- This Transparency Policy (“Policy”) states OpenStack’s policy - towards disclosure of information to the public by members of - the Board of Directors (“Board Members”) and the officers and - other employees of OpenStack (“Employees”). The Policy provides - guidance for Board Members and officers in meeting their - fiduciary duties and Employees in meeting their legal - obligations. This Policy supersedes any written agreement of - the Employees for the information described below (but not - including any third party information subject to a separate - confidentiality obligation) unless the written agreement - expressly stated in writing that it supersedes the Policy. The - Board Members and Employees are permitted to share certain - information and are obligated to keep other information - confidential, as more particularly described in this Policy. - This Policy has been adopted by the Board, and comments or - questions should be directed to the Executive Director of the - OpenStack Foundation (“Executive Director”). -
- -
- 2.1 OpenStack favors disclosure and transparency to promote
- sharing and collaboration within the OpenStack community. This
- Policy will implement that strategy to assist in growing the
- ecosystem around OpenStack’s software, strengthening the
- platform and protecting the OpenStack brand. For these reasons,
- OpenStack adopts the following approach to information
- disclosure to the public under this Policy:
-
- (a) Board meetings (except executive sessions) are open to the
- public for dial-in participation. Meeting times and dial-in
- details are posted to OpenStack’s mailing list and at a
- governance wiki (“Governance Wiki”) accessible at
- http://wiki.openstack.org/Governance/Foundation.
- The Chairman and Vice Chairman of the Board will make best
- effort to publish the date, time and dial-in details at least
- one week prior to the meeting on the Governance Wiki and
- Foundation mailing list.
-
- (b) In advance of Board meetings, agendas are also posted to the
- Governance Wiki.
-
- (c) The Executive Director posts a summary of the Board meeting
- after the meeting to the OpenStack Foundation mailing list. The
- Executive Director will make best effort to post a summary to
- the mailing list within 72 hours of the meeting, after which
- point Board Members are able to comment or post their own
- summaries.
-
- (d) After Board meetings, the final versions of the Board
- minutes, including records of the votes of Board Members are
- posted to the Governance Wiki. The Secretary and Chairman of the
- Board will make best effort to publish the official, approved
- minutes within a month of the meeting.
-
- (e) The general Board mailing list will be made available to the
- public for read-only subscription, but the Board may maintain a
- separate mailing list or document store to discuss confidential
- topics as defined below.
-
- (f) OpenStack Foundation Committees and working groups, such as
- the Training Working Group and the Election Committee, are
- subject to the same standards as the Board in terms of posting
- meeting dates, agendas and summaries, and communicating via a
- mailing list, unless topics are considered to be confidential
- information defined in section 3.1. Committees and Working
- Groups should make an effort to solicit community input and
- participation on policy issues by the use of mailing lists,
- in-person meetings, webinars and phone calls.
-
- (g) The contents of final applications for Platinum Members and
- Gold Members shall be made available on the Governance Wiki no
- later than three days prior to the Board meeting during which
- they are being considered.
-
- (h) The Chairman of the Board shall provide an annual summary of
- OpenStack’s performance, which will include a financial
- overview, a summary of major decisions, achievements and
- challenges of the prior year.
-
- (i) Communication regarding Foundation governance will take
- place on the Foundation mailing list accessible at
- http://lists.openstack.org/cgi-bin/mailman/listinfo/foundation.
-
- 2.2 To put the community first, OpenStack Board Members and - Employees will work to share or discuss community and governance - information with the OpenStack community through established - channels before releasing the information to the media. This - does not include company-confidential information, such as - advance notice of product announcements, investments, - acquisitions or customer stories. -
- -- 3.1 Notwithstanding a general policy favoring disclosure and - transparency, certainsensitive information must remain - confidential. “Confidential Information” means (a) information - disclosed during the executive session of Board meetings - including, without limitation, personnel matters, discussions - around Gold Member applications and information collected, - prepared or discussed relating to or in anticipation of - litigation, (b) financial information (excluding financial - information included in the annual summary provided by the - Chairman of the Board) (c) disciplinary actions taken against - Platinum Members, Gold Members or Individual Members and (d) - information subject to other confidentiality obligations, - whether arising under law, statute or contract. In addition, - Confidential Information shall include certain “embargoed” - information which is temporarily Confidential Information and - which shall include (a) draft Board meeting minutes (but not to - the extent included in the final Board meeting minutes posted to - the Governance Wiki) or (b) information regarding strategic and - marketing initiatives that might damage OpenStack’s competitive - position if disclosed prior to authorization by theExecutive - Director or the Board. At the time embargoed information is - shared or discussed, the provider will set an explicit date or - criteria as to when it can be made public. -
- -- 3.2 Neither a Board Member nor an Employee (“TP Person”) may - use, disseminate, or in any way disclose any Confidential - Information except to the extent expressly permitted by the - Board or Executive Director. A TP Person must treat all - Confidential Information with the same degree of care as the TP - Person accords to his or her own confidential or proprietary - information, but in no case less than reasonable care. A TP - Person may disclose Confidential Information only to such - persons or entities as permitted by the Board or Executive - Director, who need to know such Confidential Information and who - have previously agreed or agree in writing to be bound by - confidentiality terms and conditions protecting the Confidential - Information substantially similar to those terms and conditions - applicable to the TP Person under this Policy. A TP Person - must immediately give notice to the Executive Director of any - unauthorized use or disclosure of the Confidential Information. - A TP Person must assist OpenStack in remedying any such - unauthorized use or disclosure of the Confidential Information - by the TP Person. -
- -- 3.3 A TP Person’s obligations with respect to Confidential - Information will not apply to any such portion that the TP - Person can document either (a) was in the public domain at or - subsequent to the time enters the public domain without action - or inaction by such TP Person; (b) was rightfully in TP Person’s - possession free of any obligation ofconfidence at or subsequent - to the time such portion was communicated by OpenStack to TP - Person; or (c) is made public by direction of the Board or - Executive Director. A disclosure of any portion of Confidential - Information, either (a) in response to a valid order by a court - or other governmental body, or (b) otherwise required by law, - shall not be considered to be a breach of the confidentiality - obligations set forth herein or a waiver of confidentiality for - other purposes; provided, however, that TP Person shall provide - prompt prior written notice thereof to the Executive Director to - enable OpenStack to seek a protective order or otherwise prevent - such disclosure. -
- -- 3.4 All Confidential Information remains the property of - OpenStack, and no license or other rights to Confidential - Information is granted or implied hereby. -
- -- 4.1 The confidentiality obligations set forth above is a guide - to a TP Person’s obligations to OpenStack, whether arising under - law, statute or contract, including but not limited to, the - fiduciary obligations of Board Members and officers. However, - the fiduciary duty obligations of Board Members and officers are - established by statute and supersede this Policy. -
- -- 4.2 Board Members are seen as authoritative sources of - information concerning OpenStack’s business. To ensure a - consistent approach to public announcements, Board Members - should generally defer to the Executive Director with respect to - communications with the public. -
- -- 4.3 The Executive Director, Chairman of the Board and Vice - Chairman of the Board, if applicable, are the primary - spokespeople when making official statements on behalf of the - Foundation. Board Members should not make use of their OpenStack - titleswhen promoting their own companies or products. -
- -- If a Community Member or Board member wishes to file a complaint - against behavior that is not compliant with the Transparency - Policy, he or she should contact the Executive Director - (jonathan@openstack.org) in the absence of an Ombudsman. The - Executive Director will determine if quick, corrective action - can be made, pulling in the Transparency Committee when needed, - and whether the complaint should be brought in front of the full - Board. -
- - - diff --git a/transparency-policy.rst b/transparency-policy.rst new file mode 100644 index 0000000..f55a432 --- /dev/null +++ b/transparency-policy.rst @@ -0,0 +1,194 @@ + + + +THE OPENSTACK FOUNDATION TRANSPARENCY POLICY +============================================ + + + +1. Background. +-------------- + +This Transparency Policy (“Policy”) states OpenStack’s policy towards +disclosure of information to the public by members of the Board of +Directors (“Board Members”) and the officers and other employees of +OpenStack (“Employees”). The Policy provides guidance for Board +Members and officers in meeting their fiduciary duties and Employees +in meeting their legal obligations. This Policy supersedes any written +agreement of the Employees for the information described below (but +not including any third party information subject to a separate +confidentiality obligation) unless the written agreement expressly +stated in writing that it supersedes the Policy. The Board Members and +Employees are permitted to share certain information and are obligated +to keep other information confidential, as more particularly described +in this Policy. This Policy has been adopted by the Board, and +comments or questions should be directed to the Executive Director of +the OpenStack Foundation (“Executive Director”). + + + +2. General Policy Favoring Transparency. +---------------------------------------- + +2.1 OpenStack favors disclosure and transparency to promote sharing +and collaboration within the OpenStack community. This Policy will +implement that strategy to assist in growing the ecosystem around +OpenStack’s software, strengthening the platform and protecting the +OpenStack brand. For these reasons, OpenStack adopts the following +approach to information disclosure to the public under this Policy: +(a) Board meetings (except executive sessions) are open to the public +for dial-in participation. Meeting times and dial-in details are +posted to OpenStack’s mailing list and at a governance wiki +(“Governance Wiki”) accessible at +`http://wiki.openstack.org/Governance/Foundation`_. The Chairman and +Vice Chairman of the Board will make best effort to publish the date, +time and dial-in details at least one week prior to the meeting on the +Governance Wiki and Foundation mailing list. +(b) In advance of Board meetings, agendas are also posted to the +Governance Wiki. +(c) The Executive Director posts a summary of the Board meeting after +the meeting to the OpenStack Foundation mailing list. The Executive +Director will make best effort to post a summary to the mailing list +within 72 hours of the meeting, after which point Board Members are +able to comment or post their own summaries. +(d) After Board meetings, the final versions of the Board minutes, +including records of the votes of Board Members are posted to the +Governance Wiki. The Secretary and Chairman of the Board will make +best effort to publish the official, approved minutes within a month +of the meeting. +(e) The general Board mailing list will be made available to the +public for read-only subscription, but the Board may maintain a +separate mailing list or document store to discuss confidential topics +as defined below. +(f) OpenStack Foundation Committees and working groups, such as the +Training Working Group and the Election Committee, are subject to the +same standards as the Board in terms of posting meeting dates, agendas +and summaries, and communicating via a mailing list, unless topics are +considered to be confidential information defined in section 3.1. +Committees and Working Groups should make an effort to solicit +community input and participation on policy issues by the use of +mailing lists, in-person meetings, webinars and phone calls. +(g) The contents of final applications for Platinum Members and Gold +Members shall be made available on the Governance Wiki no later than +three days prior to the Board meeting during which they are being +considered. +(h) The Chairman of the Board shall provide an annual summary of +OpenStack’s performance, which will include a financial overview, a +summary of major decisions, achievements and challenges of the prior +year. +(i) Communication regarding Foundation governance will take place on +the Foundation mailing list accessible at `http://lists.openstack.org +/cgi-bin/mailman/listinfo/foundation`_. + +2.2 To put the community first, OpenStack Board Members and Employees +will work to share or discuss community and governance information +with the OpenStack community through established channels before +releasing the information to the media. This does not include company- +confidential information, such as advance notice of product +announcements, investments, acquisitions or customer stories. + + + +3. Confidential Information. +---------------------------- + +3.1 Notwithstanding a general policy favoring disclosure and +transparency, certainsensitive information must remain confidential. +“Confidential Information” means (a) information disclosed during the +executive session of Board meetings including, without limitation, +personnel matters, discussions around Gold Member applications and +information collected, prepared or discussed relating to or in +anticipation of litigation, (b) financial information (excluding +financial information included in the annual summary provided by the +Chairman of the Board) (c) disciplinary actions taken against Platinum +Members, Gold Members or Individual Members and (d) information +subject to other confidentiality obligations, whether arising under +law, statute or contract. In addition, Confidential Information shall +include certain “embargoed” information which is temporarily +Confidential Information and which shall include (a) draft Board +meeting minutes (but not to the extent included in the final Board +meeting minutes posted to the Governance Wiki) or (b) information +regarding strategic and marketing initiatives that might damage +OpenStack’s competitive position if disclosed prior to authorization +by theExecutive Director or the Board. At the time embargoed +information is shared or discussed, the provider will set an explicit +date or criteria as to when it can be made public. + +3.2 Neither a Board Member nor an Employee (“TP Person”) may use, +disseminate, or in any way disclose any Confidential Information +except to the extent expressly permitted by the Board or Executive +Director. A TP Person must treat all Confidential Information with the +same degree of care as the TP Person accords to his or her own +confidential or proprietary information, but in no case less than +reasonable care. A TP Person may disclose Confidential Information +only to such persons or entities as permitted by the Board or +Executive Director, who need to know such Confidential Information and +who have previously agreed or agree in writing to be bound by +confidentiality terms and conditions protecting the Confidential +Information substantially similar to those terms and conditions +applicable to the TP Person under this Policy. A TP Person must +immediately give notice to the Executive Director of any unauthorized +use or disclosure of the Confidential Information. A TP Person must +assist OpenStack in remedying any such unauthorized use or disclosure +of the Confidential Information by the TP Person. + +3.3 A TP Person’s obligations with respect to Confidential Information +will not apply to any such portion that the TP Person can document +either (a) was in the public domain at or subsequent to the time +enters the public domain without action or inaction by such TP Person; +(b) was rightfully in TP Person’s possession free of any obligation +ofconfidence at or subsequent to the time such portion was +communicated by OpenStack to TP Person; or (c) is made public by +direction of the Board or Executive Director. A disclosure of any +portion of Confidential Information, either (a) in response to a valid +order by a court or other governmental body, or (b) otherwise required +by law, shall not be considered to be a breach of the confidentiality +obligations set forth herein or a waiver of confidentiality for other +purposes; provided, however, that TP Person shall provide prompt prior +written notice thereof to the Executive Director to enable OpenStack +to seek a protective order or otherwise prevent such disclosure. + +3.4 All Confidential Information remains the property of OpenStack, +and no license or other rights to Confidential Information is granted +or implied hereby. + + + +4. Additional Obligations of Board Members. +------------------------------------------- + +4.1 The confidentiality obligations set forth above is a guide to a TP +Person’s obligations to OpenStack, whether arising under law, statute +or contract, including but not limited to, the fiduciary obligations +of Board Members and officers. However, the fiduciary duty obligations +of Board Members and officers are established by statute and supersede +this Policy. + +4.2 Board Members are seen as authoritative sources of information +concerning OpenStack’s business. To ensure a consistent approach to +public announcements, Board Members should generally defer to the +Executive Director with respect to communications with the public. + +4.3 The Executive Director, Chairman of the Board and Vice Chairman of +the Board, if applicable, are the primary spokespeople when making +official statements on behalf of the Foundation. Board Members should +not make use of their OpenStack titleswhen promoting their own +companies or products. + + + +5. Process to File a Complaint +------------------------------ + +If a Community Member or Board member wishes to file a complaint +against behavior that is not compliant with the Transparency Policy, +he or she should contact the Executive Director +(jonathan@openstack.org) in the absence of an Ombudsman. The Executive +Director will determine if quick, corrective action can be made, +pulling in the Transparency Committee when needed, and whether the +complaint should be brought in front of the full Board. + +.. _http://wiki.openstack.org/Governance/Foundation: http://wiki.openstack.org/Governance/Foundation +.. _http://lists.openstack.org/cgi-bin/mailman/listinfo/foundation: http://lists.openstack.org/cgi-bin/mailman/listinfo/foundation + +