Hi, Antony, Kjerstin, and I met earlier today. These are some lightweight notes. Kjerstin will provide proper minutes later. We reviewed the updated draft process. The key change in this is that only significant breaches of the Code of Conduct will be reported to the RIPE Chair Team and the RIPE NCC before actions are taken. We made some changes to the section dealing with data during the meeting. We were advised that we cannot just make a statement that the record system will comply with the law. We need to state how long the RIPE NCC will keep records for. The update we made recognises minor and major breaches of the Code of Conduct. The records system will always keep data that does not identify individuals to allow trend analysis. It will keep information identifying an individual for a minor breach for 12 months. It will keep information identifying an individual for a major breach for 24 months. If a person is permanently barred from attending RIPE events or posting to RIPE lists, it will need to keep information on them indefinitely. Otherwise, that action could not be implemented. We intend to publish the updated draft as soon as possible. We would like the RIPE NCC's legal team to review it before publishing but if that is not possible, we plan to publish next week. We have a blog post drafted. It presents a fairly concise summary, asks two questions, and asks the community to provide any feedback they have. We'd like to have a three week comment period on the draft. We agreed that it made sense to propose a Code of Conduct BoF for RIPE 84. The focus in the proposal to the RIPE Programme Committee will be: 1. Present the proposed Code of Conduct Team recruitment process, based on the one used for the Arbiters 2. Present the Code of Conduct Team training plans and estimated time commitment 3. Discussion - which could include discussion on the process document if significant issues are raised on the RIPE Discussion List I will draft a proposal for the BoF and circulate it. Kind regards, Leo
Leo, Great stuff, thank you! The data protection piece is fair, albeit I'd love to expand that to 18 and 36 months to guarantee it covering 3 meetings to more easily spot patterns, but Athina is the expert here. Under 4 we still say: "In all cases, the RIPE Chair Team and the RIPE NCC will be informed of a decision by the CoC Team before it is implemented." Is it intended to change that language to reflect only major (you said significant, but if we're using minor/major language elsewhere, I'm assuming significant = major) breaches will be informed prior to implementation? My biggest concern is that we now have to create broad classifications of what a minor or major breach is, which I'll admit I'd been hoping we could avoid. Brian Brian Nisbet (he/him) Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270 ________________________________ From: coc-tf <coc-tf-bounces@ripe.net> on behalf of Leo Vegoda <leo@vegoda.org> Sent: Thursday 31 March 2022 16:48 To: coc-tf@ripe.net <coc-tf@ripe.net> Cc: chair-team@ripe.net <chair-team@ripe.net> Subject: [coc-tf] CoC Process and Next Steps CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe. Hi, Antony, Kjerstin, and I met earlier today. These are some lightweight notes. Kjerstin will provide proper minutes later. We reviewed the updated draft process. The key change in this is that only significant breaches of the Code of Conduct will be reported to the RIPE Chair Team and the RIPE NCC before actions are taken. We made some changes to the section dealing with data during the meeting. We were advised that we cannot just make a statement that the record system will comply with the law. We need to state how long the RIPE NCC will keep records for. The update we made recognises minor and major breaches of the Code of Conduct. The records system will always keep data that does not identify individuals to allow trend analysis. It will keep information identifying an individual for a minor breach for 12 months. It will keep information identifying an individual for a major breach for 24 months. If a person is permanently barred from attending RIPE events or posting to RIPE lists, it will need to keep information on them indefinitely. Otherwise, that action could not be implemented. We intend to publish the updated draft as soon as possible. We would like the RIPE NCC's legal team to review it before publishing but if that is not possible, we plan to publish next week. We have a blog post drafted. It presents a fairly concise summary, asks two questions, and asks the community to provide any feedback they have. We'd like to have a three week comment period on the draft. We agreed that it made sense to propose a Code of Conduct BoF for RIPE 84. The focus in the proposal to the RIPE Programme Committee will be: 1. Present the proposed Code of Conduct Team recruitment process, based on the one used for the Arbiters 2. Present the Code of Conduct Team training plans and estimated time commitment 3. Discussion - which could include discussion on the process document if significant issues are raised on the RIPE Discussion List I will draft a proposal for the BoF and circulate it. Kind regards, Leo -- coc-tf mailing list coc-tf@ripe.net https://lists.ripe.net/mailman/listinfo/coc-tf
Hi Brian, On Fri, Apr 1, 2022 at 1:37 AM Brian Nisbet <brian.nisbet@heanet.ie> wrote:
Leo,
Great stuff, thank you!
The data protection piece is fair, albeit I'd love to expand that to 18 and 36 months to guarantee it covering 3 meetings to more easily spot patterns, but Athina is the expert here.
We didn't spend a long time discussing the specific periods. I suppose there are two questions: - What advantage do we get from retaining records for 50% longer? - How difficult would it be to change the record retention policy, if the Code of Conduct Team wanted to do so?
Under 4 we still say: "In all cases, the RIPE Chair Team and the RIPE NCC will be informed of a decision by the CoC Team before it is implemented." Is it intended to change that language to reflect only major (you said significant, but if we're using minor/major language elsewhere, I'm assuming significant = major) breaches will be informed prior to implementation?
You are right. That needs to be adjusted before we publish the draft.
My biggest concern is that we now have to create broad classifications of what a minor or major breach is, which I'll admit I'd been hoping we could avoid.
Can we not leave that to the Code of Conduct Team, when they are selected? We have given non-exhaustive examples in the lists. If we try to define major and minor we'll still need the Code of Conduct Team to apply their good sense when something different happens. Perhaps it is simplest for them to take account of each individual situation and set a category accordingly? Thanks, Leo
Thanks Leo and Brian for holding on the torch and for driving this work. I was stricken by Covid, and although I had been vaccinated 3 times, it still knocked me out for 10 days. I am OK with the BOF and the change that Brian proposed. I do not support the classification of breach into "minor" and "major". A breach is a breach, after investigation, the judges report states the facts and recommends a punitive action (if needed). The same offense can be minor or major depending on how it is executed. (example, even a murder has different judgements and one can get out for self defense or get the death penalty). So let the investigation decide the level of the breach and let us not categorise offenses with outcomes before investigating the facts. The RIPE chair and the RIPE NCC are notified before implementation. This is a good buffer to have. Does this imply that they can interfere? I am for that, but just wanted to know if this is something that was discussed and agreed upon, or whether this is left for interpretation. Best Salam On Fri, Apr 1, 2022 at 4:26 PM Leo Vegoda <leo@vegoda.org> wrote:
Hi Brian,
On Fri, Apr 1, 2022 at 1:37 AM Brian Nisbet <brian.nisbet@heanet.ie> wrote:
Leo,
Great stuff, thank you!
The data protection piece is fair, albeit I'd love to expand that to 18
and 36 months to guarantee it covering 3 meetings to more easily spot patterns, but Athina is the expert here.
We didn't spend a long time discussing the specific periods. I suppose there are two questions:
- What advantage do we get from retaining records for 50% longer? - How difficult would it be to change the record retention policy, if the Code of Conduct Team wanted to do so?
Under 4 we still say: "In all cases, the RIPE Chair Team and the RIPE NCC will be informed of a decision by the CoC Team before it is implemented." Is it intended to change that language to reflect only major (you said significant, but if we're using minor/major language elsewhere, I'm assuming significant = major) breaches will be informed prior to implementation?
You are right. That needs to be adjusted before we publish the draft.
My biggest concern is that we now have to create broad classifications of what a minor or major breach is, which I'll admit I'd been hoping we could avoid.
Can we not leave that to the Code of Conduct Team, when they are selected? We have given non-exhaustive examples in the lists. If we try to define major and minor we'll still need the Code of Conduct Team to apply their good sense when something different happens. Perhaps it is simplest for them to take account of each individual situation and set a category accordingly?
Thanks,
Leo
-- coc-tf mailing list coc-tf@ripe.net https://lists.ripe.net/mailman/listinfo/coc-tf
Leo, On timings... my justification here is that the dates of meetings aren't set, so there's a twofold problem, really. I would like the record to be kept for at least the two meetings following the event at which the CoC was breached (and yes, I'm assuming that most of our breaches will happen at meetings). Furthermore, if one autumn meeting happens in October and the next in November, that means the information may, in some circumstances, only be held for one meeting. On the major and minor, I'm not saying we should determine them, rather I'm saying that classification in general might not be a great idea. Brian Brian Nisbet (he/him) Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270 ________________________________ From: Leo Vegoda <leo@vegoda.org> Sent: Friday 1 April 2022 15:26 To: Brian Nisbet <brian.nisbet@heanet.ie> Cc: coc-tf@ripe.net <coc-tf@ripe.net>; chair-team@ripe.net <chair-team@ripe.net> Subject: Re: [coc-tf] CoC Process and Next Steps CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe. Hi Brian, On Fri, Apr 1, 2022 at 1:37 AM Brian Nisbet <brian.nisbet@heanet.ie> wrote:
Leo,
Great stuff, thank you!
The data protection piece is fair, albeit I'd love to expand that to 18 and 36 months to guarantee it covering 3 meetings to more easily spot patterns, but Athina is the expert here.
We didn't spend a long time discussing the specific periods. I suppose there are two questions: - What advantage do we get from retaining records for 50% longer? - How difficult would it be to change the record retention policy, if the Code of Conduct Team wanted to do so?
Under 4 we still say: "In all cases, the RIPE Chair Team and the RIPE NCC will be informed of a decision by the CoC Team before it is implemented." Is it intended to change that language to reflect only major (you said significant, but if we're using minor/major language elsewhere, I'm assuming significant = major) breaches will be informed prior to implementation?
You are right. That needs to be adjusted before we publish the draft.
My biggest concern is that we now have to create broad classifications of what a minor or major breach is, which I'll admit I'd been hoping we could avoid.
Can we not leave that to the Code of Conduct Team, when they are selected? We have given non-exhaustive examples in the lists. If we try to define major and minor we'll still need the Code of Conduct Team to apply their good sense when something different happens. Perhaps it is simplest for them to take account of each individual situation and set a category accordingly? Thanks, Leo
Hi Brian, I've asked Legal to look at whether 18/36 months can work - I think this ultimately boils down to whether we can provide a legally-acceptable rationale for whatever time periods we give - and this seems to make sense to me. On the RIPE Chair team point, note that the current wording in the draft (v5) is:
If the group decides that strong actions should be taken, it will inform the RIPE Chair Team and the RIPE NCC before they are implemented.
Also agree that we probably don't want to get stuck in the weeds in terms of defining minor/major. I wonder if we could simply think of "major" in terms of "does the RIPE NCC have to implement something?" (a mailing list ban, taking someone's meeting badge, etc). Looking at the consequences in the current draft, that would look like this (below). At first glance this seems about right - if someone was kicked out of the RIPE Meeting for a day, you'd probably want something like a 24-36 month "probation period" (in terms of having a record of that event). Cheers Ant *** Meeting Sessions and Social Events MINOR 1. Asked to apologise 2. Removed from the room for a period of time to allow emotions to settle 3. Removed from the room for the remainder of a session MAJOR 4. Removed from the meeting venue for the day 5. Removed from the social event for the remainder of the event 6. Removed from the meeting venue for the remainder of the meeting 7. Not allowed to attend future events for a period of time 8. Permanently banned from attending RIPE events Mailing List MINOR 1. Asked to apologise 2. Publicly told not to repeat a kind of post MAJOR 3. Temporary ban from posting to the list 4. Permanent ban from posting to the list 5. Temporary ban from posting to any RIPE mailing list 6. Permanent ban from posting to any RIPE mailing list On 04/04/2022 10:38, Brian Nisbet wrote:
Leo,
On timings... my justification here is that the dates of meetings aren't set, so there's a twofold problem, really. I would like the record to be kept for at least the two meetings *following* the event at which the CoC was breached (and yes, I'm assuming that most of our breaches will happen at meetings). Furthermore, if one autumn meeting happens in October and the next in November, that means the information may, in some circumstances, only be held for one meeting.
On the major and minor, I'm not saying we should determine them, rather I'm saying that classification in general might not be a great idea.
Brian
Brian Nisbet (he/him)
Service Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nisbet@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270
------------------------------------------------------------------------ *From:* Leo Vegoda <leo@vegoda.org> *Sent:* Friday 1 April 2022 15:26 *To:* Brian Nisbet <brian.nisbet@heanet.ie> *Cc:* coc-tf@ripe.net <coc-tf@ripe.net>; chair-team@ripe.net <chair-team@ripe.net> *Subject:* Re: [coc-tf] CoC Process and Next Steps CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe.
Hi Brian,
On Fri, Apr 1, 2022 at 1:37 AM Brian Nisbet <brian.nisbet@heanet.ie> wrote:
Leo,
Great stuff, thank you!
The data protection piece is fair, albeit I'd love to expand that to 18 and 36 months to guarantee it covering 3 meetings to more easily spot patterns, but Athina is the expert here.
We didn't spend a long time discussing the specific periods. I suppose there are two questions:
- What advantage do we get from retaining records for 50% longer? - How difficult would it be to change the record retention policy, if the Code of Conduct Team wanted to do so?
Under 4 we still say: "In all cases, the RIPE Chair Team and the RIPE NCC will be informed of a decision by the CoC Team before it is implemented." Is it intended to change that language to reflect only major (you said significant, but if we're using minor/major language elsewhere, I'm assuming significant = major) breaches will be informed prior to implementation?
You are right. That needs to be adjusted before we publish the draft.
My biggest concern is that we now have to create broad classifications of what a minor or major breach is, which I'll admit I'd been hoping we could avoid.
Can we not leave that to the Code of Conduct Team, when they are selected? We have given non-exhaustive examples in the lists. If we try to define major and minor we'll still need the Code of Conduct Team to apply their good sense when something different happens. Perhaps it is simplest for them to take account of each individual situation and set a category accordingly?
Thanks,
Leo
Thanks Ant. Obviously we'll discuss more on Thursday, but I think I get your current thinking on this. Brian Brian Nisbet (he/him) Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270 ________________________________ From: coc-tf <coc-tf-bounces@ripe.net> on behalf of Antony Gollan <agollan@ripe.net> Sent: Monday 4 April 2022 10:08 To: coc-tf@ripe.net <coc-tf@ripe.net> Subject: Re: [coc-tf] CoC Process and Next Steps CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe. Hi Brian, I've asked Legal to look at whether 18/36 months can work - I think this ultimately boils down to whether we can provide a legally-acceptable rationale for whatever time periods we give - and this seems to make sense to me. On the RIPE Chair team point, note that the current wording in the draft (v5) is:
If the group decides that strong actions should be taken, it will inform the RIPE Chair Team and the RIPE NCC before they are implemented.
Also agree that we probably don't want to get stuck in the weeds in terms of defining minor/major. I wonder if we could simply think of "major" in terms of "does the RIPE NCC have to implement something?" (a mailing list ban, taking someone's meeting badge, etc). Looking at the consequences in the current draft, that would look like this (below). At first glance this seems about right - if someone was kicked out of the RIPE Meeting for a day, you'd probably want something like a 24-36 month "probation period" (in terms of having a record of that event). Cheers Ant *** Meeting Sessions and Social Events MINOR 1. Asked to apologise 2. Removed from the room for a period of time to allow emotions to settle 3. Removed from the room for the remainder of a session MAJOR 4. Removed from the meeting venue for the day 5. Removed from the social event for the remainder of the event 6. Removed from the meeting venue for the remainder of the meeting 7. Not allowed to attend future events for a period of time 8. Permanently banned from attending RIPE events Mailing List MINOR 1. Asked to apologise 2. Publicly told not to repeat a kind of post MAJOR 3. Temporary ban from posting to the list 4. Permanent ban from posting to the list 5. Temporary ban from posting to any RIPE mailing list 6. Permanent ban from posting to any RIPE mailing list On 04/04/2022 10:38, Brian Nisbet wrote:
Leo,
On timings... my justification here is that the dates of meetings aren't set, so there's a twofold problem, really. I would like the record to be kept for at least the two meetings *following* the event at which the CoC was breached (and yes, I'm assuming that most of our breaches will happen at meetings). Furthermore, if one autumn meeting happens in October and the next in November, that means the information may, in some circumstances, only be held for one meeting.
On the major and minor, I'm not saying we should determine them, rather I'm saying that classification in general might not be a great idea.
Brian
Brian Nisbet (he/him)
Service Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nisbet@heanet.ie www.heanet.ie<http://www.heanet.ie>
Registered in Ireland, No. 275301. CRA No. 20036270
------------------------------------------------------------------------ *From:* Leo Vegoda <leo@vegoda.org> *Sent:* Friday 1 April 2022 15:26 *To:* Brian Nisbet <brian.nisbet@heanet.ie> *Cc:* coc-tf@ripe.net <coc-tf@ripe.net>; chair-team@ripe.net <chair-team@ripe.net> *Subject:* Re: [coc-tf] CoC Process and Next Steps CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe.
Hi Brian,
On Fri, Apr 1, 2022 at 1:37 AM Brian Nisbet <brian.nisbet@heanet.ie> wrote:
Leo,
Great stuff, thank you!
The data protection piece is fair, albeit I'd love to expand that to 18 and 36 months to guarantee it covering 3 meetings to more easily spot patterns, but Athina is the expert here.
We didn't spend a long time discussing the specific periods. I suppose there are two questions:
- What advantage do we get from retaining records for 50% longer? - How difficult would it be to change the record retention policy, if the Code of Conduct Team wanted to do so?
Under 4 we still say: "In all cases, the RIPE Chair Team and the RIPE NCC will be informed of a decision by the CoC Team before it is implemented." Is it intended to change that language to reflect only major (you said significant, but if we're using minor/major language elsewhere, I'm assuming significant = major) breaches will be informed prior to implementation?
You are right. That needs to be adjusted before we publish the draft.
My biggest concern is that we now have to create broad classifications of what a minor or major breach is, which I'll admit I'd been hoping we could avoid.
Can we not leave that to the Code of Conduct Team, when they are selected? We have given non-exhaustive examples in the lists. If we try to define major and minor we'll still need the Code of Conduct Team to apply their good sense when something different happens. Perhaps it is simplest for them to take account of each individual situation and set a category accordingly?
Thanks,
Leo
-- coc-tf mailing list coc-tf@ripe.net https://lists.ripe.net/mailman/listinfo/coc-tf
Hi Brian, all, After getting some initial feedback from Legal, I have a couple of questions: 1. From an earlier discussion, I think we said we might want to have some record of people who were the subject of a report but didn't quite cross the threshold for actions being applied. This was so the CoC Team could be aware of people who repeatedly go right up to the line without actually crossing it. Perhaps after a number of repeat reports, the CoC Team might eventually apply actions that it wouldn't have if it was an isolated case. With that in mind, would it be good to include in a line that ALL reports will be kept for a minimum period? I'm thinking this could be two RIPE Meetings (whether this ends up being 12 or 18 months) - provided this is okay in terms of the legal stuff. 2. Legal has also asked whether we would keep any supporting information used for investigations (photos, video, messages) and advised that we might want to clarify this in the text. My initial thought is that once the CoC Team has finished assessing a report, it could archive a summary its decision and delete all of the supporting information - though perhaps this summary could outline what kind of evidence was used to support the CoC Team's decision. Thoughts? Cheers Ant On 06/04/2022 11:00, Brian Nisbet wrote:
Thanks Ant.
Obviously we'll discuss more on Thursday, but I think I get your current thinking on this.
Brian
Brian Nisbet (he/him)
Service Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nisbet@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270
------------------------------------------------------------------------ *From:* coc-tf <coc-tf-bounces@ripe.net> on behalf of Antony Gollan <agollan@ripe.net> *Sent:* Monday 4 April 2022 10:08 *To:* coc-tf@ripe.net <coc-tf@ripe.net> *Subject:* Re: [coc-tf] CoC Process and Next Steps CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe.
Hi Brian,
I've asked Legal to look at whether 18/36 months can work - I think this ultimately boils down to whether we can provide a legally-acceptable rationale for whatever time periods we give - and this seems to make sense to me.
On the RIPE Chair team point, note that the current wording in the draft (v5) is:
>If the group decides that strong actions should be taken, it will inform the RIPE Chair Team and the RIPE NCC before they are implemented.
Also agree that we probably don't want to get stuck in the weeds in terms of defining minor/major. I wonder if we could simply think of "major" in terms of "does the RIPE NCC have to implement something?" (a mailing list ban, taking someone's meeting badge, etc).
Looking at the consequences in the current draft, that would look like this (below). At first glance this seems about right - if someone was kicked out of the RIPE Meeting for a day, you'd probably want something like a 24-36 month "probation period" (in terms of having a record of that event).
Cheers
Ant
***
Meeting Sessions and Social Events
MINOR 1. Asked to apologise 2. Removed from the room for a period of time to allow emotions to settle 3. Removed from the room for the remainder of a session
MAJOR 4. Removed from the meeting venue for the day 5. Removed from the social event for the remainder of the event 6. Removed from the meeting venue for the remainder of the meeting 7. Not allowed to attend future events for a period of time 8. Permanently banned from attending RIPE events
Mailing List
MINOR 1. Asked to apologise 2. Publicly told not to repeat a kind of post
MAJOR 3. Temporary ban from posting to the list 4. Permanent ban from posting to the list 5. Temporary ban from posting to any RIPE mailing list 6. Permanent ban from posting to any RIPE mailing list
On 04/04/2022 10:38, Brian Nisbet wrote:
Leo,
On timings... my justification here is that the dates of meetings aren't set, so there's a twofold problem, really. I would like the record to be kept for at least the two meetings *following* the event at which the CoC was breached (and yes, I'm assuming that most of our breaches will happen at meetings). Furthermore, if one autumn meeting happens in October and the next in November, that means the information may, in some circumstances, only be held for one meeting.
On the major and minor, I'm not saying we should determine them, rather I'm saying that classification in general might not be a great idea.
Brian
Brian Nisbet (he/him)
Service Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nisbet@heanet.ie www.heanet.ie <http://www.heanet.ie>
Registered in Ireland, No. 275301. CRA No. 20036270
------------------------------------------------------------------------ *From:* Leo Vegoda <leo@vegoda.org> *Sent:* Friday 1 April 2022 15:26 *To:* Brian Nisbet <brian.nisbet@heanet.ie> *Cc:* coc-tf@ripe.net <coc-tf@ripe.net>; chair-team@ripe.net <chair-team@ripe.net> *Subject:* Re: [coc-tf] CoC Process and Next Steps CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe.
Hi Brian,
On Fri, Apr 1, 2022 at 1:37 AM Brian Nisbet <brian.nisbet@heanet.ie> wrote:
Leo,
Great stuff, thank you!
The data protection piece is fair, albeit I'd love to expand that to 18 and 36 months to guarantee it covering 3 meetings to more easily spot patterns, but Athina is the expert here.
We didn't spend a long time discussing the specific periods. I suppose there are two questions:
- What advantage do we get from retaining records for 50% longer? - How difficult would it be to change the record retention policy, if the Code of Conduct Team wanted to do so?
Under 4 we still say: "In all cases, the RIPE Chair Team and the RIPE NCC will be informed of a decision by the CoC Team before it is implemented." Is it intended to change that language to reflect only major (you said significant, but if we're using minor/major language elsewhere, I'm assuming significant = major) breaches will be informed prior to implementation?
You are right. That needs to be adjusted before we publish the draft.
My biggest concern is that we now have to create broad classifications of what a minor or major breach is, which I'll admit I'd been hoping we could avoid.
Can we not leave that to the Code of Conduct Team, when they are selected? We have given non-exhaustive examples in the lists. If we try to define major and minor we'll still need the Code of Conduct Team to apply their good sense when something different happens. Perhaps it is simplest for them to take account of each individual situation and set a category accordingly?
Thanks,
Leo
-- coc-tf mailing list coc-tf@ripe.net https://lists.ripe.net/mailman/listinfo/coc-tf <https://lists.ripe.net/mailman/listinfo/coc-tf>
Ant, My take on this... 1: I think it would be good to keep a record of everything, yes. Securely and for the time periods mentioned, for that reason. 2: I strongly suspect the summary reports would be sufficient, because once the decision has been made the other evidence shouldn't be needed in an "original" form. Obviously time would have to be given to allow for an appeal or whatever, but certainly I don't think it would be needed for the longer term. Thanks, Brian Brian Nisbet (he/him) Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270 ________________________________ From: coc-tf <coc-tf-bounces@ripe.net> on behalf of Antony Gollan <agollan@ripe.net> Sent: Wednesday 6 April 2022 10:32 To: coc-tf@ripe.net <coc-tf@ripe.net> Subject: Re: [coc-tf] CoC Process and Next Steps CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe. Hi Brian, all, After getting some initial feedback from Legal, I have a couple of questions: 1. From an earlier discussion, I think we said we might want to have some record of people who were the subject of a report but didn't quite cross the threshold for actions being applied. This was so the CoC Team could be aware of people who repeatedly go right up to the line without actually crossing it. Perhaps after a number of repeat reports, the CoC Team might eventually apply actions that it wouldn't have if it was an isolated case. With that in mind, would it be good to include in a line that ALL reports will be kept for a minimum period? I'm thinking this could be two RIPE Meetings (whether this ends up being 12 or 18 months) - provided this is okay in terms of the legal stuff. 2. Legal has also asked whether we would keep any supporting information used for investigations (photos, video, messages) and advised that we might want to clarify this in the text. My initial thought is that once the CoC Team has finished assessing a report, it could archive a summary its decision and delete all of the supporting information - though perhaps this summary could outline what kind of evidence was used to support the CoC Team's decision. Thoughts? Cheers Ant On 06/04/2022 11:00, Brian Nisbet wrote:
Thanks Ant.
Obviously we'll discuss more on Thursday, but I think I get your current thinking on this.
Brian
Brian Nisbet (he/him)
Service Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nisbet@heanet.ie www.heanet.ie<http://www.heanet.ie>
Registered in Ireland, No. 275301. CRA No. 20036270
------------------------------------------------------------------------ *From:* coc-tf <coc-tf-bounces@ripe.net> on behalf of Antony Gollan <agollan@ripe.net> *Sent:* Monday 4 April 2022 10:08 *To:* coc-tf@ripe.net <coc-tf@ripe.net> *Subject:* Re: [coc-tf] CoC Process and Next Steps CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe.
Hi Brian,
I've asked Legal to look at whether 18/36 months can work - I think this ultimately boils down to whether we can provide a legally-acceptable rationale for whatever time periods we give - and this seems to make sense to me.
On the RIPE Chair team point, note that the current wording in the draft (v5) is:
If the group decides that strong actions should be taken, it will inform the RIPE Chair Team and the RIPE NCC before they are implemented.
Also agree that we probably don't want to get stuck in the weeds in terms of defining minor/major. I wonder if we could simply think of "major" in terms of "does the RIPE NCC have to implement something?" (a mailing list ban, taking someone's meeting badge, etc).
Looking at the consequences in the current draft, that would look like this (below). At first glance this seems about right - if someone was kicked out of the RIPE Meeting for a day, you'd probably want something like a 24-36 month "probation period" (in terms of having a record of that event).
Cheers
Ant
***
Meeting Sessions and Social Events
MINOR 1. Asked to apologise 2. Removed from the room for a period of time to allow emotions to settle 3. Removed from the room for the remainder of a session
MAJOR 4. Removed from the meeting venue for the day 5. Removed from the social event for the remainder of the event 6. Removed from the meeting venue for the remainder of the meeting 7. Not allowed to attend future events for a period of time 8. Permanently banned from attending RIPE events
Mailing List
MINOR 1. Asked to apologise 2. Publicly told not to repeat a kind of post
MAJOR 3. Temporary ban from posting to the list 4. Permanent ban from posting to the list 5. Temporary ban from posting to any RIPE mailing list 6. Permanent ban from posting to any RIPE mailing list
On 04/04/2022 10:38, Brian Nisbet wrote:
Leo,
On timings... my justification here is that the dates of meetings aren't set, so there's a twofold problem, really. I would like the record to be kept for at least the two meetings *following* the event at which the CoC was breached (and yes, I'm assuming that most of our breaches will happen at meetings). Furthermore, if one autumn meeting happens in October and the next in November, that means the information may, in some circumstances, only be held for one meeting.
On the major and minor, I'm not saying we should determine them, rather I'm saying that classification in general might not be a great idea.
Brian
Brian Nisbet (he/him)
Service Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nisbet@heanet.ie www.heanet.ie<http://www.heanet.ie> <http://www.heanet.ie>
Registered in Ireland, No. 275301. CRA No. 20036270
------------------------------------------------------------------------ *From:* Leo Vegoda <leo@vegoda.org> *Sent:* Friday 1 April 2022 15:26 *To:* Brian Nisbet <brian.nisbet@heanet.ie> *Cc:* coc-tf@ripe.net <coc-tf@ripe.net>; chair-team@ripe.net <chair-team@ripe.net> *Subject:* Re: [coc-tf] CoC Process and Next Steps CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe.
Hi Brian,
On Fri, Apr 1, 2022 at 1:37 AM Brian Nisbet <brian.nisbet@heanet.ie> wrote:
Leo,
Great stuff, thank you!
The data protection piece is fair, albeit I'd love to expand that to 18 and 36 months to guarantee it covering 3 meetings to more easily spot patterns, but Athina is the expert here.
We didn't spend a long time discussing the specific periods. I suppose there are two questions:
- What advantage do we get from retaining records for 50% longer? - How difficult would it be to change the record retention policy, if the Code of Conduct Team wanted to do so?
Under 4 we still say: "In all cases, the RIPE Chair Team and the RIPE NCC will be informed of a decision by the CoC Team before it is implemented." Is it intended to change that language to reflect only major (you said significant, but if we're using minor/major language elsewhere, I'm assuming significant = major) breaches will be informed prior to implementation?
You are right. That needs to be adjusted before we publish the draft.
My biggest concern is that we now have to create broad classifications of what a minor or major breach is, which I'll admit I'd been hoping we could avoid.
Can we not leave that to the Code of Conduct Team, when they are selected? We have given non-exhaustive examples in the lists. If we try to define major and minor we'll still need the Code of Conduct Team to apply their good sense when something different happens. Perhaps it is simplest for them to take account of each individual situation and set a category accordingly?
Thanks,
Leo
-- coc-tf mailing list coc-tf@ripe.net https://lists.ripe.net/mailman/listinfo/coc-tf <https://lists.ripe.net/mailman/listinfo/coc-tf>
-- coc-tf mailing list coc-tf@ripe.net https://lists.ripe.net/mailman/listinfo/coc-tf
participants (4)
-
Antony Gollan -
Brian Nisbet -
Leo Vegoda -
Salam Yamout