When do you plan to adopt new Conflict of Interest and Whistleblower policies?

Hi. Last I heard, the Privacytools Conflict of Interest and Whistleblower policies were just days away from adoption. What is the status on those?

1 Like

Hey there Liz, they should be finished soonTM.
i just haven’t had to time to focus on them lately because of some private situations.

4 Likes

Thanks. I hope all is well with you!

1 Like

Thank you, I am doing well now. its just that its an important topic, and i only want to work on it when i truly can spend quality time on it. I don’t want this to become rushed, and cause us to overlook something.

It was already pretty much done for a while, but were were still thinking about what will done when an edge case pops up, specifically about our framework for compliance officers. (for example, what if either or both of the compliance officers turn rogue? any of of these two people can do significant damage to the projects reputation, even if the project itself has done nothing wrong).

3 Likes

The more likely scenario is where a Team member damages PTIO by entertaining a Conflict of Interest situation, and another Team Member feels obligated to go public about it. This has already happened. I believe having a framework in place will reduce risk and help restore trust in PTIO.

It was just an example of an edge case. there can be many others. don’t get me wrong, the complaince officer policy and COI policy will go live, no discussion there. we only want to make sure there are no loopholes in there that folks could use to subvert the policies, so to speak. and make sure it won’t have unintended consequences.

p.s. may i ask you why you always use archive links? it makes it look like we are trying to hide things, while we have been open from the start and haven’t hidden anything, it comes over a bit distrusting, and quite frankly, offensive.

I usually don’t use archived links here, but the Conflict of Interest posts were collapsed at Github. If I linked to a lot of collapsed links for the example, it wouldn’t make sense. See the difference at Github.

EDIT: Sorry. That was the archived link. Here’s the link with the collapsed posts. Those COI-related comments were labeled “off topic” relative to the Startpage relisting. I understand why that was done, btw. Not saying someone was trying to hide something!

I see, as long as thats clear, then we are fine :slight_smile:

1 Like

I thought about this a lot last night after I signed off. At first, I took the comment at face value without giving it further thought. Then I started to wonder why there would be so much concern over information that might come forward.

Why would that be @blacklight447?

If an organization is operating transparently, and there are no current or potential improprieties being contemplated, what would there be to fear from a compliance officer? I don’t get it.

There is no fear, but you know how the privacy community is: distrusting.

If there is the slightest sign that something might be wrong, people will draw their conclusions and not look any further.

Now imagene this, one of the team members gets into a fight with the external compliance officer, could be about anything, and the complaince officer thinks, screw these guys, im gonna say that they are compromised to harm them! Lots of folks never look any further then a headline, they could read a single headline about the officer claiming something is wrong (when nothing is wrong) and immediately assume that is what happend, and spread the rumor that we are compromised, when we are not.

Yet again, this was just an example of an edge case, not a “fear” as you describe.

Let’s remember that the past?/current? Conflict of Interest was revealed by a Whistleblower – without any known provocation or policy in place. The Whistleblower seems to have acted on conscience and likely would have followed a more formal path if COI and Whistleblower protection policies were in place.

Aren’t you the main compliance officer? I could never see you creating false information because of a disagreement TBH.

Yet again, this was just an example of an edge case, not a “fear” as you describe.

I consider the scenario far-fetched, myself, but maybe that’s because I’m not privy to the Team dynamics.

You can never see me do it no, but remember , the position is temponary, anyone on the team can be elected as the internal, and anyone in the community can be elected can become the external.

Also, i think we agreed that mikeala was not a whisleblower, she saw what she believed was a conflict of interest, and tagged the issue. You are now implying that we tried to hide something, which i do not appriciate.

And yes the situation is far fetched, thats why its called an edge case, it pushes situations to the edge of whats possible.

Not all. In fact, you were very forthcoming about the situation once Mikaela asked the subject of the COI to step forward voluntarily, as was Dan. You can see that clearly in the uncollapsed github discussion.

For the record, I don’t believe Team Members understood that a Conflict of Interest can be in fact or appearance. I don’t believe everyone understood that a work/job/partnership/contract? offer to a Team Member during delisting/relisting discussions for that service was problematic.

Not sure if Mikaela had formal audit training, but she was right. (I can say that as a formal professional auditor.)

I do consider @Mikaela a whistleblower because she was the catalyst for bringing unknown information about the situation to light. Whatever you want to call her, we should all be grateful to her for her courage and protect her.

It’s good when organizations make it possible for important information to come to light. Sunlight is the best disinfectant – and a terrific deterrent.

A whisleblower implies that there is some wrongdoing that cannot be solved otherwise. Mikeala simply made a tag on github after we discussed dan’s notice in the team chat. It wasn’t an courage or scary stuff going on, and you are deeply overplaying its significance. It doesn’t matter what YOU consider what is and is not a whistleblower.

We did, however, came into a situation that we hadn’t encountered before. We discussed this publicly on github, and decided the a conflict of interest policy was a good idea.

1 Like

I didn’t and I don’t.

I also tagged several other issues and pull requests where the authors neglected to mention their connections giving “anyone can see my affiliation from my profile” as a reason. The tag itself can likely be seen in issues that had it, but it was deleted in favour of this PR.

I think it depends on whether you consider my anger and frustation at people not disclosing their affiliations as scary stuff.

1 Like

Maybe you didn’t see @Mikaela 's other post about the Conflict of Interest situation @blacklight447 because her comment was labeled as “off topic” almost immediately after she posted it. Collapsed posts can be overlooked very easily. Here’s the pertinent part of that collapsed post from January 15, 2020:

…we have a team member whom I cannot name and whom I hope will come up who has been offered a job by StartPage and we are having a bit of disagreement within the team on how to handle that.

In my opinion the person should tell about it by themselves as I fear it could sway people close to them in the team into accepting StartPage getting relisted in fear of making them lose the opportunity thus making this a conflict of interest and I see a potential conflict of interest even if the team swore to not care about their employment.

Of course, we now know that the same person who posted the Startpage relisting pull request was the subject of the Conflict of Interest and the same person who removed the Conflict of Interest label Mikaela posted as a warning. She continued blowing the whistle in spite of repeated attempts to dismiss her concerns.

Physical harm isn’t the only thing whistleblowers face. They also face social repercussions. In Mikaela’s case, I noted that she was accused in more than one location (without naming her directly) of violating Dan’s privacy. Note that she never violated Dan’s privacy. Dan stepped forward after the privacy community began speculating about who the potentially compromised Team Member or Members were. He could have remained anonymous.

I know from personal experience how hard it can be to point out issues and then face belittling rhetoric and more. You may feel it’s no big deal @blacklight447, but it’s a very stressful situation to be in.

Are you leaving out the part where Jonah was the one who called for the relising and my PR was made before I was offered a contract on purpose? Because it seems so.

I removed the COI flag from all the posts she applied it to because she acted on her own in doing so, outside of the team, which we agreed was a bad label to apply when we had no policy for such action.

You mean like when you went on Reddit and told people I only accepted the contact because of my financial situation which was a totally made up story on your part?

Again, this is false. I sense a pattern here… It seems this entire ordeal is full of false information about me, the entire project itself and is focused squarely on creating conspiracy where there is none.

I came forward the very moment I said “i accept” to Startpage’s contract, which is exactly what I discussed doing with the PT team and no one raised a concern with that.

You’re not a “whistleblower” when you’re not exposing anything. When I told the team about my offer, I violated no terms. In fact, I didn’t have to tell them at all. I am a volunteer with zero responsibility to tell them anything about myself or any job(s) I have. I made the decision to tell them well in advance because I believed it was the right thing to do, and since the team had never had this sort of situation before, I thought it would be the perfect time to come up with a policy or plan in case it did happen.

Again, I violated no policy, and at that point had not even been officially offered a contract. They exposed nothing other than the fact they are not a trustworthy individual who started rumors and speculation and then led to people such as you Liz, spreading false information about me on very public forums.

Frankly, I am sick of my name being in your mouth at all because anytime it is, it’s false information. And to really top it off, I find it absurd that it’s an ex-Startpage employee who is trying to lead the charge on a campaign to discredit me and Startpage. Sorry, but your COI is a lot more relevant than mine. I happily handed over my voting rights on Search Engines when I started working w/ them but you have been on a one-person crusade to ensure no one trusts them on here, Twitter, and Reddit.

So with that, see ya. You have an agenda and its painfully obvious and it totally discredits everything about your work. You have been consistently dishonest and I no longer have time for it.

2 Likes

You’re not a “whistleblower” when you’re not exposing anything.

@Mikaela did expose something. She alerted the public that a company made an offer to an unnamed PTIO Team Member at the time of delisting/relisting discussions for that company. She recommended that person voluntarily step forward and explain.

I removed the COI flag from all the posts she applied it to because she acted on her own in doing so, outside of the team, which we agreed was a bad label to apply when we had no policy for such action.

This is yet another reason to consider @Mikaela a whistleblower IMO. She labeled the Conflict of Interest as she saw it – even against the majority consensus. It took courage to speak out like this.

I came forward the very moment I said “i accept” to Startpage’s contract, which is exactly what I discussed doing with the PT team and no one raised a concern with that.

IMPO, you should have disclosed this publicly as soon as the offer was extended (November 2019, right?) – especially since you entertained the offer. I believe you stepped forward January 22, 2020.

Note that I was very positive about your stepping forward voluntarily. You could have remained anonymous. No one is trying to blame you. Clearly, you didn’t think you should be obligated to disclose the offer when it was made.

Here’s what you wrote about the Startpage offer, for the record:

Through those discussions and subsequent emails about how Startpage could have better handled the situation and why the privacy community was so alarmed, it was revealed that my professional background is in marketing and communications. Coupled with my experience and knowledge in the privacy community, I was offered a meeting w/ some of the Startpage team.

That meeting led to them offering me a contract to do 2 things…


…trying to lead the charge on a campaign to discredit me and Startpage.

You should know this isn’t true. For one, I was the first to request that PTIO NOT delist Startpage immediately. I asked for restraint multiple times. I thought it was only fair to give Startpage and its new majority owner System1 the opportunity to address concerns. While they did not respond promptly as we all would have hoped, I did not object to the recent relisting decision since most questions were finally answered.

It’s true that I have expressed concerns, as have others in the privacy community. For example:

Am I not allowed to ask questions and express opinions like everyone else?

Note again, that @Mikaela did not name you and should never have been accused of violating your privacy. You posted that you had no problem being named and discussing the situation. That’s the only reason I discussed this with you publicly. Being named was your choice.

You mean like when you went on Reddit and told people I only accepted the contact because of my financial situation which was a totally made up story on your part?

That’s not true. I never said that. You wrote the following, which led people like myself to feel compassion about the need for you and other Team Members to earn a living – and to be sensitive about that need:

…“outing” them for asking to discuss my profession with them would likely have cost me a gig because it would have shown I didn’t trust their intentions.

That’s a lot different than a company asking to have a discussion about how they can get relisted.

I think the guidelines should also be careful not to hinder our team members (who are all unpaid volunteers) from getting jobs, be it full time, or consulting.

We have families to feed, etc. what we need is trust from users that we care about the organizations integrity, but also that our team is set up in such a way that one member can’t accomplish something such as relisting or listing a service on their own.

This had to be a separate post because I was SO upset when you wrote the following about @Mikaela:

They exposed nothing other than the fact they are not a trustworthy individual who started rumors and speculation and then led to people such as you Liz, spreading false information about me on very public forums.

It’s unfair of you to call Mikaela untrustworthy, @danarel. She did what she thought was right. What’s more, every fact she posted was ultimately verified as true – by you – AFAIK. Please point out if she made any misstatements because I haven’t found them. (Maybe I’m confused or misinformed?)

I don’t believe anyone has called you names or called you dishonest. In fact, I (and others) have given you the benefit of the doubt at every turn. If you prefer not to discuss the COI any further, I will certainly honor that request. I thought you were very open to fully discussing and debating this since you were so public about it, and I apologize if I misinterpreted that.

If there’s something you feel I misrepresented or misunderstood, let me know. I am very open to correcting the record when I am wrong or misspeak.

I would appreciate it if you would publicly apologize to Mikaela – unless I’m seriously missing something here. She doesn’t deserve to be defamed for acting on conscience. I’m asking that she be protected from any further name calling or retaliation of any kind.

We all want this policy to get out

Instead, back we are at quoting each other into oblivion.


Everything being discussed happened in limbo. There was no policy, so nobody could act correctly. Especially since “the correct way” is open for interpretation. Why? Because we lack a policy where the “correct” approach would be defined!

You see the dilemma? Accusing @danarel or @Mikaela of any wrongdoing is such bullshit and unfair since they did their best with the tools and policies in place at that time. So instead of continuing to attempt the impossible and “fix” the past, let us focus on fixing the future!

These discussions are such an energy waste, both from an emotional and time perspective.

@LizMcIntyre, I know you deeply care, which is why you keep pushing. Still I think you might be pushing the wrong buttons. You were a formal professional auditor, why not help @blacklight447 out by reviewing the policy? Why not help by explaining what can go wrong with hypothetical future scenarios? As far as I can tell from these past few weeks, digging in the past is hurtful and unproductive, leading to perceived accusations and misinterpretations.

I’d much rather we invest our energy productively and in union.

2 Likes