Page MenuHomePhabricator

Code of Conduct reports to be handled via OTRS?
Closed, ResolvedPublic


The current Code of Conduct for technical spaces draft defines a process to report violations using an email address (two, if we count developer-relations{{@}} How would this work in practice? Znuny is a good candidate to check, as it already handles confidential queues.

Some questions considering the scenario defined in the current draft:

  • If we don't want to archive emails forever (i.e. because we don't want that new Committee members have access to all the history), then we need to find the right way to delete content. Would be possible to have a rule to delete automatically... emails of resolved tickets after i.e, 6 months?
  • If the Committee decides to delegate the resolution of a report to Developer Relations, could a ticket and related replies be copied or moved to the developer-relations queue?

If the Committee or Developer Relations want a specific ticket and replies to be deleted, they could request to an OTRS admin, who would only need the ticket number to delete it, without accessing to its content.

Anything else?

(Questions in the initial task, before changing its scope:)

  • Is developer-relations good, or should we go for dev-rel, devrel?
  • Should this email be simply an alias redirecting to the email addresses of the DevRel team members, or should we get something more sophisticated, as an own inbox, a private group where emails are kept archived...?

Event Timeline

Qgil raised the priority of this task from to Medium.
Qgil updated the task description. (Show Details)
Qgil subscribed.

Is developer-relations good, or should we go for dev-rel, devrel?

I guess people click or copy instead of manually writing (longer) email addresses. For public addresses I'd slightly prefer them to be words I can understand in human language, hence the longer version.
For Alias vs ML vs Group etc. I just point to the docs.

... and OTRS, actually. If that email address can receive confidential reports of Code of Conduct violations one day, we need to think this a bit better. In fact, I just realized that this email address and (the primary contact for reports) would need to have the same requirements in terms of privacy.

This is more complicated that I thought... I'll edit the description with the details.

Qgil renamed this task from Email address for the Developer Relations team to Code of Conduct reports to be handled via OTRS?.Sep 17 2015, 1:17 PM
Qgil updated the task description. (Show Details)
Qgil edited projects, added Znuny; removed Mail.
Qgil set Security to None.

Why not handle then public (transparency)? Except if privacy violations etc. of course.

rm Znuny (Wikimedia's OTRS service and setup at A request to otrs admins is needed.

Here we are just discussing how the implementation of the requirement for private reports would work. Whether reports should be public or private should be discussed at

According to the best option is to let the Committee decide the implementation details. I'm updating the task accordingly.

Qgil removed Qgil as the assignee of this task.Nov 18 2015, 11:45 AM
Qgil lowered the priority of this task from Medium to Lowest.
Qgil claimed this task.

According to several causal conversations, OTRS is probably not a good fit for this task. I think it is better to resolve this task for now.

(Since @Fae asked) as far as I remember, those casual conversations consisted in feedback from OTRS admins and others familiar with its way of working, noting that such tool most likely could not guarantee the privacy requirements for handling conduct reports.