response 70 of 118:

Sep 5 20:18 UTC 2002

Regarding #67; Calm down dude.  No one here is trying to ``annoy'' the
grex staff, board, membership, or general user populace.  They're asking
legitimate questions about legitimate concerns.  Grex isn't perfect;
nothing is.  Don't take a raised concern as an affront to the efforts
of those who make grex possible, take it as a constructive comment or
question from those who want to make grex better.  Making statements
of the form, ``try to understand that persistent, public, microscopic
review of our carefully implemented practices may be viewed with some
annoyance and skepticism'' just sounds arrogant, and somewhat ignorant,
given that in a previous post you said, ``Grex's entire networking
software base has been developed and modified with significantly more
than usual "due care" to prevent when possible and track when not any
abuses originating from our machine,'' when it's stated publicly that
only a few routines in the kernel were modified.  Are you quite sure you
know what you're refering to?  And assuming you do, are you sure that's
been effectively communicated to the userbase?

Some legitimate questions are being raised; it's unbecoming to dismiss
them out of hand due to your own prejudices, which is my impression of
what you're doing.

response 74 of 118:

Sep 5 21:01 UTC 2002

I wouldn't call getting the chair "winning"

response 76 of 118:

Sep 5 21:18 UTC 2002

Agreed.  I think it looks good to be able to quote a bylaw or standard if a
prospective member asks if their ID will be compromised.

response 78 of 118:

Sep 5 23:13 UTC 2002

I think Grex does have a responsibility to maintain the information.

response 80 of 118:

Sep 6 02:29 UTC 2002

HIPAA?  Huh?

Re #78:  What are you basing that on, specifically?

response 82 of 118:

Sep 6 08:41 UTC 2002

I think in a sense both Scott & Joe are right.  I would agree with Joe
that there is no legal *requirement* that we keep any identification
records whatsoever.  I also agree with Scott, in that I think as a
matter of sound operating principle it's in our *interest* to keep such
material, and that we have the *right* to keep such material.  This is
all a matter of balancing various risks, including the risk somebody
might commit fraud against us; the risk someone else either private or
gov't might come after us due to fraud committed by the first person;
the risk keeping such materials might give us should such materials be
stolen; the risk people might not give us money should we require
sufficient id or retain proof; etc.

A lot of these risks are pretty hard or impossible to measure.  I don't
know how to measure the risk that some future treasurer might decide to
register his 6 deceased grandparents as members plus all his nieces and
nephews and swing the election in his favor.  I can say with certainty
that there *are* people who would like to gain unauthenticated full
access to the internet through grex, and that giving such people access
would not be in grex's best interest.  I can't say how much such people
would hurt grex, except to say that systems that give such access are
far less stable, and tend not to last as long as grex has.  We've never
had law enforcement actually ask for information on an authenticated
member, so we don't know if what we keep is either sufficient, or what
exactly would happen if we did not have such information.
Unfortunately, I don't think this disproves the value of such
information -- it's like wearing seatbelts; you don't want to ever need
them, and they're not a panacea, but things could get a lot worse in an
accident without them so they're still worth wearing.  We certainly do
lose members over our identification requirements.  I would not say it's
a huge % - most of the people who've reacted negatively here are people
who have already indicated their unwillingness to contribute $ for
assorted other reasons.  We have also had would-be members submit
fradulent identification data, and been able to detect it.

I think the current identification process evolved in 2 stages: there
was whatever was originally decided upon very early in grex's history,
when it was just a dial-up system.  I'm sure that received plenty of
public scrutiny as there was less distinction between users, members,
board & staff (all of these latter groups comprised a much larger % of
the former due to the much smaller total population pool and lack of
geographical dispersion.) The internet identification process happened
later, and was part of a 2 prog effort to deal with potential network
abuse; the other part was the network blocks we put into the kernel.
This was before the modern vandal community evolved, but I don't think
we did so bad a job of identifying the risks.  There was board and
membership debate about this as well; and our modern policy is I believe
a pretty direct implementation of what was then decided.  There were
elements of the decision that as I recall were deliberately left up to
staff discretion; I think that included the exact forms of ID the
treasurer could accept.  To this day, I can still hear Mary arguing for
that specific point, although I can't remember if she was at that time a
board member or just a member at large.  Mary has always been a
consistent advocate of not overcomplicating or micromanaging any
process, for which I think she deserves proper credit and praise.

All of this is not, BTW, something that should belong in the bylaws.
Bylaws define the decision making *process*, it is not a recording *of*
the decisions.  Our bylaws provide for 2 ways to make decisions (either
via the board, or via a membership vote), and those decisions could be
either short term (the board & staff will go out, buy a laptop for not
more than $2000, and configure it with *bsd or linux for the use of the
treasurer) or long-term (the treasurer will only store grex confidential
electronic data on grex provided computers, and will only transmit such
data via secure means whenever needed for lawful purposes.) Our bylaws
also permit the membership to elect board members or change the bylaws.
The board can't change the bylaws on their own, which I think is an
important and useful safegard in our bylaws.

response 84 of 118:

Sep 6 13:43 UTC 2002

Regarding #83; The issue is what data is provided, how it's handled, and
how long it's retained after a membership expires.  I was kind of surprised
to hear that Mark had credit card data for members who had long since left
grex.

response 86 of 118:

Sep 6 14:30 UTC 2002

What "data is provided" is totally up the the person sending the
identification.  We accept pretty much anything for a good reasons, first,
we want to make it easy for someone to comply and two, we're going to
trust people to do the right thing unless we find out otherwise.  So far
this philosophy has worked pretty well. 

How this identification has been handled was to keep it so secure only one
person has access to the data, the elected treasurer.  Someone has raised
concern that maybe the computer the treasurer uses should never be
connected to a modem because there is a very slim chance something could
get hacked.  As slim as this chance is a number of staff and board are now
looking into making sure this can't happen. 

The reason indentifying information will be kept for a long time, or at
least longer than a person might be a member, is because the window for
needing that information for identification doesn't end when someone
leaves Grex.  What that person has done on the Internet isn't undone when
they leave Grex. 

response 88 of 118:

Sep 6 14:57 UTC 2002

I received an alternate ID from the one member whose credit card we still
were using.  I decided that the one who had just expired is probably gone
for good, so I destroyed the piece of paper on which I had written their
numbers.  So now we're not saving any credit card numbers at all.

response 90 of 118:

Sep 6 17:15 UTC 2002

re #85 see #87
(Yes, I was referencing data retention responsibilities.  As a non-profit,
there is very little to worry about in that regards to retention schedules
other than for IRS and preferential financials that might be used down the
road for venture capital, etc)

I think its great there aren't any credit card numbers in storage.
What about the option to accept paypal as a validation method?  If a
membership includes a manual(3 month), isn't it possible to require the
address for shipping if a paypal for "goods" is accepted?

response 92 of 118:

Sep 6 18:34 UTC 2002

Paypal validates some users and not others.  When I get a payment, it either
says "this user's address has been verified" or "this user's address is
unverified".