[OpenISO] Disagreement resolution process (was Re: Core G..)

[Norbert Bollow]

Lachlan Patrick <loki at research.canon.com.au> wrote:
> Norbert Bollow wrote:
> > The only respect in which the proposed DCS process is "closed"
> > is that it is not an "everyone is welcome to join and participate
> > with equal rights" process.
> 
> So, you're proposing a two stage process:
> 1. large group of people decides
> 2. if that fails to reach agreement, a small committee/company decides
> 
> Is that correct?

Roughly yes, although as I envision the process, the key difference
between stage 1 and stage 2 is not about large vs "small group", but
rather about fundamental differences both with regard to the kind of
decision-making process and with regard to the kind of decisions to
be made.

For stage 1 I envision the kind of consensus-development process
which you see in any properly-dunctioning standards committee.

In stage 2 the question to be answered is very specific and
very narrow, namely just whether a specific argument is valid
about which the stage 1 group process has not been able to reach
consensus.

A typical situation in which such a stage 2 review of an argument
would be required might be as follows:  The working group has been
reviewing the FooBar specification and is of mixed opinion regarding
whether FooBar should be approved as an OpenISO.org standard or not.
During the discussions, a number of concerns about FooBar have been
discussed, and concerning most of these the Working-Group has succeeded
in reaching consensus, but concerning one point no consensus has been
reached: The representative of Foo Inc. insists that FooBar does not
in any way create problems for persons with disabilities, but the
representative of Oof Inc. (which competes with Foo Inc.) insists that
FooBar causes significant problems for blind people.  Both have
submitted detailed arguments to support their respective positions.
The Working-Group needs to somehow decide which side of this dispute
has it right.

Since there is no consensus, the DCS company is called upon to provide
an answer to this question.

The DCS company assigns the question to an exployee who has general
knowledge in the area of accessibility engineering and who also has no
vested interest in the success of either Foo Inc. or Oof Inc. or any
of their direct competitors.  This employee will be referred to as the
"validator" in the following.

Unless the position of one of the contrahents is for some reason
obviously wrong, the validator consults accessibility experts about
various points in the statement of Oof Inc. (which asserts
the existence of accessibility problems), taking into account any
counterarguments in the stament of Foo Inc. (which claims to rebut
the arguments of Oof Inc.)  When the validator has, with the help
of the experts that have been consulted, reached a conclusion, the
validator writes a report explaining why the assertion of Oof Inc.
is invalid or why Foo Inc.'s counterarguments are invalid.

The report is double-checked by a "supervisor", another employee of
the DCS company, and then the OpenISO.org Working-Group is given the
opportunity to comment on it.  If during this comments period it
becomes clear that there is something wrong with the report, the
validator, the supervisior, or the supervisor's boss at the DCS
company can decide to withdraw the report and do whatever it takes
to create a correct one.

If the report is not withdrawn, the only remaining recourse is to
take legal action and attempt to prove in a Swiss court of law that
the report is incorrect.

> My concern is that the small group is _more_ susceptible to bias because
> it's a smaller group.

Some degree of bias (e.g. a tendency to rather reject proposed
standards in case of doubt about of their effect on people with
disabilities, or a tendency to impose a needlessly high burden
of proof that there really is a serious accessibility issue
with a proposed standard before it gets rejected on that ground)
is in my opinion not a serious problem.  I don't consider it
necessary to create an absolutely perfect standardization
organization.  I'll be satisfied if we succeed in creating a
reasonably good one, with processes which are reasonably robust
against attacks from monopolistic companies.

Nota bene, how much influence this kind of bias will have will
depend on how specific the OpenISO.org guidelines documents are
with regard to the criteria about what accessibility concerns
are considered valid grounds for rejecting a proposed standard.

> Of course, I'm not factoring into this the
> trustworthiness of that smaller group, I'm just talking about the fact
> that it's smaller. That group can be as transparent as it wants, but it
> can still push through standards that no-one outside that group wants.

In order to do that, the DCS company would still need to provide
counterarguments to all objections that are brought against the
standard that it tries to push through.  If these counterarguments are
invalid (in the sense that it can be established in a court of law
that that is the case) the result would be that the DCS company loses
its contract with OpenISO.org and thereby not only a source of revenue
but also all the influence on the standardization process that the
DCS company has abused.  After the termination of the corrupt DCS
company's contract, all the objections against that (probably bad)
standard could be re-asserted, and if one or more of the objections is
found to be valid, OpenISO.org would withdraw its approval of the
standard in question.

Therefore, I think that the DCS company would only lose and have
nothing to gain from this way of abusing its influence.  This makes
me think that this scenario is extremely unlikely to ever happen.

> > Rather it is designed to be a process with clear accountability.
> 
> Accountability to me implies some way to not only see what the small
> group decides and how, but also a way for the masses to change that
> group if it's doing the wrong thing.
> 
> E.g. in Australia we have two lawmaking groups, a House of
> Representatives, and a Senate which must ratify or reject bills that the
> house creates, but if the Senate rejects the same bill three times, that
> can trigger a general election of both the House and the Senate. So,
> checks and balances are needed to stop a small group misusing its powers.
> 
> So I guess I'm asking, what limiting methods do you imagine to control
> this small "DCS" group? Is firing them the only recourse?

I think that it is sufficient to provide a realistic way in which
their influence on OpenISO.org can get terminated reasonably quickly
if it can be proved that something is going wrong there.

That should provide the DCS company with a sufficient incentive to
set up their processes so as to make sure that no such shipwreck
is going to happen.

> > I believe that the proposed organizational set-up with an appeals
> > path that leads to the disagreement being dealt with in a legally
> > separate organisational entity allows to maximize accountability
> > for the integrity of the disagreement-resolution process, because
> > it provides an effective remedy that can be taken in the (because
> > of these rules, hopefully unlikely) case that the disagreement
> > resolution process ever becomes corrupted.
> 
> But how to stop the DCS group from becoming corrupted?
> 
> When I say "pass the buck" I mean it could be just adding another layer,
> without solving the fundamental problem that caused the first layer to
> be untrustworthy. I just don't see how the DCS component of this process
> can be guaranteed to be trustworthy.

The kind of assurance which the proposed model provides in this regard
is that the incentive structures are up so that the primary goal of the
executives of the DCS company will be to prevent the DCS company from
getting shipwrecked by becoming corrupted.

By contrast, as soon as OpenISO.org has grown to the stage where it is
no longer an all-volunteer organization which can function without
salaries etc, it will unavoidably be an important goal of the
executives of OpenISO.org to get as much money as possible coming in
from the companies who have a vested interest in OpenISO.org making
what they consider to be the right standardization decisions.

_That_ is the fundamental mechanism which causes the executives of the
currently-existing standardization organizations to be untrustworthy
and in many cases probably economically unable to make the appropriate
decisions.

The primary design goal of the proposed organizational model is to
separate the dispute-resolution process as much as reasonably possible
from this corrupting influence.

> > (My first idea for organizing the disagreement-resolution process
> > was that it would be handled by employees of the OpenISO.org
> > Foundation.  The problem with that idea is that if these employees
> > collectively develop bad habits there'd not be much that one could
> > do about that besides a fork creating the "hopefully truly open
> > and transparent and non-corrupt international standards organization"
> > or whatever one would call it.  By contrast, with the proposed set-up
> > with two separate legal entities and a contract between them, it
> > would be quite feasible to force the foundation to act according to
> > rules in its bylaws which say that the foundation must terminate that
> > contract in the case that the DCS company doesn't handle things like
> > it should.)
> 
> OK, so you're saying the public component can fire the DCS component.
> That is at least one balancing factor. Couldn't that be abused too,
> however? If, as you say, there public component is stacked by a company
> with vested interests, wouldn't they try to get an antagonistic DCS fired?

They can try, but the DCS company has a contract which OpenISO.org is
allowed to terminate only if the DCS company has violated its
contractual obligations.

> >>>> The start-up plan for all this is that initially, the founder of
> >>>> OpenISO.org takes care of the DCS function until the time
> >>>> requirements for this function become too great for that und
> >>>> OpenISO.org manages to acquire sufficient financial resources for
> >>>> being able to outsource this function.  At that stage the founder
> >>>> of OpenISO.org may name the company that becomes the initial DCS
> >>>> company.  In particular, at that time the OpenISO.org founder will
> >>>> have the right to name a privately-held company of his own for this
> >>>> function.
> >>> A good start.
> >> I disagree. Even if contractually obliged to be open, the recourse to a
> >> third party muddies the waters considerably. This is a deal breaker
> >> for me.
> > 
> > Are you able to suggest fact-oriented dispute-oriented rules in an
> > open "everyone is welcome to join and participate with equal rights"
> > environment which are robust against the "Microsoft tells its 'gold
> > certified' partners to join" attack, and which are reliable without
> > requiring recourse to a third party of some kind for at least some
> > kinds of situations?
> 
> I agree that stacking/buying votes was the main problem with M$-OOXML.
> 
> I agree with the idea of two parties (like the House and the Senate in
> the democratic example), but I just want more clarity on the powers and
> limits and ways to revoke the relationship.

I agree that there is value in discussing the proposed model in
detail, and if someone has an idea for an organizational model
which might be more robust or otherwise better than what I'm
proposing, let's discuss those ideas also.

> >>>> ### Pseudonymous Participation ###
> >>>>
> >>>> Pseudonymous participation in Working-Groups is allowed.  While
> >>>> Working-Group participants must inform OpenISO.org of their real name,
> >>>> address and employer (if any),
> >>> Even if the participation has nothing to do with the employer?
> >> Anonymity implies you'll get trolls and paid comments lurking in the
> >> mess, but that's OK if the system doesn't allow such people to vote.
> >> Comments should be able to be freely expressed.
> > 
> > Yes - what I'm proposing is to build a fact-oriented decision making
> > system which does not in any way take recourse to decision-making by
> > means of majority votes of any kind.
> 
> I agree that's a good goal, if it can be done. I agree that voting can
> be stacked. But I also think smaller groups are more easily susceptible
> to that kind of stacking, and hence my concerns about having a small DCS
> group being used as an eventual decider.

I agree that that's a valid concern; the proposed model attempts to
address this concern as explained above.

> I have another concern about this wording:
> > At that stage the founder
> > of OpenISO.org may name the company that becomes the initial DCS
> > company.  In particular, at that time the OpenISO.org founder will
> > have the right to name a privately-held company of his own for this
> > function.
> 
> This implies to me that the DCS company is _not_ independent, contrary
> to what you said here:
> > Ultimately OpenISO.org intends to outsource the dispute resolution
> > process to a legally independent "Decision Consulting Services" (DCS)
> > business.
> 
> How can the founder of OpenISO.org also own the privately-held DCS
> company and _not_ be legally linked? I don't understand.

It should be a requirement for serving on the board of the OpenISO.org
foundation to not have any direct vested interest in the DCS company.

Then the people who are ultimately the decision-makers at OpenISO.org
foundation (the board of the foundation) are a totally distinct group
from the people who are ultimately the decision-makers at the DCS
company.

This implies that the OpenISO.org founder shouldn't be on the board of
the OpenISO.org foundation.  As long as the OpenISO.org board thinks
that he's doing a good job, he can of course be an employee of the
OpenISO.org foundation - I don't see any problem with that, as long as
the DCS company operates under sufficiently strict tranparency rules.

I'm not saying that the OpenISO.org foundation and the DCS company
would "not be linked".  I'm just saying that they should _legally_ be
separate entities so that if necessary, it is realistically possible
without causing too much damage to OpenISO.org to cut those links by
invoking the termination clause in the contract with the DCS company
(and if appropriate also firing the founder.)

It is true that the proposed organizational model does not provide
for perfect seperation between the OpenISO.org foundation and the DCS
company.  However I think that if stronger requirements on the
separation between OpenISO.org foundation and the DCS company are made
(for example by demanding that the founder cannot become an employee
of OpenISO.org foundation or that he must not be a shareholder of the
initial DCS company) the result of imposing such requirements would be
the non-exitence of a founder who is willing and able to build
OpenISO.org up to the point where it gets taken seriously by the
market.  Until we reach that point, OpenISO.org's defenses against
corruption are not likely to get seriously tested anyway.

Greetings,
Norbert.


-- 
Norbert Bollow <nb at bollow.ch>                      http://Norbert.ch
President of the Swiss Internet User Group SIUG    http://SIUG.ch
Working on establishing a non-corrupt and
truly /open/ international standards organization  http://OpenISO.org