Community involvement during recruitment and on-boarding


In the recent past we started to establish a transparent process to elevate developers privileges. Historically the SecureDrop project was exclusively controlled by Freedom of the Press Foundation and such discussions happened during internal meetings. But since 2017 and thanks to a much more inclusive policy for external contributors, a growing number of developers started to get involved and such internal decisions needed to be made in public.

As GSoC approaches and new participants are going to be interviewed and selected, decisions will have to be made about who is going to be selected or not, how they will be on-boarded in the project, the kind of work they are going to do etc. Something very similar happens with every organization involved in SecureDrop when a new employee is interviewed and hired.

I would like to propose that a process is established to allow (and not force, of course :wink: for an a transparent communication during this recruitment and on-boarding stage. Here is a (fictional) example of a non transparent way of recruiting and on-boarding a GSoC candidate, with indications about when it could be transparent instead:


  • candidate contributes to SecureDrop using public PRs & forum & gitter (good)
  • candidate communicates in private with mentors (should be public)
  • candidate applications are published in a place only accessible to mentors (should be public)
  • mentors and candidates conversations to refine their application uses private communication (should be public)
  • mentors debating the merits of each candidate use private communication (needs to be private)
  • mentor decision about each candidate is sent in private (should be public and include positive criticism, suggestions for improvement, links to the public discussions)


  • the students does not introduce themselves to the SecureDrop community (they should post in the forum, explaining the topic of their work, with pointers to their accepted proposal)
  • a meeting is organized with the student and members of the SecureDrop team without announcing it publicly (it should be public and announced a week in advance at least so volunteers who are not full time get a chance to participate)
  • the topic of the meeting is discussed in private and not announced publicly (it should be made public at the same time the meeting is scheduled so volunteers get a chance to read it and participate)
  • privileges are granted to the student without a public discussion (the process should be followed)

What do you think ?