Leo, Great stuff, thank you! The data protection piece is fair, albeit I'd love to expand that to 18 and 36 months to guarantee it covering 3 meetings to more easily spot patterns, but Athina is the expert here. Under 4 we still say: "In all cases, the RIPE Chair Team and the RIPE NCC will be informed of a decision by the CoC Team before it is implemented." Is it intended to change that language to reflect only major (you said significant, but if we're using minor/major language elsewhere, I'm assuming significant = major) breaches will be informed prior to implementation? My biggest concern is that we now have to create broad classifications of what a minor or major breach is, which I'll admit I'd been hoping we could avoid. Brian Brian Nisbet (he/him) Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270 ________________________________ From: coc-tf <coc-tf-bounces@ripe.net> on behalf of Leo Vegoda <leo@vegoda.org> Sent: Thursday 31 March 2022 16:48 To: coc-tf@ripe.net <coc-tf@ripe.net> Cc: chair-team@ripe.net <chair-team@ripe.net> Subject: [coc-tf] CoC Process and Next Steps CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe. Hi, Antony, Kjerstin, and I met earlier today. These are some lightweight notes. Kjerstin will provide proper minutes later. We reviewed the updated draft process. The key change in this is that only significant breaches of the Code of Conduct will be reported to the RIPE Chair Team and the RIPE NCC before actions are taken. We made some changes to the section dealing with data during the meeting. We were advised that we cannot just make a statement that the record system will comply with the law. We need to state how long the RIPE NCC will keep records for. The update we made recognises minor and major breaches of the Code of Conduct. The records system will always keep data that does not identify individuals to allow trend analysis. It will keep information identifying an individual for a minor breach for 12 months. It will keep information identifying an individual for a major breach for 24 months. If a person is permanently barred from attending RIPE events or posting to RIPE lists, it will need to keep information on them indefinitely. Otherwise, that action could not be implemented. We intend to publish the updated draft as soon as possible. We would like the RIPE NCC's legal team to review it before publishing but if that is not possible, we plan to publish next week. We have a blog post drafted. It presents a fairly concise summary, asks two questions, and asks the community to provide any feedback they have. We'd like to have a three week comment period on the draft. We agreed that it made sense to propose a Code of Conduct BoF for RIPE 84. The focus in the proposal to the RIPE Programme Committee will be: 1. Present the proposed Code of Conduct Team recruitment process, based on the one used for the Arbiters 2. Present the Code of Conduct Team training plans and estimated time commitment 3. Discussion - which could include discussion on the process document if significant issues are raised on the RIPE Discussion List I will draft a proposal for the BoF and circulate it. Kind regards, Leo -- coc-tf mailing list coc-tf@ripe.net https://lists.ripe.net/mailman/listinfo/coc-tf