On 2025-02-07, Charles Plessy <plessy@debian.org> wrote:

Does that mean we should equip ourselves with a Conflict of Interest
Policy? Here is a suggestion drafted by ChatGPT.

I'm not sure why I should spend time reading something you didn't bother
write ?

/Sune

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi all,

we are so diverse, that when the possibility of a conflict of interest
arises in a situation, it is too late, because we are not even going to
agree on what a conflict of interest is, and how to handle the
situation, before one could conclude if there is really a conflict of
interest. The disucssion on Google is not the only one, older
discussions on Canonical during some Technical Committee appeals also
come to mind.

Does that mean we should equip ourselves with a Conflict of Interest
Policy? Here is a suggestion drafted by ChatGPT.

-------------------------------------------------------

Conflict of Interest Statement

Debian values transparency, integrity, and the diverse contributions of
its members. As an organization with a broad and diverse membership, we recognize that understandings of conflict of interest may vary. A
conflict of interest arises when a person’s ability to make objective decisions within Debian could be influenced — consciously or
unconsciously — by their affiliations, such as employment, sponsorship, personal relationships, or other external commitments.

Being in a situation of conflict of interest is not inherently bad and
does not imply wrongdoing. It is a natural occurrence in a community
where people bring valuable expertise and connections. However, to
uphold Debian’s commitment to fairness and trust, we ask that members:

- Consider potential conflicts and be transparent when a decision might
intersect with their employer’s, sponsor’s, or other affiliations'
interests.

- Disclose conflicts appropriately, recognizing that different people
may assess the situation differently.

- Refrain from participating in decisions where their neutrality could
reasonably be questioned.

- Raise concerns respectfully, assuming good faith and without implying
wrongdoing, to foster an open and constructive dialogue.

If unsure, members are encouraged to discuss the situation with peers or governance bodies to ensure Debian’s processes remain open, fair, and principled.

-------------------------------------------------------

Have a nice day,

Charles

--
Charles Plessy Nagahama, Yomitan, Okinawa, Japan
Debian Med packaging team http://www.debian.org/devel/debian-med Tooting from home https://framapiaf.org/@charles_plessy
- You do not have my permission to use this email to train an AI -

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, Feb 07, 2025 at 06:10:20PM +0900, Charles Plessy wrote:

Hi all,

we are so diverse, that when the possibility of a conflict of interest
arises in a situation, it is too late, because we are not even going to
agree on what a conflict of interest is, and how to handle the
situation, before one could conclude if there is really a conflict of interest. The disucssion on Google is not the only one, older
discussions on Canonical during some Technical Committee appeals also
come to mind.

Does that mean we should equip ourselves with a Conflict of Interest
Policy? Here is a suggestion drafted by ChatGPT.

Hi Charles,

A conflict of interest policy might be useful. With the greatest
respect, I'd much rather that it were drafted by intelligent
humans rather than artificial intelligence - enough with Chat GPT,
already, both here and more generally within Debian mailing lists.

[And it is somewhat ironic that this email contains
output from an AI while your signature requests that this
email not be used to train one :) ]

With every good wish, as ever,

Andrew Cater
(amacater@debian.org)

Charles

--
Charles Plessy Nagahama, Yomitan, Okinawa, Japan Debian Med packaging team http://www.debian.org/devel/debian-med Tooting from home https://framapiaf.org/@charles_plessy
- You do not have my permission to use this email to train an AI -

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, Feb 7, 2025 at 4:10 AM Charles Plessy <plessy@debian.org> wrote:

- Consider potential conflicts and be transparent when a decision might
intersect with their employer’s, sponsor’s, or other affiliations'
interests.

I don't see why this is needed. I am privileged to be paid by
Canonical to package GNOME for Ubuntu (and more). I do a significant
amount of work in Debian that is good for my employer. I believe that
my work is also good for Debian. I do all my work without hiding my
identity and use my company email for emails like this or bug reports
or git commits. Would I need to include a disclaimer for every bug
report, git commit, merge request, and IRC message so people are
informed that Canonical may benefit?

- Refrain from participating in decisions where their neutrality could
reasonably be questioned.

Do you really want employed people to contribute **less** to Debian??

I interpret your explicit mention of Canonical in your original email
as an attack against Steve and Colin for daring to prefer upstart over
systemd more than a decade ago. I don't think that's fair and I don't
think there is any reason to debate that now. There aren't any
Canonical members on the Technical Committee and I don't think we
should discourage any from joining.

Thank you,
Jeremy Bícha

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

* Andrew M.A. Cater <amacater@einval.com> [2025-02-07 12:27]:

[And it is somewhat ironic that this email contains
output from an AI while your signature requests that this
email not be used to train one :) ]

I for one applaud his attempt to protect our AI overlords from model
collapse [1] ;)


Cheers
Timo

[1] https://www.nature.com/articles/s41586-024-07566-y


--
⢀⣴⠾⠻⢶⣦⠀ ╭────────────────────────────────────────────────────╮
⣾⠁⢠⠒⠀⣿⡁ │ Timo Röhling │
⢿⡄⠘⠷⠚⠋⠀ │ 9B03 EBB9 8300 DF97 C2B1 23BF CC8C 6BDD 1403 F4CA │
⠈⠳⣄⠀⠀⠀⠀ ╰────────────────────────────────────────────────────╯

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmwPruYMA35fCsSO/zIxr3RQD9MoFAmel/cMACgkQzIxr3RQD 9MrUyQ//bkko8Qei4H3UDHUxg3Qv6YkyYV9W2lDl8JWjq/H4KT1/Z51FxYCpJAXz WpS5R1quMhtA8Z6wcaNYuKlvNkkIklcmSqup8vvodNfG6Ko5rey+6mhCVe0s4wXG bKqyQpQ6hcOxcrpBkCSLvlFyi5gaWLTMU6ZVVhlOLr3V+p29V+HhyeGNTeW5qk6n nLBcRWNwunUqZgL4LUS8QC8oLzC6AE9k37gWlkAqXKrZEGyuJiq5ob+j2tOGVgn9 JnwRap/H5tLexC7oZqO+vDgtnPuHSv5q7nIHlc/GpmmrBP2xRprLEQj/0NarATlu txSXdtFRGkkrfLFpCYmL4FGN88Wqe9c1Y5is8sP9At3

Hi all and Jeremy,

first, I would like to apologise for sending my original email to the
wrong list,

Le Fri, Feb 07, 2025 at 07:47:35AM -0500, Jeremy B�cha a �crit :

I interpret your explicit mention of Canonical in your original email
as an attack

I am really sorry if my email sounded like an attack. This is really
not my intention. I was referring to that event that event because I
think that it was a perfect example that when people raise questions on conflict of interest, it is already too late if we do not even agree on
what a conflict of interest is. I do not want to re-open the case or
even send attention to people in particular. Actually, I have been
careful to not write names in my email for that very purpose.

Have a nice week-end,

Charles

--
Charles Plessy Nagahama, Yomitan, Okinawa, Japan
Debian Med packaging team http://www.debian.org/devel/debian-med Tooting from work, https://fediscience.org/@charles_plessy Tooting from home, https://framapiaf.org/@charles_plessy

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hey,

Charles Plessy <plessy@debian.org> wrote on 07/02/2025 at 10:10:20+0100:

Hi all,

we are so diverse, that when the possibility of a conflict of interest
arises in a situation, it is too late, because we are not even going to
agree on what a conflict of interest is, and how to handle the
situation, before one could conclude if there is really a conflict of interest. The disucssion on Google is not the only one, older
discussions on Canonical during some Technical Committee appeals also
come to mind.

Does that mean we should equip ourselves with a Conflict of Interest
Policy? Here is a suggestion drafted by ChatGPT.

-------------------------------------------------------

Conflict of Interest Statement

Debian values transparency, integrity, and the diverse contributions of
its members. As an organization with a broad and diverse membership, we recognize that understandings of conflict of interest may vary. A
conflict of interest arises when a person’s ability to make objective decisions within Debian could be influenced — consciously or
unconsciously — by their affiliations, such as employment, sponsorship, personal relationships, or other external commitments.

Being in a situation of conflict of interest is not inherently bad and
does not imply wrongdoing. It is a natural occurrence in a community
where people bring valuable expertise and connections. However, to
uphold Debian’s commitment to fairness and trust, we ask that members:

- Consider potential conflicts and be transparent when a decision might
intersect with their employer’s, sponsor’s, or other affiliations'
interests.

- Disclose conflicts appropriately, recognizing that different people
may assess the situation differently.

- Refrain from participating in decisions where their neutrality could
reasonably be questioned.

- Raise concerns respectfully, assuming good faith and without implying
wrongdoing, to foster an open and constructive dialogue.

If unsure, members are encouraged to discuss the situation with peers or governance bodies to ensure Debian’s processes remain open, fair, and principled.

I'm not sure I'd expect more from people than them saying who they work
for or defend.

I'd not, eg, expect some Canonical employee to refrain voting a GR
because they might be biased. We all are biased.

--
PEB

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQJDBAEBCgAtFiEE5CQeth7uIW7ehIz87iFbn7jEWwsFAmemMAwPHHBlYkBkZWJp YW4ub3JnAAoJEO4hW5+4xFsLZPsP/RYor1k1+q0P0n9MQzs6PbJfASUO/aRWJ4RZ 7lScNEYDeEUOO0td7YXBDjGelzsqg7btRYF99mAJCgvsOvNyOlhWLJETlwy5QuCf v01A/4/3skCQkHXCH/q95ozndNxZoLoSP2iLCrIE3mzRYW1agrrVFz7XCUoXdhin tFFq9xPUKKgnnhw+DbDOSWnxz++nMW7ZNquHF/NIj5CIsZHSBxrVktphmJVZnEe4 tWO41igC0s3hWryYuuLH6K0qGiZBzppU/IJOF5y14KWtlGhsEGQTqFD54kPywXJ7 bceWDAW6oRk8RsbA6ORKn7ZD8O/Z3M+rUQVTiwbcRu8BmX2IIsHmlr50pz+FzajO MH/5MmwnjmcLfOi80Qqj+2YFSI2r3mnBBYDS710pP2+0xY+s7Enth+IE8U8DNWQz lM0Dv+oCfmDm8Xh2Uel3v+RREakTTvCJYm3jSAs2vIT7x+BvBjdDUHM9tqlyOdRO 8fiuS+YU+sMgtNXWVeGEGal/nOQfLHQBeInrIb69Ke33XLaK3nq99vSQxJ8hrkEP bHLBCDp5MnJqP5TQ2sqSjH2ci6wV/V02whZe+njxdN9DjCuAQnNgfkKBeRr6N+Dy X482PTSa5wheCUcYep/UhGYiIVb7/cG4/TwAJpMmDOqjzS5A5+pLdtffE0s3dZIy
j4sC0gEE
�Oj
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi,

Le 2025-02-07 17:08, Pierre-Elliott Bécue a écrit :

I'd not, eg, expect some Canonical employee to refrain voting a GR
because they might be biased. We all are biased.

Another reason why it is a good practice to not take part in votes when
in a potential or actual conflict of interests situation is that it also protects the individuals involved from possible retaliation from e.g.
their employers should they vote against their interests. They can just
say "by the policy, we had to abstain".

The "conflicts of interests" where disclosure and/or abstention are
appropriate are usually those where personal benefit (e.g. financial
gain, professional or social ranking etc) may unduly influence a
decision. People working for Canonical are, I believe, not in such
situation for most GR topics or development work.

I'm not sure we need a formal policy for this though, and if we do,
maybe a few additional words in the code of conduct could be enough.

Cheers,

--
Julien Plissonneau Duquène

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 07 Feb 2025 17:08:44 +0100, Pierre-Elliott Bécue
<peb@debian.org> wrote:

I'd not, eg, expect some Canonical employee to refrain voting a GR
because they might be biased. We all are biased.

Some call it bias, others call it opinion. It's fine.

Greetings
Marc
--
---------------------------------------------------------------------------- Marc Haber | " Questions are the | Mailadresse im Header Rhein-Neckar, DE | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 6224 1600402

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

"Charles" == Charles Plessy <plessy@debian.org> writes:

Charles> Hi all, we are so diverse, that when the possibility of a
Charles> conflict of interest arises in a situation, it is too late,
Charles> because we are not even going to agree on what a conflict
Charles> of interest is, and how to handle the situation, before one
Charles> could conclude if there is really a conflict of interest.
Charles> The disucssion on Google is not the only one, older
Charles> discussions on Canonical during some Technical Committee
Charles> appeals also come to mind.


Almost certainly we do. I have found that when you need a conflict of
interest policy most, people are least willing to consider adopting one.
There is a lot of fear of change, of the idea people might realize they
did things that we do not want to support in the future, fear that it
might be weaponized.

I have never found how to approach this well.
I think back to a time in the IETF when people screamed and shouted
(literally) and accused me of acting in bad faith simply because I
wanted to understand what we were and were not willing to support.

Good luck.
I do not have emotional availibility to help with this project, even
though I think it is important.

In my mind the biggest thing we could do is to clarify a cultural norm
of disclosing affiliations especially for community leaders.

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQSj2jRwbAdKzGY/4uAsbEw8qDeGdAUCZ6a7cgAKCRAsbEw8qDeG dJBJAP4/5Ffe/wfhDeeXEnf2pF+1WqaQwGWD+lJJQE4BQ/bHSgEAmHtu4/MrFh3E 7kwo/Th9XOAg0NVlKX2348FhjyWF4Qs=
=H0yS
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

I'm a bit dubious about a ChatGPT authored Conflict of Interest (COI)
policy because most of them that you will find on-line, and thus what
a Large Language Model (LLM) will regurgitate, are meant for
orgaizations where you have a small body of people who vote.

So for example, if you serve on the board of a church, or a non-profit orgaization like Usenix, or the Rocky Enterrise Software Foundation
(RESF), if there is a motion where you might benefit depending on how
the decision comes out, the CoI policy will mandate that you abstain
from voting on the motion. This is where the "refrain from
participating from a decision" language might come from.

Howeer, it is quite common that someone with that potental conflict of
interest is often a subject matter expert. For example, if you are a
primary owner of a general contracting company, then you will know a
lot about building construction; so if the vote is about which company
should be hired, the board would *want* to hear your insights. So
typically the conflict of interest would be disclosed, the expert
would give their opinions, insights, and other expertise to the board
--- and then the expert might abstain from voting on the actual motion
if they were a board member.

The problem is that in Debian, we rarely vote when we make decisions.
This does happen, of course, such as when the Technical Committee
votes on something that might be a very close call. In that case, it
would make sense for a TC member who might have conflict of interest
to step aside.

However, many decisions take place via discussion / debates on public
mailing list --- so what does refrain from participating in a decision
mean in that context? That the people who might have the most
expertise must not participate in the debate? That
seems.... counterproductive. So there, probably the best you could do
is to make sure people should be asked to disclose conflicts of
interest up front, although in many cases, it might be obvious (for
example if the e-mail address has canonical.com....).

Another such situation is if a maintainer makes a decision as it
relates to a package where they ar

This is a multi-part message in MIME format.

--nextPart1844426.teYOa0iCNi
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

On Saturday, February 8, 2025 9:09:55 PM MST Theodore Ts'o wrote:

I'm a bit dubious about a ChatGPT authored Conflict of Interest (COI)
policy because most of them that you will find on-line, and thus what
a Large Language Model (LLM) will regurgitate, are meant for
orgaizations where you have a small body of people who vote.

So for example, if you serve on the board of a church, or a non-profit orgaization like Usenix, or the Rocky Enterrise Software Foundation
(RESF), if there is a motion where you might benefit depending on how
the decision comes out, the CoI policy will mandate that you abstain
from voting on the motion. This is where the "refrain from
participating from a decision" language might come from.

Howeer, it is quite common that someone with that potental conflict of interest is often a subject matter expert. For example, if you are a
primary owner of a general contracting company, then you will know a
lot about building construction; so if the vote is about which company
should be hired, the board would *want* to hear your insights. So
typically the conflict of interest would be disclosed, the expert
would give their opinions, insights, and other expertise to the board
--- and then the expert might abstain from voting on the actual motion
if they were a board member.

The problem is that in Debian, we rarely vote when we make decisions.
This does happen, of course, such as when the Technical Committee
votes on something that might be a very close call. In that case, it
would make sense for a TC member who might have conflict of interest
to step aside.

However, many decisions take place via discussion / debates on public
mailing list --- so what does refrain from participating in a decision
mean in that context? That the people who might have the most
expertise must not participate in the debate? That
seems.... counterproductive. So there, probably the best you could do
is to make sure people should be asked to disclose conflicts of
interest up front, although in many cases, it might be obvious (for
example if the e-mail address has canonical.com....).

Another such situation is if a maintainer makes a decision as it
relates to a package where they are the primary maintainer. This case
can get quite ticklish, because very often, they *are* one of the
primary experts about the package; that's why they are the maintain
the package. And that might also be why a company decided to hire
them. For example, I got hired by Google because I was the ext4
kernel maintainer, and I did make changes that made it easier for
e2fsprogs to be built on ProdNG, which was a Debian variant for use internally at Google[1].

[1] "Live Upgrading Thousands of Servers from an Ancient Red Hat
Distribution to 10 Year Newer Debian Based One"
https://www.usenix.org/system/files/conference/lisa13/lisa13-merlin.pdf

The changes that I made din't compromise Debian at all (I doubt anyone noticed, since they din't cause any changes in the binary packages
generated by e2fsprogs' debian/rujles file for Debian. But this was a decision that was made that benefited Google, *and* Debian because it
meant that we got a lot more testing on thousands and thousands of
servers runnig in data centesr al over the world. Is that a "conflict
of interest"? Lots of similar scenarios happened where Debian
Maintainers were hired by Canonical, and did work while being paid by Canonical in a way that substantially benefited Debian *and* Ubuntu.

Should people in these sorts of situations be "not allowed to
participate in decisions" as the package maintainer because of some
silly ChatGPT authored policy? I think not.

Ultimately, this is a case where I think we do have recourse already,
which is if a package maintainer makes a decision which is detrimenta
to Debian, that decision can always be appealed to they TC.

So I could imagine COI policies for specific, small bodies in Debian
where decisions get made via voting, such as the TC.

However, I don't believe it makes sense for large bodies; for example, excluiding people from voting on a GR just because they might have a
conflict of interest means that we could potentially depriving people
of their franchise, which I think would be a Bad Thing. So if someone adopted this as a constitutional amendment, I would vote against it.

The final thing I would note is that our structure means that in some
cases, the ultimate authority rest with the DPL. So I'm not sure we
*can* have a COI policy that applies to the DPL without it making a fundamental change to our governance structure. The wise DPL would
delegate their authority if there wasa clear conflict of interest, of
course. And if a DPL abuses their authority, then they can be voted
out at the next election. But saying that the DPL "must not
participate in a decision", per the ChatGPT authored statement, I
would argue does't work given what trust and power we vest in the DPL.

Cheers,

- Ted

I agree wholeheartedly with this reasoning.

--
Soren Stoutner
soren@debian.org

--nextPart1844426.teYOa0iCNi
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset="utf-8"

<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body><p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">On Saturday, February 8, 2025 9:09:55 PM MST Theodore Ts'o wrote:</p>
<p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">&gt; I'm a bit dubious about a ChatGPT authored Conflict of Interest (COI)</p>
<p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">&gt; policy because most of them that you will find on-line, and thus what</p>
<p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">&gt; a Large Language Model (LLM) will regurgitate, are meant for</p>
<p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">&gt; orgaizations where you have a small body of people who vote.</p>
<p style="margin-top:0;margin-bottom:0;