[Owasp-leaders] OWASP charitable status (was: Re: OWASP Election)

Jim Manico jim.manico at owasp.org
Thu Oct 8 18:19:10 UTC 2015


Tony,

We don't really do any lobbying now. If we wanted to, we could - even as a 501(c)3 - so long as we limit the money we spend doing it per current IRS regulation.

So why change to a trade association to do "more lobbying" when we don't even do it now? I think it's short cited to suggest we change to a trade association because there are no positives, we don't really gain anything but we lose a lot.

More than the IRS law, for a candidate to even suggest this demonstrates a priority over vendors and commerce and things that feel self serving to me as opposed to a focus on education and charity. Moving away from a charity is something that is very disturbing to me and I feel it jeopardizes destroying what makes OWASP great.

--
Jim Manico
Global Board Member
OWASP Foundation
https://www.owasp.org

> On Oct 8, 2015, at 7:50 PM, Tony Turner <tony.turner at owasp.org> wrote:
> 
> Thanks Tobias, that's exactly what I was getting at in my last email. From my perspective, the only thing I've consistently heard that hinders our mission somewhat is restrictions around getting involved in politics/legislation. While OWASP is referenced by many frameworks around the globe, we do appear to be somewhat limited in our ability to proactively lobby lawmakers to make more sensible laws. Making laws isn't necessarily part of our mission, but making application security visible to those that do make laws certainly falls within our objectives I would say. It's possible that an OWASP project geared around legal frameworks and application security that can be referenced by those more inclined to lobby would fill that gap without the need for restructuring.
> 
> Has anyone run into other issues that the (c)(3) prohibits that hinders our mission?
> 
>> On Thu, Oct 8, 2015 at 1:38 PM, Tobias <tobias.gondrom at owasp.org> wrote:
>> Good to see this move to a discussion about our organisation structure and not a election campaign one. 
>> 
>> I like to take this one step further: 
>> In fact this should at first not be about technical organisational structure. 
>> The key question is what we want to do and then we see whether the organisational structure fits that or needs to be changed. So we should think about what are the new actions we want to take and the things that we no longer want to do, that would require us to change from 501(c)3 to 501(c)6? 
>> 
>> What are the underlying real reasons to change? 
>> And of course also what are the disadvantages of changing? 
>> So far I have not heard much about that... 
>> I really like to understand what is the need, what is the underlying reason for that? 
>> 
>> Maybe one data point I can offer from my last two years at the board: 
>> Over the last two years, I did not encounter much problems with our current structure. I do not recall cases where we really wanted to do something and couldn't, just because we were a 501(c)3. That was not the problem. Nor did I feel "oh gosh, wouldn't it be so much better being a 501(c)6 now....". Don't get me wrong, there definitely are differences and actions that are non-compatible with a 501(c)3, but IMHO this was never a problem. And IMO the spirit of our open sharing community and our aim to make the world a more secure place feel well aligned with the spirit of a 501(c)3. 
>> 
>> To conclude: My personal experience so far is that our current structure works well for our community and we don't have much problems with restrictions from it. But if someone sees an actual problem and need to change, I would love to hear more about it and understand it better. Please help me understand what is the issue for you? And let us discuss which activity we want to do that would need us to change the organisation in order to allow us to do it? 
>> 
>> Best regards, Tobias
>> 
>> 
>> 
>>> On 08/10/15 17:35, psiinon wrote:
>>> From http://www.nonprofitlawcenter.com/resDetails.php?item_ref=247
>>> 
>>> What is the purpose of an IRC § 501(c)(6) organization?
>>> 
>>> A4: The purpose of this type of organization is to serve its members
>>> 
>>> I dont think that what OWASP should be about - we should be all about helping others (to be more secure) not about helping OWASP members.
>>> 
>>> Q5: What are the functions of an IRC § 501(c)(3) organization?
>>> 
>>> A5: The functions of an IRC § 501(c)(3) organization can be multitudinous. There are endless types of programs that serve charitable, educational, and like ends.
>>> 
>>> OK, so I'm new to this legalise and definitely dont really understand the differences, but that sounds much more appropriate for OWASP.
>>> 
>>> Simon
>>> 
>>> 
>>> On Wed, Oct 7, 2015 at 7:57 PM, Tom Brennan <tomb at proactiverisk.com> wrote:
>>>> To be fair Jim OWASP is not a scientific research or a religious focus.  It is focused on “trying to raise awareness for software               security"
>>>> 
>>>> This was discussed during the interview have a listen here   https://soundcloud.com/owasp-podcast/owasp-board-interview-milton-smith-tobias-gondrom-tom-brannen 
>>>> 
>>>> I also wish to draw your eyes and those of the other members (660+ on this leaders list) to the legal review of 501(c)3 vs. (c)6 that are BOTH non-profit status
>>>> 
>>>> http://www.nonprofitlawcenter.com/resDetails.php?item_ref=247
>>>> 
>>>> This is not a GOP debate — this is a group of (9) people that are volunteering to help the organization continue to grow globally and locally.
>>>> 
>>>> Tom Brennan
>>>> 973-506-9304
>>>> 
>>>>> On Oct 7, 2015, at 2:47 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>>>> 
>>>>> Tom is trying to shift OWASP away from a charity to a 501c6 trade association.
>>>>> 
>>>>> If you want to drop our charity and focus on vendor relations then vote for Tom.
>>>>> 
>>>>> If you care about open source, serving the community, and our values of vendor neutrality and non-commercialism then please consider other candidates.
>>>>> 
>>>>> --
>>>>> Jim Manico
>>>>> Global Board Member
>>>>> OWASP Foundation
>>>>> https://www.owasp.org
>>>>> Join me at AppSecUSA 2015!
>>>>> 
>>>>> On Oct 7, 2015, at 1:42 PM, Tom Brennan                               <tomb at proactiverisk.com> wrote:
>>>>> 
>>>>>> OWASP Foundation Inc., announced the 2015 International Board of Director candidates and I am throwing my hat in the ring again.
>>>>>> 
>>>>>> I am requesting your support and vote this October 7th 2015 – WHY ME you ask…. read, watch and hear the details here:
>>>>>> 
>>>>>> http://www.proactiverisk.com/2016-owasp/
>>>>>> 
>>>>>> Semper Fi,
>>>>>> Tom Brennan
>>>>>> 
>>>>>> 
>>>>>> WARNING: E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. No employee or agent is authorized to conclude any binding agreement on behalf of ProactiveRISK with another party by email.
>>>>>> _______________________________________________
>>>>>> OWASP-Leaders mailing list
>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>> 
>>>> 
>>>> WARNING: E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. No employee or agent is authorized to conclude any binding agreement on behalf of ProactiveRISK with another party by email.
>>>> 
>>>> 
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>> 
>>> 
>>> 
>>> -- 
>>> OWASP ZAP Project leader
>>> 
>>> 
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> 
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> 
> -- 
> Tony Turner
> OWASP Orlando Chapter Founder/Co-Leader
> WAFEC Project Leader
> STING Game Project Leader
> tony.turner at owasp.org
> https://www.owasp.org/index.php/Orlando
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151008/75f6b501/attachment-0001.html>


More information about the OWASP-Leaders mailing list