www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lawrence Rosen" <lro...@rosenlaw.com>
Subject Clarification about D&O insurance and bad acts
Date Sat, 24 May 2014 19:08:48 GMT
[This is an aside for the "ASF Release Policy" discussion.]

 

I wrote this earlier:

> I can assure you that there are things that individuals could do here that
would get them in trouble. :-)

 

One of the first plaintiffs I ever represented was a welfare recipient who
was sexually abused by her county social worker. Although this was obviously
outside the scope of his official responsibilities, the defendant county was
forced to pay for legal counsel to protect itself from civil damages. That
California county was self-insured; ASF buys D&O insurance for similar
reasons.

 

A few years ago there was discussion on various FOSS lists about how women
are sometimes harassed at technical conferences. That is an example of a bad
act that can force ASF to defend its own official anti-harassment policies
using its D&O insurance (assuming that such alleged bad acts are covered by
the specific insurance policy), but the bad actor himself has his own
individual legal problems too! That is why ASF directors and officers are
encouraged to behave themselves at our conferences, for their own sake and
for the sake of our insurance deductible!

 

You obviously are more concerned here about what ASF projects do with their
software, and our "Release Policy" (as revised) has had a long thread here.
But as long as individual PMC members comply in good faith with an approved
ASF release policy, it shouldn't matter much what policy we finally approve.
Courts don't usually fault non-profits for developing their own rational
policies, and we have D&O insurance to protect us - and our directors and
officers doing their official acts - if we follow a rational release policy.


 

This is a long and partly rambling message to suggest that the discussion
about the ASF Release Policy isn't really a legal issue at all and probably
doesn't belong on this list. Define a rational policy and the law won't
interfere.

 

/Larry

 

Lawrence Rosen

Rosenlaw & Einschlag ( <http://www.rosenlaw.com/> www.rosenlaw.com) 

3001 King Ranch Road, Ukiah, CA 95482

Cell: 707-478-8932   eFax: 707-485-1243

 

From: Lawrence Rosen [mailto:lrosen@rosenlaw.com] 
Sent: Saturday, May 24, 2014 11:10 AM
To: legal-discuss@apache.org
Cc: Lawrence Rosen
Subject: RE: Release Policy

 

'Twas written on this list:

> "But the point already got covered and answered dozens of times imo. The
answer is that the ALv2 protects the foundation and also the release manager
already for all bona fides cases. End of story."

Is the above statement incorrect also? 

The above statement is only part of the story. ASF has a fully-functioning
board of directors and complies (AFAIK) with all relevant laws. ASF obtains
D&O insurance to protect itself and its directors and officers from many
kinds of liability for negligence and to provide legal representation if
necessary. That is enough to encourage us to proceed with our activities
without worrying about random lawsuits.

 

"Bona fide cases" is not useful terminology in this context. I can assure
you that there are things that individuals could do here that would get them
in trouble. :-) If there is something specific you are worried about, speak
up.

 

/Larry

 

Lawrence Rosen

Rosenlaw & Einschlag ( <http://www.rosenlaw.com/> www.rosenlaw.com) 

3001 King Ranch Road, Ukiah, CA 95482

Cell: 707-478-8932   Fax: 707-485-1243

 

From: Dave Fisher [ <mailto:dave2wave@comcast.net>
mailto:dave2wave@comcast.net] 
Sent: Saturday, May 24, 2014 10:41 AM
To:  <mailto:legal-discuss@apache.org> legal-discuss@apache.org
Subject: Re: Release Policy

 

 

On May 23, 2014, at 1:51 PM, Brian LeRoux wrote:

 

Ok, so end user software needs a vote to be a release and all projects are
doing this without exception. If they are that is bad. Got it. 

Earlier: 

"But the point already got covered and answered dozens of times imo. The
answer is that the ALv2 protects the foundation and also the release manager
already for all bona fides cases. End of story."

Is the above statement incorrect also? 

 

On Fri, May 23, 2014 at 3:19 PM, Mark Thomas <markt@apache.org
<mailto:markt@apache.org> > wrote:

On 23/05/2014 21:04, Joe Bowser wrote:
> On Fri, May 23, 2014 at 12:46 PM, Andrea Pescetti <pescetti@apache.org
<mailto:pescetti@apache.org> > wrote:
>> On 23/05/2014 Brian LeRoux wrote:
>>>
>>> Furthermore some projects such as OpenOffice mentioned
>>> earlier do not follow the policy.
>>
>>
>> OpenOffice does follow the policy. The only "special" thing OpenOffice
did
>> is to advertise development snapshots towards version 4.1 (these are NOT
>> releases! we conduct formal votes on ALL releases, including beta
releases!)
>> outside the dev mailing list since we have a dedicated QA mailing lists
and
>> a testers community that does not coincide with our developers. And this
was
>> discussed in advance with both the board and the infrastructure lists.
>>
>
> So, a snapshot is not a release?

A snapshot is a release if only if it has been voted on as such by the
PMC. It would also have to be tagged as part of the release which to my
mind means it isn't really a snapshot. However the label that is
attached to the release (RC, beta, stable, snapshot, etc.) is
irrelevant. What matters is did the PMC vote on it. It the PMC voted
(and assuming the rest of the release policy was followed) and the vote
passed, it is a release. If that didn't happen then it isn't a release.



> The problem is that there is one rule
> for certain projects that have the board's favour and another for
> projects that the board chooses to pick on for unknown reasons.

Please provide some evidence to back up that assertion. I have been
following a reasonable proportion if the discussion around Cordova and
releases and, while I have seen plenty of evidence that the Cordova
community doesn't like the constraints imposed by the ASF release
policy, I have seen no evidence of the board doing anything other than
requiring Cordova to follow the same release policy every other ASF
project is expected to follow.

If you are aware of any other ASF project not following the ASF release
policy then please make the board aware. The board does not actively
monitor the day to day activities of every project. If there are
problems they rely on the VP to make them aware via the quarterly
reports and if that route fails they rely on others in and around the
project to bring the problem to their attention.


> Why isn't a snapshot build a release?

Short answer - because the PMC didn't vote. Long answer - see above.

In this particular case this was not an OpenOffice release because it
was not advertised to the end-user community for that software. It is
perfectly within the intent of the current policy to include members of
dedicated QA and test lists in the same category as members of the dev
list. It is to the credit of the OpenOffice community that they went as
far as checking that their understanding of the policy was correct
before they did anything.

 

The snapshots are very carefully fenced as a developer / qa resource in
order to assure that when a release was made it would be of the highest
quality.

 

The PMC waited for complete consensus on the process and that took time - a
number of weeks.

 

Andrea did a very careful job communicating well within the ASF.

 


What would not be acceptable would be for OpenOffice to start
advertising snapshots to their end-user community unless votes had taken
place and those snapshots had been formally released.

 

Exactly.

 

Regards,

Dave

 


Mark



---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
<mailto:legal-discuss-unsubscribe@apache.org> 
For additional commands, e-mail: legal-discuss-help@apache.org
<mailto:legal-discuss-help@apache.org> 

 

 


Mime
View raw message