[Owasp-board] This is a thread for discussing the membership proposal as linked in the connector.

Bil Corry bil.corry at owasp.org
Tue Feb 14 05:20:39 UTC 2017


The problem with elections was in two locations, one chapter in Europe, and
multiple chapters in Asia.  In Europe, there was a surprise election where
one party had a large showing at the meeting, held the election, and won
without informing anyone that the election was happening that day.  In
Asia, it was a group of people traveling to a variety of chapters,
installing each of them as the leader.  There could be more issues, those
are the only ones I personally heard about.

I don't understand how having only members vote, and limiting their vote to
the chapter of their choice, chills growth.  Can you elaborate more?  I can
see how having bogus elections would do it, but I don't see how having
members voting at their chapter would cause issues, unless there's only one
or two members at a chapter, and the rest are non-members.  Then sure,
having a couple of people out of dozens choosing the chapter leader would
be odd, but then again, they did pay their member fee and should have a say
how the chapter is run.

And remember, at the Global election level, it runs the way that I'm
proposing, it's not like I'm suggesting a radical departure from the way
elections are held for the Board of Directors.  I'm suggesting we bring
Chapter elections on par with the Global elections.

Ultimately it's up to the Board if they want to change the Chapter rules,
I'm merely pointing out the issues I've heard about and am proposing a
change that could address it.  Also open to other solutions, but I have
heard any other than leave things the way they are.  If OWASP prefers
wide-open Chapter self-governance, then that's fine, I'll let anyone making
complaints know that if they don't like something, just bring their family
and friends with them to the next Chapter election day and they can install
themselves as Chapter leader.  I can't say I'm attracted to that model, but
it's what we have today.


- Bil

On Wed, Feb 8, 2017 at 10:58 AM, Tiffany Long <tiffany.long at owasp.org>
wrote:

>
> I should note, that it is the chapter handbook that requires paid members
> be allowed to vote in local elections and does not prevent local elections
> from including non paid member votes.  Bil, how wide spread is the problem
> of people showing up to vote for a member and then not coming back?  Is
> this a wide spread problem or an individual problem.  Because if
> individual, I feel that can be handled case by case.  If it affects 15%
> then we do need to focus on it.  However, we have a multicultural chapters
> program and I a wary of putting wide spread rules in place that leaders
> from some geographic areas say will chill their growth.
>
> Either way, this could probably be discussed on the chapter handbook
> conversation either directly in the chapters under review, on the blog
> itself, or on a list conversation rather than the membership conversation
> if we wish to keep them separate.
>
> Best,
> Tiffany
>
> Tiffany Long
> Community Manager
>
> On Wed, Feb 8, 2017 at 8:52 AM, Kelly Santalucia <
> kelly.santalucia at owasp.org> wrote:
>
>> Hi Bil,
>>
>> Please see my answers below in blue to your inquiries
>>
>> *2. Do we still need honorary memberships, especially if the cost of
>> membership reflects the local purchasing power?*
>>
>> Tiffany Long reply: Honorary memberships were introduced when OWASP had a
>> desperate need for volunteers.  We no longer do,  but the question is
>> should the way honorary memberships reflect the fact that we value the
>> labor of leadership above the membership price is a valuable social
>> construct continue?
>>
>> Honorary Memberships were originally created to reward our chapter and
>> project leaders for their dedication and time that they contribute to
>> OWASP.
>>
>> *Bil Corry reply: Can we get a report tallying how many honorary members
>> we have each year?  It's not worth discussing if it's 2 people.  If it's
>> 500, then perhaps we should think more carefully about it.*
>>
>> For 2016 we had 74 Honorary Members.  As of today we have 81 Honorary
>> Members (see graph below).
>>
>>
>> [image: Inline image 1]
>>
>>
>>
>> *3. For each tier that can vote in global elections, should also add that
>> they can vote in local elections (or put another way, only members can vote
>> in local elections).*
>>
>> Tiffany Long reply: The rules currently state that all members, paid and
>> honorary, MUST be allowed to vote in any chapter election.  They also leave
>> room to allow chapters to actively choose to allow non paid members to vote
>> in local elections.  I think this covers our minimum needs and allows
>> chapters to choose to be more open where culturally or otherwise
>> appropriate. (so this is a sort of stance, I guess.)
>>
>> The Individual Membership benefit regarding voting currently reads* "**You
>> will have (1) vote for annual elections on issues that shape the direction
>> of the professional community." *Please see the Individual Membership
>> benefits which are listed here
>> <https://www.owasp.org/index.php/Individual_Member>. We can look at
>> updating this to include that paid and honorary members are also allowed to
>> vote in any chapter election. Currently there is no mention of allowing
>> non-paid members to vote in local chapter elections.
>>
>> *Bil Corry reply: Allowing anyone to vote, and/or allowing members to
>> vote in multiple local elections has the downside that the election can be
>> rigged by a small group of people with friends/family willing to show
>> up once a year (or every other year).  This isn't theoretical, it's being
>> reported to the Compliance Committee.  My proposed solution solves this
>> issue, but does mean changing the rules.  Or I'm open to other solutions,
>> but the current rules do not work universally and must change.  Or go with
>> the status quo of chapters with bogus elections that drive away members.*
>>
>>
>> *Currently there is no mention of allowing non-paid members to vote in
>> local chapter elections. Individuals must either be a paid or honorary
>> member to receive a ballot to cast a vote in the annual elections. Their
>> membership must be on file with the Foundation for a certain amount of time
>> prior to the start of the voting process. The time their membership must be
>> on file, depends on the election start date.*
>>
>> *6. I wish the AppSec conference discount was a little bigger for
>> lifetime members.*
>>
>> Tiffany Long reply: Perhaps this should be weighed against the expected
>> lifetime of an OWASP member so that we can gauge the fiscal impact?
>>
>> *Bil Corry reply: As you pointed out in your response to #2, it may also
>> depend on the value we place on having lifetime members.  Given only two
>> out of the seven Board members are lifetime members, it could probably use
>> an uplift in perks.*
>>
>>
>> We currently have 169 Lifetime Members. The Lifetime Membership proposal
>> included many new benefits which are listed below.
>>
>>
>>    - Never Expires
>>    - Allocate 40% to Local Chapter or Project
>>    - Vote in annual election
>>    - Email Address
>>    - Entrance in Member Lounge
>>    - $100 discount on Global AppSec Conferences
>>    - Membership Kit including
>>    - Embossed Membership Certificate
>>       - Limited Edition Membership Card
>>       - Special Membership Shirt
>>       - Stickers
>>    - Special Gift ($50 value)
>>
>> [image: Inline image 1]
>>
>>
>>
>>
>> On Tue, Feb 7, 2017 at 3:39 PM, Bil Corry <bil.corry at owasp.org> wrote:
>>
>>> My responses in *bold.*
>>>
>>>
>>> *2. Do we still need honorary memberships, especially if the cost of
>>> membership reflects the local purchasing power?*
>>> *Honorary memberships were introduced when OWASP had a desperate need
>>> for volunteers.  We no longer do,  but the question is should the way
>>> honorary memberships reflect the fact that we value the labor of leadership
>>> above the membership price is a valuable social construct continue?*
>>>
>>> *Can we get a report tallying how many honorary members we have each
>>> year?  It's not worth discussing if it's 2 people.  If it's 500, then
>>> perhaps we should think more carefully about it.*
>>>
>>>
>>>
>>> *3. For each tier that can vote in global elections, should also add
>>> that they can vote in local elections (or put another way, only members can
>>> vote in local elections).The rules currently state that all members, paid
>>> and honorary, MUST be allowed to vote in any chapter election.  They also
>>> leave room to allow chapters to actively choose to allow non paid members
>>> to vote in local elections.  I think this covers our minimum needs and
>>> allows chapters to choose to be more open where culturally or otherwise
>>> appropriate. (so this is a sort of stance, I guess.)*
>>>
>>> *Allowing anyone to vote, and/or allowing members to vote in multiple
>>> local elections has the downside that the election can be rigged by a small
>>> group of people with friends/family willing to show up once a year (or
>>> every other year).  This isn't theoretical, it's being reported to the
>>> Compliance Committee.  My proposed solution solves this issue, but does
>>> mean changing the rules.  Or I'm open to other solutions, but the current
>>> rules do not work universally and must change.  Or go with the status quo
>>> of chapters with bogus elections that drive away members.*
>>>
>>>
>>> *6. I wish the AppSec conference discount was a little bigger for
>>> lifetime members.*
>>> *Perhaps this should be weighed against the expected lifetime of an
>>> OWASP member so that we can gauge the fiscal impact?*
>>>
>>> *As you pointed out in your response to #2, it may also depend on the
>>> value we place on having lifetime members.  Given only two out of the seven
>>> Board members are lifetime members, it could probably use an uplift in
>>> perks.*
>>>
>>>
>>> - Bil
>>>
>>>
>>>
>>> On Wed, Feb 1, 2017 at 12:19 PM, Tiffany Long <tiffany.long at owasp.org>
>>> wrote:
>>>
>>>> I have some thoughts and answered them in line. None of them are
>>>> defending or attacking any position, just adding context.
>>>>
>>>> 1. Should pricing be based on local purchasing power?  $20 isn't a lot
>>>> in the US, but it is elsewhere in the world.  For example, go to
>>>> https://www.numbeo.com/cost-of-living/rankings_by_country.jsp, sort by
>>>> the far right column (local purchasing power), take that list and divide it
>>>> into different pricing groups based on their purchasing power.
>>>>
>>>> There are two things to keep in mind here; first, when discussing
>>>> purchasing power remember that our audience tends to be well paid.  So
>>>> where $50 is a lot of money in India for some, for our audience it is the
>>>> price of two meals with two drinks for two in most cities. In the US change
>>>> those drinks to alcoholic drinks and it is the price of one or one meal
>>>> with water in San Francisco.  This is a fair annual price if we can show
>>>> value.
>>>>
>>>> Second, atm we can only adjust price by region.  This means that Japan
>>>> and Australia and Singapore will pay the same as Indonesia and the
>>>> Philippians. Moving to a flexible plan fixes this, but includes the issue
>>>> of global voter distribution. That said, I think the flexible plan can
>>>> address that issue as well.
>>>>
>>>>
>>>> 2. Do we still need honorary memberships, especially if the cost of
>>>> membership reflects the local purchasing power?
>>>> Honorary memberships were introduced when OWASP had a desperate need
>>>> for volunteers.  We no longer do,  but the question is should the way
>>>> honorary memberships reflect the fact that we value the labor of leadership
>>>> above the membership price is a valuable social construct continue?
>>>>
>>>> 3. For each tier that can vote in global elections, should also add
>>>> that they can vote in local elections (or put another way, only members can
>>>> vote in local elections).
>>>>
>>>> The rules currently state that all members, paid and honorary, MUST be
>>>> allowed to vote in any chapter election.  They also leave room to allow
>>>> chapters to actively choose to allow non paid members to vote in local
>>>> elections.  I think this covers our minimum needs and allows chapters to
>>>> choose to be more open where culturally or otherwise appropriate. (so this
>>>> is a sort of stance, I guess.)
>>>>
>>>> 4. I personally don't want a certificate or membership card, but for
>>>> those who do, you could create a PDF for them.
>>>> This is a recurring request, and this solution is included in the
>>>> plan.  Interestingly, the request for membership card is loosely associated
>>>> with geographic region until the rank of lifetime member.
>>>>
>>>> 5. The two year membership price tier should end at $349 and add
>>>> another tier for a 4-year membership between $350 and $599.  Yes, that
>>>> means there isn't a 3-year membership level, but I don't think one is
>>>> needed.
>>>>
>>>> 6. I wish the AppSec conference discount was a little bigger for
>>>> lifetime members.
>>>> Perhaps this should be weighed against the expected lifetime of an
>>>> OWASP member so that we can gauge the fiscal impact?
>>>>
>>>>
>>>> One thought on Corporate memberships:
>>>>
>>>> 1. Take a flat percentage of the total membership fee (e.g. 40%) and
>>>> convert it into "OWASP Bucks" (or call it whatever you want).  Then rather
>>>> than giving free ads, or free job postings, instead still offer the
>>>> discounts, but let the Corporate member spend the OWASP Bucks where they
>>>> want.  Some may want to support a chapter or project, others may want to
>>>> get a Connector ad, or purchase tickets to AppSec USA, or buy a job
>>>> posting.  It makes Corporate spending much easier because they wouldn't
>>>> need to have different funding conversations at their company.
>>>>
>>>>
>>>> Tiffany Long
>>>> Community Manager
>>>>
>>>> On Tue, Jan 31, 2017 at 2:08 PM, Bil Corry <bil.corry at owasp.org> wrote:
>>>>
>>>>> True, it might be some people who are unemployed or on a fixed income
>>>>> will not be able to join as a member, but they can still participate in
>>>>> OWASP.  Unlike many organizations, OWASP doesn't require membership to
>>>>> participate.
>>>>>
>>>>> - Bil
>>>>>
>>>>> On Tue, Jan 31, 2017 at 2:57 PM, Bev Corwin <bev.corwin at owasp.org>
>>>>> wrote:
>>>>>
>>>>>> Hi Bil, $20 is a lot in quite a few abandoned, neglected communities
>>>>>> in the US too.
>>>>>>
>>>>>> On Tue, Jan 31, 2017 at 4:54 PM, Bil Corry <bil.corry at owasp.org>
>>>>>> wrote:
>>>>>>
>>>>>>> Some thoughts on Individual memberships (disclosure, I'm a lifetime
>>>>>>> member):
>>>>>>>
>>>>>>> 1. Should pricing be based on local purchasing power?  $20 isn't a
>>>>>>> lot in the US, but it is elsewhere in the world.
>>>>>>>
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Owasp-board mailing list
>>>>> Owasp-board at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>>>
>>>>
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>>
>>
>> --
>> Regards,
>>
>> *Kelly Santalucia*
>>
>> *Membership and Business Liaison*
>>
>>
>> OWASP Foundation
>> 1200-C Agora Drive, #232 |Bel Air, MD  21014 | USA
>> Direct: 1+ 973-670-5784 <(973)%20670-5784> | Fax: 1+ 443-283-4021
>> <(443)%20283-4021>
>>
>> *Consider giving back, and supporting the open source community by
>> becoming a member <https://www.owasp.org/index.php/Membership> today!*
>>
>>
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20170213/63a1d200/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 110182 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20170213/63a1d200/attachment-0001.png>


More information about the Owasp-board mailing list