GNOME Code of Conduct committee procedures

The audience for this document is the GNOME Code of Conduct committee. The goal of this document is to ensure that the committee consistently handles all reported Code of Conduct incidents.

Committee members

The GNOME Code of Conduct committee has the following members:

• Anisa Kuci – akuci@gnome.org
• Carlos Garnacho – carlosg@gnome.org
• Christopher Davis – christopherdavis@gnome.org
• Federico Mena Quintero – federico@gnome.org
• Michael Downey – mdowney@gnome.org
• Rosanna Yuen – zana@gnome.org

Temporary committee members

The GNOME Foundation executive director, president of the board, vice president, and other GNOME Foundation executives may serve as temporary Code of Conduct committee members. They will only serve as temporary members when less than three committee members do not have a conflict of interest for a report.

The executive with the most authority without a conflict of interest will be invited to become a temporary Code of Conduct committee member for this report. GNOME Foundation executives will be added as temporary committee members until there are at least three people to evaluate a report.

Temporary committee members will discuss and vote like any other committee member, as outlined in this document. Temporary committee members will only have access to documentation for that report. Documentation for other reports will remain restricted to the permanent GNOME Code of Conduct committee members.

Additional access to reports

Please note that GNOME sysadmins have administrative access to some private committee resources. If a report is received that involves a GNOME sysadmin, all committee report discussion and documentation should occur off GNOME servers. GNOME sysadmins making a report and people reporting GNOME sysadmins are encouraged to contact committee members individually via private email. If a GNOME sysadmin accesses private committee resources, the committee will contact the GNOME Foundation board.

Committee roles

The committee has one chairperson. The committee chair’s duties involve:

• Calling committee meetings
• Contacting committee members for term renewals
• Tracking the status of active reports

The currently acting committee chair is Federico Mena Quintero.

The committee has one director. The director provides a communication link between the GNOME Foundation Board of Directors and the GNOME Code of Conduct committee. The board appoints one committee member to be the committee director.

The currently acting director is Federico Mena Quintero.

The chair may assign a committee member, or a committee member can nominate themselves, to do the following duties:

• Communications lead for a particular reporter, witness, or reported person
• Communications bridge to GNOME event organizers or online moderators
• Records keeper to ensure the committee notes related to a report are up-to-date

On-boarding new committee members

Should there be two or fewer committee members, additional committee members will be added.

New committee members will be appointed by the GNOME Foundation Board of Directors. The GNOME Code of Conduct committee may recommend new members to the board. The committee may provide feedback on potential candidates under discussion by the board. The GNOME Foundation Board of Directors will vote on all potential candidates.

All committee members will be re-confirmed by the GNOME Foundation Board of Directors once per year. The committee director will ask all committee members if they wish to continue serving on the committee. The committee director will then report back to the board which committee members wish to continue serving. The board will then vote to re-confirm those members.

Confirmed committee members will be given access to the following committee resources:

• Committee private mailing list for code-of-conduct-committee@gnome.org
• Committee private mailing list cocc-communication@gnome.org
• Committee private GitLab
• Committee private pad for meeting minutes
• Committee private Matrix room
• Committee private Signal group
• Committee meetings hosted through BigBlueButton

When a new committee member is on-boarded, they will be asked whether they have a conflict of interest regarding the documentation for incident reports the committee has available. If there is a conflict of interest for accessing a report, the committee member will be restricted from accessing that report’s documentation.

Off-boarding committee members

If someone decides to retire from the Code of Conduct committee, the committee director will notify the GNOME Foundation Board of Directors. A public announcement will be made in a monthly “Friends of GNOME” news update.

The outgoing committee member will have an exit interview with one or more committee members. The exit interview will document why the outgoing committee member is leaving the committee, and what the remaining committee members can do to better support volunteers in the future.

When a committee member retires, their access to all committee resources will be removed immediately. This includes the committee mailing lists, private GitLab and pad, private Matrix room, and Signal group.

Committee communications

Most committee communications will happen on the private mailing list code-of-conduct-committee@gnome.org.

The committee also has a private Matrix room and private Signal group to facilitate synchronous discussions.

Outgoing mail should be from the cocc-communication@gnome.org account. This allows the committee to keep mail templates and documentation consistent.

Documentation and data privacy

The GNOME Code of Conduct committee respects the privacy of reporters, witnesses, and reported people. The committee will follow data privacy best practices when handling report documentation. Documentation for each report must include:

• Contact information for the reporter, third-party witnesses, and reported person
• Incident description, including discussions with reporters or third-party witnesses
• Details of the inappropriate behavior
• Committee meeting minutes
• Committee decisions regarding report jurisdiction and impact/risk assessment
• Committee decisions about behavioral modification plans and consequences
• Discussions with the reported person, including whether they have agreed to a behavioral modification plan and/or consequences
• Follow-up actions to make the community more safe or inclusive

Records must be retained to:

• Review incident documentation during committee discussion of the incident
• Identify repeated inappropriate behavior
• Identify patterns of borderline inappropriate behavior
• Determine whether stricter consequences are necessary, based on past records
• Contact a reporter or third-party witnesses with the resolution to their report
• Contact a reported person to deliver a behavioral modification plan and/or consequences
• Contact a reported person to lift a temporary ban or remove a sanction
• Review documentation during a decision appeal
• Contact a reporter or third-party witnesses with an updated resolution to their report

These records might also include communications such as copies of electronic correspondence between the committee and reporters, third party witnesses, or reported people.

Records must be securely kept on GNOME Foundation servers or under individual access control under Google Documents. Do not turn Google doc link sharing on. Only committee members should have access to the records. Information can be shared with the GNOME Foundation Board of Directors on a case by case, need to know basis. Personal copies of information should not be retained by anyone who has access to them.

If a GNOME online community wishes to abide by the GNOME Code of Conduct, or a GNOME event wishes to abide by the GNOME events Code of Conduct, the moderators or event planners must notify the GNOME Foundation Board of Directors. Such online communities or events may share information about Code of Conduct reports with the GNOME Code of Conduct committee. Appropriate safeguards should be in place to ensure that data can be legally transferred between online community moderators/event organizers and the GNOME Foundation.

Records should be retained for no more than six years after collection. After this time, they should be put beyond use. This means that they must:

• Not be used to inform decision making or actions
• Be stored securely
• Not be passed to external organisations unless legally required to do so
• Be deleted once it is reasonably expected that it will not be required to be produced in the future

Records may be retained for longer than six years if a sanction is active or record removal would negatively impact GNOME community safety.

Discussing a report

Meetings to discuss reports should be held as soon as possible. If the incident requires an immediate response, the meeting should be held within 24 hours of receiving the report. If the incident is not urgent, the meeting should be scheduled within one week of receiving the report.

Only members of the committee should be present at the meeting. At least half of the committee must be in attendance in order to determine consequences and a behavioral modification plan.

• Evaluate conflicts of interest. Anyone who has a conflict of interest (as defined by the conflict of interest policy) will remove themselves from the discussion. This may mean the discussion needs to happen with a subset of committee members on an email thread, or with a subset of committee members in a private chat room.
• Call a meeting of committee members. Not all committee members may be able to attend the meeting, either because of a conflict of interest, or because of personal reasons. There must be at least half of the committee members who do not have a conflict of interest present in the meeting to make a decision.
• Check for missing information. Flag any significant omission or questions. Decide which committee member will follow up with witnesses or the reporter.
• During the meeting, discuss the reported incident. Use the evaluation techniques described below.
• Propose behavioral modification plan. What behavioral modification plan (if any) should be given to the reported person?
• Propose consequences for reported person. What (if any) actions will the committee need to take in order to ensure the behavior does not happen again? What actions will need to be taken if the reported person does not agree to the behavioral modification plan?
• Vote on behavioral modification plan and consequences for the reported person. Decisions will be made by a simple majority of the committee members in the meeting.

The current status of all reports should be documented. This includes documenting email and verbal conversations as they occur. A designated committee member will document committee meeting notes, the committee’s report evaluation, and what behavioral modification plan and consequences are decided on. The committee member who follows up with the reported person will document their response.

Follow up meetings may need to be scheduled to review additional information, decide additional consequences based on the reported person’s response, or to review an appeal.

Evaluating a report

Jurisdiction

• Is this a Code of Conduct violation? Is this behavior on our list of inappropriate behavior? Is it borderline inappropriate behavior? Does it violate our community norms?
• Did this occur in a space that is within our Code of Conduct’s scope? If the incident occurred outside the community, but a community member’s mental health or physical safety may be negatively impacted if no action is taken, the incident may be in scope. Private conversations in community spaces are also in scope.

Impact

• Did this incident occur in a private conversation or in a public space? Incidents that all community members can see will have more negative impact.
• Does this behavior negatively impact a marginalized group in our community? Is the reporter a person from a marginalized group in our community? How is the reporter being negatively impacted by the reported person’s behavior? Would members of the marginalized group decide to disengage with the community if no action was taken?
• Does this incident involve a community leader? Incidents that aren’t handled well can have more negative impact on overall community health.

Risk

• Does this incident include sexual harassment?
• Does this pose a safety risk? Does the behavior put a person’s physical safety at risk? Will this incident severely negatively impact someone’s mental health?
• Is there a risk of this behavior being repeated? Does the reported person understand why their behavior was inappropriate? Is there an established pattern of behavior from past reports?

Potential consequences

What follows are examples of possible responses to an incident report. This list is not inclusive, and the GNOME Code of Conduct committee reserves the right to take any action it deems necessary. Possible responses to an incident include:

• Nothing, if the behavior was determined to not be a Code of Conduct violation
• A verbal or emailed warning
• Requiring that the reported person not send private messages to a community member
• Requiring that the reported person not join specific chat channels
• Requiring that the reported person avoid any interaction with, and physical proximity to, another person for the remainder of the event
• Requiring the reported person not attend evening events
• Refusal of alcoholic beverage purchases at events
• Ending a talk that violates the Code of Conduct early
• Not publishing the video or slides of a talk that violated the Code of Conduct
• Not allowing a speaker who violated the Code of Conduct to give (further) talks at the event now or in the future
• Immediately ending any event volunteer responsibilities and privileges a person holds
• Requiring that a person not volunteer for future events (either indefinitely or for a certain time period)
• Requiring that a person refund any travel grants and similar they received
• Revoking sponsor agreements, refunding sponsorship, and removing sponsor promotion (such as logos or banners)
• Requiring that sponsor attendees immediately leave the event and not return
• Requiring that a person immediately leave the event and not return
• Banning a person from future events (either indefinitely or for a certain time period)
• Removing the reported person from community online spaces (either indefinitely or for a certain time period)
• Publishing an account of the incident
• Publishing an apology

When determining consequences and behavioral modification plans, the committee should consider what impact taking no action might have on the community, especially those from marginalized groups.

Communicating with reporters

The GNOME Code of Conduct committee should communicate to the reporter that the report has been received within 24 hours after receiving the report. The committee will also follow up with the reporter within one week of a report being made, provided the reporter gave contact information.

The committee may need to ask the reporter or third-party witnesses additional questions in order to fully understand an incident. The committee should let the reporter know when a decision should be made. When the committee has made a decision, the committee should contact the reporter with the following information:

• Acknowledgement that the committee has discussed the report
• Whether or not the report was determined to be a Code of Conduct violation
• What actions (if any) were taken to address the behavior

If a reporter doesn’t feel safe making a Code of Conduct report and a committee member observes problems, the committee should investigate.

Communicating with reported people

Talking to reported people

A committee member will talk to the reported person after the committee determines the impact and risk, and decides on a behavioral modification plan and consequences. For severe or medium risk and impact incidents, the committee will follow their planned consequences regardless of the reported person’s response or retraction of their statement.

If the incident is minor and low risk, the committee member will only talk to the reported person with the approval of the reporter. Some reporters may wish to remain anonymous to the reported person. Others may not want the reported person to be contacted because they fear retaliation.

When a committee member talks to a reported person, they will:

• Identify themselves and the committee. “Hi, I’m (name) and I’m contacting you on behalf of the GNOME Code of Conduct committee.”
• Explain the Code of Conduct. Remind the reported person about the Code of Conduct and link to the relevant policy.
• Explain the behavior. Describe the inappropriate behavior. Do not identify the reporter. Use phrases such as “This behavior may make community members feel…”
• Explain consequences. “You must agree to the following behavioral modification plan and consequences.”
• Allow them to respond. Common emotions include defensiveness, denial, blame shifting, seeking reassurance, blaming themselves, or manipulation. The goal of this conversation is to get the reported person to comply with the behavioral modification plan.
• Explain the appeal process. If the reported person disagrees with the decision, or has additional information, they can appeal by contacting the committee.
• Tell them not to contact the reporter. “Please do not contact the person who reported this incident. If you want to apologize, you can send an apology through the committee.”

Talking to reporters

When talking to reporters, committee members should listen carefully, take notes, and ask clarifying questions. The committee member should validate that the reporter did the right thing by reporting the incident and thank them for helping keep the community safe. The committee member should explain the Code of Conduct process, including possible outcomes and timelines.

Appeals

A reported person can appeal a committee decision by emailing code-of-conduct-committee@gnome.org within one month of the original decision. The committee will review any new information and decide whether to uphold, modify, or reverse the decision.

Transparency reports

• Previous transparency reports

Once every three months, the GNOME Code of Conduct committee will provide a public transparency report about the resolved and ongoing reports it has handled. The committee may decide to delay a transparency report if the timing of releasing a transparency report would jeopardize the privacy of the reporter, the reported person, or third-party witnesses.

The transparency reports will remove any information about the reporter and the reported person. If there is no way to anonymize the report without revealing the identity of the reporter or the reported person, the transparency report will simply note that a report was made. If no reports have been made in the specified time period, the transparency report will state that.

Transparency reports will include:

• A description of how the Code of Conduct was promoted to community members
• A summary of the total number and types of incidents that have occurred since the last transparency report
• A summary of the resolutions to those incidents, including unresolved incidents
• A generalized description of each incident, and how the incident was resolved

Examples of transparency reports include:

• PyCon United States conference 2018
• PyCon Australia conference 2018
• DjangoCon Europe conference 2018
• Code for America Summit 2018
• Write the Docs Europe conference 2016
• Linux Conf Australia 2019
• Symfony online community report for 2018

Employer Reports

Please consult with the GNOME Foundation board and/or GNOME lawyers before making a report to someone’s employer. If approved, it may be appropriate to provide a short report of someone’s conduct to their employer. This may be appropriate if someone is working in an official employee capacity.

An incident may be reported to an employer if the incident occurred while the reported person was:

• Talking about their employer’s product
• Staffing a sponsor booth at a GNOME event
• Answering questions about their employer in the GNOME online community
• Attempting to recruit someone to work for the employer
• Claiming to represent their employer’s views
• Working as paid staff for the GNOME Foundation, whether as event staff, online moderators, or contributors

License

The GNOME Code of Conduct committee procedures guide is licensed under a Creative Commons Attribution Share-Alike 3.0 Unported License.

Attribution

The GNOME Code of Conduct committee procedures was forked from the Code of Conduct template, which was created by Otter Tech and is licensed under a Creative Commons Attribution 3.0 Unported License.

Additional language and graphics were incorporated and modified from the following resources:

• Impact vs risk assessment is licensed under a Creative Commons Attribution Share-Alike 3.0 Unported License by Audrey Eschright of Safety First PDX and Otter Tech
• The PyCon Code of Conduct is licensed under a Creative Commons Attribution 3.0 Unported License.