Incident Response Guidelines
Incident Response Guidelines
- Dangerous situations
- Section I: During an incident
- Section II: Creating and sharing reports
- Section III: Responding to incidents
- Section IV: Providing support
- Section V: Data retention
These Incident Response Guidelines should be followed by the Code of Conduct Committee, Code of Conduct Teams and, when necessary, event organizers. They are intended to enable the Code of Conduct to be effectively enforced, to ensure that incidents are properly handled, and to satisfy legal requirements for the handling of data.
Your primary responsibility is to ensure your own safety. Don’t ever put yourself in a situation where you could be harmed. If someone is committing, has committed, or is threatening to commit violence towards an attendee, or if there are other safety issues, summon security or law enforcement. Don’t intervene.
Section I: During an incident
In most cases, incidents are responded to after they have occurred. However, it is important to know what to do if you observe an ongoing incident.
Immediate response to incidents
If you observe an ongoing incident and it is safe to intervene:
- Tell them to stop. Explain your position and why you believe that the behavior contravenes the Code of Conduct. Instruct the person to stop immediately.
- If someone persists in violating the CoC, you can repeat the instruction. Inform them of the potential consequences, such as cancelling their talk or eviction from the conference.
- If a speaker is violating the Code of Conduct during their talk, in serious cases it might be appropriate to stop the talk from continuing. To do this:
- Instruct conference staff to turn off the speaker’s microphone and projector
- Explain to the audience why the talk has been stopped
- For less serious cases, approach the speaker after the talk has ended.
- Get contact information. Make a note of who was present and make sure you have contact details for each individual. Instruct them that:
- They can provide a report of their own (provide contact details for the Code of Conduct Team)
- The Code of Conduct Team might get in touch to ask for a report
- Offer support. See section IV below.
- Inform them of the process. If anyone has been affected by an incident, let them know that they can make a report.
- Write a report of your own as soon as you’re able.
Section II: Creating and sharing reports
It is your responsibility to make a record of any Code of Conduct violations you become aware of, and to share those records with the Code of Conduct Committee.
Reports generally get written in three situations:
- If you observed an incident yourself - here you should create your own record of what happened.
- When the Code of Conduct Team is approached by someone who wants to make a report.
- If you become aware of a serious incident indirectly, through someone who did not participate in it or observe it first hand. If named individuals have been involved, it is recommended that a team member approaches those individuals in order to ask them whether they want to submit a report.
Each report should include:
- Identifying information (name/badge number) of those involved or other observers
- The behavior that was in violation
- The approximate time of the behavior (if different than the time the report was made)
- The circumstances surrounding the incident
- Other people involved in the incident
Always write down the report as soon as possible, and check that all required details have been recorded.
Taking reports from others
If an incident is simple and relatively minor, it is OK to take a quick report without going through a long process.
- Take the person aside
- Get all the necessary details
- Explain what will happen to the report
- Provide contact details (either for the relevant conference Code of Conduct Team or the Code of Conduct Committee)
However, if an incident is serious, complex, or the reporter is upset/hurt, you should take extra care:
- Offer for them to have a friend present
- Take them aside, to a quiet private area
- Explain what will happen to the report
- Explain that they won’t be required to confront anyone and that their identity won’t be revealed without their permission
- After the report has been taken:
- Explain what will happen next
- Offer the reporter/victim a chance to decide if any further action should be taken:
. "OK, this sounds like a breach of our Code of Conduct. If you're OK with it I am going to convene a meeting of a small group of people and figure out what our response will be." Pause, and see if they say they do not want this. Otherwise, go ahead.
- Offer support (see section IV below)
Things not to do, whenever you are taking a report from someone:
- Do not pressure people into giving reports if they don’t want to
- Do not overtly invite a reporter to withdraw the complaint or mention that withdrawal is OK: this suggests that you want them to do so, and is therefore coercive. For example, saying: "If you're OK with us following up, I’d like to discuss this with other members of the team and see what actions we can take about the incident" suggests that you are by default pursuing it and is not coercive.
- Do not ask for a reporter’s advice on how to deal with the complaint: this is the Code of Conduct Team’s responsibility
- Do not offer input into penalties: this is the Code of Conduct Team’s responsibility
- Do not share the identity of the reporter outside of the Code of Conduct Team/Committee, without getting the reporter’s permission.
Immediate steps after a report has been taken:
- If the event is a conference, immediately notify the rest of the Code of Conduct Team; otherwise immediately notify the Code of Conduct Committee
- Share the report with the team/committee at the earliest opportunity
- A member of the Code of Conduct Committee should save a record of the report in the official storage location
- If necessary, convene an incident meeting as soon as possible
Do not share the details of the incident with uninvolved parties.
Section III: Responding to incidents
In clear cases, event organizers or members of the Code of Conduct Team can issue immediate warnings. Warnings should only be issued for minor violations of the Code of Conduct.
When issuing warnings, be sure to:
- Explain your position
- State what the violating behavior is and how you believe it it contravenes the Code of Conduct
- Explain that further action may be taken should further violations occur
- If the violator protests, let them know that they can email the Code of Conduct Committee with their side of the story and that the committee will review their case
- Write a report and inform the Code of Conduct Committee about the incident
An incident meeting should be held whenever:
- A serious incident has occurred
- A series of minor violations have been made by someone
- When sanctions need to be decided upon
With many Code of Conduct incidents, swift action is important, so meetings should be held at the earliest opportunity and as a matter of urgency. Only members of the Code of Conduct Team should be present, and a majority of the team must be in attendance for response actions to be decided.
If members of the Code of Conduct Team feel that it is difficult for them to be impartial for a particular incident, they must indicate this at the beginning of the meeting and not participate more than is necessary and abstain from decision making. Reasons for this might include:
- Having been involved in the incident
- Having a close relationship with someone involved in the incident
- Having provided support for someone involved
Guidelines for holding incident meetings:
- Start by reviewing relevant reports. Flag up any significant omission or questions which may influence subsequent response actions.
- Where necessary, refer back to the Code of Conduct.
- When deciding on a response, it is important to be absolutely clear what response is being decided upon and why. A written statement that describes the response and the reasoning behind it should be agreed on and stored for future reference.
- After the meeting, let the reporter and/or victims know what actions have been decided and why.
- It is recommended to schedule a follow-up meeting to review response actions and whether any further steps are required.
The rest of this section contains advice on what responses and actions should be considered.
Offences should not be reported on behalf of a victim and situations where law officials might solicit such a report should be avoided. The organization should not unnecessarily expose a victim to a process that exposes them or might cause other unwanted collateral damage (e.g. further harassment, emotional stress, …).
If everyone is presently physically safe, involve law enforcement or security only at a victim's request. (In many cases, reporting harassment to law enforcement is very unpleasant and may result in further harassment.)
Note that there may be cases where the organization is legally obliged to contact law enforcement even if the victim does not want to follow up.
You can provide a list of emergency contacts and say something like "if you want any help reporting this incident, please let us know" and leave it at that.
The following is an indicative list of sanctions that could be enforced. It is not meant to be comprehensive and other actions may be appropriate.
- Issue a warning to cease behavior and state that any further reports will result in sanctions.
- Require that perpetrators avoid any interaction or physical proximity with those affected by an incident.
Sanctions against speakers:
- Not publishing the video or slides of a talk that violated the policy
- Not allowing a speaker who violated the policy to give (further) talks at the event
- Immediately ending any event volunteer responsibilities and privileges the perpetrator holds
- Requiring that the perpetrator not volunteer for future events your organization runs (either indefinitely or for a certain time period)
- Requiring that the perpetrator refund any travel grants and similar they received (this would need to be a condition of the grant at the time of being awarded)
- Requiring that the perpetrator immediately leave the event and not return
- Banning the perpetrator from future events (either indefinitely or for a certain time period)
- Removing a perpetrator from membership of relevant organizations
Some incidents require a public response after the event in order to protect the reputation of the event and/or project.
Be prepared and willing to distance your event from actions of participants that reflect badly on your conference, and to defend your action or inaction in response.
Try to respond quickly to incidents. A late response looks a lot like no response at all and can harm your event and project's reputation. A simple and relatively uncontroversial response with few legal concerns is to issue a general statement about the kind of behavior involved.
For example: "$EVENT does not condone $BEHAVIOR. $BEHAVIOR violates the anti-harassment policy of $EVENT, which specifies that participants engaging in $BEHAVIOR will be expelled from the event. We take harassment seriously and respond to reports of it quickly and firmly."
It might be appropriate to provide a short report of someone’s conduct to their employer. This might be appropriate if someone is working in an official employee capacity, such as:
- While working as paid event staff
- While giving a talk about their employer's product
- While staffing a sponsor booth
- While wearing their employer's branded merchandise
- While attempting to recruit someone for a job
- While claiming to represent their employer's views
Don't require or encourage apologies
Do not ask for an apology to the victim. You have no responsibility to enforce friendship, reconciliation, or anything beyond lack of inappropriate behavior between any two given attendees, and in fact doing so can contribute to someone's lack of safety at your event.
Forcing a victim to acknowledge an apology forces further contact with the perpetrator. It also creates a social expectation that they will accept the apology, forgive the perpetrator, and return their social connection to its previous status.
If the perpetrator offers to apologize to the victim (especially in person), discourage it. If a staff member relays an apology to the victim, it should be brief and not require a response. ("X apologizes and agrees to have no further contact with you" is brief. "X is very sorry that their attempts to woo you were not received in the manner that was intended and will try to do better next time, they're really really sorry and hope that you can find it in your heart to forgive them" is emphatically not.)
If the perpetrator attempts to press an apology on someone who would clearly prefer to avoid them, or attempts to recruit others to relay messages on their behalf, this may constitute continued violation of the code of conduct.
If the incident has been dealt with at the event, it may be appropriate to make a short announcement at the next plenary, something like:
"<thing> happened. This was a violation of our policy. We apologise for this. We have taken <action>. This is a good time for all attendees to review our policy at <location>. If anyone would like to discuss this further they can <contact us somehow>."
A short statement without discussion is adequate.
Communicate with the community
If serious sanctions are imposed, it is recommended to communicate the decision to the rest of the community (including those who aren’t at the event). Reasons that you might decide to communicate an incident or enforcement decision with the community:
- To be transparent with the community
- To ensure that people correctly understand the Code of Conduct
- To reassure people that you are serious about anti-harassment
After an incident has been dealt with, publicize the Code of Conduct Committee’s feedback channel and invite people to provide feedback should they have any. This can be done when communicating with the community and making public responses. Information about the feedback channel can also be given verbally to those who witnessed an incident, made reports, were subject to sanctions, or were involved in carrying out sanctions.
Providing the opportunity to provide feedback in this way is a good way to defuse tension and show that the Code of Conduct Committee takes people’s concerns seriously.
Section IV: Providing support
If someone has been involved in a Code of Conduct violation or is in distress, it is important to ensure that they receive appropriate support. This is important not only to ensure their wellbeing, but also to show that the project takes their welfare seriously. Even if an offer of support is not accepted, it still sends a powerful message.
Judging when to offer support and who requires it can be difficult. Remember that it isn’t always obvious who might be experiencing distress or hurt. Therefore, as a rule, it is better to offer support than not.
Things to do immediately after someone has been involved in a code of conduct violation:
- Offer the person a private place to sit
- Ask: "is there a friend or trusted person who you would like to be with you?" (if so, arrange for someone to fetch this person)
- Ask: "how can I help?"
- If someone feels that their safety might be at risk, you might want to consider:
- Helping them to find alternative accommodation
- Organizing an escort
- Provide emergency contact information in case they need help later
- Provide as much assistance as possible to enable them to report criminal offences to the authorities
Section V: Data retention
Records must be retained after each event in order to:
- Review incidents before a decision has been made as to what action (if any) is required
- Identify repeat offenders
- Create a dataset to base future enforcement actions on
- Keep a record of decisions and their grounds for future review
This should include incident reports and meeting minutes. It might also include communications with event attendees, such as copies of electronic correspondence between the Code of Conduct Team/Committee and affected attendees.
Records must be securely kept on GNOME Foundation servers. Only members of the Code of Conduct Committee should have access to these records. Information can be shared with the GNOME Foundation Board on a case by case, need to know basis. (Limiting access in this way is intended to avoid the number of people with access growing excessively, for instance through temporary access by event organizers.) Personal copies of information should not be retained by anyone who has access to them.
Appropriate safeguards should be in place to ensure that data can be legally transferred between event organizers and the GNOME Foundation.
Records should be retained for no more than six years after collection or the end of any sanction. After this time, they should be put beyond use. This means that they must:
- Not be used to inform decision making or actions
- Be stored securely
- Not be passed to external organisations unless legally required to do so
- Be deleted once it is reasonably expected that it will not be required to be produced in the future