Bonum Certa Men Certa

Debian Conflict of Interest Register

posted by Roy Schestowitz on Mar 13, 2024,
updated Mar 13, 2024

Reprinted with permission from Daniel Pocock.

Does Debian need a Conflict of Interest register?

People have asked for it several times. Cabal members have always refused.

Over the last few years, I've had various questions from people about how much they can really trust certain people in Debian.

Vigilantes claim to have a Code of Conduct for Debian. But a Code of Conduct is worthless without any process for managing Conflict of Interest. Last weekend the DebConf8 room allocation data was published somewhere on the Internet and this gives some scary insights into Conflict of Interest.

Privacy of accommodation data

Most people would assume that a data set like this is somewhat private and an organization like Debian would be competent in keeping it private.

Maintaining the privacy of the data requires both technical and social best practice. As we saw in the evidence about Debian harassment culture being a factor in suicides, it isn't the best social environment. A poor social environment is going to struggle to maintain effective privacy.

In relation to the privacy of DebConf personal data, one of the most glaring lapses came with the Albanian scandal. The former Debian Project Leader, Chris Lamb, first visited Albania in 2017. One of the women spent two years visiting events with Lamb. She was seated next to Lamb at the DebConf19 dinner in Brazil. Eight weeks later, she was selected for a $6,000 Outreachy internship.

When you look at the photos and travel itineraries, there is no evidence that the woman did anything wrong. There is a strong hint that Chris Lamb was smitten with this girl. All the rules on funding were relaxed.

When they gave the woman the Outreachy placement, she writes that she had to begin learning Git and at the same time, they simply gave her access to the DebConf Git repository. The repository contains a lot of private information about participants throughout the whole history of DebConf.

I do not believe this woman is any less trustworthy than any other volunteer. On the other hand, the ease with which Lamb gave a smiling newcomer access to this data and the manner in which funding rules were violated suggests that Debian security has some soft spots.

DebConf8 bed allocation: a fresh perspective on DebConf6 violence

A few weeks ago, I wrote about the manner in which two volunteers, Moray Allan and Holger Levsen, allegedly assaulted and physically expelled Ted Walther from DebConf6.

The summary of the incident includes the following text:

At this point Holger and Moray, as mentioned above, manhandled Ted across the dining hall to the door, where they were intercepted by John.

In my subsequent blog about the topic, I published an email from Amaya Rodrigo Sastre where she appears to be justifying violence towards Mr Walther, the victim:

I explained to her that what was going on had nothing to do with her, that it was a problem with Ted and that I believed Ted was a dangerous person and that she should be careful.

Amaya's defamatory emails have been made available to over 1,000 Debian Developers who have had access to the debian-private archives. 16 years have passed. Many people will not know or remember that Amaya had a conflict of interest.

In fact, Amaya had a relationship with Holger, one of the aggressors. She was writing these emails to disparage Mr Walther and take the pressure off her unstable boyfriend.

The relationship appears to be confirmed in the DebConf8 room list, here we see Amaya and Holger sharing a room:

Amaya Rodrigo Sastre, Holger Levsen, Margarita Manterola, Maximiliano Curia, Damian Viano, Martina Ferrari, Gregor Herrmann

Amaya could have added a disclaimer to her emails to declare a conflict of interest but she didn't do so. How can we ensure that people who see her emails in future will be aware of this vital fact?

Another thing to notice in the room list is that Margarita Manterola and Maximiliano Curia were able to share a room. Marga is the Google employee who sent me a hideous email telling me that Carla was not welcome to share the food at DebConf. Looking at the DebConf8 room list, we can see that these people behave like the pigs in Animal Farm. George Orwell has simplified the Code of Conduct down to just one sentence:

All animals are equal but some animals are more equal than others

This is significant for all users and contributors to Debian. This type of toxic social phenomena creates friction against innovation, it undermines privacy and it undermines security of the final software product.

Please see some of my other pages about how Outreachy fell into disrepute.

Other Recent Techrights' Posts

How We Do Techrights (and What's Changing Next Week)
Many former news sites no longer yield much non-meaningless news (not anymore); there's a gap to be filled
Links 12/07/2026: Palantir Unrest and Wireshark 4.6.7
Links for the day
Links 12/07/2026: New Instrument Time and PalmOS Experiences in 2026
Links for the day
Red Hat Staff Says IBM Policy Has Stigmatised Him as a Tool and a Slopper With Plagiarism Tools
IBM is killing Red Hat with slop
Freedom of Choice or Freedom Versus Choice (or When All Choices Are Incompatible With Freedom)
When some business asserts that it gives people different options, then it can rightly argue that it offers some choices, but that is not the same as freedom
Techrights IRC Turns 5 Without a “Code of Conduct”, “Code of Conduct Committee”, and All Those Bureaucratic Nightmares
18+ years if one counts our time in Freenode as well
Why U No Use AI???
Many hype waves come and go
There Are Still Slopfarms in Google News
Google is trying to participate in if not lead this pyramid scheme
The Cyber Show Explains How Slop and Promotion of Slop is About Taking Control Away From Computer Users
"On making a trustworthy machine"
Keeping Available the Site at All Times
Informal arrangements and crowdfunding keep our work available despite resistance (including from people who break the law)
What If "Era of AI" and "AI Revolution" (Fake News) Never Happened?
So how much longer before the bust (or bubble-burst)?
GNU/Linux Approaches 5% in Australia
5% by year's end?
Europe/EU is Moving Towards Independence, Fast to Adopt Free Software
More and more states (governments, public sector) in Germany are dumping Microsoft
GNU/Linux Grows at the Expense of Windows
People who want to get work done already left Windows
Tux Machines Growing as a Volunteers-Run Site
Historically the site did not have many original stories, but this changed as the audience grew and the site gained more recognition
Links 12/07/2026: European Commission Versus ‘Addictive Design’, "Google Loses Final Appeal Over $4.7 Billion EU Android Antitrust Fine"
Links for the day
GNU/Linux Market Share Increases Some More Today, statCounter Measures It at 7.3%
Will more such thresholds and records be broken?
Gemini Links 12/07/2026: Studying Languages and 2026 Old Computer Challenge (OCC)
Links for the day
EPO "Cocaine Communication Manager" - Part XIII - At the EPO, Cocaine Addicts and Their Friends Are "Protected Class"
What does that tell us about the EPO?
Increasing Output by Focusing on Originals
It's probably more important to carry on with these than it is to keep abreast of non-crucial news
Amid Strikes and Industrial Actions, Young Professionals at the European Patent Office (EPO) Kept on 'Short Leash', According to the Local Staff Committee The Hague
Issues affecting Young Professionals
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, July 11, 2026
IRC logs for Saturday, July 11, 2026
Blogs May be Making a Comeback (They're Not Fediverse, They Are Joined by RSS Feeds)
Don't fake expansion where none existed
ChromeOS and GNU/Linux in the United Kingdom Reach 11%
the UK shows signs of digital maturity
Corporate Media: Blame the People Who Enter the Abandoned IBM Buildings, Not IBM for Abandoning Workers in Pursuit of IT Sweatshops
When the media spreads falsehoods stocks can go up (a lot higher), but at whose expense and how long for?
Canonical is Selling Microsoft, It Pays The Register MS to Sell Microsoft
It's all about money to them. And they call this journalism.
When Red Hat's HR Becomes the Same as IBM's HR (Bluewashing)
Red Hat keeps sacking very experienced engineers and adding temporary interns
GNU/Linux Growing in East Asia
Assuming this is more or less accurate, we could use a plausible explanation
SUEPO Munich Report on the Recent EPO Demonstration and Rolling Strikes That Continue to Grow
"increasing registrations for the 'rolling strikes' running until autumn"
Over a Week After Microsoft Discontinued Some XBox Models It Apparently Exits Some Markets Altogether
We seem to be witnessing the end of XBox
Gemini Links 11/07/2026: Old Computer challenge, Poems, Antenna, and More
Links for the day
Links 11/07/2026: "Trademark wars of Influencer Culture", Xinuos Uses Copyrights Versus UNIX
Links for the day
North America: GNU/Linux Measured at 10%
To better understand what contributes to the gains
Following Corrections and Adjustments statCounter Sees GNU/Linux at 7.1%, an All-Time High
There is a lot of layoffs at Microsoft this month
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 10, 2026
IRC logs for Friday, July 10, 2026
Links 11/07/2026: Wednesday-Saturday News Catch-up
Links for the day
Prioritising High-Importance News
In order to fully catch up with news we'll not publish many new articles until next week