On 24 Mar 2017, at 19:50, John R Levine wrote:
You've been on the IESG and I haven't, but I'm still scratching my
head about why this process needs to change to give the IESG even a
little more work after it's been working OK for over a decade.
First of all, this whole discussion started because of something that is
not working (or at least wasn't anticipated and there are concerns
about): Dealing with gag orders and the like. My contention was (is)
that in addressing that, it would help to be absolutely clear in our
procedure documents that IETF leadership, who will inevitably consist of
people from different nations under different laws, will have full
access to any subpoena, in the way that the officers of any organization
would have access to any legal documents.
Second, I would be perfectly OK (and would not at all be surprised) if
the IESG were to say to legal counsel, for example, "While you should
supply the IESG with all subpoenas through our normal procedure, any
subpoena that simply asks for certified blue sheets you should simply
satisfy such a subpoena, since blue sheets are public information
anyway." The addition of any "process" is only to ensure that subpoenas
are visible to leadership, not because any particular kind of subpoena
needs review.
Whenever someone says, "there's no need for you to know this
information", when not preceded by a long explanation of an
additional harm one is incurring by simply knowing the piece of
information, particularly when "you" is the leadership of an
organization, it sends up a giant red flag for me.
See Klensin's previous message. The chance of reputation damage to
someone named in a subpoena is significant, and the IESG has no legal
expertise.
The IESG has legal expertise in the form of a legal advisor, the same
way the Board of Directors of any corporation does, and the same way I
do with my personal attorney. And it would behoove any and all of us to
follow that legal advice and make ourselves aware of what should and
should not be publicized. And an AD who goes blabbing about the contents
of any legal document without talking to counsel is not suited to be an
AD.
...judge who asks why we show criminal subpoenas to a bunch of nerds
with no legal experience rather than having our lawyer handle it like
everyone else does.
That's insulting of the intelligence and integrity of the IESG, and I
think it's the height of hubris on your part. Any judge who asks why
criminal subpoenas are shown to a "bunch of idiots" on the Board of
Directors of a corporation who have "no legal experience" should be told
to piss off; they are the people responsible for the corporation, and
they can look at any legal document served on the company, and they have
the eventual responsibility for any information that goes out the door.
I can tell you that the day my attorney supplies my documents in
response to a subpoena without asking me, or without having prior
instructions on particular documents that they can supply, and says
anything close to, "You don't need to know what's in the subpoena", is
the day my attorney gets fired.
And please, do consider the case where the subpoena is from an authority
in <<insert country that you're not impressed with>> and the subpoena is
for all of the server logs in order to discover whether John, a citizen
of said country, has been reading messages from a particular WG that
said the authorities in this country deem to be talking about tools of
sedition like encryption. I'd like to think that our leadership might
weigh in on such a request.
Again, I am fine if the IESG wants to delegate the authority to answer
certain (or even most) subpoenas. But I want our procedures to be clear
that they can look at them and everyone to be on notice about what that
implies. What I absolutely do not want is a contractor or advisor who is
not answerable to the community having the power to withhold information
from our chosen leadership.
pr
--
Pete Resnick <http://www.qualcomm.com/~presnick/>
Qualcomm Technologies, Inc. - +1 (858)651-4478