Bonum Certa Men Certa

Open Source Initiative (OSI) Privacy Fiasco in Detail: Seeking Class Action Against the OSI

posted by Roy Schestowitz on Apr 09, 2025

Coffee Beans On Weighing Scales

IN THE introduction and the following two parts we gave sufficient background for people who are not familiar with this fiasco. The previous part showed parts of the complaint (as a PDF) and today we show more.

There is a "LETTER SEEKING CLASS ACTION REPRESENTATION". To quote the complainant:

Please note, I did not reach out to OSI about this release of my personal information after realizing it was still showing by shared 3rd party after 4 years. This does not affect my complaint case. I did, however, contact a LA privacy lawyer the other day:

I was contacted by someone on LinkedIn who had my information from when I was a member and voted in 2021 at the open source initiative. This corporate organization is located in West Hollywood California and upon further investigation I came to see that the third-party vendor, Helios that performed the election

Still had the list of 589 members showing publicly on the web. The open source initiative didn’t even know how the list of names was released at the beginning, and even after filing a notice to the community that there was no breach, the list still remains publicly available.

There was an expectation of privacy and certainly after four years, so I filed a complaint with the CPPA.

This organization (OSI) is the “steward" of our open source definition yet can’t even keep our information private. Like I said there was an expectation of privacy and four year seems like quite a bit of time.

There are 589 names on that list and I really believe that this release of our names and whether we voted or not, is negligent.

As a free software advocate, having affiliation with the open source initiative could do serious harm to my reputation.

Additionally, not protecting our privacy for this long is truly distressing.

I would like to be represented in a class action against the open source initiative based on their failure to protect my privacy. If a class action is not possible a single action is also something I am open to. However, almost 600 people were exposed and for four years.

Thank you.

Complaint to CPPA (response via email):

Letter sent via email

RE: Privacy complaint about Open Source Initiatives: A California corporation Helios: Third party vendor used by the Open Source Initiative for elections. Deb Nicholson, previous Interim Director and current director - Stefano Mafulli as well as their IT staff and those working/volunteering at OSI who may also be held accountable for this neglect of private data.

Dear [redacted]:

Thank you for submitting a complaint to the California Privacy Protection Agency (“Agency”).

Complaints are important for our enforcement efforts. We will retain the information you provided in our files and may contact you if we need additional information, for example to request additional facts about the complaint. No further action is required from you at this time. Investigations are generally confidential unless and until a matter becomes public through an enforcement action. For more information about the law and answers to frequently asked questions, please see https://cppa.ca.gov/faq.html.

Please note that we cannot represent you, advocate for you with the business, or force the business to satisfy individual requests for relief. If you would like to consult an attorney, you can obtain a referral to a certified lawyer referral service through the California State Bar at (866) 442-2529 (toll-free in California) or (415) 538-2250 (from outside California), or online at https://www.calbar.ca.gov. If you cannot afford to pay an attorney, contact your local legal aid office to see if you qualify for free or reduced-rate legal assistance. For a referral to local legal aid offices, visit https://lawhelpca.org/ and click on the Search for Legal Help tab.

Thank you again for contacting the Agency about this matter.

Sincerely,

CALIFORNIA PRIVACY PROTECTION AGENCY Complaints Unit

The complainant did not ask the OSI or self-identify; that's the correct approach because the OSI tends to defame critics and censor/deplatform them.

Other Recent Techrights' Posts

IBM Layoffs in India, More Coming Soon, Say Apparent Insiders
Threads regarding IBM layoffs
 
The Year Apple Would Rather Forget
We await further stumbles and falls from Apple (in 2026)
"EU's reform agenda threatens to erase a decade of digital rights"
This is really sad for those of us who spent decades promoting and boosting/advocating the EU
Gemini Links 29/12/2025: Earlier "Happy New Year 2026" and "Dead Archivist Society"
Links for the day
Links 29/12/2025: Putin Critic Sergei Udaltsov Imprisoned, Cloudflare’s Outages Discussed
Links for the day
LLMs Are Inherently Parasitic, We Need to Treat Them Accordingly
a maintenance burden for those who possess actual intelligence
Links 29/12/2025: Bottled Water Considered Harmful, Cheetos Promoting Nazis in Europe
Links for the day
EPO People Power - Part XVIII - European Patent Office "Paints Itself as Progressive While Literally Being Represented by Cokeheads"
To what length/s will German authorities and media (not just in Germany) go to protect the EPO's "precious image"?
What IBM Will Do to Red Hat in the Coming Year or Years
This won't end up well for GNU/Linux as a whole
Not Turning in His Grave: When People Die, Their Corporate Destruction Becomes a "Turnaround"
All he did was mass layoffs - a tradition that has not ended since then
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 28, 2025
IRC logs for Sunday, December 28, 2025
Louis Gerstner Has Died, His Legacy of Mass Layoffs at IBM Hasn't
Hagiographies will follow. They will say he "saved" IBM.
Links 29/12/2025: The Sunday Routine, Limits of Memory, and Gemini Vocabulary
Links for the day
Doxing is Illegal in the UK (Even If You're Based in the US)
Somebody has just added my identity (name, mugshot etc.) to a "hitlist" site of a political nature, pandering to violent people
Misunderstood Weapons of Censorship
It's cruel world out there. One needs to be aware of these shady activities, including "censorship-as-a-service".
Google Confidently Wrong, Nowadays Defaming People Too
I can relate as people did this to me and to my wife
What Happens When Americans Are Out of Office (Away From Work) for a Week? Vista 11 "Share" Falls to Just 10%.
How's that for slow adoption?
2026 Will Have EPO Focus, People Will See What the EPO is Trying to Hide
We certainly hope people will be held accountable
EPO People Power - Part XVII - Drugged, Stoned, and Drunk at the Office During Working Hours (Campinos Friend and Propaganda Chief Has Long Done This)
It's a total disgrace that press all over Europe is still trying to cover this up!
Gemini Links 28/12/2025: Health Ordeals and Discontinued Pedals
Links for the day
Slop About "Linux" Came Only From One Slopfarm This Weekend
Another day has passed with no LLM slop found in our RSS feeds
Links 28/12/2025: 'Digital Detox' and Slop "Backlash Grew Massively in 2025"
Links for the day
Links 28/12/2025: "Mass Quitting Apple" and "Generative AI Industry is Fraudulent, Immoral and Dangerous"
Links for the day
Links 28/12/2025: Fascination, Holidays, and Mormonism
Links for the day
Microsoft's Weapon Against the Reality of XBox (the Console) Dying Seems to be LLM Slop
XBox is dead/dying
Raffles for the Immaterial: Unauthorised Bingo for Red Hat "Vouchers"
This is IBM and some slop images
Andy Farnell on Standing Up Against Technological Oppression
some portions from it
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, December 27, 2025
IRC logs for Saturday, December 27, 2025
Once Again, GAFAM Deletes All Your Data, Only Corrects This After Millions of People Lead an Uproar Online ("Richard Stallman Warned Us About This")
No lessons learned, eh?
Linus Torvalds Blasts Software Freedom Conservancy (SFC) for Attempting to 'Protect' Linux
Like it 'protects' women
New Record for GNU/Linux in Australia (at Microsoft's Expense)
Windows is at an all-time low, GNU/Linux... all-time high
Fighting Over Whose Pockets Are Deeper (or Who Borrows More Money)
When processes favour those who are more wealthy (or more willing to go into infinite debt or steal money of other people) those processes match the attributes of lawfare rather than law
You Know Your Critics Are Jealous and Have Inferiority Complex When...
One day we'll write about all this in great depth
Starting a Book With a Flawed Premise or Weak Hypothesis
To me, Schneier is a sort of "RMS of sec"
Microsoft's Mass Layoffs (30,000+ in 2025) Not About "AI", Just Business Failure
"AI" is replacing... the old excuses for mass layoffs
"But Corruption is Everywhere"
"We'll always have Polio..."
EPO People Power - Part XVI - Berenguer Does Not Speak German, So What Did He Tell German Police That Busted Him?
based in Germany and does not speak the language
Challenges for EPO Insiders to Try to Tackle in 2026
Nothing will get solved as long as the circus that runs this show tries to keep the circus going
Days Without Slop About "Linux"
It's time to move on
Links 27/12/2025: Canada Post Strike Called Off, Debate About Europeans "Working Over Christmas"
Links for the day
Gemini Links 27/12/2025: Household Appliances and Flight Fright
Links for the day
Links 27/12/2025: US Cracking Down on Whistleblowers, Expanding Bombardment Campaigns Worldwide
Links for the day
Resuming EPO Coverage Today, Can António Campinos 'Survive' Cocainegate?
We said we'd continue in the weekend
Links 27/12/2025: More Attacks on Media (Meduza Co-founder Sentenced to Prison in Absentia), "What Owning Music Means To Me"
Links for the day
Gemini Links 27/12/2025: geminiprotocol.net Downtime and Capsular Gemlog Manager
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 26, 2025
IRC logs for Friday, December 26, 2025