A training course is available at learn.wordpress.org now for anyone who wants to join the Incident Response Team (IRT), which deals with reported violations of the WordPress community Code of Conduct (CoC). This training is also a great way to be prepared to back up the team or understand better how to deal with conduct code issues in our own spaces and at WordPress-related events that aren’t officially sponsored by WordPress.

This is a community-led effort to help us all build and sustain a culture around WordPress that is healthy, inclusive, and safe.

A resource to the community, not a watchdog

Angela Jin’s announcement about the Incident Response Team and training for it provides a lot of extra details worth reading. An important note to emphasize is that

There’s an overwhelming amount of love in this community, that’s for sure! The community makes everything worth it. 

Angela Jin

the responsibility of the incident response team is not to actively search for or monitor behavior. Instead, this team will be a resource to the community for when things don’t go as expected.

To provide transparency while maintaining confidentiality, the Incident Response Team will publish anonymized annual reports about its activities.

Individual commitment to a team effort

To join the team, you must be nominated by others. Nominees should be able to commit to contributing 2-20 hours/week for a full year.

That sounds like a lot, but according to Angela:

The intent is to capture a month where we might have more incidents or a more intense report to follow up on. The idea of having an IRT is that we have many team members, that way if someone is unable to participate in that month, another member can step in. Not all IRT members will work on every single report.

The more people on the team, the better — and diversity in its members will be critical, in terms of background and identity but also their roles, relationships, and histories in the WordPress community.

A Conflict of Interest policy and Code of Ethics are also in the works. These relate to the Incident Response Team because if there is a potential conflict of interest, team members must disclose it. They’ll also be able to recuse themselves from dealing with any particular incident without providing a reason.

Questions about scope

One of the questions I had for Angela about the scope of the team had to do with its scope. Courtney Robertson posted a similar question — what about “noticeable misconduct outside” an official venue?

Or ranting into the Twitter void. In an email newsletter, or on a recorded audio/visual channel. If it is very public, and an infraction happens in those locations, would that impact the involvement in the official WP spaces?

Angela’s answer:

The immediate scope is community spaces, like ones you’ve noted, and applies when individuals are officially representing the WP community in public spaces.

But I certainly see that, if a public infraction happens outside of official WP spaces, it may impact WP community spaces too. Drawing on my experience with the Community Team, when deputies vet a new meetup or WordCamp organizer, we do look at social media profiles for anything that might be against the events code of conduct or five good faith rules. I can’t recall a time where I saw anything completely inappropriate, but have see a few instances that started some conversations.

I think it will largely be based on the situation itself, and expect that this future incident response team will come to some consensus in those moments. And in that way, we can create some precedent.

Responsible disclosure and confidentiality

The hardest question I had about the IRT is, I realized, essentially the same as the ethical dilemma around responsible disclosure for critical security vulnerabilities. In particular egregious misconduct cases, do we let them remain an “open secret” known to some but not highly publicized? What if very predatory, illegal, and threatening behavior is dealt with in one corner of the WordPress community — and what if the person engaging in that behavior (unknown to us) later joins my event or membership association?

This is an extreme and rare type of case, thankfully, but even one is too many and horrifying for those who are targeted.

Angela told me she agrees that “in a situation where someone’s physical and emotional safety is clearly at risk, there should be some disclosure.” It’s an issue that would be dealt with at the highest levels, probably with communication between WordPress leadership and the leaders of potentially affected community groups.

These are things we’ll have to navigate together if and when they arise, as always.

A shared resource

The IRT is a community-led effort to build and sustain a culture around WordPress that is healthy, inclusive, and safe. The scope of our concern for each other should be total, and the IRT can support us in that, but it’s just a tool — a means to an end we need to keep our sights on.

As Angela put it,

The CoC gives us a great baseline of the behavior we aspire to uphold in the community, and how we hope to collaborate in this big, complex project. And the IRT is a community resource — if something unexpected happens, community members know where they can go for help.

Could they go to you for help?

Consider contributing in this way, with the IRT.

Source