09.28.20
[Meme] Running Public (or Private) Interest Groups for Profit
In the ‘news’ this week (yesterday):
Summary: The Linux Foundation is picking up some more ‘surveillance capitalism’ money, in the name of… ‘helping’ Linux?
09.17.20
The Quandary of ‘Ethical’ Sponsors and One’s Ability to Criticise Them (Otherwise It’s a Potential Bribe in Exchange for Censorship of Critics)
Summary: When Free software advocacy groups are indebted to companies that greatly harm people’s freedom (including privacy) we have to ask ourselves questions regarding morality and ethics because money isn’t inherently evil, it depends who or where it comes from (on what implicit conditions)
THE term “Sponsors” (or “Patrons”) is supposed to sound inherently different from “Bosses” or even “Masters” (apparently the latter is now a politically-sensitive and potentially offensive term that must never be used, except in the context of slavery). Aren’t those just euphemisms?
“Is Google money reconcilable in a Free software advocacy group?”Over the past month or so we’ve published dozens of articles on this subject alone, at times taking note of FSFE sponsors and FSF sponsors. Google used to be a top FSF sponsor for a number of years and Google is still by far the biggest sponsor of the FSFE.
Is Google money reconcilable in a Free software advocacy group? Here is what the founder of the FSF, Richard Stallman, told me 6 years ago:
These were the FSF’s sponsors the year I conducted the above interview:
So, it’s not hard to see that Stallman was willing to criticise his top sponsor. Or at least his organisation’s top source of funding (for that year, previous years, and the following couple of years).
Based on some research, it was only in 2017 that Google stopped sponsoring the FSF (completely), either because the FSF rejected the money or Google chose not to give any. So it doesn’t seem likely that the turnaround moment was something Stallman said or did; contrast this with the FSFE and notice which years had asterisks in them (Google was always the top sponsor since 2013, inclusive, to the point of accounting for the lion’s share of revenues):
2012:
2013:
2014:
2015:
2016:
2017:
2018:
2019:
Present:
Google’s money goes notoriously far, even privacy advocates like the EFF.
Debian (through SPI) was, especially in recent years, picking up cheques not only from Google (very big cheques) but also from Microsoft, for 4 consecutive years in fact. Does that mean that a certain Code of Conduct can be misused to punish Google and Microsoft critics? It’s definitely not impossible or implausible. Some people receive a salary out of that money. They don’t wish to put that money at risk. From what we can gather, the expulsion (first demotion) of Daniel Pocock was at least indirectly a result of what he said and did at the FSFE (candidly speaking to his constituents) and his criticism of Google, which he had previously worked with for years (under the GSoC umbrella). If we allow companies like these to ‘donate’ (it’s not a charity, they want something in return) about 0.0001% (millionth) of their annual revenue to institutions where that money is about 20% of the total revenue (several people’s salaries), how are we to prevent the likes of the FSF and FSFE from becoming a Linux Foundation-like failure (betraying or neglecting their own goals in pursuit of financial self-justification/gratification)?
People won’t donate for long or even provide moral support if they feel like the Linux Foundation is a GitHub/Microsoft outsourcer and the FSFE is like a Google lobby/front group looking for individuals to add/lend money towards this group’s objectives. This raises serious legitimate questions about morality of sponsorships in general, especially from those so large that they diminish the impact of individual contributors, rendering them more or less disposable. █
When Attempting to Run for Debian Project Leader (DPL), Only to Realise the Process is Rigged (and Censored) to Protect Past Leaders
[Editorial note: What we’re seeing in Debian right now is very similar to the EPO under Benoît Battistelli; in order to cover up abuses the leadership race is being rigged in favour of ‘favourable’, ‘safe’ candidates like António Campinos, who would not investigate past leaders for potential abuses because they’re indebted to them]
Reprinted with permission from Debian Community News
This is the question nobody is allowed to ask:
Imagine you are DPL. In January, an experienced and respected volunteer writes:
You can use my name temporarily while looking for other people to help you in this role… However, I can’t officially commit to help with the duties of an administrator right now.
and in July, he follows up:
Due to unforeseen and extraordinary personal circumstances that I don’t wish to discuss…
The volunteer visits your city every month for work and asks if he can meet you in person. Do you:
-
- Use the volunteer to tie up all GSoC and DebConf loose ends over another 2 months
- Wait until you bank the $17,200 from Google
- Ignore the volunteer’s public resignation
- Send a complaint to Debian Account Managers
- Send emails to other organizations denouncing the volunteer
- Receive and brag about another big cheque from Google
- When the volunteer works up the courage to challenge you publicly on debian-project, lie and deny what you wrote
- Prompt people to stalk the volunteer at events?
- Or do you accept the suggested meeting, do the right thing and try to find a low key solution?
DPL elections 2020: nomination censored (reprinted with permission from Debian Community News)
Many people wondered what all the fuss has been about banning and censoring people from Debian in recent years. The answer? Dirty politics. Nominations for Debian Project Leader were announced on Saturday, 7 March and the next day, outgoing leader Sam Hartman attacked another would-be candidate with false accusations of trolling.
The candidate has chosen to share his platform publicly. Do you think this would make Debian a more friendly place for everybody?
Subject: nomination and platform
Date: Fri, 13 Mar 2020
From: a volunteer
To: debian-vote@lists.debian.orgDear Fellow Developers,
I’m running for DPL again this year. This is my nomination.
I have a clear platform and I can deliver what I promise.
In August 2018, while dealing with a number of extraordinary situations in my life outside Debian, I politely informed people that I was resigning from the GSoC team. I had planned to take a rest. It was completely appropriate at that time. From Debian’s point of view, there was nothing more to it than that.
A few weeks later, as I departed on my vacation in September 2018, a vacation I really needed at that time, I received some emails from certain people in Debian. To quote Sam Hartman, it felt like a “Campaign of Harassment”.
Linus Torvalds took a widely publicized vacation, nobody attacked him for that. Why can’t Debian Developers take a vacation too?
My policy therefore is that if you vote for me as DPL, I will end the experiments started by previous DPLs. Then I will immediately try to have my vacation again. While I’m on vacation, you won’t hear from me. Its a new experiment:
How does the project survive when the DPL goes walkabout?
I may well head off to the outback for some indeterminate period of time, free from any concerns about Coronavirus and DebConf’s foray into middle east politics.
While I’m on holiday, I’ll prepare a constitutional change that protects the rights of all Debian Developers to have holidays without interruptions. Any decisions made while a Developer is on vacation, at Christmas, in hospital or otherwise unavailable will be null and void. This is retrospective from the beginning of the project, therefore any previous communications sent while Developers were on vacation, at Christmas or late on a Sunday night are also null and void. I feel that is good for every Developer and the project as a whole.
That is my platform and I’m confident that it can be delivered.
Debian, Chris Lamb and a Campaign of Harassment-by-Proxy (reprinted with permission from Debian Community News)
One of the law suits to define the age of social media is Herrick v. Grindr LLC. Herrick’s ex-boyfriend has created fake profiles impersonating Herrick, inviting arbitrary strangers to visit Herrick at his workplace. The case has been escalated all the way to the US Supreme Court. It is an example of harassment-by-proxy.
In a recent email, the Debian Project Leader made a rather confused report about a campaign of harassment. It is confusing because officials in the Debian aristocracy have used the project’s resources to pretend they are victims. It is otherwise known as victim-offender reversal.
The simple fact of the matter is that a volunteer resigned from a post in August 2018 and cited extraordinary personal circumstances in a private email to the former leader, Chris Lamb.
Nobody from the project made any attempt to communicate with this volunteer for a month. Then, just as the volunteer was departing on vacation, Enrico Zini, one of the Debian Account Managers, sent an insulting email alleging the volunteer wasn’t a real developer. This intrusion on a developer’s vacation is a pretty grave example of harassment. People have complained about trolls on Debian’s mailing list but none of them have stooped so low as sabotaging a volunteer’s vacation.
At the same moment, the former DPL, Lamb, was sending out messages to denounce the volunteer. He conscripted an Albanian to relay those messages into other parts of the free software community.
As a consequence of those messages, initiated by Lamb, the volunteer is constantly being confronted with questions about his family and personal life. People asking the questions don’t know enough about the case to know they are intruding on somebody’s private life. They have been used by Lamb, Zini et al. to cause extreme discomfort to another volunteer. This is a campaign of harassment-by-proxy, orchestrated by Lamb, much like the harassment described in Herrick v. Grindr LLC.
Rogue elements of the Debian aristocracy, using proxies, have stalked him at free software events. Over a period of 15 months, they have sought to burn and desecrate every area where the volunteer contributes to free software.
Some people are asking who is harassing who. Yet the facts are clear: the volunteer resigned from his role in August 2018, the first abusive messages were unilaterally sent by project officials towards the volunteer some weeks after that. Lamb and Zini lit this fire.
This persistent campaign of harassment, the leader and office holders using Debian’s otherwise good reputation to suck other people into insulting a volunteer, is about as bad as it can get. It is scary to contemplate where it will end. █
Nepotism and Conflicts of Interest in Free Software
Reprinted with permission from Debian Community News
AS the Mollamby affair has emerged, some people have rushed to defend the privacy of Chris Lamb and Molly de Blanc (Mollamby) or dismissed it as mere innuendo without understanding the ethical issues.
What is the difference between innuendo and public interest? Evidence.
Privacy is a valid consideration, but it is not the only one. We delayed publishing our own commentary about the subject while weighing the privacy implications against the ethical issues.
Let’s consider some of the evidence backing up the facts about Mollamby. Parts of the evidence have been redacted for the privacy of third parties but the material presented here accurately reflects the situation.
This is the opening comment sent by a student applying for GSoC in 2018 (Fact 2):
Date: 14 March 2018 I am [redacted/student name], ... from [redacted/country]. I’m [redacted/relationship] of [redacted/full name]
The student clearly identified a conflict of interest, giving the name of the other party and the type of relationship. The other party had also sent a similar email:
Date: 12 March 2018 ... there are some students who might be interested in [redacted/project]. Even my [redacted/relationship] has been ....
As they were honest and transparent from the outset, there is no question over their integrity and no need to discuss their identities.
This is the statement one volunteer made when agreeing to be a GSoC admin in 2018:
-------- Forwarded Message -------- Subject: Re: Google Summer of Code 2018 Date: Mon, 22 Jan 2018 08:41:49 +0100 From: Daniel Pocock <daniel@pocock.pro> To: mollydb <deblanc@riseup.net> On 22/01/18 02:25, mollydb wrote: > I mmissed this on the application before! We need 2-5 administrators for > the application. Who else wants to be one? > You can use my name temporarily while looking for other people to help you in this role. ... [redacted/name of other community] ... However, I can't officially commit to help with the duties of an administrator right now. Regards, Daniel
No volunteer is under any obligation to provide details of their personal life. This statement alone looks like it was made honestly and in good faith, that is what teamwork is all about.
A selection meeting was scheduled for 16 April 2018 and Pocock was the volunteer who reminded people about somebody having a conflict of interest (Fact 3). He was not a party to this conflict of interest. de Blanc both acknowledged and agreed with the way it was handled (Fact 6):
<pocock> yes, but [redacted] is not involved in the selection process because one candidate is [redacted] <pocock> that could be one reason we are waiting until the last minute to confirm the selections [redacted/other mentor acknowledgement] <mollydb> nice responsibile decision making :) <mollydb> thanks for being so consciencious
People had been reminded about it in a number of emails at each stage of the selection process, it wasn’t sprung on people at the last minute. de Blanc had simply left the GSoC emails to other team members:
Date: 12 July 2018 From: Molly de Blanc <deblanc@riseup.net> As an additional note, I generally check my email once a week. For anything immediate, -please- ping me on IRC as I'll be responsive there (and can know to dive into my email).
When alerts were sent about the conflict of interest in March and April, other team members were unaware that de Blanc wasn’t reading them.
Technically, it was a special case that was not strictly covered by Google’s official rules. Given the huge effort volunteers make interacting with students, nobody had made the extra effort to seek Google clarification.
Now let’s look at the complaint that Stephanie Taylor from Google sent to Debian on 13 July 2018 (yes, that was Friday the 13th):
Subject: Concerns around Debian GSoC students and conflict of interest Date: Fri, 13 Jul 2018 08:23:36 +0200 From: Stephanie Taylor <sttaylor@google.com> To: [redacted/private gmail addresses of all Debian GSoC admins] Hello Debian Org Admins, It has come to our attention that [redacted/position in Debian], [redacted/full name], is the [redacted/relationship] of [redacted/name], ... This is incredibly disturbing as the Debian folks have been valued members of the GSoC community for many years and this threatens the integrity of the program.
Taylor is complaining about conflicts of interest in Debian, this confirms Fact 7.
Who would investigate Taylor’s complaint? Chris Lamb and Molly de Blanc. Mollamby.
Subject: Re: Concerns around Debian GSoC students and conflict of interest Date: Fri, 13 Jul 2018 14:49:50 +0200 From: Molly de Blanc To: Daniel Pocock Just as a quick heads up, I'll be talking with the DPL later today to get on the same page -- I know he also contacted Stephanie off-channel. If you'd like to ping me on IRC, I can try to be online and accessible (today turned into quite a busy day for me) at a time that works for you. Cheers, Molly
Notice that de Blanc does not mention her conflict of interest (romantic relationship with the DPL, Chris Lamb) in that email. Lamb never mentioned it either. Neither of them recused themselves (Fact 8). Pocock was travelling that weekend and couldn’t make time to join a hastily organized meeting. As boyfriend and girlfriend, Lamb and de Blanc, Mollamby, had a meeting without the rest of the Debian GSoC admin team. When the boyfriend is also the leader of the project and when the girlfriend’s conduct is in question, is it any surprise that another volunteer is blamed and the girlfriend takes over the team?
That email is the smoking gun: two people at the very top of the free software ecosystem (Debian and OSI) using a volunteer as a scapegoat for a communication breakdown that one of them had been party to.
This farce is further compounded by the fact the original complaint was about conflicts of interest.
Mollamby hid their own conflict of interest while investigating a conflict of interest.
Is this a new style of disruptive leadership? Or is it simply good old fashioned cronyism?
Even this hidden conflict of interest may not be enough to justify discussing the relationship publicly. However, they have meted out severe punishments on numerous other volunteers. de Blanc even went to FOSDEM and gave a talk boasting about demoting somebody and putting volunteers behind bars. If these people want to take on leadership positions and preach about harming other volunteers they also need to accept that their own conduct will come under public scrutiny. It is clearly not possible to talk about the way they both concealed and benefitted from a conflict of interest without also making their relationship a public matter. In this situation, the ethical transgressions heavily outweigh the concerns about their privacy.
What’s more, Pocock announced his resignation from the Debian GSoC team in August 2018, if people had not behaved immaturely after that, it is unlikely any of these facts would be under public scrutiny right now.
In a non-apology email sent by the new DPL Sam Hartman, Debian confirms there were conflicts of interest and that Debian is completely unprepared for these situations:
I regret that we didn’t have better tools for dealing with conflict of interest and hope we will develop those tools going forward. ... The conflict of interest issue had no easy answer... There was not a clear conflict of interest policy. Sometimes in situations like that you don’t have good options.
The GNOME community have also done an excellent job of reducing this complicated situation into a concise query to their own leadership. From the GNOME Foundation mailing list:
Nobody appears to be asking about Molly. People are asking about you (Neil McGovern). You and Lamb both come from this Debian Cambridge grouping. You are the Executive Director. How long did you know that your new hire was also your friend Lamby's girlfriend? Please respond transparently, we would all like to see this cleaned up so there will be no discomfort or embarrassment at GUADEC.
It is interesting to see that a student applying to GSoC appears to be demonstrating more integrity than the leader of the Debian Project and the OSI board president combined. █
Conflict of interest? OSI board meeting, Spring 2018, Microsoft, San Francisco
Expulsions by Vendettas
Reprinted with permission from Debian Community News
As people dig deeper, they are surprised to find that evidence of cult phenomena is indisputable while counter-accusations against victims lack any evidence whatsoever.
Nonetheless, running an elaborate cult surely takes time and effort. Why would anybody bother to do this?
Credibility of Debian’s name
Debian, thanks to the the Debian Social Contract, long history and technical reliability, has built up a reputation for technical competence.
When somebody associated with Debian points out that Google’s privacy policy is no more than a modern-day re-write of The Emperor’s New Clothes, their concerns are often amplified and widely noticed.
Companies like Google resent this, so they exert influence in various ways to discredit those individuals who speak the truth.
We see exactly the same phenomena in the United States right now where President Trump has been trying to undermine his country’s leading expert on pandemics, Dr Anthony Fauci.
Personal benefit
Earlier this month, we saw former French Prime Minister François Fillon convicted of embezzlement after creating jobs for his wife and children.
This was a reminder for many of us about the way jobs are allocated to insiders in Free Software. One of the most notable examples has been the case of the former Debian Project Leader’s girlfriend leaving her job at FSF and immediately being employed by a close friend of her boyfriend who is now executive director of the GNOME Foundation. Molly de Blanc is not a programmer but she is frequently given keynote speaking opportunities in free software events. People asking how she is selected over other women and which organization pays for her travel to these events only receive vague replies.
In one event, FOSDEM, at ULB in Brussels, Miss de Blanc used her talk to humiliate other volunteers in Debian, including one who was at the event. The people she boasts about demoting have over 30 years experience between them, while de Blanc’s Github page confesses ….
Elimination of democracy
One of the greatest fears of these oligarchs is that an independent candidate might be elected in their organization and go through the historic email records and bank statements, publishing facts about these conflicts of interest.
A range of organizations have canceled elections and eliminated voting rights for the majority of volunteers. When a Debian Developer was elected in another organization, FSFE e.V., people immediately started trying to undermine his Debian role. Linux Foundation eliminated voting rights in 2016 and FSFE e.V. canceled elections in 2018. Fedora (Red Hat) elections require candidates to submit their platforms for approval by existing management.
In parallel with these regressions, organizations have sought to denounce and villify the people who had been elected. This should be seen for what it is: an attack on an elected representative is the most vile attack on democracy.
Modern day slavery: Getting employees without a salary
Another key point is that the people being publicly shamed are all volunteers. We never see Google, Red Hat or Ubuntu publicly shaming one of their employees. In those cases where employees have been sacked, it has been done very quietly.
Yet we see these incredibly vocal shamings of people like Dr Norbert Preining and security researcher Jacob Appelbaum in Debian.
There is a pattern here: the organizations want other volunteers to see the shaming and humiliation so that everybody else will be silent and obedient like employees, but without a salary.
It all adds up
Volunteers who are not allowed to vote and not allowed to speak are getting a pretty bad deal. Even your local bridge club provides better rights and protections for members.
Think about the counterfactual: all these highly experienced engineers working together as volunteers to make genuinely secure and private alternatives to services like Gmail and Skype. It is not hard to see why companies have strong reasons to castrate free software organizations by chopping out their most talented and principled engineers. █
09.15.20
Whistle-blowing as Public Service, Not ‘Harassment’
Reprinted with permission from Debian Community News
A number of people in the Debian world have been spreading false accusations of harassment and abuse.
These accusations are never accompanied by any evidence.
Harassment and abuse have a very clear meaning to most people, for example, sexual abuse.
In Debian, these words are being used to describe any uncomfortable questions about money. For example, if a volunteer asks about the secret $300,000 donation from Google, they are accused of harassing the leader.
In any other organization, asking those questions is simply being a good citizen.
These malicious accusations are a painful symptom of the culture wars gripping the free software world today and do not represent any remotely credible claims of harassment or abuse.
The rogue developers who misuse the words harassment and abuse in these situations are guilty of character assassination and they are also stealing from the experiences of people who really have been harassed and abused, including some Debian volunteers. █
09.10.20
[Meme] Microsoft-Google Foundation Europe
Whose Europe? Not European companies… (or people for that matter)
Your bank data passed over E-mail
Summary: The ‘real owners’ of public interest groups don’t always work for the public interest and often work against the public interest
Corruption in Organisations Like the Linux Foundation and the FSFE
Reprinted with permission from the Free Software Fellowship
The UN Working Group on human rights and transnational corporations has recently started a consultation on corruption.
While a lot of attention is on practices in the developing world and the corporations that operate there, there is increasing attention on the practices of large corporations like Google in the free, open source software space.
For example, why have so many organizations like Linux Foundation and the FSFE simultaneously eliminated their elections, shifting the balance of power towards certain corporations like Google? Why are messages about corporate influence routinely censored from the mailing lists of open source groups who claim to be both transparent and independent of the corporations funding them? Voting and censorship are both human rights issues. If we can’t get these things right in an organization of professionals, how can there be any hope for the developing world?
People who wish to collaborate on a submission to the UN working group can respond to the call by joining the Fellowship mailing list and responding to the call there. █
Content is available under CC-BY-SA