I've been thinking a lot about the DarkSim situation. Based on conversations with many different women, it's obvious he's engaged in predatory behavior. He doesn't belong anywhere with a commitment to inclusion.
But where is the line? Because we absolutely need to define it. 1/
But where is the line? Because we absolutely need to define it. 1/
Every time CoC is brought up, MRA people come out of the woodwork to note how CoC will be abused. For the record, I'm sure abuses have happened, but overall I'm quite certain that CoCs are a positive thing that have helped more than they hurt. 2/
I know of at least one situation at a conference this year where an absolutely unhinged individual tried to weaponize the CoC. For the record, I personally know both individuals involved and know the claims were BS. Conference staff made the right call in that particular case. 3/
But that leads me back to the question: where is the line? What's the burden of proof? I sort of feel like it's the (in)famous definition of obscenity: "I know it when I see it."
But is that perhaps too subjective? Shouldn't we have some definition that's more concrete? 4/
But is that perhaps too subjective? Shouldn't we have some definition that's more concrete? 4/
Before you say "if a person makes others feel unsafe, they should be barred from the event" I invite you to consider the ramifications.
Barring someone from an infosec con isn't like refusing them service at a Denny's. The former may heavily impact their career. 5/
Barring someone from an infosec con isn't like refusing them service at a Denny's. The former may heavily impact their career. 5/
They will undoubtedly miss out on networking opportunities that really underpin the infosec job market.
Separately, they'll have to deal with the stigma of being barred from the conference, something that may create liability for the con itself (if not handled appropriately). 6/
Separately, they'll have to deal with the stigma of being barred from the conference, something that may create liability for the con itself (if not handled appropriately). 6/
Of course there's also potential liability for allowing a known abuser to attend a conference (file this under "25 reasons I'm happy I'm not a lawyer").
I don't have a particular standard in mind for "what constitutes banning behavior" or "how long should a ban last." 7/
I don't have a particular standard in mind for "what constitutes banning behavior" or "how long should a ban last." 7/
Other questions include:
Does being banned from one conference imply a ban at others?
How should conferences share ban information?
I'm sure there are others that I'm yet to consider as well. 8/
Does being banned from one conference imply a ban at others?
How should conferences share ban information?
I'm sure there are others that I'm yet to consider as well. 8/
I don't have the answers for this, but I suggest we enact a standard. I don't think BSides DC wanted someone like DarkSim at their conference. At the same time, they lacked any framework to refuse him entrance. For that matter, I doubt the staff knew he was coming. 9/
We need a framework. One that:
Is transparent
Protects victims
Is resistant to abuse
Not everyone will adopt it, and that's okay. But it's a heck of a lot easier (and legally safer) to say "we comply with X" or "we do X except Y" than to continue with the status quo. /FIN
Is transparent
Protects victims
Is resistant to abuse
Not everyone will adopt it, and that's okay. But it's a heck of a lot easier (and legally safer) to say "we comply with X" or "we do X except Y" than to continue with the status quo. /FIN
Quick follow up: this isn't just about behavior at a conference. If you're a known shitheel 362 days a year, you can't just show up at a conference and say "I'm complying with the CoC, so we're good right?" We need to do better. 1/2
Many of the most complex situations in the industry right now involve people who don't stray over the line during a conference but abuse at after parties, etc. Obviously there needs to be a way to deal with these people as well. 2/2
