[Owasp-board] Business Plan outline - project and consulting work
Jim Manico
jim.manico at owasp.org
Tue Apr 29 16:53:30 UTC 2014
Sarah,
We are being paid to provide no-warranty open source software. Open
source licenses cover all of these concerns, except for the business
competition concern. If this was a "private" project, then I agree we
have a legal problem. Since this is an open source project for the
greater community, legal problems about competition are less of a
problem, I think.
Then again, it depends on the specific deliverable. As long as they are
all open source related and generic, it's cool, I think.
- Jim
PS: Here is the section Sarah was referring to from
https://docs.google.com/document/d/1S3J8Krkysqr0m5U9-NLefMCOGvmGFw30oJU-8IMH4zQ/edit?pli=1
*
1.
Legal
1.
Liability for services rendered
1.
Volunteer Accountability and Liability - The Volunteer
Protection Act (enacted in 1997) provides general liability
protection for volunteers when they are acting within the
scope of their volunteer role/responsibilities for a
nonprofit entity. If we move to a model where we are paying
for work in any capacity, we will need to ensure that our
current insurance scales to cover them and us.
2.
Warranties of the software - When delivering software and
especially integrating into another company's
infrastructure, we will likely need to make warranties about
the product and disclaimers about operating within the laws
of the country.
3.
Ensuring deliverables - What happens if we break something
in the company's infrastructure? Do we have a
system/personnel in place to fix?
2.
Non profit status & tax repercussions - the IRS
1.
Commerciality Doctrine - In order to maintain tax exempt
status a 501(c)(3) must operate primarily for the exempt
purpose for which it was established. Courts have taken
this one step further and said if a public charity is acting
in a commercial manner, this can jeopardize their status as
well.
2.
Unrelated Business income tax (UBIT)- even if the activity
of the charity is not a substantial part of it's business
and is not acting in too commercial of a nature, courts are
tightening down on ANY income generated commercial activity
being categorized as UBIT and therefore the nonprofit
generating the income is subject to paying income tax on
that income. (We currently would pay UBIT on advertising
and merchandise income).
3.
Courts have recently had decisions clearly stating that
consulting services is commercial activity and looks at the
following items:
1.
Is the org selling goods or services to the public - if
so, there is a presumption that it is operating in a
commercial manner
2.
Is the providing the service/good operating at or below
cost?
3.
Does the organization have employees/contractors
providing the work or is it being provided by volunteers?
4.
What are the hours of operation?
5. What other forms of income (such as charitable
contributions) does the organization receive?
*
On 4/29/14, 12:49 PM, Sarah Baso wrote:
> Did you read the brief with my legal concerns?
>
>
> On Tue, Apr 29, 2014 at 9:46 AM, Jim Manico <jim.manico at owasp.org
> <mailto:jim.manico at owasp.org>> wrote:
>
> > I think we need to have some boundaries on this before we go to
> town on asking the community for help (undoubtedly we WILL find
> people willing to help).
>
> What boundaries? Why can't we find a (paid) technical leader to
> drive this and then just do it? What part of our bylaws prevents
> this? I am not trying to put extra work on you Sarah, I'm
> suggesting that the board hire someone technical to lead this
> project and help drive the deliverables.
>
> - Jim
>
>
> On 4/29/14, 12:06 PM, Sarah Baso wrote:
>> Jim and Tom -
>> I haven't gathered feedback from Samantha (or the rest of the
>> staff) yet as I just finished my draft and wanted to get it over
>> to you asap.
>>
>> We can certainly send out to the community - but the issue still
>> is going to remain on characterization of the funding and how it
>> will effect our non profit status and infrastructure.
>>
>> I think we need to have some boundaries on this before we go to
>> town on asking the community for help (undoubtedly we WILL find
>> people willing to help).
>>
>> Sarah
>>
>>
>> On Mon, Apr 28, 2014 at 6:47 PM, Jim Manico <jim.manico at owasp.org
>> <mailto:jim.manico at owasp.org>> wrote:
>>
>> > Q2. Do you have any reservations about a OWASP call for
>> comment from the community for additional ideas, suggestions
>> or proposals on this initiative?
>>
>> +1 Yea the more smart eyeballs on this the better. The board
>> is comprised of elected show ponies who won popularity
>> contests, the leaders list has a greater net intelligence.
>> Can we push this out to leaders and see if anyone has the
>> desire (and proper resume) to help lead this?
>>
>> My take is, this is serious open source funding. We could
>> hire someone to lead this project (hire tech resources, get
>> deliverables done). It will help seriously boost a few OWASP
>> projects. I realize this is DHS and that might be a sour to
>> some of our community. But so long as everything we do is
>> open source, I'm pretty flexible about who funds it. My 2 center
>>
>> Regards,
>> - Jim
>>
>>
>>
>>>
>>> Thank you for putting this together.
>>>
>>> Tom Brennan
>>> 9732020122 <tel:9732020122>
>>>
>>> On Apr 28, 2014, at 9:03 PM, Sarah Baso
>>> <sarah.baso at owasp.org <mailto:sarah.baso at owasp.org>> wrote:
>>>
>>>> All -
>>>>
>>>> Here is the (brief) business plan I put together on the
>>>> project and consulting work such as that being requested by
>>>> DHS Swamp. Admittedly, I stopped with with the details on
>>>> what rolling out a plan would like this would look like
>>>> after doing some initial research on the legal and tax
>>>> repercussions for us. Additionally, I don't think this
>>>> exact model is in alignment with the charity work we are
>>>> trying to accomplish.
>>>>
>>>> This is not to say we shouldn't look for funding
>>>> opportunities to develop our projects - but i don't think
>>>> this model is the right one for us.
>>>>
>>>> https://docs.google.com/document/d/1S3J8Krkysqr0m5U9-NLefMCOGvmGFw30oJU-8IMH4zQ/edit?usp=sharing
>>>>
>>>> I look forward to hearing your thoughts.
>>>>
>>>> Sarah Baso
>>>> --
>>>> Executive Director
>>>> OWASP Foundation
>>>>
>>>> sarah.baso at owasp.org <mailto:sarah.baso at owasp.org>
>>>> +1.312.869.2779 <tel:%2B1.312.869.2779>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Owasp-board mailing list
>>>> Owasp-board at lists.owasp.org
>>>> <mailto:Owasp-board at lists.owasp.org>
>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>> WARNING: E-mail transmission cannot be guaranteed to be
>>> secure or error-free as information could be intercepted,
>>> corrupted, lost, destroyed, arrive late or incomplete, or
>>> contain viruses. The sender therefore does not accept
>>> liability for any errors or omissions in the contents of
>>> this message, which arise as a result of e-mail
>>> transmission. No employee or agent is authorized to conclude
>>> any binding agreement on behalf of proactiveRISK with
>>> another party by email.
>>>
>>>
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>>
>>
>> --
>> Executive Director
>> OWASP Foundation
>>
>> sarah.baso at owasp.org <mailto:sarah.baso at owasp.org>
>> +1.312.869.2779 <tel:%2B1.312.869.2779>
>>
>>
>>
>>
>
>
>
>
> --
> Executive Director
> OWASP Foundation
>
> sarah.baso at owasp.org <mailto:sarah.baso at owasp.org>
> +1.312.869.2779
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140429/0ccad547/attachment-0001.html>
More information about the Owasp-board
mailing list