chore: add documents CoC Committee and Incident Resolution Procedures #1013
Conversation
Barbanio
requested review from
quetzalliwrites,
derberg,
asyncapi-bot-eve and
thulieblack
as code owners
Barbanio
changed the title
Barbanio
changed the title
|
|
||
| ### Submit in writing | ||
|
|
||
| To report a violation in writing, please email [[email protected]](mailto:[email protected]), which goes to all primary (not alternate) members of the AsyncAPI Code of Conduct Committee (CoC Committee). If you do not want your report to be received by all members of the CoC Committee, either because you want to submit a report anonymously or because one of the CoC Committee members has a conflict of interest, you may send your report directly to any individual member of the CoC Committee. |
There was a problem hiding this comment.
@derberg shall we tell Linux Foundation to add this email user?
Also we need to decide how we wanna operate as CoC Commitee regarding email watching. Shall those emails act as a redirect to all of our personal emails? Rather, shall some of us get access to that email account and check email manually from time to time? Maybe we could do some automation via Slack?
There was a problem hiding this comment.
Additionally, we can set an Slack Workflow (super easy to create, just few clicks) so people can report through an Slack action. Just an example:
The data collected can be posted into a private channel where only the CoC Committee is present. This won't work for anonymous reports but for non-anonymous. However, it will IMHO add good value by letting users quickly send reports of violations, especially those that were not targeted to them, turning those "I will write an email later" into actions).
cc @Barbanio
There was a problem hiding this comment.
I like the idea! Wdyt, @AceTheCreator?
There was a problem hiding this comment.
I have doubts if [email protected] is the best solution that assures people feel safe to report problem.
Generic email - you have in the end no idea who has access to it.
Yeah I know other communities do it this way.... but I find it pretty strange.
Why not being transparent:
- mention who people can reach out
- have some kind of online form, that people can use to fill in report
This way we can 100% assure only the right people will get report.
With generic email - admins of Google Workspace (Fran, and also Me) will also have access. Not saying we will violate the trust...but still - it is not 100% safe solution
There was a problem hiding this comment.
@derberg your suggestion is that the reports should be posted either via DM to a member of the CoC Committee or via form and posted automatically to the private channel the CoC Committee has?
There was a problem hiding this comment.
@thulieblack any particular reason why Joanna Lee (LF legal expert) advised against it?
There was a problem hiding this comment.
There was a problem hiding this comment.
ok then, so we go with generic email but also transparently mention emails of committee members in case of people want to reach out to them directly instead of generic email?
There was a problem hiding this comment.
Yea, that'll be the best way in my opinion
There was a problem hiding this comment.
If we go for email, we should need then @asyncapi.org (or .com) emails to give trust and to avoid mixing personal stuff IMHO. WDYT?
|
|
||
| ### Submit in spoken conversation | ||
|
|
||
| If you prefer to report the violation in a spoken conversation, you may request a virtual meeting with a CoC Committee member. If the incident occurs at an event, you may report the incident in person either to a member of the AsyncAPI CoC member or a [Technical Steering Committee](https://www.asyncapi.com/community/tsc) (TSC) member. |
There was a problem hiding this comment.
or a Technical Steering Committee (TSC) member.
Then this means (to me) all TSC members need to be aware of all the processes regarding the CoC. We could ping them all at some point when all of this get merged to let them know.
Wondering if dealing with CoC reports could be something some members could feel uncomfortable 🤔
Additionally, we could also recommend to, in case there are no members of the Committee to contact via email.
There was a problem hiding this comment.
It makes sense. It's a very good idea. All TSC members should know the CoC, especially in case they have to act in an emergency situation.
Regarding contact by email, this is the first option given in the previous section: Submit in writing.
Co-authored-by: Sergio Moya <[email protected]>
|
|
||
| ### Communicating the Results | ||
|
|
||
| An incident is considered “resolved” when the CoC Committee has completed its investigation and either (a) determined what remediation actions are needed to resolve an incident (including determining that the involved parties’ agreed-upon resolution is adequate) (b) or determined that the CoC was not violated and no remediation is needed. When the incident is resolved, a member of the CoC Committee will inform the person who submitted the report. The CoC Committee will determine how much information to share with the reporter regarding the committee’s findings and what remediation steps were taken, if any, taking into consideration the privacy, confidentiality, and potential impact to the individuals involved in the incident. Notification to the accused person shall follow [Notification to the Accused Person](#notification-to-the-accused-person). The CoC Committee will also determine what information, if any, is necessary to share publicly or with community and project leaders. Any communication regarding the results of the investigation will be confidential. |
There was a problem hiding this comment.
determined what remediation actions are needed to resolve an incident
I would expect not only know which actions to take but some kind of follow up I guess? not sure if this is out of our bandwidth tbh
There was a problem hiding this comment.
Yes, maybe makes sense. How about contacting the person(s) who were affected a month or three months after resolving the conflict to see how things are going?
There was a problem hiding this comment.
Maybe some of the comments I added are related to the CNCF CoC incident resolution doc, so feel free to discard if you believe it should.
|
|
||
| ### Confirmation of Jurisdiction | ||
|
|
||
| After a report is submitted, the AsyncAPI CoC Committee will confirm who has jurisdiction over the incident under the Jurisdiction and Escalation Policy. If the CoC Committee does not have jurisdiction, it will escalate the incident to the TSC. Reporters will be notified if this occurs unless they reported anonymously and did not provide their contact information. If the CoC Committee does have jurisdiction and is not required to escalate it, the committee will proceed to investigate and resolve the incident. |
There was a problem hiding this comment.
Question: what do you mean by "Confirmation of Jurisdiction"?
There was a problem hiding this comment.
This refers to the CoC committee deciding if there is a conflict of interest, who is in charge of the report, and similar things. Anyway, I believe this section refers to this supplementary document. I don't know if it makes sense to keep the section or to have a similar document.
There was a problem hiding this comment.
I suggest having a similar document separately, but that's just my opinion 😉
There was a problem hiding this comment.
Conflicting with my suggestion https://github.com/asyncapi/community/pull/1013/files#r1489429536 😅
I suggested to just write a small section, because the CNCF one is way bigger because, yes, CNCF is a foundation.
There was a problem hiding this comment.
Hehe, I was just suggesting. Maybe we can improve the section according to our circumstances and still keep it in one document.
|
IMO I think we have resolved the major stuff @deberg, any other concerns before we go ahead? |
|
After a month, I closed the discussion that let the @asyncapi/tsc_members know their responsibilities regarding the CoC and it's incident resolution. Additionally, I created the following issue so we add the requirement of reading and accepting the CoC for any future new TSC member. #1097 cc @derberg |
| **Full Members**: | ||
|
|
||
| - [Azeez Elegbede](https://github.com/acethecreator) | ||
| - [Barbaño González](https://github.com/barbanio) |
There was a problem hiding this comment.
| - [Barbaño González](https://github.com/barbanio) |
Based on https://github.com/orgs/asyncapi/discussions/682#discussioncomment-7229097, @Mayaleeeee @alequetzalli @thulieblack @derberg Any of you are willing to become a full CoC Committee member?
There was a problem hiding this comment.
I feel too overwhelmed to be able to say yes 😿
There was a problem hiding this comment.
I'm still okay with supporting the Committee as a secondary member.
|
/ptal |
|
@derberg @alequetzalli @AceTheCreator Please take a look at this PR. Thanks! 👋 |
|
Can we merge already? 😆 |
|
Looks ready to me 🚀🚀 |
|
/rtm |
Updating information on the Code of Conduct Committee. Adding documents 1 (CoC Committee) and 2 (Incident Resolution Procedures)of the issue #994.
@AceTheCreator @smoya @Mayaleeeee @alequetzalli @thulieblack