Bonum Certa Men Certa

Open Source Initiative (OSI) Privacy Fiasco in Detail: Seeking Class Action Against the OSI

posted by Roy Schestowitz on Apr 09, 2025

Coffee Beans On Weighing Scales

IN THE introduction and the following two parts we gave sufficient background for people who are not familiar with this fiasco. The previous part showed parts of the complaint (as a PDF) and today we show more.

There is a "LETTER SEEKING CLASS ACTION REPRESENTATION". To quote the complainant:

Please note, I did not reach out to OSI about this release of my personal information after realizing it was still showing by shared 3rd party after 4 years. This does not affect my complaint case. I did, however, contact a LA privacy lawyer the other day:

I was contacted by someone on LinkedIn who had my information from when I was a member and voted in 2021 at the open source initiative. This corporate organization is located in West Hollywood California and upon further investigation I came to see that the third-party vendor, Helios that performed the election

Still had the list of 589 members showing publicly on the web. The open source initiative didn’t even know how the list of names was released at the beginning, and even after filing a notice to the community that there was no breach, the list still remains publicly available.

There was an expectation of privacy and certainly after four years, so I filed a complaint with the CPPA.

This organization (OSI) is the “steward" of our open source definition yet can’t even keep our information private. Like I said there was an expectation of privacy and four year seems like quite a bit of time.

There are 589 names on that list and I really believe that this release of our names and whether we voted or not, is negligent.

As a free software advocate, having affiliation with the open source initiative could do serious harm to my reputation.

Additionally, not protecting our privacy for this long is truly distressing.

I would like to be represented in a class action against the open source initiative based on their failure to protect my privacy. If a class action is not possible a single action is also something I am open to. However, almost 600 people were exposed and for four years.

Thank you.

Complaint to CPPA (response via email):

Letter sent via email

RE: Privacy complaint about Open Source Initiatives: A California corporation Helios: Third party vendor used by the Open Source Initiative for elections. Deb Nicholson, previous Interim Director and current director - Stefano Mafulli as well as their IT staff and those working/volunteering at OSI who may also be held accountable for this neglect of private data.

Dear [redacted]:

Thank you for submitting a complaint to the California Privacy Protection Agency (“Agency”).

Complaints are important for our enforcement efforts. We will retain the information you provided in our files and may contact you if we need additional information, for example to request additional facts about the complaint. No further action is required from you at this time. Investigations are generally confidential unless and until a matter becomes public through an enforcement action. For more information about the law and answers to frequently asked questions, please see https://cppa.ca.gov/faq.html.

Please note that we cannot represent you, advocate for you with the business, or force the business to satisfy individual requests for relief. If you would like to consult an attorney, you can obtain a referral to a certified lawyer referral service through the California State Bar at (866) 442-2529 (toll-free in California) or (415) 538-2250 (from outside California), or online at https://www.calbar.ca.gov. If you cannot afford to pay an attorney, contact your local legal aid office to see if you qualify for free or reduced-rate legal assistance. For a referral to local legal aid offices, visit https://lawhelpca.org/ and click on the Search for Legal Help tab.

Thank you again for contacting the Agency about this matter.

Sincerely,

CALIFORNIA PRIVACY PROTECTION AGENCY Complaints Unit

The complainant did not ask the OSI or self-identify; that's the correct approach because the OSI tends to defame critics and censor/deplatform them.

Other Recent Techrights' Posts

Exposing Corruption and Crimes Against Women Isn't a Crime, It's an Imperative
When evil and greedy people are so desperate to silence you it typically gives you more motivation - not less - to do more of the same
New EPO Leaks: Replacing Patent Examiners and Classifiers With Deficient Bots (Without Even Asking for Permission)
Any consultation about it? Any media coverage? No.
 
Microsoft SLAPPs Against Techrights Losing Momentum
It always backfires
Richard Stallman Turns 72 and Will Be Giving Talks in Europe Soon
We have many local copies of his talks as WebM, having converted files uploaded to YouTube
Revisionism and Lies by LLM Slop and Lazy "Media"
What happened to investigation of issues?
EPO Likely Breaking the Law Yet Again, This Time by Using Slop for Patents (to Lower Costs While Producing Monopolies That Cause Ruinous Lawsuits)
Nobody authorised this
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, April 12, 2025
IRC logs for Saturday, April 12, 2025
Links 12/04/2025: Tariffs Standoffs and Spam 'Articles' About Patents
Links for the day
Gemini Links 12/04/2025: Isle Release 0.0.4 (Alpha) and Pokemon
Links for the day
Links 12/04/2025: Science and "DEI" Dismantled Further in the US
Links for the day
Links 12/04/2025: "Part of the Problem" and "Facebook Is Just Craigslist Now"
Links for the day
The Consensus is Changing and Web Sites View LLMs as Evil, a Malicious Force of Plagiarism and a Source of DDoS
It's not about "AI" but about plagiarism of sorts
Slopwatch: Lots of Fake Articles About "Linux" Infect the Web, Google News Still Promotes These as 'News'
people who go to a site like google.com or Google News or even social control media (where users get links from Google) will be directed to read slop, i.e. pure garbage.
Gemini Links 12/04/2025: Sigrblot and Conway Calamity
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, April 11, 2025
IRC logs for Friday, April 11, 2025
Links 11/04/2025: LLMs as Worthless Gimmicks, People in Trouble for Saying Too Much in (or Before) 'Cheeto Era'
Links for the day
Gemini Links 11/04/2025: Microcosmographia Academica and Ada Language
Links for the day
Links 11/04/2025: "Getting Screamed At" and LLM Crawlers as Vandals Online
Links for the day
At the Root of the SLAPPs There Are Matters of GitHub Corruption and Microsoft Competition Crimes
Keep both eyes on the ball; this is about monopoly abuse and attempts to muzzle critics
Open Source Initiative (OSI) Privacy Fiasco in Detail: More on the Complaint, Which Also Points the Finger at Stefano Mafulli and Deb Nicholson
Focus on what they are attempting to distract from
"Linux" Foundation, Besieged by Microsoft, Isn't About Science But Against Science and Against Facts
(and for Microsoft Dogma, Microsoft Domination, Microsoft Money)
IBM Pays IDG's IDC to Market Proprietary Red Hat Enterprise Linux (RHEL) Under the Guise of "Research"
Proprietary RHEL promoted by FUD (Fear, Uncertainty, Doubt or just plain fear-mongering)
Links 11/04/2025: Microsoft Mass Layoffs Again, Zelensky Doubles Down on Claim That Many Chinese Are Fighting for Russia
Links for the day
Slopwatch: A Sea of LLM Slop About SparkyLinux, Kubernetes, Ubuntu, and Linux Kernel
Welcome to the future? The future of the Web?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, April 10, 2025
IRC logs for Thursday, April 10, 2025