RE: Cybercrime treaty
> -----Original Message-----
> From: Adam Shostack [mailto:adam@HOMEPORT.ORG]
> On Mon, May 08, 2000 at 01:24:04PM -0400, Steven M. Christey wrote:
> | One Board member has since sent me an email saying that they are
> | concerned with the Editorial Board as a whole making a statement,
> | although they personally agree with what is being said.
> The member's
> | concern appears to be related to the fact that if "the
> Board" makes a
> | statement, then the member's organization may be viewed as agreeing
> | with the statement by association.
> | A different member sent me an email saying that while the member
> | agrees with the concerns, they cannot comment publicly on this,
> | especially while their own organization may be pursuing this issue
> | independently. But this member did not seem to be
> concerned with how
> | a Board statement would reflect on their own organization.
> | So it seems to me that it may not be appropriate to have a statement
> | from the Board as a whole. I think that part of this is due to the
> | fact that we don't formalize whether Board members are speaking for
> | themselves or for their organizations.
> | I think we could work with the introductory text that
> Stuart provided,
> | and say that the statement is a result of Editorial Board
> | and advocated by various Board members, but it is not a statement by
> | the full Board itself. Individuals who are not comfortable with
> | speaking for their organization could provide feedback behind the
> | scenes, or be listed on the statement without their organizational
> | affiliation.
> Having talked with my lobbying folks on this, they say that a
> statement by the board is a much stronger tool to present to the COE,
> and that a statement which headlines that the board could not agree
> has less of an impact.
I agree with this, and I have had an initial discussion of the matter with
Howard Schmidt about it. As soon as we can get something nailed down (and
Stuart's post looks like a great start), I am going to try and push so that
this isn't just IMHO, but also something that Microsoft Information Security
will stand behind as well.
> Steve, could you ask those who question a board statement if they'd be
> more willing to accept a disclaimer within the text, such as:
> "In our capacity as security experts, <Treaty> has recently
> come to our
> attention, and we have some concerns about it, specifically Article
> Or at the bottom: "Affiliations are listed here for identification
> purposes only."
> This allows a board statement to be made without drawing in all of the
> organizations which we may or may not represent.
We really need to sort this out. We have a real need as a group to deal with
this issue in a positive, pro-active manner. If certain members have a need
to drop out of this for their own reasons, then I want to come up with some
way to speak as a group without diluting the message. It may just be a
matter of spinning it properly. If we demand 100% consensus to ever speak as
a group, we'll never say anything. I do very well understand the perils of
speaking for your company without proper authorization, but I know that we
need to speak out on this.
"They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety." - Benjamin Franklin