Slashdot Mirror
Fedora To Have a "Don't Ask, Don't Tell" For Contributors
An anonymous reader writes "The Fedora Project is now going to enforce a "Don't Ask, Don't Tell" policy for contributors. What the project's engineering committee is asking their members to conceal is a contributor's nationality, country of origin, or area of residence. There's growing concern about software development contributions coming from export restricted countries by the US (Cuba, Iran, North Korea, Sudan, and Syria) with Red Hat being based out of North Carolina, but should these governmental restrictions apply to an open-source software project?"
If contributing to open source projects is wrong, then I don't want anybody to be right.
This could quite possibly qualify as "civil disobedience", which has a long history in the US.
...and an equally-long history of being illegal and getting people thrown in jail or slapped with fines. "Noble cause" isn't a defense in itself.
You do not have a moral or legal right to do absolutely anything you want.
The situations are rather different. The stated purpose of the US military's DADT policy (which was repealed back in 2011, incidentally) was to allow homosexuals to serve while eliminating the perceived drawbacks (specifically, a reduction in unit cohesion and morale) that came with having them serve openly.
In contrast, the stated reason export restrictions are in place is to sanction or otherwise prevent the sharing of goods and information with certain countries. Fedora's DADT policy does nothing to address those issues, since those reasons are intact, regardless of whether the individual's nationality is known or not. If anything, it may make the problem worse by providing a false sense of legitimacy and legality to the nature of the business relationship, encouraging others to break the law as well. All Fedora is trying to do is eliminate their own culpability through willful ignorance, but the law makes it clear that they are required to proactively ensure that the people they share their data with are not from export-restricted countries. Willful ignorance is no excuse.
To be clear, I'm NOT addressing the topic of how things ought to work, how things should be, or whether these restrictions make any sense at all. That's a discussion for another comment thread.
No, but it can be good enough for a jury to find them non-guilty despite the facts - a tradition that extends throughout US history and long before.
Remember, your obligation as a juror is not just to judge the facts of the case, but to ensure that justice is served. Despite the law if necessary. see Jury Nullification for more information.
--- Most topics have many sides worth arguing, allow me to take one opposite you.
Yes and "it's complicated".
The point of the sanctions is to say "If you're not going to play Global Economic Power nicely*, you're not going to play at all." That doesn't just mean "you're not going to win", but it also includes "you're not going to practice", "you're not going to have others play for you", and "you're not going to share the winnings with anyone who does play.
It has been upheld in US courts that even the minor fame from open-source authorship counts as economic gain (thus reinforcing the GPL's validity as being consequential). Acknowledging that Cuban programmers are good enough for inclusion in Fedora implies that Cuban programmers might be good enough for other projects, and that's marketing - certainly a part of that Global Economic Power game.
* For pro-American values of "nicely"
You do not have a moral or legal right to do absolutely anything you want.
No, but it can be good enough for a jury to find them non-guilty despite the facts - a tradition that extends throughout US history and long before.
Remember, your obligation as a juror is not just to judge the facts of the case, but to ensure that justice is served. Despite the law if necessary. see Jury Nullification for more information.
Want to get out of jury duty, say the words "jury nullification".
Maybe it's a stupid question, but can't you "launder" code by routing it through a third nation and recommitting the code from there?
What is the export restriction on anyway? The bits? The IP? And does it extend to any derived work of an export restricted IP burdened work? Because if any piece of code on which any citizen of a restricted country has copyright, I'm pretty sure the linux kernel would contain at least one line, meaning all android phones and most routers, servers etc would be illegal?
Also, DADT sounds really stupid as company policy. I don't know a lot about US law, but in the Netherlands corporate liability extends if the management knew or was in a position to know that law was breached, and having policy to conceal such breach is good evidence that management was in a position to know. Any US lawyers care to comment?
One of the items I have to certify when using open-source in a corporate environment is that there is no foreign content.
That's pretty idiotic. Most projects involve foreign content. All it takes is one stealthy Canadian and you can't use it? What about Canadians living in the United States? Is that still foreign? Just how xenophobic are you?
Do you vet each commericial package as well to make sure they don't have a single line of code produced in India?
No one is going to go through the source code from something like OpenOffice and look for malicious code, and show that it does not exist, if it has off-shore content, it will not be used, period.
Enjoy going back to pen and paper then, you won't find much software anywhere that you can demonstrate has no "off-shore" content.
Want to have a shot at being able to fight for justice? Keep your mouth shut.
--- Most topics have many sides worth arguing, allow me to take one opposite you.