[Governance] Fwd: Termination - Request for Artifact(s)

Josh Sokol josh.sokol at owasp.org
Fri Feb 21 16:20:25 UTC 2014


I will caveat this with "I'm not a lawyer", but the US Internal Revenue
Code of 1986 Section 501 (http://www.law.cornell.edu/uscode/text/26/501)
having to do with not for profit corporations does not specify anything
having to do with termination of membership.  In the US, where no Federal
law exists, we would then look to the state of incorporation which I
believe is Maryland in the case of the OWASP Foundation.  Unfortunately, I
was unable to find the law relating to non-profit corporations in the state
of Maryland, but you are more than welcome to do that research yourself.  I
was, however, able to find examples in other states, such as Pennsylvania (
where it says that the act of termination, as well as the method of trial
and conviction, is subject to the organization's Bylaws.  I do not see any
stipulations on timing of the Bylaw modifications vs the act of termination
so one would assume that as long as they were each handled according to the
organization's process (as prescribed in the Bylaws), then I'm not sure
there's any issues there from a legal standpoint.  Again, not a lawyer, so
feel free to consult with one if you so choose.

The fact is that no one OWASP Board member holds all of the power.  In
fact, they currently old 1/7th of the power.  Michael may have the
tie-breaking vote in cases where we are otherwise deadlocked, but under no
circumstance would his vote alone affect the Board's decisions.

As for my request to obtain evidence on the Board list, I will state, on
the record, that Michael has been working behind the scenes in order to
aggregate this data.  There is a lot of it and it comes from many different
sources including mailing list communications, direct e-mail, interviews,
and social media.  While the task is not yet complete, I believe he is
putting forth a good faith effort to assemble what I had requested.
Assuming that you still conclude with your prior request that you would
like all of this evidence made public, we will publish it all once
complete.  I would kindly request that you go through both of our
interviews in the meantime, and come back with the specific timings that
you would like *selectively removed* because you did not want that
information to be made public.  That's not to say that it won't be included
in the Board's decision.  It will just not be allowed into the public
record that you have requested.  What do you believe is a reasonable
timeframe for you to accomplish this task?

To be clear, the documentation which Michael is aggregating supports the
abusive behavior from you towards OWASP Board, staff, members, and projects
as well as statements from others in the community who have experienced
negativity from you.  It makes no determination on the Google Hacking
Inquiry as the case is clearly closed there.  The resulting suspension was
served, but additional behavioral issues forced the Board to revoke your
membership.  The documentation will support that conclusion.


On Thu, Feb 20, 2014 at 9:02 PM, Christian Heinrich <
christian.heinrich at cmlh.id.au> wrote:

> Martin,
> Michael Coates is showing blatant favouritism to his former employer while
> attempting to make me appear "difficult".
> Both Justin Derry and I have evaluated my termination proceeding against
> the standard set by the Queensland and NSW State Governments related
> terminating members within not for profit associations which OWASP would
> clearly have followed if the Foundation was incorporated somewhere in
> Australia.
> I have asked for the equivalent process defined by the IRS for USA based
> Foundations and Sarah has not been forth coming with this information.
> A similar request for information has been made by Dinis and Dennis at the
> time my termination was announced and more recently by Josh Sokol on the
> owasp-board mailing list.
> Michael has also been offered the opportunity to state that this artifact
> does not exist so that OWASP and I can simply move on because the 24 month
> period finished on 9 January 2014.
> Can you assist so that the selective judgement of the OWASP Board doesn't
> affect the well being of another OWASP member?
> ---------- Forwarded message ----------
> From: Michael Coates <michael.coates at owasp.org>
> Date: Fri, Feb 21, 2014 at 12:40 PM
> Subject: Re: Termination - Request for Artifact(s)
> To: Christian Heinrich <christian.heinrich at cmlh.id.au>
> Cc: Josh Sokol <josh.sokol at owasp.org>, Sarah Baso <sarah.baso at owasp.org>
> It seems you are losing focus and directing attention to other unrelated
> topics.  I don't have much else to discuss here. I'd recommend you continue
> working with Josh if there are more items to discuss per your other threads
> with him.
> Michael
> On Feb 20, 2014 5:15 PM, "Christian Heinrich" <
> christian.heinrich at cmlh.id.au> wrote:
>> Michael,
>> On Fri, Feb 21, 2014 at 11:39 AM, Michael Coates <
>> michael.coates at owasp.org> wrote:
>> > Below is the email that was sent to you during the event.
>> >
>> > Your actions on public owasp mailing lists were the problem and in
>> violation
>> > of our code of ethics. Your activity is all available in the leaders
>> list
>> > archives.
>> >
>> > I'm not sure the goal of this conversation, but hopefully this
>> addresses the
>> > information you are looking for.
>> This is a wide sweeping statement and does not provide the specific
>> instance?
>> I stand by the opinion that members of the GPC who were employed by
>> Aspect Security awarded the tender to SourceForge and subsequently
>> delivered paid consultancy on ESAPI.  This is against the code of ethics,
>> specifically "*To avoid relationships that impair -- or may appear to
>> impair -- OWASP's objectivity and independence.*"
>> This matter was discussed on the GPC list prior to presenting the
>> conclusion on the OWASP-Leaders List.
>> There was no "private" support amongst OWASP Leaders for SourceForge and
>> Aspect Security made the same claim that "private" data exists supporting
>> the inclusion of A9 in the OWASP Top Ten 2013.
>> Chris Schmidt did not become a member of GitHub until 7 October 2012 once
>> the contract with SourceForge was terminated due to lack of uptake and
>> interest i.e. https://github.com/chris-schmidt where he claimed have
>> membership in the e-mail to the Leaders List dated 6 January 2012 (almost
>> ten months later).
>> Therefore, Chris has undertaken retaliation in relation to a whistle
>> blowing activity which is against OWASP Policy.
>> You also removed my @owasp.org e-mail address without notice and
>> prohibited me from discussing the matter with other OWASP members, which
>> you claimed in a subsequent e-mail I had the right to [discuss the matter
>> with other OWASP members].
>> Please let me know if this accurately reflects the facts of my
>> termination?
>> --
>> Regards,
>> Christian Heinrich
>> http://cmlh.id.au/contact
> --
> Regards,
> Christian Heinrich
> http://cmlh.id.au/contact
> _______________________________________________
> Governance mailing list
> Governance at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/governance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20140221/7a3c2967/attachment-0001.html>

More information about the Governance mailing list