On 10/7/18 11:04 AM, Daniel Vetter wrote: > On Sat, Oct 6, 2018 at 11:36 PM James Bottomley > <james.bottom...@hansenpartnership.com> wrote: >> >> From 4a614e9440148894207bef5bf69e74071baceb3b Mon Sep 17 00:00:00 2001 >> From: James Bottomley <james.bottom...@hansenpartnership.com> >> Date: Sat, 6 Oct 2018 14:21:56 -0700 >> Subject: [PATCH 1/2] code-of-conduct: Fix the ambiguity about collecting >> email >> addresses >> >> The current code of conduct has an ambiguity in the it considers publishing >> private information such as email addresses unacceptable behaviour. Since >> the Linux kernel collects and publishes email addresses as part of the patch >> process, add an exception clause for email addresses ordinarily collected by >> the project to correct this ambiguity. >> >> Signed-off-by: James Bottomley <james.bottom...@hansenpartnership.com> >> --- >> Documentation/process/code-of-conduct.rst | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/Documentation/process/code-of-conduct.rst >> b/Documentation/process/code-of-conduct.rst >> index ab7c24b5478c..aa40e34e7785 100644 >> --- a/Documentation/process/code-of-conduct.rst >> +++ b/Documentation/process/code-of-conduct.rst >> @@ -31,7 +31,7 @@ Examples of unacceptable behavior by participants include: >> * Trolling, insulting/derogatory comments, and personal or political attacks >> * Public or private harassment >> * Publishing others’ private information, such as a physical or electronic >> - address, without explicit permission >> + address not ordinarily collected by the project, without explicit >> permission >> * Other conduct which could reasonably be considered inappropriate in a >> professional setting > > We've discussed this a bit with freedesktop.org people a while ago, > both from a CoC and privacy regulations pov, and we concluded that > attaching random people's emails in Reported-by: and similar lines, > without their consent, is indeed a problem. Bugzilla is rather > problematic in this way, since it looks like it's protecting your > email address and keeping it private, but then you can still just grab > it from the bugzilla emails without first asking for permission. > That's one of the reasons why fd.o admins want to retire Bugzilla in > favour of gitlab issues (where this is handled a lot more strictly). > > What we discussed in the older thread here on ksummit-discuss is > making it clear that email addresses sent to public mailing lists are > considered public information, which I think is worth clarifying. But > what you're excempting here is anything collected without permission > in the past, which I don't think is a good wording. I've definitely > been skimping on the rules here in the past. At least in my > understanding of the legal situation, if you get a bug report through > a private channel, or at least a channel that hides private address > information (like Bugzilla does, albeit sloppily), then you do have to > ask for explicit consent to publishing that information.
That is my interpretation, too. And it even says so in Documentation/submitting-patches.rst, do I don't we need to clarify it further. Cheers, Hannes