Until January 15, the next $115,555 of support we receive will be matched!
$43,636 matched!
$115,555 to go!

[RSS] Conservancy Blog

Displaying posts by Karen Sandler

Interview with Matcher and Conservancy Board member Jeremy Allison

by Karen Sandler on January 14, 2021

picture of Jeremy Allison in front of a beautiful nature landscape with water, mountains and trees.

Jeremy Allison. Photo © Jeremy Allison, licensed CC BY-SA 4.0

A generous group of individuals has banded together to increase the amount of our match donation. This post is part of a series of interviews where these extraordinary folks tell us about why they care about software freedom and why they support Conservancy

We asked Jeremy Allison to describe himself for this interview, and he described himself as "a tedious audiophile who torments his friends with esoteric speaker trivia. He also likes to write C code and tries really hard not to put security holes in it. He co-founded the Samba project, whose list of CVE reports shows he is failing at this task. For some odd reason, Google thinks he is worth employing."

Q: How did you first get interested in software freedom?

A: I first got interested when I read the GNU Manifesto, back in the late 1980's. I don't know if was the "Astroid Mining" part that took my fancy, but it seemed like the right thing to do as learned in primary school - "Sharing is good !".

Also I grew up in the UK at a time where there was a great diversity of computing platforms many of which encouraged hacking. There was even a laptop that ran Forth as it's primary language rather than BASIC ! The spirit of wanting to be able to understand and work on the code that runs our lives never left me.

Q: How did you get started with Samba and why did Samba join Conservancy?

A: I was the person who submitted the first patch to Andrew Tridgell's (tridge) project (smbserver) that became Samba. I never looked back after that. I have to be honest, but Samba joined Conservancy because neither tridge or I wanted anything to do with non-technical things, and Conservancy seemed the easiest and lazyist way of getting other people to do these things. I now know that's not true, but it seemed a good idea at the time :-).

You've been on the board of Conservancy for a long time - what's that like?

A: The people who contribute to it are what make Conservancy. I know the projects are great, but the staff and other Board members are *AMAZING* ! It's an education and a privilage working with them. I love helping out and I hope to be able to do so for a long time to come.

Q: Why do you think people should contribute to Conservancy?

A: Conservancy's work has never been more important. More and more computing platforms are moving to locked down, proprietary code (sadly sometimes even based on top of Free Software).

The right to understand, to learn, to tinker and modify the code that runs all of our lives has never been under more risk. Please help conservancy do its vital work of continuing to fight for the freedoms I took for granted in my youth.

If we lose them, we'll all be the poorer for it !



Software Freedom Conservancy is in the final days of its annual fundraiser. Please help us continue our work by becoming a Supporter. Donate now and have your donation matched by a group of generous individuals who care deeply about software freedom.Your donation could push us over the top to meet our goal!

Tags: supporter

Interview with Matcher Daniel Vetter

by Karen Sandler on January 13, 2021

portrait of Daniel Vetter

Portrait of Daniel Vetter. Photo © Roland Beck, licensed CC BY-SA 4.0

A generous group of individuals has banded together to increase the amount of our match donation. This post is part of a series of interviews where these extraordinary folks tell us about why they care about software freedom and why they support Conservancy.

Daniel Vetter works on making graphics drivers better on Linux. At first largely by improving the code, nowadays he's focused on doing this by trying to build a better community.

Q: How did you first get interested in software freedom?

A: I've followed Linux for a long time, out of technical curiosity, but never really participated actively. Until the new graphics driver stack didn't work on my laptop, and I tried to fix it up somehow. But what got me hooked wasn't so much the technical challenges, but users being really happy about my patches and them very enthusiastically testing all the broken versions I create since I didn't understand much at all yet. That's when I realized there's a real impact on people, and that impact on people is also what keeps me going more than 10 years later trying to improve our community.

Q: Can you talk a little about why copyleft matters?

A: In the graphics subsystem in the Linux kernel we have strict requirements for the overall driver stack, including all the pieces in userspace, so quite a bit more than what copyleft itself would require. Short term this annoys a lot of people. Long term it's the reason for our success: It's not about preventing free-loading, that's just a small short term benefit, but about preventing fragmentation. I think that having such minimal standards to enforce collaboration, whether it's community rules like the graphics subsystem has or legal enforcement through copyleft, is crucial for the continued success of a community.

Q: Do you have a favorite Conservancy member project?

A: Outreachy, because people matter. And as long as large parts of our world aren't represented in our communities, we're not going to succeed. Plus mentoring interns is just a ton of fun!

Q: Why do you think people should contribute to Conservancy?

A: I'm on the board of the X.org Foundation, which backs all the various projects around the Linux graphics stack. Running the back office of a community is lots of work behind the scenes, and Conservancy is one of the best umbrella organizations we have: Clear focus on the people, professionally run and lots of great peer projects. So besides all the awesome projects, Conservancy itself is a critical piece of infrastructure we have and which needs our support.

Tags: supporter

Interview with Matcher and Conservancy Board member Allison Randal

by Karen Sandler on January 11, 2021

portrait of Allison Randal

Portrait of Allison Randal. Photo © Piers Cawley, licensed CC BY-SA 2.0

A generous group of individuals has banded together to increase the amount of our match donation. This post is part of a series of interviews where these extraordinary folks tell us about why they care about software freedom and why they support Conservancy.

Allison Randal has had a variety of roles in software freedom, including development, project leadership, strategy, and advocacy. She collaborates in the Debian project, and is currently taking a mid-career break to get a PhD at the University of Cambridge.

Q: How did you first get interested in software freedom?

A: I was working as a linguist in eastern Africa in the 90s, and using free software tools (especially Perl) for language data analysis. From there, I kind of fell backwards into taking a job as a Perl developer, teaching Perl at a local Linux user group, and then joining the Perl project first as a developer and programming language designer, and later as a board member and president of the foundation.

Q: Can you talk a little about why copyleft and copyleft enforcement matters?

A: Copyleft is an important tool in protecting and defending software freedom, and without enforcement that tool would weaken and dull over time.

Q: Do you have a favorite Conservancy member project?

A: It's impossible to pick just one favorite project. The one I use most frequently is git, unsurprisingly. :) I suspect a lot of people who use git every day don't even realize it is a Conservancy member project. Another is coreboot, since my development work in recent years has drifted more and more into open firmware and open hardware. Another is Outreachy, because its approach to diversity and inclusion has helped so many people find their start in software freedom.

Q: You have served on the boards of many important free software related organizations and have somewhat recently joined Conservancy's board. Why did you join Conservancy's board?

A: I've been a supporter of Conservancy for many years, and was always interested to do more. My past experiences as a board member have made that a role where my unique skills and volunteer time can serve Conservancy's mission and member projects.

Q: Why do you think people should contribute to Conservancy?

A:Doing a little good for the world is a great antidote for 2020, and contributing to Conservancy is one great little good you can do quickly and easily.

Tags: supporter

Ethical Employment Contracts Instead of Ethical Licenses?

by Karen Sandler on December 17, 2020

Earlier in the year at Copyleft Conf, we had a few sessions dedicated to the Ethical License movement. During the conference, Coraline Ada Ehmke gave a moving talk outlining why technologists and software freedom activists in particular must act against atrocities, especially those committed using FOSS. I have long argued that technologists (and especially software freedom activists) should dedicate more care and resources to the ethical use of technology and eliminating discrimination and oppression that technology often enables. While I don't believe software licenses are the best way to accomplish this task, I've wondered since the conference what FOSS contributors can do to protect human rights.

The proposed licenses have been essential to starting these discussions, but the license changes themselves seem unlikely to work: they'd introduce nonfree provisions, introduce license uncertainty and on top of that, we know that companies that would commit atrocities will ignore licenses and act from judgement-proof jurisdictions. So the question is how best to influence the behavior of companies who can improve their human rights record and how to insulate employees who want to take action to assure that their companies do the right thing.

Through our ContractPatch[1] initiative, Conservancy has been working to educate developers about employment contracts. We plan to eventually draft suggested contract language to help developers negotiate their employment contracts. While ContractPatch has moved slower than I would have liked (due to our prioritization of other urgent work), the initiative has shared good information, primarily via our talks and blogposts. I've been gratified to hear from folks that they've actually been able to negotiate better terms into their employment agreements as a result! Some have told us that they've succeeded in retaining their FOSS copyrights. Others have simply negotiated a better salary, as ContractPatch information improved their negotiation skills generally.

In the context of human rights, where FOSS licenses are unlikely to achieve the desired result, perhaps contractual demands by developers can succeed. I propose here a simple “contract patch” that can more successfully leverage developers' power in the market to prevent human rights abuses due to software.

Employees of all sorts face a difficult dilemma upon discovering unethical practices at their company. If the activity is already in advanced stages and/or the profit amounts generated from the practice are high, the employee's predicament becomes even more precarious. Should they report it to their manager or their manager's manager? If those managers all know about the activity already, will a complaint even be taken seriously? Often, the employee will have signed documents upon employment committing them to confidentiality, so the employee has little choice except to decide whether to quit or not but otherwise remain silent. For matters that concern the safety and well being of human beings, the stakes are much higher. Yet, employees have even fewer choices to ameliorate the situation. While most companies have whistle blower policies, the fallout of corporate politics can leave employees powerless.

What if those employees knew exactly how to handle the situation? What if the steps to escalate this situation were spelled out in advance? What if the employee were truly assured non-retaliation for reporting the situation? What if the employee were guaranteed a soft landing if they felt they needed to quit their job when the company took no action? In other words, what if these details appeared in their employment agreement and the employee knew they could rely on it from day one of their employment?

Amending Employment Contracts

With this in mind, we can draft a clause for employment contracts. Should an employee come to know that the company is committing violations of human rights, their employment agreement can specify the ways they can raise attention to this matter. Perhaps they first report the violation to their manager. If there is no satisfactory response or repair of the situation within a certain period of time, then the employee is to report the violation their manager's manager. If again there is no satisfactory response or action, the employee is to report the violation to the head of the department. If in that instance there is again no satisfactory response or action, the employee may post the violation on an internal mailing list or posting board. If again no action is taken, the employee may choose to terminate their employment and receive a pre-agreed severance amount — similar to the “golden parachute” provisions that executives have in their contracts. The company would also promise no retaliation against the employee for reporting the violation, including a non-disparagement provision that prevents the company from speaking negatively about an employee who opts for the severance. Each company could tailor the reporting chain to match what would make the most sense with their corporate structure. Nothing in the provision would undermine the company's confidentiality provisions with the employee, but the employee would have confidence in raising an alarm and also be able to quit while having a cushion to be able to look for another job.

Like most ContractPatch proposals, these approaches works best when the clause becomes standard. Companies are more likely to agree to these terms if many developers who interview ask for it.

This is a relatively simple solution — a good set of ContractPatch terms and a collective bargaining demand around it — is an outcome that companies can actually accept when the terms are reasonable. It protects the company's confidentiality and incentivizes employees to bring to management's attention problematic practices that the companies should have an interest in knowing about. Additionally, while the company and employee may disagree about the human rights implications of a problematic behavior, the ultimate negative result of the provision's operations is that the employee leaves the company, with a small, pre-agreed and easily budgeted financial settlement. In the case the employee is simply wrong about the alleged human rights violation, a voluntary exit is an obvious benefit to both parties. However, if multiple employees exercise this contract clause, the company then has a strong incentive to cease the violations, both financially and operationally. Alone one employee may not effectuate change, but standing together employees can have a powerful voice. Adding contract provisions like this one work within the existing corporate structure but amplify the impact that employees can have.

While I've focused my example on human rights violations, the provision could also cover endangering public health and safety or substantially violating the law.

The ContractPatch

Employment contracts often have provisions where the employee represents that they will obey laws and act ethically in the position. Here's an example of this kind of language I've seen in a contract:

Employee will act in an honest and ethical manner in compliance with all applicable laws … and comply with the policies, procedures, requirements, rules, and regulations promulgated at any time and as amended or supplemented from time to time by Employer … including Employer’s policies on sexual harassment …

Employment agreements are already the correct venue for these expectations. We can build on provisions like this to introduce the one I'm proposing here. The language itself could look like this:

“Human Rights Laws”) is defined as the United Nations Universal Declaration of Human Rights and any other applicable laws protecting the rights inherent to all human beings, regardless of race, sex, nationality, ethnicity, language, religion, or any other status.

An “Unethical Action” is defined as an action by Company that violates Human Rights Laws, excluding actions Company has taken against the Employee individually.

An “Adequate Response” is defined as a written response that (a) explains why there has been no Unethical Action, or (b) provides notice that the Unethical Action has ceased.

A “Planning Response” is defined as a written response that sets forth a plan to cease the Unethical Action.

Company shall act in an honest and ethical manner in compliance with all Human Rights Laws.

In the case that Employee becomes aware of any Unethical Action, Employee will report such action to their manager in writing as soon as is reasonably practicable. If Employee's manager does not provide an Adequate Response or a Planning Response within two weeks, Employee will send the report to their [FIXME - manager's manager/department head]. If [FIXME-title] does not provide an Adequate Response or a Planning Response within two weeks, Employee may report the Unethical Action via [FIXME - whatever relevant internal company-wide dissemination makes sense, whether it be an email list, posting board] (“Company Notice&Rdquo;). Employee may also provide a Company Notice in the case that the Employee has received a Planning Response but no Adequate Response is received within the period set forth for repair in the Planning Response. If the Employee receives no Adequate Response or Planning Response to a Company Notice within two weeks, Employee may terminate their employment and receive an amount equal to the greater of (i) twelve (12) weeks severance pay or (ii) twice the amount required by any relevant applicable law or statute. Company will not retaliate, intimidate or harass any Employee who reports an Unethical Action. If Employee's employment is terminated for any reason after Employee first reported the Unethical Action, Employee shall receive an amount equal to twelve (12) weeks severance pay. Nothing in this provision contradicts, supersedes or diminishes Section [FIXME-CONFIDENTIALITY] of this agreement. However, if Employee terminates their employment pursuant to this provision, Company will not engage in any disparagement of the professional or personal life of the Employee.

This text is a first draft and edits and suggestions are welcome on the Contract Patch mailing list .

No software developer expects to encounter human rights violations or unlawful activity using software when they take a new job. But history shows that it will and does happen; Coraline's talk is an excellent list of known examples. Introducing new clauses into employment contracts is a practical way to align the interest of all parties, while providing simple mechanisms to raise attention to and end problematic behavior. Developers usually have more bargaining power than most workers. Let's use that to make sure we compel our employers to behave ethically and provide us the safety to stop providing them with our services if they don't!




[1] While I'm a lawyer and many of the people who have worked on ContractPatch are lawyers, Conservancy doesn't provide legal advice and so ContractPatch isn't meant as legal advice. Please use the language as a starting point or as an example for you to work on with your own lawyer to figure out what works for your situation.

Software Freedom Conservancy is in the middle of its annual fundraiser. Please help us continue our work by becoming a Supporter. Donate now and have your donation matched by a group of generous individuals who care deeply about software freedom.

Tags: ContractPatch

Next page (older) » « Previous page (newer)

1 [2] 3 4 5 6 7 8 9 10 11 12

Connect with Conservancy on Mastodon, Twitter, Facebook, and YouTube.

Main Page | Contact | Sponsors | Privacy Policy | RSS Feed

Our privacy policy was last updated 22 December 2020.