The IESG Statement concerning an Anti-Harassment Policy (http://www.ietf.org//iesg/statement/ietf-anti-harassment-policy.html) gave the general outline of the kinds of behaviors that were not acceptable, and stated that we would have an ombudsperson to handle complaints. The specific procedures were left open. I asked Pete Resnick and Adrian Farrel to draft a procedures document, with the intent that it eventually could become a BCP. They have got something now that I think has enough structure for the wider community to discuss. Thank you, Pete and Adrian! Nevertheless, this is just a drafty "pre-00" proposal, with the specifics still open for discussion, but it seems to me the right general direction. I'm sending it here on this e-mail, and it will be posted as a draft when the submissions open again. A couple of points before people start discussing it: - The IESG has seen this, but by no means has agreement on the points. They have only agreed that it is a reasonable starting point for discussion. - This is obviously not a technical specification. There will be a lot of variables for each situation and we will have rely on the good training and judgment of the Ombudsperson to handle things on a case-by-case basis. Trying to over-specify everything is unlikely to be useful. - This can be a sensitive topic and a difficult discussion to have on an open list like the IETF list. Please try to keep that in mind as you make or respond to comments. If you would prefer to send your comments instead to the IESG, or directly to me, that is fine. In the end, I'll summarize those comments for the list and make sure they get addressed, just like other comments made to the list. I know this topic is hard to discuss. Hopefully there are very few situations where these procedures are needed, but they are needed. I thank you for your help and respectful input into this difficult but important discussion. Jari IETF Anti-Harassment Procedures draft-farrresnickel-harassment-00 Abstract IETF participants must not engage in harassment while at IETF meetings, virtual meetings, social events, or on mailing lists. This document lays out procedures for managing and enforcing this policy. This initial version is provided as a starting point for discussion and does not represent the firm opinions of the authors. Furthermore, the ideas presented in this document have not been fully discussed and reviewed by the IESG. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on August 24, 2014. Copyright Notice Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. The Ombudsperson . . . . . . . . . . . . . . . . . . . . . . 3 3.1. Appointing the Ombudsperson . . . . . . . . . . . . . . . 4 3.2. Qualifications and Training . . . . . . . . . . . . . . . 4 3.3. Term of Service . . . . . . . . . . . . . . . . . . . . . 4 3.4. Recompense . . . . . . . . . . . . . . . . . . . . . . . 4 3.5. Removal . . . . . . . . . . . . . . . . . . . . . . . . . 5 3.6. Disputes with the IETF Chair regarding the Ombudsperson . 5 4. Handling Reports of Harassment . . . . . . . . . . . . . . . 5 5. Remedies . . . . . . . . . . . . . . . . . . . . . . . . . . 6 6. Disputes with the Ombudsperson . . . . . . . . . . . . . . . 7 7. Security Considerations . . . . . . . . . . . . . . . . . . . 8 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 8.1. Normative References . . . . . . . . . . . . . . . . . . 0 8.2. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 9 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 1. Introduction The IETF has general policies for managing disruptive behavior in the context of IETF activities. In particular, [RFC3184] provides a set of guidelines for personal interaction in the IETF, and [RFC2418] and [RFC3934] give guidelines for how to deal with disruptive behavior that occurs in the context of IETF working group face-to-face meetings and on mailing lists. However, there is other problematic, often more interpersonal, behavior that can occur in the context of IETF activities (meetings, mailing list discussions, or social events) that does not directly disrupt working group progress, but nonetheless is unacceptable behavior between IETF participants. This sort of behavior, described in the IESG Statement on an "IETF Anti-Harassment Policy" [1], is not easily dealt with by our normal working group guidelines and procedures. Therefore, this document sets forth procedures to deal with such harassing behavior. These procedures are intended to be used when other IETF policies and procedures do not apply or have been ineffective. Nothing in this document should be taken to interfere with the due process of law for the legal system under the jurisdiction of which any harassment takes place. 2. Definitions The following terms are used in this document: Reporter: An IETF participant who reports potential harassment to the Ombudsperson. Respondent: An IETF participant who is claimed to have engaged in harassing behavior. Ombudsperson: The person who is selected to take reports of harassment, evaluate them, and impose appropriate actions and/or remedies to address the circumstance. This word is used in the singular throughout this document although multiple ombudspersons might serve at any one time. Target: An individual IETF participant to whom the potentially harassing behavior was directed. This document does not attempt to precisely define behavior that falls under the set of procedures identified here. In general, disruptive behavior that occurs in the context of an IETF general or working group mailing list, or happens in a face-to-face or virtual meeting of a working group or the IETF plenary, can be dealt with by our normal procedures, whereas harassing behavior that is interpersonal is more easily handled by the procedures described here. However, there are certainly plausible reasons to address behaviors that take place during working-group meetings using these procedures. This document gives some guidance to those involved in these situations in order to decide how to handle particular incidents, but in the end the final decision will involve judgment and the guidance of the Ombudsperson. 3. The Ombudsperson This section describes the role of the Ombudsperson in terms of their appointment, qualifications and training, the length of the term of service, any recompense for their service, and how they may be removed from service. The general operational procedures for the Ombudsperson are described in Section 4, Section 5, and Section 6. 3.1. Appointing the Ombudsperson The Ombudsperson is appointed by the IETF Chair. The appointment is solely the responsibility of the IETF Chair although the Chair may choose to consult with the IESG, the IAB, and with ISOC. Furthermore, the IETF Chair may take opinion from the community. The IETF Chair may choose to solicit nominations or advertise the post. This is entirely at the discretion of the IETF Chair. The IETF Chair is also free to decide how many people are needed to fill the role of Ombudsperson. This may depend on the skillsets available, the work load, and the opinions of the seated Ombudsperson. Furthermore, the IETF Chair may consider elements of diversity in making this decision. 3.2. Qualifications and Training It is not expected that there will be candidates with all of the necessary ombudsperson skills and training who also have a clear understanding and familiarity with the IETF processes and culture. The Chair might choose someone with a great deal of professional experience evaluating and mediating harassment disputes, but little exposure to the IETF, or could select someone with more exposure to the IETF community, but without as much experience dealing with issues of harassment. Since all of these attributes may be regarded by the IETF Chair as essential for an appointment, the IETF is committed to provide funding for necessary training for an appointed Ombudsperson. 3.3. Term of Service An Ombudsperson shall be appointed for a two year term. That is, the Ombudsperson is making a commitment to serve for two years. It is understood, however, that circumstances may lead an Ombudsperson to resign for personal or other reasons. See also Section 3.5. It is entirely at the discretion of the IETF Chair whether a serving Ombudsperson is reappointed at the end of their term. 3.4. Recompense An Ombudsperson shall receive no recompense for their services. This includes, but is not limited to: IETF meeting fees Remuneration for time spent Out-of-pocket expenses (such as telephone charges) Travel or accommodation expenses The IETF will, however, meet the costs of training when agreed to by the IETF Chair as described in Section 3.2. 3.5. Removal The IETF Chair may remove a serving Ombudsperson before the end of their term without explanation to the community. Such an action shall not be appealable. See also Section 6. 3.6. Disputes with the IETF Chair regarding the Ombudsperson If an individual should disagree with an action taken by the IETF Chair regarding the appointment, removal, or management of the Ombudsperson, that person should first discuss the issue with the IESG Chair directly. If the IESG Chair is unable to resolve the issue, the dissatisfied party may appeal to the IESG as a whole. The IESG shall then review the situation and attempt to resolve it in a manner of its own choosing. The procedures of Section 6.5.4 of [RFC2026] apply to this sort of appeal. 4. Handling Reports of Harassment Any IETF participant who believes that they or other IETF participants have been harassed or may have been harassed may bring the concern to the attention of the Ombudsperson. This can be done by email to "ombudsperson@xxxxxxxx" [2], or can be done directly to the Ombudsperson. Direct contact information for the Ombudsperson, including the email addresses to which "ombudsperson@xxxxxxxx" is forwarded, can be found at https://www.ietf.org/ombudsperson . The Ombudsperson is expected to be present at the majority of IETF meetings and to be available for face-to-face discussions. All information brought to the Ombudsperson shall be kept in strict confidence. Any electronic information (such as email messages) that needs to be archived shall be encrypted before it is stored. When a Reporter brings an incident of potential harassment to the Ombudsperson's attention to, the Ombudsperson will discuss the events with the Reporter and may give advice including recommendations on how the Reporter can handle the issue on their own and strategies on how to prevent the issue from arising again. The Ombudsperson may also indicate that the issue would be best handled using regular IETF procedures (such as those for dealing with disruptive behavior) outside the context of harassment, and in this case the Ombudsperson will provide assistance in using the relevant IETF procedures. In any event, the Ombudsperson will not initiate detailed investigations or impose a remedy without agreement to proceed from the Target (or the Reporter if there is no individual Target). When conducting a detailed investigation of the circumstances regarding the complaint of harassment, the Ombudsperson may contact the Respondent and request a meeting in person or by a voice call. The Respondent is not obliged to cooperate, but the Ombudsperson may consider failure to cooperate when determining a remedy (Section 5). In all cases the Ombudsperson will strive to maintain confidentiality for all parties including the very fact of contact with the Ombudsperson. 5. Remedies After examining the circumstances regarding the complaint of harassment and determining that harassment has taken place, the Ombudsperson is expected to choose a remedy that is appropriate to the circumstance. At one end of the spectrum, the Ombudsperson may decide that the misbehavior is best handled with the regular IETF procedures for dealing with disruptive behavior and may assist the Reporter to bring the issue to the attention of the working group chair or IESG member who can deal with the incident. The Ombudsperson might also choose simply to discuss the situation with the Respondent and come up with a plan such that there is no repeat of the harassment. With the agreement of both parties, the Ombudsperson can also help to mediate a conversation between the Respondent and the Target (or the Reporter if there is no individual Target) in order to address the issue. Finally, on the other end of the spectrum, the Ombudsperson could decide that the Respondent is no longer permitted to participate in a particular IETF activity, whether it is a mailing list discussion, virtual meeting, or a face- to-face activity, up to and including requiring that the Respondent can no longer attend a face-to-face IETF meeting and its associated activities, either for the remainder of the present meeting or (in the extreme) future meetings. In determining the appropriate remedy, the Ombudsperson may communicate with the Reporter, Target, and Respondent in order to assess the impact that the imposition of a remedy might have on any of those parties. However, the Ombudsperson has ultimate responsibility for the choice of remedy. In all cases, the Ombudsperson informs the Respondent of the decision and imposes the remedy as appropriate. In cases where the remedy is removal from IETF activities, the Ombudsperson will confidentially notify the Secretariat of the remedy such that the Secretariat can take whatever logistical actions are required to effect the remedy. Only the remedy itself shall be disclosed to the Secretariat, not any information regarding the nature of the harassment. 6. Disputes with the Ombudsperson If either the Target (or the Reporter if there is no individual Target) or the Respondent is dissatisfied with the decision of the Ombudsperson, the dissatisfied party should first contact the Ombudsperson and discuss the situation. If the issue cannot be resolved through discussion with the Ombudsperson, the issue may be raised with the IETF Chair. If necessary, the IETF Chair may recuse themself from any part of this process and delegate to another member of the IESG. The IETF Chair will attempt to resolve the issue in discussion with the dissatisfied party and the Ombudsperson. If this further discussion does not bring a satisfactory resolution, the Ombudsperson's decision may be formally appealed. The appeal is strictly on the issue of whether the Ombudsperson exercised due diligence in both their decision as to whether harassment had taken place, as well as in their determination of any appropriate remedy that was imposed. In particular, the purpose of the appeal is not to re-investigate the circumstances of the incident. All elements of the appeal, including the fact of the appeal, will be held in confidence, but will be recorded and held securely for future reference. The appeal will be evaluated by the IETF Chair and two other members of the IESG, selected by the IETF Chair and confirmed by the appellant. This Appeals Group shall convene as quickly as possible to evaluate and decide the appeal. Where the impacts are immediate and related to participation in an ongoing meeting, this shall happen in no more than 24 hours after receiving the appeal. The Appeals Group may ask the appellant and the Ombudsperson for statements or other information to consider. If the Appeals Group concludes that due diligence was exercised by the Ombudsperson, this shall be reported to the appellant and the matter is concluded. If they find that due diligence was not exercised, the Appeals Group shall report this to the Ombudsperson, and consult with the Ombudsperson on how to complete the due diligence. Because of the need to keep the information regarding these matters as confidential as possible, the Appeals Group's decision is final with respect to the question of whether the Ombudsperson has used due diligence in their decision. The only further recourse available is to claim that the procedures themselves (i.e., the procedures described in this document) are inadequate or insufficient to the protection of the rights of all parties. Such appeals may be made to the Internet Society Board of Trustees, as described in Section 6.5.3 of [RFC2026]. Again, even in this circumstance, the particulars of the incident at hand will be held in confidence. Note: The authors of this draft chose to use the IETF Chair and two IESG members as the Appeals Group. Though not completely arbitrary, there are certainly other plausible choices. The authors also recognize that this is a different sort of appeals procedure than normal. However, the normal appeals procedure contemplates an openness about the process that the confidentiality issues in these cases simply do not allow. 7. Security Considerations "Human beings the world over need freedom and security that they may be able to realize their full potential." -- Aung San Suu Kyi 8. References [RFC2026] Bradner, S., "The Internet Standards Process -- Revision 3", BCP 9, RFC 2026, October 1996. [RFC2418] Bradner, S., "IETF Working Group Guidelines and Procedures", BCP 25, RFC 2418, September 1998. [RFC3184] Harris, S., "IETF Guidelines for Conduct", BCP 54, RFC 3184, October 2001. [RFC3934] Wasserman, M., "Updates to RFC 2418 Regarding the Management of IETF Mailing Lists", BCP 25, RFC 3934, October 2004. 8.2. URIs [1] http://www.ietf.org/iesg/statement/ietf-anti-harassment- policy.html [2] mailto:ombudsperson@xxxxxxxx Appendix A. Acknowledgements Authors' Addresses Pete Resnick Qualcomm Technologies, Inc. 5775 Morehouse Drive San Diego, CA 92121 US Phone: +1 858 6511 4478 Email: presnick@xxxxxxxxxxxxxxxx Adrian Farrel Juniper Networks Email: adrian@xxxxxxxxxxxx