about the CLA request

Elliot Lee sopwith at redhat.com
Fri Aug 26 17:06:12 UTC 2005 

On Fri, 26 Aug 2005, Patrice Dumas wrote:

> I have some comments/questions about the CLA phase (I am not a lawyer, so 
> please forgive me if i don't use the right words...):
> 
> 1) about the private informations requested: 
> 
> * Is the telephone really needed?
> 
> * Is the address really needed?

Yes to both.

> * If the response is yes to questions above I think there should be a note
>   about who has access to these datas, how it is possible to change them
>   and how exactly they will be used, internally in the fedora project (and 
>   externally?).

You and the Fedora admins have access to view and change your info. Your
info will be used inside Fedora if there is ever a legal problem with
Fedora code, and we need to track you down in order to help establish 
facts of the case.

I can imagine in the future the marketing team will use this info to send
goodies to people as rewards, but if that should happen, it will require
changes on the technical level, as well as a policy decision by the
appropriate team.

If you are interested in the governance & policies of the Fedora project,
a good thing to do right now is to review the minutes of each FESCO
meeting and provide your opinions on them.

> * I also think that the juridiction that the Fedora project follows 
>   regarding those kind of private informations should be mentionned. It
>   seems to be different than what is in my country (France), so for
>   the ones that are not accustomed to that juridiction maybe a link or
>   a brief explanation could be added?

There are no specific laws that we're following as far as privacy. The 
general idea right now is to:

	1. Make sure Fedora is protected against legal threats.
	2. Respect people's privacy as much as possible.

I know Europe has more stringent privacy laws. While we don't follow them
to the letter, we do try to follow the spirit of respecting your privacy
by keeping your personal information private.

> 2) about the CLA:
> 
> There are contradictory statements in the mail saying that the CLA should
> be electronically signed and in the CLA itself saying that an ink signature
> is required (and at that point some possibilities are mentionned). I
> personnaly think that the gpg signature is enough (and if I'm not wrong
> it is being recognized in judgements).

Yes, the GPG signature is enough. I suppose the CLA text needs to be
updated, because I have heard recent reports of people faxing in their
CLA.

Best,
-- Elliot
Pioneers get the Arrows. Settlers get the Land.

More information about the fedora-extras-list mailing list