contributor_covenant
contributor_covenant copied to clipboard
EthicalSource
What legal obligations does the Contributor Covenant place upon the maintainer?
I am not a lawyer, but I am someone interested in using a Code of Conduct for my projects and for the meetup I help organize, NYC.rb.
It seems to me that some of the wording in Contributor Covenant v1.4 could be construed as the creation of a contract between the maintainer and the contributor. It contains consideration (a promise to do something), a statement of acceptance (by contributing you agree to...), and it's purpose does not violate the law.
In addition, several parts of the Contributor Covenant contain very specific promises, emphasis added:
Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
Project maintainers have the right and responsibility to remove, edit, or reject
All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident.
These promises, if a Code of Conduct is found to be a contract, could perhaps be used against maintainers in civil courts. This is a similar issue to employee handbooks, which share a similar purpose to Codes of Conduct. Employee handbooks frequently do things to avoid liability like reserving the right to modify the disciplinary process, which the Contributor Covenant does not.
It's worth noting that GitHub, as an example, has a Code of Conduct for their CodeConf event which contains no promissory language and even includes a complete release of liability and indemnity clause.
I'm mostly ignorant of the larger discussion surrounding Codes of Conduct in software, and this problem is not specific to the Contributor Covenant, so if there is existing material on this point, please direct me. All of my points above about possible liability from adopting the Contributor Covenant are pure speculation by an untrained layperson.
Can it be a contract without signatures or a record of some sort that both parties agreed?
Rapidly descending into lawyer territory here, but acceptance of a contract does not require a signature or even the record of one, because behavior can act as proof of acceptance ("by doing X you agree to this"). This is called "acceptance by performance". The Wikipedia article seems pretty good on this topic.
In addition, both parties need not agree either - there are unilateral contracts that only require the agreement of one party. You could consider the Code of Conduct a unilateral contract by the maintainers: if you contribute to this project, I, as a maintainer, promise to protect you via means Y.
Again, this is all Google-level research, but I do think that a contractual interpretation of the Contributor Covenant is at least possible, which seems to open maintainers that adopt it to potential for being litigated against. This issue probably cannot be resolved until we get some lawyers in here.
I wouldn't be surprised if this was the case, at least in USA law. Most licenses also work like this really... Why am I not surprised though? I see this as evidence that this code of conduct may be not intent to welcome new developers to OSS projects, but rather, to give outsiders a weapon to to smack OSS developers with over the head.
EDIT: Did you ask a lawer about this CoC? If not, I think you should have. I feel it is extremely negligent not to ask for legal advice on text that thousands of projects may end up using without understanding the implications. At least the GPL was reviewed by lawyers...
EDIT 2: Apparently at least one USA lawyer is convinced that this code of conduct IS legally binding when this is mentioned in the documentation of the project: https://www.quora.com/Is-a-Code-of-Conduct-a-legal-document. Therefore, unfortunately, any code of conduct devised for use in the USA will need a disclaimer similar to that found in open source licenses.
While a lawyer's confirmation would certainly be comforting, I haven't found any information on the web that would indicate that a plaintiff could be awarded damages in a lawsuit over breach of contract (assuming the Contributor Covenant is found to be a valid contract). Note that my research was not particularly extensive, and only applies to common law countries at the most. Anyway, it also appears that non-pecuniary losses due to breach of contract are only compensated by damages in very rare, specific cases. So, if a plaintiff claimed that a defendant failed to uphold a code of conduct and that they suffered distress as a result of it, it seems unlikely from my reading that the court would enforce damages. Now, please do enforce them! But I wouldn't worry too much about this particular issue.
