Bonum Certa Men Certa

Open Source Initiative (OSI) Privacy Fiasco in Detail: Seeking Class Action Against the OSI

posted by Roy Schestowitz on Apr 09, 2025

Coffee Beans On Weighing Scales

IN THE introduction and the following two parts we gave sufficient background for people who are not familiar with this fiasco. The previous part showed parts of the complaint (as a PDF) and today we show more.

There is a "LETTER SEEKING CLASS ACTION REPRESENTATION". To quote the complainant:

Please note, I did not reach out to OSI about this release of my personal information after realizing it was still showing by shared 3rd party after 4 years. This does not affect my complaint case. I did, however, contact a LA privacy lawyer the other day:

I was contacted by someone on LinkedIn who had my information from when I was a member and voted in 2021 at the open source initiative. This corporate organization is located in West Hollywood California and upon further investigation I came to see that the third-party vendor, Helios that performed the election

Still had the list of 589 members showing publicly on the web. The open source initiative didn’t even know how the list of names was released at the beginning, and even after filing a notice to the community that there was no breach, the list still remains publicly available.

There was an expectation of privacy and certainly after four years, so I filed a complaint with the CPPA.

This organization (OSI) is the “steward" of our open source definition yet can’t even keep our information private. Like I said there was an expectation of privacy and four year seems like quite a bit of time.

There are 589 names on that list and I really believe that this release of our names and whether we voted or not, is negligent.

As a free software advocate, having affiliation with the open source initiative could do serious harm to my reputation.

Additionally, not protecting our privacy for this long is truly distressing.

I would like to be represented in a class action against the open source initiative based on their failure to protect my privacy. If a class action is not possible a single action is also something I am open to. However, almost 600 people were exposed and for four years.

Thank you.

Complaint to CPPA (response via email):

Letter sent via email

RE: Privacy complaint about Open Source Initiatives: A California corporation Helios: Third party vendor used by the Open Source Initiative for elections. Deb Nicholson, previous Interim Director and current director - Stefano Mafulli as well as their IT staff and those working/volunteering at OSI who may also be held accountable for this neglect of private data.

Dear [redacted]:

Thank you for submitting a complaint to the California Privacy Protection Agency (“Agency”).

Complaints are important for our enforcement efforts. We will retain the information you provided in our files and may contact you if we need additional information, for example to request additional facts about the complaint. No further action is required from you at this time. Investigations are generally confidential unless and until a matter becomes public through an enforcement action. For more information about the law and answers to frequently asked questions, please see https://cppa.ca.gov/faq.html.

Please note that we cannot represent you, advocate for you with the business, or force the business to satisfy individual requests for relief. If you would like to consult an attorney, you can obtain a referral to a certified lawyer referral service through the California State Bar at (866) 442-2529 (toll-free in California) or (415) 538-2250 (from outside California), or online at https://www.calbar.ca.gov. If you cannot afford to pay an attorney, contact your local legal aid office to see if you qualify for free or reduced-rate legal assistance. For a referral to local legal aid offices, visit https://lawhelpca.org/ and click on the Search for Legal Help tab.

Thank you again for contacting the Agency about this matter.

Sincerely,

CALIFORNIA PRIVACY PROTECTION AGENCY Complaints Unit

The complainant did not ask the OSI or self-identify; that's the correct approach because the OSI tends to defame critics and censor/deplatform them.

Other Recent Techrights' Posts

Weaponisation of For-Profit Dockets - Part I: Hiding Behind Lawyers (or Guns for Hire) After Abusing Many People and Even Strangling Women While Microsoft Paid Salaries
This whole thing is very typical of the Microsoft and Bill Gates mindset
From EPO to "MAGA Regime": A Shift Away From Reality to Fake News and False Metrics
Disbelief in itself isn't a bad thing; but the problem is that people are taught to believe rich people in suits more than they believe others
Skype is Officially Dead Today and This is Why People Should Use Free Software Instead (Goodbye, Microsoft)
It's also a good reminder of why people should move to GNU/Linux
'Simple Articles' in MyGemini Just One of Many New 'Sites' in Geminispace
Geminispace has grown fast lately; it's turning 6 next month
 
Links 06/05/2025: LLMs/Chatbots Attract More Scrutiny (Getting Worse Over Time), PwC Has Many Layoffs
Links for the day
Thanks for listening. How can this Morse feed be further improved?
Right now any and all feedback on the audio would be helpful
statCounter: Bing's Market Share Lower Right Now Than It Was When LLM Hype Began (With "Bing Chat")
If anybody gains at Google's expense in search, it is BRICS' alternatives such as Yandex
Gemini Links 06/05/2025: Failure and Proxmox Cluster
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, May 05, 2025
IRC logs for Monday, May 05, 2025
Links 05/05/2025: TikTok Still a Romanian Woe/Foe, Signal Perils Showing
Links for the day
Gemini Links 05/05/2025: Debian and GNOME and a "Welcome to Simple Articles"
Links for the day
Links 05/05/2025: US Economy Shrinks, US Presidency Spreading Deepfakes
Links for the day
Links 05/05/2025: Breaches, Environment, and Conflicts
Links for the day
SUSE the Company Now Uses LLM Slop to 'Write' Its Blog, What Does That Tell Us About SUSE?
There are many giveaways
Richard Stallman is in Alicante Today to Give a Talk, Czech Republic in Two Days (Wednesday)
Of course he can deliver the talk in Spanish
Gemini Links 05/05/2025: XL Bullies and Luddites
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, May 04, 2025
IRC logs for Sunday, May 04, 2025
Links 04/05/2025: Science, Conflicts, and Monopolies
Links for the day
GNU/Linux Above 7% in Bulgaria, Rising Just Like in Most of Europe
Up to 7%, not counting Chromebooks
Data Shows Largest EU Economies Shifting to GNU/Linux
all-time highs
statCounter Says Only One in 6 Web-Connected Clients in Hungary Are Using Windows, iOS Almost Bigger Than Windows Now
Hungary is a cautionary tale in the world of European (or Russian) politics
Many Reports About Microsoft's Financial Report/Performance Are False, Fake News, Churnalism/Parroting, and LLM Slop (Machine-Generated Lies)
Even if you see a thousand sites saying that Microsoft is performing well ask yourself why the company is rushing to fire tens of thousands of workers and cancelling datacentres
Links 04/05/2025: FCC Turning Into MAGA’s Censoring Machine, SEC Pressured to Delist Chinese Companies
Links for the day
Gemini Links 04/05/2025: Historical Artifacts and Date Calculations in POSIX Shell
Links for the day
In the First 3 Months of 2025 GAFAM Debt Rose by More Than $14.4 Billion
That's based on their official statements
10-Step Strategy to Get BRETT WILSON LLP ("Gun for Hire"), Microsoft's Serial Strangler, and the Serial Defamer to Compensate Techrights and Tux Machines for Years of SLAPPs and Abusive Litigation
There's no room or capacity for forgiveness here; enablers and protectors of crime need to be scuttled and pay up in full
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, May 03, 2025
IRC logs for Saturday, May 03, 2025