Regardless of the outcome, we note each report and outcome in our records, with the following fields:
- Date of 1st report. for time-tracking
- Reporter, if official/public, CoC person if private. We do not name private reporters here, but the CoC representative handling the case instead
- Named subjects. The people or usernames who prompted the report.
- Subject email address/URL.
- Summary of report (for internal purposes). A confidential summary of the nature of the report
- Action taken by us? Anything involving contacting the subject of the report counts as action
- Action taken by local rep? Often the reports are handled satisfactorily by community organizers.
- Summary of outcome to share if suitable. This is written for sharing with community organizers, assuming it may be read by the subject of the report, and so should be objective and privacy-respecting.
- Banned or flagged.
- Date to expunge this record.
These records are used to form our statistics.
Records are currently stored in a Google Spreadsheet and shared between members of the committee only. The committee insists on not sharing the records outside the members due to confidentiality of information. Violating this will result in removal of the member from the committee.
Once a member steps down from the committee, their access to the records is removed. Newly added committee member receives access to all previous records too.
The committee records all reported incidents, regardless of who reported them, who handled them, or whether they were found to be a violation. Records can be grouped in one of five types:
- The committee assessed no violation occurred.
- The committee determined a violation occurred, but it is not possible to identify the bad actors.
- A violation occurred and was resolved as far as the committee is concerned.
- A violation occurred and the person/record is flagged, due to concern about their behaviour in the future.
- A violation occurred, and the person is banned temporarily or permanently.
Flagging is a specific scenario, where the violation was dealt with, but the committee feels there is a risk that this person may commit further violations in the future. However, the concern is not great enough to ban the person. This may be the case if someone responded very poorly to a message from the committee, and did not seem to acknowledge that their behaviour needs to change. Another example could be a person who drank very excessively at a conference party and caused unpleasant situations for other attendees.
The committee may provide further suggestions on how to best manage this person’s attendance. In the example of excessive alcohol, the conference team might then decide to allow the person to attend the conference, but not the party, or to allow them to attend the party but forbid any alcohol consumption. For people who responded poorly to the Code of Conduct process in the past, it may be appropriate to have a conversation with them about this, and then decide whether and how they can be part of a conference.
This is in contrast to people who are not flagged, but did violate the CoC: in this case the committee feels there is no particular risk of further violations, and it would be excessive to notify conferences of their history.
In summary, to flag a person/record means: “if this person attends a conference, or otherwise participates in the community, it would be irresponsible if the committee did not inform the conference of their past behaviour, and allowed the organisers to consider extra precautions”.
The following default retention terms apply to records:
- The committee assessed no violation occurred: no retention
- The committee determined a violation occurred, but it is not possible to identify the bad actors: 6 months retention of reporter information, permanent retention of other information
- A violation occurred and was resolved as far as the committee is concerned: 14 months retention
- A violation occurred and the person/record is flagged, due to concern about their behaviour in the future: 26 months retention
- A violation occurred, and the person is banned temporarily or permanently: retention for the period of the ban, plus 26 months
After the retention term, personally identifiable information of both reporter and bad actor will be removed. General information about the incident will remain.
Due to the roughly yearly scheduling of Django conferences, which are a source of a large part of the Code of Conduct reports, a repeat offender is likely to only re-occur in the reports after about a year, even if their behaviour is consistently an issue. Therefore, the retention term for case 3 is basically “until after the next DjangoCon in that region” and for case 4 and 5 it is “until after the next two DjangoCons in that region”.
If a person commits a new violation, this extends the retention term for all previous non-expunged records as well. The committee can deviate from the retention terms in exceptional circumstances.
Members only have access to e-mails incoming to conduct@djangoproject.com whilst they are members of the committee.
Slack is not used for discussing sensitive information, only for quick coordination of actions.