Why hide it?
Why hide it?
Posted Oct 25, 2024 4:00 UTC (Fri) by dberlin (subscriber, #24694)In reply to: Why hide it? by shironeko
Parent article: Several Russian developers lose kernel maintainership status
Let me try to give you a bunch of practicalities here. I don't honestly have an opinion, but i think there's a bunch of info that is uncommonly known that might help.
First, I think people don't quite understand the entities on the other side of this (IE OFAC, Department of Treasury, etc). People are used to seeing copyright issues get resolved, but truthfully, this is nothing like that. This is actually serious. OFAC violations are strict liability (IE it doesn't matter if you knew), and carry very serious criminal and civil penalties. Personal criminal liability, in fact. If they come to you with an issue telling them something like "hey can you wait a few weeks so we can work out something we can say to our community" is not really going to work. They not only don't care, but it's also a good way to end up in jail.
Again, i have no opinion and I have no idea if that happened here. I have seen it happen before for sure.
Second, as a general rule, releasing legal advice destroys privilege of various sorts. Does it really matter in this case? Certainly not for the advice itself, where it would obviously no longer be privileged. The more concerning issue is probably whether they accidentally destroy privilege for any discussions around it, or any work products, or ...
Hypothetical:
Imagine DoT had come to the linux foundation (or whoever) with an issue. They go to discuss it with their attorneys. That discussion would probably be something like "oh fuck what do we do" and probably involved discussions or issues that, if they were non-privileged, could be dangerous (admission of things that turn out to be crimes, because basically everything related to this kind of compliance is a crime, etc). This sounds weird but it's totally common - the whole goal of privilege is to enable people to discuss things with their attorney without worrying about whether it will get used against them, so they can get the best legal advice possible.
Now you accidentally destroy privilege in this discussion by releasing the resulting advice (or whatever) - congrats, lots of people are screwed.
Privilege issues are not simple to deal with, either, as they vary state to state and country to country.
Especially when you are talking about serious issues like OFAC/etc compliance, I would generally be very careful about privilege.
These are just some of the practicalities, I can think of more, but these are IMHO, the biggest ones.
Note that this is not a US specific thing, either. Everyone has their version of OFAC/et al, with very serious penalties and ...
The only difference is who is on their lists.
Posted Oct 25, 2024 19:48 UTC (Fri)
by shironeko (subscriber, #159952)
[Link] (1 responses)
I would think the community would be a lot less upset and a lot less confused if the message is simply "we can't comment on this because lawyers"
Posted Oct 25, 2024 20:39 UTC (Fri)
by dberlin (subscriber, #24694)
[Link]
Posted Oct 25, 2024 20:14 UTC (Fri)
by pizza (subscriber, #46)
[Link]
At $dayjob-3, we had a lot of headaches due to dual-use technologies colliding with OFAC and ITAR. If anything, you're understating the seriousness of the situation.
(With a lot of of additional personal "fun" due to my place of birth being on the naughty lists for nearly my entire life. Suffice it to say there's a decent-sized file on me at $TLA)
Why hide it?
Why hide it?
It depends a ton on the situation (IE gag orders are common, etc)
Why hide it?