[Owasp-board] Additional Conference policies

Josh Sokol josh.sokol at owasp.org
Wed May 14 22:36:38 UTC 2014


I understand the context, but still don't agree with it.  Giving discount
codes to a vendor as a result of sponsoring is already a value add.
Providing them with a list of people who used the code is a privacy
violation.  If we choose to do this, then it should be made clear before
completing the transaction each time someone uses one of these codes with a
stipulation attached to it.  I'm fine leaving it as a decision for our
members to make, though, as Jim suggested, since I'm pretty confident the
majority will feel the same way.
On May 14, 2014 5:14 PM, "Tom Brennan - proactiveRISK" <
tomb at proactiverisk.com> wrote:

> I think your looking at it wrong.
>
> The context is more about supporters who market the event as a "come see
> XYZ vendor at the event use code #xyz for discount off admission or to get
> a free shirt/gift at the booth etc.. This is not a member PII item rather a
> clarification on a policy for conference : training events that  should not
> even be a board list ask for yes/no.. The leaders list or a blog post with
> a request for comment is likely more appropriate. As a conference you new
> to offer those bi-directional opportunities to promote the event and the
> supporter IMHO.
>
> I support sponsor promotional codes and did so at OWASP
> AppSecUSA2013/LASCON/Nova/<insert> event these are OWASP events.
>
> What was a violation was vendors standing/guarding the doors to the
> conference rooms scanning people as they entered the room. Had to tell A
> sponsor to STOP that aggressive sales/marketing practice as it was a
> violation of my personal privacy as a individual + as a Owasp event was not
> authorized.
>
> So perhaps that sheds some color to that..
>
> Photography, videos etc at the event should be on the receipt as the event
> wants to promote the event before, during and after.  The privacy issue is
> rather simple if you don't want to be on camera decline the opportunity.
>
> The speakers, the staff, the projects NEED visibility inline with the
> mission so all promotional activities are welcomed to promote software
> security.
>
> So yes to the second item too.
>
> Tom Brennan
> 1-973-202-0122
>
> On May 14, 2014, at 5:10 PM, Jim Manico <jim.manico at owasp.org> wrote:
>
> +1 Josh
>
> We need to maintain a good balance between gratitude towards vendors who
> fund OWASP and our hard working members who demand privacy by default when
> possible. But don't take our word for it, poll the membership and see what
> they say.
>
> I'm of the opinion that we need to grow the quality of our open source
> documents, wiki and projects way more than we need to grow finances. But
> again, hit leaders with this questions, the board does not need to be (and
> should not be) the final word here.
>
> My 2 cents,
> --
> Jim Manico
> @Manicode
> (808) 652-3805
>
> On May 14, 2014, at 1:57 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
>
> I strongly dislike the discount codes policy.  It's never been like this
> before and, in fact, our policy has been that under no circumstances will
> we sell or give attendee information to vendors.  If vendors are giving out
> discount codes, then chances are that they have the attendee information
> already so I'm not sure what the value is in this.  If they're just
> throwing the code out there to use, then I'd want a disclaimer on each and
> every ticket purchased with the code saying that by using it your info is
> being provided to the vendor.  That doesn't really seem feasible, though,
> so my gut says we shouldn't be doing this.
>
> ~josh
>
>
> On Wed, May 14, 2014 at 3:34 PM, Sarah Baso <sarah.baso at owasp.org> wrote:
>
>> Board -
>>
>> The AppSec USA 2014 team and I have been working on a couple of
>> additional policies for their conference, that would be applicable to ALL
>> conference (IMHO) :
>> https://www.owasp.org/index.php/Governance/Conference_Policies
>>
>> Please let me know within the next week if you have any issues with
>> updating the global conference policies to include these.
>>
>> *Discount Codes*
>>
>>
>>
>> Opt-In Notice:  OWASP events would not be possible without the help of
>> our sponsors who are also provided the opportunity to offset the cost for
>> attendees as well.  Per OWASP agreement with event sponsors, your
>> registration information is provided to the sponsor associated with the
>> code used.  If you do not wish to share your registration information with
>> the associated sponsor, please do not use the code.
>>
>>
>>
>> *Photography*
>>
>>
>>
>> OWASP events are open to the public, and OWASP does not restrict
>> attendees (including OWASP staff, volunteers, sponsors, and media) from
>> taking photos or videos at our events. By attending out events, you
>> acknowledge that you are in a public space and that attendees  (including
>> OWASP staff, volunteers, sponsors, and media) may capture your image in
>> photos and videos.  Nevertheless, OWASP encourages event attendees to
>> exercise common sense and good judgment, and respect the wishes of other
>> attendees who do not wish to be photographed at the Events.
>>
>>
>>
>> OWASP reserves the right to use images taken at the conference with your
>> photograph and/or likeness in future marketing materials.
>>
>>
>>
>> Sarah
>>
>> --
>> Executive Director
>> OWASP Foundation
>>
>> sarah.baso at owasp.org
>> +1.312.869.2779
>>
>>
>>
>>
>>
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140514/5d412f04/attachment.html>


More information about the Owasp-board mailing list