On Sat, Mar 21, 2026 at 11:38:22PM +0100, Thomas Goirand wrote:
>...
> If we become a registered entity, it'd be a way more easy for governments to
> get us accounted for. Even more in the case of a USA-registered Foundation.
> While with the current case, it'd be a way harder for Debian to get into
> trouble. For example, the foundation could be sued, and we'd have to pay for
> such trial in USA. But with the current state, one would have to go after
> single individuals.
>...

It is strange that you consider going after single Debian members as 
preferable for Debian, single individuals are usually easier targets 
than large organizations.

Often a major driver for creating a legal entity is exactly to remove as 
much as possible of the legal and financial risks from single individuals.

Take the GDPR as an example:

When not GDPR compliant processing of personal data played a role in 
expelling a member from Debian, the victim might sue in a civil court
for compensation of material and non-material damages.

When a job or customer depended on being a DD, the material damages
might be a 5 or 6 digit Euro amount.

It is easier for a legal entity to create processes for GDPR compliant 
processing of personal data than for each single individual.

A legal entity moves the burden of having to defend yourself from legal 
action away from single individuals.

When multiple individuals were committing a GDPR violation,
the victim has the right to pick one to sue for compensation
of all damages.

A legal entity can pay compensation instead of a single individual, 
reducing the financial risks associated with contributing to Debian.

A legal entity can take out insurance to further reduce risks 
for members.

> Cheers,
> 
> Thomas Goirand (zigo)

cu
Adrian

Reply via email to