Hi Brian, I've asked Legal to look at whether 18/36 months can work - I think this ultimately boils down to whether we can provide a legally-acceptable rationale for whatever time periods we give - and this seems to make sense to me. On the RIPE Chair team point, note that the current wording in the draft (v5) is:
If the group decides that strong actions should be taken, it will inform the RIPE Chair Team and the RIPE NCC before they are implemented.
Also agree that we probably don't want to get stuck in the weeds in terms of defining minor/major. I wonder if we could simply think of "major" in terms of "does the RIPE NCC have to implement something?" (a mailing list ban, taking someone's meeting badge, etc). Looking at the consequences in the current draft, that would look like this (below). At first glance this seems about right - if someone was kicked out of the RIPE Meeting for a day, you'd probably want something like a 24-36 month "probation period" (in terms of having a record of that event). Cheers Ant *** Meeting Sessions and Social Events MINOR 1. Asked to apologise 2. Removed from the room for a period of time to allow emotions to settle 3. Removed from the room for the remainder of a session MAJOR 4. Removed from the meeting venue for the day 5. Removed from the social event for the remainder of the event 6. Removed from the meeting venue for the remainder of the meeting 7. Not allowed to attend future events for a period of time 8. Permanently banned from attending RIPE events Mailing List MINOR 1. Asked to apologise 2. Publicly told not to repeat a kind of post MAJOR 3. Temporary ban from posting to the list 4. Permanent ban from posting to the list 5. Temporary ban from posting to any RIPE mailing list 6. Permanent ban from posting to any RIPE mailing list On 04/04/2022 10:38, Brian Nisbet wrote:
Leo,
On timings... my justification here is that the dates of meetings aren't set, so there's a twofold problem, really. I would like the record to be kept for at least the two meetings *following* the event at which the CoC was breached (and yes, I'm assuming that most of our breaches will happen at meetings). Furthermore, if one autumn meeting happens in October and the next in November, that means the information may, in some circumstances, only be held for one meeting.
On the major and minor, I'm not saying we should determine them, rather I'm saying that classification in general might not be a great idea.
Brian
Brian Nisbet (he/him)
Service Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nisbet@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270
------------------------------------------------------------------------ *From:* Leo Vegoda <leo@vegoda.org> *Sent:* Friday 1 April 2022 15:26 *To:* Brian Nisbet <brian.nisbet@heanet.ie> *Cc:* coc-tf@ripe.net <coc-tf@ripe.net>; chair-team@ripe.net <chair-team@ripe.net> *Subject:* Re: [coc-tf] CoC Process and Next Steps CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe.
Hi Brian,
On Fri, Apr 1, 2022 at 1:37 AM Brian Nisbet <brian.nisbet@heanet.ie> wrote:
Leo,
Great stuff, thank you!
The data protection piece is fair, albeit I'd love to expand that to 18 and 36 months to guarantee it covering 3 meetings to more easily spot patterns, but Athina is the expert here.
We didn't spend a long time discussing the specific periods. I suppose there are two questions:
- What advantage do we get from retaining records for 50% longer? - How difficult would it be to change the record retention policy, if the Code of Conduct Team wanted to do so?
Under 4 we still say: "In all cases, the RIPE Chair Team and the RIPE NCC will be informed of a decision by the CoC Team before it is implemented." Is it intended to change that language to reflect only major (you said significant, but if we're using minor/major language elsewhere, I'm assuming significant = major) breaches will be informed prior to implementation?
You are right. That needs to be adjusted before we publish the draft.
My biggest concern is that we now have to create broad classifications of what a minor or major breach is, which I'll admit I'd been hoping we could avoid.
Can we not leave that to the Code of Conduct Team, when they are selected? We have given non-exhaustive examples in the lists. If we try to define major and minor we'll still need the Code of Conduct Team to apply their good sense when something different happens. Perhaps it is simplest for them to take account of each individual situation and set a category accordingly?
Thanks,
Leo