
If anyone has ideas please help!
The text was updated successfully, but these errors were encountered: