Code of Conduct, creation and collaboration


4 posts were split to a new topic: Comparing SecureDrop Community & Tor Community organizations


Enforcing the Code of Conduct is necessary, for all the reasons explained in this thread. And I kept thinking about how we could effectively do that although there is no central authority. I originally suggested that we wait for an actual problem to happen to figure that out. But I’ve been convinced this is not enough and may even be interpreted as an open invitation for abuse. However I still find that including detailed measures (such as banishment) in the CoC itself is problematic because it can be worked around or be inappropriate in some cases.

How about we include a more general promise such as “If at least two CoC point of contact find that a person violates the CoC, they will do what is in their power to resolve the problem”. Examples of such actions can then be added in comments of the CoC . For instance: a person is banned from communication channels or their photo is circulated so they are not allowed in conference rooms, etc. But we do not need to include these examples in the CoC itself.

The worst that can happen is if the person who is in violation also has control over resources that would not allow the CoC point of contact to resolve the problem. For instance if the organizer of an event is the person in violation, they may refuse to step down. In this case the CoC point of contact will have a hard time but will not be powerless. They can publicly state that the SecureDrop Community boycotts the event etc. It would not be reasonable to expect the CoC point of contact is always in a position to resolve all matters with perfect efficiency. But it is reasonable to expect the CoC point of contact will always work to resolve all matters, to the best of their abilities.

What do you think?


I think that level of detail is also unnecessary. I think something general like “the community council decides…” is enough. Maybe we need consensus. Maybe we don’t.

With a horizontal community, I think the only thing we can do is hope that everyone follows the recommendations for sanctions from the CC. Sunlight is the best disinfectant, so if we are public and transparent about decisions, the community will know what events/spaces/people are in support of sanctions and which are not. I a problematic person is allowed at events, it will be made clear who let them there and, and members can self regulate spaces that are following vs. ignoring the CC’s recommendations.

I really don’t see a way around this problem without a central authority, which the community rightly seems to be rejecting.

Also, since @micahflee brought up Tor, I’ve been talking with one of the folks who was working on the CoC there and it seems like what we are proposing is mostly in line with what they do. Given that they were central to one of the biggest abuse/CoC stories in this community in recent years, I’m inclined to say their solutions to address that might carry more weight than communities that haven’t yet faced such circumstances (with the caveat being that I genuinely believe Tor cares about fixing this whereas other groups not so much).

If we have our CC made up of people from the major parts of SD (so let’s say this forum + FPF + UX folks (yes there’s overlap)), I think the CoC will apply to most SD-related spaces for the medium term future. As new groups pop up, we can talk to them about joining the CC or ask them to use the CoC in their spaces.


I’ve taken a stab at the next section, which spells out the items listed in the summary in more detail. I’d appreciate your comments and hope we can keep this moving forward. :slight_smile:

I’ve also filed an issue to suggest that we convert the code to markdown (we can do so once it is complete), for easier readability in contexts where markdown is parsed.


Thanks for writing that up. :smiley: I (and @dachary) left a few notes for you.


I think @dachary and I have had most of our requests addressed in the PR, and after the one pending change I asked for, if no one’s objected, I’m going to call this one good to merge.


Yeah, we concluded that including a definition of we along the lines of we is a community of individuals regardless of their affiliation to be super clear that organizations are not part of we, just individuals and their own free will :wink:


Added misgendering/deadnaming to the list of unacceptable behaviors. Once this one is merged I’ll prep a small PR for the preamble to clarify the use of “we”.


Merged the above and converted it to markdown. :slight_smile:


I had a conversation recently with one of my coworkers who has recently established a CoC for one of their groups, and they gave me some pointers on how we can shape the language around our CoC in a way that makes it a little more oriented toward growing, developing, and healing a community in the event of a violation compared to what could be more adversarial proceedings.

In short, we should avoid the words abuser, victim, and allegation/accusations and instead opt for the words receiver of harm, causer of harm, and reports of harm.

This suggestion was to prevent the case of chasing down to figure out exactly what happened or to make the debate about whether or not the person who caused the harm is “an abuser.” Maybe they are or maybe they’re not, but the end result is the community needs to figure out how to make the harm stop. That could mean asking the person who caused the harm to leave, or it could mean working with them to prevent that harm from recurring.

Anyway, I bring this up because I started working on the Community Contact, Reporting, and Resolution sections for our CoC. I’m stating this here so people can see a bit where the language came from and why it was chosen.

(This might be a bit different than things I’ve proposed before, but I’ve also been actively researching this since we started working on adding a CoC. So yeah, still learning.)


Also as a reminder, we have discussion on this PR discussing the usage of “We” and what it means in the context of the CoC.


I added this PR to explain what the Community Council is and how it operates. I think this section is too important for me to merge without consensus, so I think it is very important that we all comment on it either here or in the PR.


Hey all. Since it looks like we hit a point of near completion on the CoC, I opened this thread to have a vote about whether or not the CoC is acceptable for a first pass. Please vote and pass the word along to others who might be invested getting a CoC ratified. :blush: