Re: Last Call: <draft-farrresnickel-harassment-05.txt> (IETF Anti-Harassment Procedures) to Best Current Practice

[Sam Hartman <hartmans-ietf@mit.edu>]

I apologize for the late review.

First, I'd like to say  that there are many great things about this
document:

1) I think that
1) It is not overly specific; it understands we don't know everything
about how this process works yet.

2) It's clear how to report an issue.

3) It has more thought about conflict of interest than is typical for
the IETF.

4) It acknowledges that this an area where an ISOC appeal may end up
being the right answer and explicitly allows for that.  While I hope we
don't see such an appeal, I'm really happy that we're honest about the
possibility and permit that approach when needed.

I've reviewed Michael's concerns about section 5.
I agree that the team will need to  carefully consider what remedy is
appropriate.
However, I do believe that the options provided by section 5 are all
necessary and don't think we will succeed in doing a better job of
writing section 5 at this time.

I think there's significant legal liability involved here.  If the IETF
fails to act in a situation where there is harassment, we and our
participants may face significant liability.  If the IETF isn't careful
in how it acts, especially if it acts in a manner that disadvantages a
party, it may have significant liability for impacts on the standards
process's openness.  You actually have liability when you make
decisions.  That's kind of the point though. If we want to avoid
liability, we could close up shop.  I suspect folks would be happy to
move into the vacuum:-)

Yes, the IESG should get legal review.
Yes, we should not take unnecessary risks.
However, we should also commit ourselves both to avoiding harassment and
to an open standards process.  Both of those commitments involve legal
and other risk.



I do have two concerns about the draft:

1) Certain disclosures are necessary for the process to work.  As an
example it's probably necessary for a respondent to know that there has
been a report to properly investigate it.  The draft sort of anticipates
this sort of necessary disclosure.  However, if I were on the IESG or
involved in handling a complaint of harassment, I don't think the
current text would be adequate for me  to do my job.  Here are some
examples:

* Does the respondent get to know the identity of the reporter?  What
  about the subject?  Arguments against are the general language of
  confidentiality.  Arguments for are the mutually review statement, and
  the offer of mediation.  Also, it seems like it would be really hard
  to respond without knowing the identity of the subject.  However
  reporter seems more complex.

* How does this whole thing where the team recommends removing someone
  from a position of leadership work?  What level of detail can be
  shared with the IESG for removing a chair?


2) I am concerned that there's no effective mechanism to remove an AD,
IAOC member or IAB member under this BCP.  How do you possibly imagine
getting enough signatures for a recall petition?  How does that interact
with your confidentiality and the needs of the recall committee.  Please
talk to folks involved in the recent recall petition and consider how
much difficulty we had in a very clear-cut case.
If you believe the existing procedures are adequate, please add some
description of how something leading to recall might work focusing on
how confidentiality is approached.