[diversity] On the RIPE community CoC

Hello all,

On 11 Feb 2019, at 19:20, Hans Petter Holen <hph at oslo.net> wrote:
>  I will have to appologise for my late reply from your escalation of the matter. 
> That is clearly not acceptable and I will work on ways to improve that.
> (If you did not get my response, I am happy to resend)

Yes, I did get your response. But most importantly, I consider this a failure of
process, not of individuals involved.


On 12 Feb 2019, at 14:31, Mirjam Kuehne <mir at ripe.net> wrote:
> Just to clarify the point above: two of the trusted contacts are RIPE
> NCC staff members. The list moderation is set up such that only these
> people can see and moderate mails sent to the list. I am sorry if this
> is not clear from the moderation message you received.

That is much less of a concern then. However, it’s not very inviting
as a first reply to a report. Considering the low number of people otherwise
affected by spam, perhaps it would make sense not to moderate it at all?

> Regarding mails sent to WG chairs: Everyone who is subscribed to the
> mailing list of a specific WG can send mail to the WG chairs list of
> that WG without moderation.

That’s peculiar, because I’m fairly sure I was subscribed at the time, and
my mails were still moderated. Still, people should also be able to report
safely if they’re not a member of the list, so this needs some kind of change.


On 12 Feb 2019, at 18:19, Brian Nisbet <brian.nisbet at heanet.ie> wrote:
> I do know, not that it helps you or reduces the issues you and possibly others have had with the process, that there have been some issues reported that have worked through the system in a far "better" fashion. I say this not to minimise your experience or the problems, rather to say that the failure is not total across the board. However it does highlight that there is far, far too high a risk of failure for a number of reasons, not limited to individual reactions and a range of other points that you've raised. Again, this is a point of note, nothing more.

It’s good to hear that it has worked well in other cases :)

> It feels wrong at this point to put the work of the template and the communications with JangoCon back on you, but we do also want to find the best material for the CoC. Perhaps the Write the Docs CoC might be a better starting point at this time? Certainly I would be very happy to work on adapting this with you or others, but there's no question it is already an agreed action of the TF and we've flagged it to the PC and the WG Chairs.

So, for DjangoCon Europe 2018, I was on the organising team, and restructured much of the CoC. I now adopted most of that work into the new Write the Docs CoC. The latter is probably a better starting point, because the DjangoCon CoC is focused at supporting one particular event, during a temporary time, with one single CoC team responsible for all reports. Write the Docs is a community with a number of meetups run by local organisers, a number of conferences where core team members are deeply involved, a number of conferences where most work is done by local organisers, and a number of online spaces. So, the WTD community is more similar to the RIPE community, and therefore is a better starting point.

> Importantly in this will be consequences for violations, something which is clearly missing at present.

Yes, specifying possible consequences is an essential part of a CoC. In the WTD CoC response guide, we also provide some guideline on appropriate responses (but never hard rules).

> I think that we, as a TF, can ask the Trusted Contacts now and in the future to prepare a report after each meeting, which would, at a suitable level of obfuscation, given information on reports made. It's possible this can also encompass reports made between meetings or based on other RIPE community events or for a, that's something we can determine.

Yes, these are generally called transparency reports, I co-authored this one last year:
https://2018.djangocon.eu/news/coc-transparency/

As noted in incident #2 in that report, it is essential to prioritise anonymity above detail, so in some cases the report remains very vague. But even then it can still help, as it shows that we have been active, and makes visible what kind of actions we’ve taken and the lessons learned.
 
> The TF will also (and again, I don't think I'm deviating hugely from our decisions in Amsterdam or more recent conversations) work with the WG Chairs and the RIPE Chair to have CoC related text included in the WG Chairs job description and work with the NCC to provide training for them in regards to upholding the improved CoC. I think we need to look at how we can do the same for the Programme Committee.

Are the WG chairs actually the best people to handle reports? From what I’ve seen in regards to WG chair selection and process, I’m not sure this is part of the task they are chosen for. And incidents can occur outside of WG spaces - I’m not sure where those would be handled in this model.

Another concern is that some information sharing is required. If a person has already received a reprimand for certain behaviour in one WG, and repeats this in another WG, it is important to be aware of the previous incident so that someone can’t keep claiming “I’m sorry, I didn’t know”. To share incident information with all WG chairs would mean sharing it with 27 people, and we haven’t even considered incidents outside WG spaces yet. It’s absolutely vital that details of incidents are kept secret and known to as few people as possible - having them known to 27 people is way too many. So some other structure is required anyways to track repeat violators and general trends, without sharing reports between all WG chairs.

I also recommend against having the RIPE chair as the (only) escalation path for CoC issues.
CoC processes should not depend on a single person, because:
- It makes it more likely that something will be forgotten or overlooked.
- The single person can become the target of a CoC-violating action, and should be able to excuse themselves from further handling of that incident. For example, a recent case where I handled communication for an incident resulted in hateful messages being sent to me. At that point, I excused myself from handling the report, and left it to other team members, both for my own well-being, and because anything else could create the perception of a conflict of interest.
- The single person can have a conflict of interest in handling a report, for example a report being made by or about a close friend or close business relation, and in that case someone needs to be able to excuse themselves.
- The CoC needs to account for the possibility a report being made about a person who is usually involved in CoC handling. I’ve not really dealt with that personally, but even if it never happens, there needs to be a process for it, if only to help build trust in the CoC reporting process.

Sasha