Yes, this is definitely the risk we take.
Agreed. My hope (and I wish there were examples to follow) is that we will find ways to uphold the CoC and effectively keep the SecureDrop Community safe without adding an administrative layer like membership. It would make the community less horizontal.
Right now the SecureDrop Community has no structure and all members are on the same footing. Some members have control over centralized resources such as the securedrop.club domain name or the infrastructure: they are identified and belong to different organizations. The absence of structure makes the SecureDrop Community horizontal but maybe there is a better word for it. Tor is horizontal because it has only a few organizational levels. How should we call a community that has no organizational level?
I believe preserving the absence of organizational levels has merits: (with a few examples from my own experience)
- Volunteers are empowered. I did not need ask for permission to organize a SecureDrop booth at FOSDEM or to setup the localization infrastructure based on weblate.
- Divergence of opinions create diversity instead of dissent. In my opinion simplifying SecureDrop is best served by providing a simpler, upgradable system and the Qube workstation comes second. FPF has a different opinion and the two projects co-exist.
- The disagreement of a minority is not silenced. I’ve been a victim of rough consensus in another collective of sysadmins who wanted to use a stackoverflow equivalent to assist voting IRL (and yes, it did not work and was a waste of energy). Allowing one person to block consensus is an effective mechanism against nonsense.
- No personification of the project. As soon as there is an upper level in the organization, their members impersonate the project. I do not want to be less of a member of the SecureDrop Community because I do not belong to the higher spheres.
- Transparency. There are no private lists, private meetings, all is in the open. There is one exception: the transcripts of investigative journalists interviews for obvious privacy reasons.
- Forkability. Eventually a group of community members will want to go their separate ways and they will not need to re-implement or re-invent a structure.