Preventing Privacytools conflicts of interest - ensuring Privacytools integrity

nope, it was me! xD and yeah i understand you its like telegram problem i mean all on reddit say its bad so normal or new user in privacy not know why exactly it’s bad but if you asked one of folks they will say it’s bad because encryption not auto (for me its not big problem) so at least when someone say something is bad also say why it is bad and same on good to get a big map and let user see what fits him

1 Like

I’m co-founder of safing, a company sponsoring PTIO. Here are my two cents from a founders perspective.

TLDR

only read Section 5.

1. What the PTIO team does is incredible

I’m a web developer. I understand what it takes to create and maintain a website. Through colleagues I know about the implications of hosting and server management. Through the last year I’ve also invested more and more time participating and contributing to the privacy community. And striving for the same kind of transparency as a company, I’m also responsible for the presentation of all our information. Oh yes, and then there’s policies, legal stuff and management. The point of all this being - I feel I can somewhat grasp what your responsibilities are and the sheer amount of work it all requires.

To top it off, this is my full time job (and I still struggle to keep up with it all). But you all are doing this in your free time! It really is mind blowing what the PTIO team has done and continues to do. You do not hear this often enough: THANK YOU!


So even though you are buried in work you still manage to prioritize correctly and hit your high set standards. This discussion is another example of it. A crucial affair that needs to be discussed and resolved. Thanks for all of your transparency in the matter.

As a result it really does not surprise me that your venture is seen as an exemplary role model in the whole privacy space. As Dan correctly said:


But this is not the end of the story, let me elaborate:

2. Perceived trust vs Trust

How trust works is that a person simply has to perceive you or any other entity as trustworthy. This is based on metrics that vary from person to person. You normally are only able to have any kind of relationship if this perceived trust exists. Be it friend <=> friend, customer <=> company, community <=> ptio, etc…

Now take note it does not matter if the trusted entity is really trustworthy or not, as long as the perception upholds, the relationship can continue. (*cough*, shitty VPNs, *cough*)

The same applies the other way around: if you are perceived as untrustworthy but are the most honest and trustworthy project in the world, you will still not succeed.

There is a whole industry aware of that fact and willingly exploiting our psychology. Marketing.

3. The Privacy Community

We are a bunch of people who have been exploited and lied to time and time again. Marketing claimed this, marketing claimed that. And yet, companies failed us again and again and again.

As a result we have become one of the most skeptic bunch in the world. We question everything. Every marketing claim thrown at us we inspect and take apart with scrutiny. And that is a great thing! No marketing claim without truth behind it lives long in the privacy realm. I truly believe that our community is one of the few places where truth and transparency prevail.

But beware, we are still driven by psychology. We still have limits and draw lines since we cannot investigate everything. So where do we draw the lines? It depends on each individual, but as a whole I believe there are a few strongly agreed upon “rules”. Think open source vs closed source. And another one is:

4. Money corrupts unbiased judgement

A recent blog post by @jonah shows how money corrupts top ten lists. As @danarel mentioned, your commitment to being unbiased as a team made you set up wonderful barriers to prevent any room for bias. Your finances team is decoupled from your review team. And you clearly state what sponsors get and what they don’t get.

And you communicate this clearly, so the community can perceive you as trustworthy - and there is a lot of evidence to back it up after their investigating. This is why you got where you are.

But your policies do not address the current affair.

5. There’s no way around a policy

I can exactly predict what will happen when you allow team members to be financed by a company listed or wanting to be listed on PTIO. The community will investigate and take apart that decision with scrutiny (see 3.), they will agree on their conclusion that this will corrupt you (4.) and their psychology will kick in and perceive your whole venture as untrustworthy (2.) - and start advocating this perception throughout the space.

Sadly, in this matter I cannot see a room for compromise. Because where should we draw the line? Is part-time OK? Consulting? What amount of consulting? What if it turns out to be “just 5 hours” of consulting (but paying 10.000$/h)?

And from a company perspective, there is another conflict: Why would a company go down the official and transparent route of supporting you via sponsorships when there is a potentially “more effective” way? (this whole story does not shine any good light on Startpage fmpov, but that’s another story)

And I really want you to get more sponsors and ideally even gain the possibility to pay some of your work through the opencollective initiative.


You’d shoot yourself in the foot in too many ways. You need a policy.

6. Conclusion

After a long buildup and some blunt words I’d like to wrap up with words of thanks.

Thanks again for all your work (1.), thanks for your transparency - not only in this concern but in general! And thanks for always holding the bar so high, prioritizing the PTIO mission before personal gains.


To @danarel:

I am in no doubt that you never meant any malice and I believe that you could cope with consulting a company without it corrupting your judgement. Thanks to you personally for being so open about it. It kinda proves my point. But sadly, perception is stronger which fmpov, excludes that as an option :neutral_face:


to @all PTIO team members:

If a great opportunity emerges for you and you are excited about it, by all means, take it. Nobody will blame you for prioritizing financial stability. As mentioned before, you’re taking up an humongous amount of work for free. I can only assume some of you will struggle more financially because of it. And likewise nobody will think lesser of you if you resign (for whatever reason) after a while and pass on the baton.


I truly hope you know I and so many others appreciate everything you do. Kudos to all of you!


And 7. consider supporting their work, individuals and companies alike!
https://opencollective.com/privacytoolsio

5 Likes

I think this would be a good idea in theory, but in practice I think the team is too small to have enough people interested in a specific topic and in some cases I fear this policy could stop VPN or Real Time Communication sections entirely or damage others like DNS.

Most of the team is in the team-only Matrix room and may be discussing there daily/nightly depending on timezone and while I am not sure would I recognise someone else’s text without name, I agree that there wouldn’t be too many options who has talked about something externally.

However I don’t think the point of the Whistleblower policy would be anonymity, but more of something that could provide support for the decision that whistleblowing is the right option or encourage taking that option calmly. I think it should also document how to perform the disclosure better than this.

2 Likes

Totally agree, IMHO it is totally an issue about public relations, I trust you people and I don’t think this will make you change the way of doing things, but I’m sure a lot of people (most of them on reddit) will get paranoid about a lot of stuff who they shouldn’t, and this can be one of them. For the sake of transparency creating some sort, or a policy will provide you with a better perception from the community.

1 Like

This makes me more unhappy about startpage than before, as it seems a cynical and manipulative move on their part. I don’t doubt that they see value in the skills of the entire PTIO team, but how can they not be fishing here for areas of influence? It has been found repeatedly that pharmaceutical companies leaving even something so small as pens and memo pads in medical practices creates a sense of obligation in the physicians. It’s simply the sense of reciprocity in the human mind.

2 Likes

I believe now is the time for Team Members to document what companies/types of companies they work with/consult with generally that should preclude them from making decisions about a specific company or industry – basically any kind of potential PTIO conflict of interest in fact or appearance. This doesn’t mean everything – only affiliations a reasonable person would see as conflicts.

For example, @mikaela notes later (in response to my question about other potential PTIO conflicts of interest) that @Jonah owns the hosting provider Nablahost.

Ideally, Jonah would disclose this in his bio, and Jonah would recuse himself from voting on any hosting providers. He would also disclose and recuse if he services (or discusses servicing) any company/service listed or considered for listing/delisting/relisting on PTIO. (To Jonah’s credit, PTIO has not listed Nablahost, but has actively discussed whether listing it would be ethical.)

If, for example, Startpage or System1 asks Jonah for a bid on hosting one of their servers, he would recuse himself from voting on Startpage and search engine matters while he is considering the offer. If a contract is formed, then Jonah would recuse as long as the relationship is in effect.

Later in this thread, @infosechandbook refers to a forum thread titled War of Recommendations in which he recommends ways to make PTIO recommendations/actions more transparent and evidence based, writing:

What could be a solution?

As originally suggested on GitHub , PTIO should introduce a transparent catalog of criteria for software and services. For services, there are already suggestions by @LizMcIntyre . Furthermore, PTIO should define a list of typical threats that need to be considered when evaluating software and services. Finally, recommendations should come with sources for statements and recommendations should be regularly and transparently reviewed.

What would happen if PTIO adopts infosechandbook recommendations? In the Jonah Nablahost case, Jonah’s hosting service would be evaluated using standard objective criteria, like any other service. These criteria (and PTIO Team member ownership) would be made public to foster trust in PTIO recommendations.

Sounds complicated, but @Supernova points out how a compliance officer could help keep organizations out of the muck, as you’ll see in a later post. Maybe a PTIO volunteer could serve in this role and help advise Team Members about disclosures and recusals. (Maybe @Supernova?) This person could also help ensure objectivity and transparency with regard to PTIO decision making.

NOTE: Edited to reflect new information and helpful comments by @infosechandbook @supernova and @mikaela

Independently of myself, @blacklight447 is working on some policies that I cannot comment on at this time, but I will share my thoughts on everything else here.

I think you’re great, Liz, but realistically your views on this subject cannot be taken at face value either. Your bias against Startpage and their relisting on PrivacyTools is almost definitely affecting your actions: “reading between the lines” to draw attention away from recommendation discussions and towards problems that don’t exist.

Ultimately the only consequence we’ve really seen here is that the privacy of one of our team members was violated. He requested and made clear that he did not wish the details of his life be shared publicly, especially as they were still working out what a final agreement would look like. Sharing this information on GitHub was unnecessary at that time, and continuing to delve into the matter on GitHub and in this thread do not seem like actions made in good faith. It creates an unhealthy environment where people will be unwilling to share this information in the future. I know for a fact that these discussions have caused considerable stress for many people in the team and community.

To me, constant side discussions regarding Startpage like this seem like ad hominem arguments intended to distract the community and the team from relisting Startpage based on the facts that we currently understand about their organization. We know that they have been responsive to all questions and concerns we have voiced, and I do think they should be relisted, as I stated in all my reasoning at #1562. The opinions of the team and community do not change these facts, and the opinions of a single team member make up but a small part of the decision making process as a while.

Creating additional documentation of the team is not something we are considering. We respect the right for our team members to only divulge the information they wish to be public, as is the purpose of our entire organization. In the same line, we hope that the procedures we have in place regarding recommendations and the transparency of the organization as an entity make why we chose to take the actions we do.

Hey @jonah. I did NOT reveal Dan’s name as the PTIO Member. He did right here in this thread. I would not do that without his okay. He wrote the following in the post above using his name:

As stated on GH, the StartPage offer was made because the company learned that the member, which is me btw, and I’m not hiding that fact, had relevant experience that could benefit them. But instead of having that conversation during the delisting discussion, a separate meeting was scheduled to discuss my professional experience.

========================

Note that I was the first one to encourage Privacytools to take a breather before immediately delisting Startpage back in October. In fact, you were the first to recommend immediate delisting. In addition, I requested that we give Startpage time to respond on multiple occasions, as you’ll see in this github thread.

Yes, I am very disappointed with Startpage, but my concern lies with its new majority owner System1. I have become more concerned as new information comes forward, like the fact that System1 processes some fuzzed search data. I think it is reasonable to be concerned about a pay-per-click advertising company being involved in the processing of a privacy search engine. I’m clearly not alone in that, and I believe it is important to speak out as many here have about their concerns.

I agree that Startpage finally did answer most (though not all) of the questions completely. For that reason, I did not object to the relisting. My comments were only suggestions that would have made any listing more accurate and protect PTIO’s reputation.

However, I do understand PTIO Team Member @blacklight447 's reason for recommending against relisting based on lost trust. This latest incident is just one more support for her argument. Your sponsor Safing’s @davegson commented on this situation, writing:

this whole story does not shine any good light on Startpage fmpov

I have to agree with that.

You are suggesting that somehow I manufactured this conflict of interest. In fact, it was brought about by a very unfortunate situation and revealed as a conflict of interest by a PTIO Team Member whistleblower. Not me. I also give Dan Arel credit for coming forward with details and being willing to share his name.

BTW - I believe Dan could be considered a victim here because he reported the situation internally to the PTIO Team and likely had no idea how this could be perceived as a shady backroom deal. An appropriate policy would have saved him and all of PTIO from this controversy.

Creating additional documentation of the team is not something we are considering. We respect the right for our team members to only divulge the information they wish to be public, as is the purpose of our entire organization . In the same line, we hope that the procedures we have in place regarding recommendations and the transparency of the organization as an entity make why we chose to take the actions we do.

I think this is very unfortunate, but it’s not my decision. This current conflict of interest situation shows why transparency is so important to trust and why objective documentation that supports listing/delisting/relisting decisions would engender greater trust. In fact, your biggest and only current PTIO sponsor @davegson (Safing) has recommended a policy, writing:

There’s no way around a policy

I would appreciate it if you would correct the record and what you wrote in light of the evidence I have shared here. Thank you.

He didn’t mean you when he said my privacy was violated. I wanted to make sure you know none of us are accusing you of that.

1 Like

With a proper policy I think that privacy can be preserved. If a team member immediately shares the situation with the rest of the team, then that immediate conflict of interest can be dealt with by temporarily having that team member step away from decisions related to that conflict. This can be kept private (though should be documented) so when a final decision is made then information can be publicly released about what offers were made, how the decision making process was isolated from any conflicts of interest, and the ultimate resolution (offer rejected, offer accepted and team member agrees to a more restricted team role, etc).

Exactly why a policy is needed, so people know exactly what to do and what the expectations are in this situation. I don’t think actions made on GitHub were made in bad faith, there just were no clear guidelines on what was proper procedure. The fault for this playing out on GitHub is the lack of a policy.

Also, a policy will inform outside sources of such offers that PTIO does see such offers as a potential conflict of interest. Ultimately it was StartPage that started this by making the offer in the first place. If they did not recognize that such an offer being made was a potential conflict of interest while a decision about relisting them was in active discussion, then that is on them. It does not make them look good at all. And now they may pay the price for their ignorance/oversight. But in the real world that is what happens. Ignorance of a regulation is not a defense in the world of compliance.

Unfortunately now any facts are now muddied by perceived foul play/interference on the part of StartPage to influence PTIO decisions. They seem tone deaf to the potential appearance of questionable tactics. Maybe there should be another question required for all recommended services:

Does your organization employ a compliance officer?

So, does StartPage employ a compliance officer? If so, how was this offer not flagged by internal procedures?

2 Likes

Adding some general information and more transparency to recommendations as discussed in The war of recommendations could help avoiding conflicts of interest.

In the end, it is likely hard to verify published biographies by PTIO team members, because anybody can claim everything online. Furthermore, many things aren’t directly recommended by PTIO team members but by other people on GitHub or here. There is no way to check their biographies, too.

3 Likes

Sorry, this is not an impression I meant to give. I mean that we have team members who are especially interested in instant messengers (me) and team members who are especially interested in VPNs (e.g. dngray, blacklight (more of anti-VPN, pro-Tor though)), but none of us is working in that field as far as I am aware of.

I am currently on too weak powered laptop that would kill my draft, so I cannot check the live site, but by bios do you mean the about team page or GitHub profiles (they may have shortage of space though)? I am not sure if the team page currently has a spot for organisation that is being worked for, but I agree adding one would be a good idea.

The potential conflicts of interests that I can think of related to me are:

  • IRC - search the issue tracker at GitHub for The Lounge, I consider myself friends with some people involved with IRCv3, but I don’t think I could get any benefit from there so I am not sure it counts.
  • Tahoe-LAFS - It has been listed on PrivacyTools before I joined the team and while I haven’t personally used it yet, my partner is in some sort of position there drafting specifications and hosting the Mumble server they meet up on.
  • XMPP / Salut a Toi - I am a bit confused whether the same partner contributes there, but I understand them to have met many XMPP developers (and also brought me XMPP stickers).
  • Matrix - Before moving to a low end device, I was optimistic about them, op on #matrix-irc on freenode and started documentation on matrix-appservice-wiki.
  • Several associations / volunteer work - I have publicly disclosed that I am an activist in Pirate Party Finland, Young Pirates Finland and another association I am involved with is Effi (Electronic Frontier Finland), but I don’t see them as being in conflict with PrivacyTools.

I am unemployed job seeker and I am not sure whether I should list the offers I have received and whether they have happened during my time in PrivacyTools, but none of them has went past a few emails or instant messaging lines to see that I have no abilities that they are looking for.

I also don’t see myself getting employed related to Instant Messaging (or secure DNS), but who knows. In case that happens, I will disclose my affiliation and make it clear to them that employing me wouldn’t be a method to get to PrivacyTools list if the other criteria for the software isn’t fulfilled (for example search for BCM Messenger at PrivacyTools GitHub where I have found issues with them three times already (I haven’t been in contact with them, only commenting and closing issues on our tracker + asked SecureChatGuide why do they list them)).

I fear I cannot publicly talk about my employment plans with specific businesses, but I am hoping to hear from one, I am waiting/hoping to hear from an organisation helping young people (as in under 30 or so) see if IT is right field for them and provide experience etc. and I am thinking of starting to try applying to any open helpdesk job if nothing else comes up, while I fear that I am unsuitable for that field, but at least it would be tried.

What I would really want to do would be sysadmining, but sysadmins don’t exist anymore as they have been replaced by devops who are apparently coders and I cannot code and am not interested in learnning as I would much rather put my time into learning actual languages that humans speak if I had the time/health/focus on that. I am also yet to do anything to see if I would have any prospects in translating or similar, but that field again has a looming threat of computers destroying it.

The only one I can think of and haven’t listed already is an open/stale issue about Nablahost which is hosting provider by @jonah and where PrivacyTools infra is currently hosted on. You can find it at GitHub and if I recall correctly, it’s waiting for thinking if we can list things by team member and the ethicality of that and I think feedback would be welcome there or comments on how to best do it if it’s OK at all.

PS. in case this message seems unclear, please feel free to ask for clarification I was jumping up and down thinking what I need to add ein the middle of something and I am not sure I got verything said, but I am happy to answer wherever I can. My CV is available on request (however it’s currently a bit outdated) if I perceive the requester as trustworthy as it includes my personal details such as address and phone number that I would be scared of publishing and as I am already maintaining it in two languages, adding versions without personal information would be too difficult for me.

1 Like

I think the hardest task at hand is discussing how to best prevent PTIO conflicts of interest without mixing in the Startpage affair.

This is difficult since it triggered this whole conversation, but I believe only when splitting the two can the PTIO team come up with the best possible solution.

It’s a situation our team at Safing often had to deal with. A sudden issue makes us realize we have never defined how to properly deal with such a situation. From experience I can say that the best results always happened when:

  1. we sat down after a period of calming down
  2. we talked about a general policy/solution for future occurrences
  3. only then we looked into how to solve the trigger issue in retrospect

@jonah’s words in that regard underline this importance

There is so much value to be found in the current discussions, but the meddling of the Startpage affair does interfere, even when not intended. I’m guilty of this too!

My plea is to take this step by step.

1 Like

Hello folks,

So the last few days, we came to the conclusion that Dan’s employment could potentially lead to a conflict of interest, and even though the majority of us have no doubt in Dan’s integrity, we would still do good if we had a standard policy for handling cases like this. Especially as PTIO grows and as more companies will see our influence as “useful”, while not having good intentions.

As I am currently the community manager at PTIO, I took it as my task to research this issue, with the intention to develop a policy for PTIO, so we can have a standard approach to handling this going forward.
First, we would have to nail down exactly, when is something a conflict of interest.
The best answer to that is another question: Does the private interest of a PTIO member create an incentive(whether financial or something else) to act in a way that may be against PTIO’s best interests.
This one is really important to answer, because it tells you when something is actually relevant and should be disclosed and or acted upon. If the answer to the above question is yes however, you would have to know: how great of an impact is the private interest (does someone’s ability to pay their bills depend on it for example.)

If you establish that there is indeed a conflict of interest, that at the same time is big enough to make it likely that someone may influence their decision making on PTIO’s interests (whether consciously or unconsciously), we then move on to the next phase:

What action should be taken towards the member with the conflict of interest?
This is a very hard one, especially since the likelihood of someone actually turning rogue is hard to accurately predict.

In my personal opinion, I would recommend that the person would have their voting power removed for the subject(s) in which they have a conflict. Members who work for a VPN company should not be able to vote on VPN related subjects, Members which work with other search engine’s should not be able to make decisions over search engines, etc. This will send a message to potential companies looking to gain influence over PTIO, that hiring one of us won’t gain them a lot.

IF we choose to go with this policy, then we will integrate into our existing code of conduct, which means violations will be handled like other violations in this code of conduct.

Now about the subject of making PTIO members forced to make their jobs public, I don’t think this will be a good measure, for a several reasons: as a first, PTIO is a privacy project, everyone is able help out and join, without disclosing their identities, this makes it very easily to just lie about their current affiliations. We would just have to trust people on their good faith that they will properly disclose everything, which we would already do if we follow the proposed rule above. The only way we could really do this is by making it a requirement to disclose your identity to work for PTIO, which we simply cannot do. I am not saying that we cannot make disclosure a rule anyway, but I do not think it will add any real value, and if anything, will just scare of potential contributors.

I would like some feedback on these thoughts I gathered on this subject the last few days, so we can move forward to actually role these into an actual policy, to make PTIO just the bit more trustworthy.

Greetings,
Blacklight447

4 Likes

Greeting @blacklight447

image [quote=“blacklight447, post:27, topic:2517”]

In my personal opinion, I would recommend that the person would have their voting power removed for the subject(s) in which they have a conflict. Members who work for a VPN company should not be able to vote on VPN related subjects, Members which work with other search engine’s should not be able to make decisions over search engines, etc. This will send a message to potential companies looking to gain influence over PTIO, that hiring one of us won’t gain them a lot.
[/quote]

Yes. :heart:

image [quote=“blacklight447, post:27, topic:2517”]

Now about the subject of making PTIO members forced to make their jobs public, I don’t think this will be a good measure, for a several reasons: as a first, PTIO is a privacy project, everyone is able help out and join, without disclosing their identities, this makes it very easily to just lie about their current affiliations. We would just have to trust people on their good faith that they will properly disclose everything, which we would already do if we follow the proposed rule above. The only way we could really do this is by making it a requirement to disclose your identity to work for PTIO, which we simply cannot do. I am not saying that we cannot make disclosure a rule anyway, but I do not think it will add any real value, and if anything, will just scare of potential contributors.
[/quote]

Good points.

This could be remedied, in part, by creating objective measures and standard processes for ALL privacy services listed or up for listing/delisting/relisting. Making objective measures the basis for decisions and making all the documentation public would mitigate potential bias in 3 ways:

  1. Companies/services would gain little by seeking to influence voting members since they would be evaluated by public, objective measures.
  1. Objective, public documentation would point out obviously inconsistent or biased decisions. This would backfire against a biased Member or company/service trying to gain influence over PTIO.
  1. Companies/services would be on a level playing field no matter how much money or influence they might have to force an advantage.

Hi @blacklight447, thank you for your efforts!


1. - I’m happy to see your conclusion as a team and your thoughtful considerations to understand the multitude of this topic’s facets. iE:

super important context to consider malicious actors

great point to include our human psychology


2. - I also like the question to answer the question:

I believe this is solid approach to find out where one stands in a situation. I also think this might suit well to be part of the policy. Like a guideline on how one can evaluate a conflict of interest.


3. - Regarding your policy proposal:

I personally stand behind this approach. :+1:

A suggestion I would like to add is to clearly define how a team member can and should interact in discussions where there is a conflict of interest (COI). Naturally the team member would have no voting power in COI related subjects. But it should not prohibit him/her from giving input on these COI subjects. I feel “being on the inside” would give a valuable view on the matter. Therefor I suggest to allow participation in COI related topics, but always start off every message with a disclaimer about the COI.

A further remark in this regard is you will have to cover cases such as a member working at Proton in the email department, but Proton also offers VPNs (and other stuff). My suggestion in such a case would be to exclude the member-votes from all areas the company is involved in.


4. - I don’t see the need for PTIO team members to disclose their jobs. The only thing I’d like them to disclose is a COI. Apart from that, they should feel free to keep their lives as private as they want.


5. - I really like these steps forward - tackling processes to keep the main actors (PTIO team members) unbiased. After finalizing this it will surely provide a great foundation to then move forward on other initiatives that focus on removing even more bias from the listing/delisting process. Such as transparent criteria suggested by @infosechandbook or the questions from @LizMcIntyre

1 Like

Nice points
@blacklight447 good ideas, i support you and ptio team
:+1:

2 Likes

Thank you all for the considerate replies!

I will use this feedback to move forward and start writing a draft policy.

2 Likes

I agree these suggestions by @davegson @blacklight447 @LizMcIntyre are the correct way forward.

2 Likes

So while writing, another thing hit me:

So far, we have only talked about COI’s for individual members. But we have not talked about COI’s for PTIO as an organization.

For example: if a certain service or software developer which is already listed/or wants to be listed, decides they want to sponsor us.

Would it be considered to be acceptable to accept this sponsorship? If so, how would we prevent the service from becoming less likely to be delisted in the case they do something questionable?

I would appreciate thoughts from others on this.

2 Likes