(Update’s at the bottom, so you can skip ahead.)
A corporate member of OpenStack basically threatened Shanley Kane, who had been nominated as an individual that happened to work for a company they apparently consider a competitor – though that’s speculation on my part. (It’s the most obvious motive, but we don’t know what their true motive is.) This member corporation apparently stated that they would block her nomination to the Individual Board, even though they had no ability to, unless she gave them detailed information about her employer’s plans to the organization making threats – basically, conducting corporate espionage in exchange for not interfering with the allegedly independent board election process.
That’s beyond shameful, and blatantly illegal – it’s called attempted blackmail. The fact that the company had the gall to do so speaks to a total lack of ethics and governance at the organization making these threats. As to OpenStack – there is no possible way I could or would support an organization which tolerates members of any sort using threats and intimidation to influence the decision making process. And the fact that any corporate member would feel they could conduct themselves in this way calls into question governance capability and ethics of the OpenStack Foundation itself. A question which must be answered if their legitimacy is to be preserved.
And we have no idea if this is the first time or the fifth time. How many other members have they blackmailed or threatened in order to get the result they want? How many other companies are doing this? This conduct MUST be investigated, to find out just how widespread it is, and how many decisions have been enforced or changed through these unethical means.
Unless I missed a memo, the whole point of the OpenStack Foundation individual board was to provide a body representative of the community, independent from the “Platinum” and “Gold” (sponsoring companies) to prevent undue or excessive influence from companies with more money. This incident would seem to indicate otherwise.
As a result, I have no choice but to recommend and request that all individuals and corporations demand external counsel be hired to investigate this matter, whether or not other decisions have been influenced in this manner, and that all OpenStack Foundation elections and nominations be halted pending the results of the investigation. If this incident is true (and I have no reason to disbelieve Shanley’s statements,) it must be determined how widespread it has been, corrective action must be taken, and the members who have engaged in this conduct must be expelled immediately, permanently, and publicly.
Folks have more or less been making a LOT of baseless accusations and slinging a lot of unjustifiable mud in Shanley’s direction because she has not publicly named the parties involved or said any more about it. First and foremost; this is in the hands of the lawyers. Why? Because there really is and was no choice in the matter. As Shanley has said: she’s cooperating with the OpenStack board as much as she’s able, and continuing to do so. That does not mean publicly naming the parties involved, nor are people entitled to that information.
Secondly, frankly, this is not a matter between the accused and Shanley, and never has been. There are four parties – Shanley Kane, the accused, OpenStack, and Shanley’s employer. Why? Because the allegations include a demand for proprietary information from her employer. That’s not a “personal” problem, even when standing for a position as an individual. That’s a corporate espionage problem. The kind of problem where if something gets leaked, stolen, or broken into? It can and will fall back on you if you don’t report it immediately. Forget losing your job – you will not only get sued out of existence, you will probably go to jail too.
Now are you going to tell me that if someone demanded you engage in corporate espionage against your employer, you wouldn’t immediately report it to HR? Hint: I worked at a company where corporate espionage was a real concern and had occurred before. Failing to report it meant you were A) fired immediately B) sued in civil court C) prosecuted criminally when possible D) the company allegedly requesting it got sued E) miscellaneous things like blacklisting to ensure you never work in the industry again. I know of absolutely no company out there that does not follow the same pattern.
So no. Nobody is entitled or owed anything beyond what Shanley has said publicly, and it would be incredibly unethical and irresponsible (and potentially slanderous) for Shanley or anyone else to go around naming names. The matter is under investigation, and in the hands of people who know how to do that the right way – as in lawyers who understand the law. Bashing her and making accusations that it’s “made up” or she’s lying because she’s not saying more is incredibly disrespectful and completely wrong; and the same goes for OpenStack. It would be absolutely unethical of them – and potentially illegal – to release the names of anybody involved until the investigation is completed. And that holds true regardless of the result.
So yes, I absolutely support the course of action OpenStack has taken and I applaud the board for their quick action. However, I am still troubled by the possibility that this is not an isolated incident – I do not know whether or not OpenStack is investigating this aspect; and obviously I will reserve judgment on the actions taken for when those actions are taken, and not before.
So knock the conspiracy theories the hell off and just be patient. Until proven otherwise, I believe that everyone involved is doing their best to resolve this in a fair and ethical manner, and to ensure it does not happen ever again. And there’s nothing more you can ask of them at this point.