• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
NSTIC draft bylaws August 2012 w comments
 

NSTIC draft bylaws August 2012 w comments

on

  • 265 views

NSTIC proposed Bylaws for NIST, with substantial annotations.

NSTIC proposed Bylaws for NIST, with substantial annotations.

Statistics

Views

Total Views
265
Views on SlideShare
265
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    NSTIC draft bylaws August 2012 w comments NSTIC draft bylaws August 2012 w comments Document Transcript

    • NSTIC STEERING GROUP: NIST July 2012 DRAFT BYLAWS with AUGUST 2012 JBC EDITS Type-set version with line numbers, corrections and comments. Note, this analysis has multiple annotations and amendments that may not be needed at the initial Steering Group meetings. For a simpler version, see the ASCII file "NSTICdraftBylawsJuly2012.txt" at Slideshare (http://www.slideshare.net/JamieXML/nstic- draft-bylaws-july-2012) or Google Docs (http://j.mp/MVwfNC) See end of document for production information. • [Square brackets] and struckthrough text indicate proposed changes. • <Angle brackets> include this editors unofficial cross-references, and <**type of amendment>. «Double angle brackets» indicate unofficial augmented section numbers, where paragraphs had no identifying number. • {Curly brackets} indicate original NIST footnotes, with added hyperlinks and some abbreviations. • "Quote marks and underscoring" have been added to term definitions, where originally missing. 1 DRAFT BY-LAWS FOR THE IDENTITY ECOSYSTEM STEERING GROUP 2 «Preface» The Identity Ecosystem Steering Group By-laws ("By-laws") describe the roles, responsibilities, 3 policies, and procedures that govern the operation of the Identity Ecosystem Steering Group ("Steering Group"). 4 The By-laws shall be consistent with the Identity Ecosystem Steering Group Charter ("Charter"), which provides 5 the high-level perspective of scope, purpose, and organization. {NIST fn1: For a complete understanding of … 6 Steering Group’s structure these By-laws should be read in conjunction with the Charter.} ¶ As stated in the 7 Charter, the primary activities of the Steering Group shall be to: 8 * Adopt and establish standards for the Identity Ecosystem Framework 9 * Develop and maintain policies for the Identity Ecosystem Framework10 * Develop and maintain processes for the accreditation of Identity Ecosystem Entities11 * Develop and maintain Identity Ecosystem oOperating procedures <**See Charter sec. 1.2.4.> <**A:Typo.>12 «0.» Terms.13 <** Annot.> <"At-Large Delegates": the Management Council Delegates defined in Section 2.2.2.2.>14 <** Annot.> <"Bylaws": as defined in the Preface above.>15 <** Annot.> <"Charter": as defined in the Preface above.>16 «0.1» "Consensus": The absence of sustained objection when a Quorum has been achieved. {*}17 <** Annot.> <"Guiding Principles": as defined in Section 1.3 of the Charter.>18 <** Annot.> <"Identity Ecosystem": as defined in Section 1 of the Charter.>19 «0.2» Identity Ecosystem Management Council ("Management Council"): Provides guidance to the Plenary20 on the broad objectives envisioned by the NSTIC; produces, prioritizes and monitors progress of Steering Group21 work plans; provides necessary resources, and ensure that Steering Group work activities adhere to the NSTIC22 Guiding Principles and Goals; and ratifies policy and standards recommendations approved by the Plenary.23 <** See sec. 2.2.>24 «0.3» Identity Ecosystem Plenary ("Plenary"): Reviews and recommends technical standards for adoption,25 establishes and maintains the procedures/policies for governing the Identity Ecosystem, develops and26 establishes accountability measures to promote broad adherence to these procedures, and facilitates the27 ongoing operation of the Steering Group. Open to all members of the Steering Group. <** See sec. 2.1.>28 «0.4» Identity Ecosystem Steering Group ("Steering Group"): The overall Identity Ecosystem governance29 structure which consists of the Management Council and the Plenary. The responsibilities, mission, and activities30 of the Steering Group are defined in these By-laws and in the Charter.
    • 31 «0.5» "Individual": Any person who does not represent or act on behalf of a Member Organization in any32 formal or informal capacity within the Steering Group.33 <** Annot.> <"Initial Interim Period": as defined in Section 11.>34 <** Annot.> <"Individual Member": as defined in Section 0.9.>35 <** Annot.> <"Management Council": as defined in Section 0.2. ** See sec. 2.2.>36 «0.6» "Management Council Chair": This officer provides general leadership to the Management Council;37 oversees votes, and directs the meetings of the Management Council. <** See sec. 2.2.4.1.>38 «0.7» "Management Council Delegates": Persons elected to represent each of the 14 Stakeholder Groups39 on the Management Council [plus] . There are an additional two At-Large Delegates. <**B: Rule hygiene.>40 «0.8» "Management Council Vice-Chair": This officer shall assist the Steering Group in maintaining41 alignment with NSTIC objectives and the NSTIC Guiding Principles. This position shall be filled by the Director of42 the NPO. <** See sec. 2.2.4.2.>43 «0.9» "Member": Any organization ("Member Organization") or individual ("Individual Member") that signs the44 Membership Agreement.45 «0.10» "Member Associates": Employees and associates of Member Organizations who participate in the46 Standing Committees and Working Groups of the Plenary. All Member Associates shall be listed in the47 Membership Agreement and shall comply with the same obligations as the Member Organization under the48 Membership Agreement.49 <** Annot.> <"Member Organization": as defined in Section 0.9.>50 <** Annot.> <"Member Representative": any Participating Member Representative or Observing Member Representative.>51 <** Annot.> <"Membership Agreement": as defined in Section 1.5.>52 <** Annot.> <"NSTIC": the National Strategy for Trusted Identities in Cyberspace, as defined in Section 1 of the Charter.>53 <** Annot.> <"NPO": the NSTIC National Program Office, as defined in Section 1 of the Charter.>54 «0.11» "Observing Member": Members that do not meet the criteria for Participating Members, but that wish55 to maintain a formal and ongoing presence in the Steering Group. Observing Members may still contribute to the56 work of the Plenary, its Standing Committees, and/or Working Groups, but they shall not be permitted to vote in57 Plenary proceedings.58 «0.12» "Observing Member Representative": The person [designated]selected by each Observing Member59 [in its executed]to execute the Steering Group Membership Agreement and maintain currency of Member60 Associates. <**C: Immediate; Contract issues.>61 «0.13» "Ombudsman": This officer serves to support equitable representation of all stakeholders and62 individual participants in the Identity Ecosystem and upholds the NSTIC Guiding Principles. <** See sec.63 2.2.4.3.>64 «0.14» "Organization": A commercial, governmental, or other separately constituted legal entity and, when65 applicable, its parent company or organizations, its subsidiaries, affiliations, divisions, committees, and working66 groups.67 «0.15» "Participating Member": Members who actively participate in the Steering Group and the work of the68 Plenary, its Standing Committees, and/or Working Groups. Participating Members shall have a vote in Plenary-69 wide proceedings and in the elections of officers and delegates.70 «0.16» "Participating Member Representative": The person [designated] selected by each Participating71 Member [in its executed]to execute the Steering Group Membership Agreement, maintain currency of Member72 Associates, and represent the Membership organization in Plenary-wide votes. <**C: Immediate; Contract73 issues.> <** But see sec. 11.>
    • 74 <** Annot.> <"Plenary": as defined in Section 0.3.> 75 «0.17» "Plenary Chair": This officer provides direction for actions, manages meetings, supervises 76 votes/elections, and provides general leadership in the Plenary. <** See sec. 2.1.2.> 77 <** Annot.> <"Plenary Supermajority": as defined in Section 2.2.5.1.>78 «0.18» "Quorum": A quorum of the Plenary is defined as greater than fifty percent of Participating Members79 and shall be sufficient for the transaction of business. [A quorum of the Management Council is defined as80 greater than fifty percent of Management Council Delegates and shall be sufficient for the transaction of81 business.] <**D: Rule hygiene, Overcentralization>.) 82 <** Annot.> <"Recommendation Supermajority": as defined in Section 5.3.2.2.> 83 «0.19» "Secretariat": Provides administrative and material support to the Steering Group. <** See sec.2.3.> 84 «0.20» "Standing Committees": Committees responsible for addressing and coordinating the ongoing and/or 85 permanent activities that occur within the Plenary. <** See sec. 2.1.4.> 86 <** Annot.> <"Stakeholder Group": as defined in Section 1.3.1.> 87 <** Annot.> <"Stakeholder Group Delegate": as defined in Section 2.2.2.1.> 88 <** Annot.> <"Steering Group": as defined in the Preface above.> 89 «0.21» "Unaffiliated Individual": Any Individual Member who chooses not to self-select into one of the other 90 Stakeholder Groups. Unaffiliated Individuals shall not represent the interests or act on behalf of a Member 91 Organizations or Stakeholder Group. 92 «0.22» "Working Groups": Temporary/ad hoc groups that conduct the work necessary for standards adoption 93 and policy development/implementation as needed. <** See sec. 2.1.4.> 94 1. Membership. 95 Membership in the Steering Group shall be open and the extent of participation shall be dependent on the 96 members. Membership in the Steering Group shall be open to organizations and individuals (members) that 97 have an interest in the development and administration of the Identity Ecosystem. Membership classifications, 98 participation levels and member categories are described in the sections that follow. ¶ A member is defined as 99 any organization or individual that signs the Membership Agreement.100 1.1. Membership Classifications. There are two classifications of membership – Member Organizations101 and individuals. A person representing or acting on behalf of a Member Organization in any formal or informal102 capacity within the Steering Group are considered part of that organization and cannot be considered an103 Individual Member.104 1.1.1. Member Organizations. An organization shall be permitted to join the Steering Group as any one of105 the Stakeholder Groups with the exception of Unaffiliated Individuals. (See section 1.3, Stakeholder Group106 Affiliation.) An organization shall be defined as a commercial, governmental, or other separately constituted107 legal entity and, when applicable, its parent company or organizations, its subsidiaries, affiliations, divisions,108 committees, and working groups. Divisions, subsidiaries, committees of organizations, etc. are part of their109 parent organizations and are not considered separate organizations for Steering Group membership purposes.110 1.1.2. Individuals. An individual shall be permitted to join the Steering Group as an Unaffiliated Individual111 (See section 1.1.2.1, Unaffiliated Individuals) or as a member of one of the other Stakeholder Groups. (See112 section 1.3, Stakeholder Group Affiliation.) An individual shall be defined as any person who does not represent113 or act on behalf of a Member Organization in any formal or informal capacity within the Steering Group.114 1.1.2.1. Unaffiliated Individuals. Unaffiliated Individuals shall be any Individual Member who chooses not115 to self-select into one of the other Stakeholder Groups. (See section 1.3, Stakeholder Group Affiliation.)116 Unaffiliated Individuals shall not represent the interests or act on behalf of a Member Organizations or117 Stakeholder Group.
    • 118 1.2. Participation Levels. A member shall participate in the Plenary as either a Participating Member or an119 Observing Member.120 1.2.1. Participating Members. Participating Members shall be members that actively participate in the121 Steering Group and the work of the Plenary, Standing Committees, and/or Working Groups. Participating122 Members shall have a vote in Plenary-wide proceedings and in the elections of officers and delegates. ¶ The123 requirements for qualification as a Participating Member are defined in section 1.4, Member Rights and124 Responsibilities. <But see sec. 11.1.>125 1.2.2. Observing Members. Observing Members shall be members that do not meet the criteria for126 Participating Members, but that wish to maintain a formal and ongoing presence in the Steering Group.127 Observing Members may contribute to the work of the Plenary, its Standing Committees, and/or Working128 Groups, but shall not be permitted to vote in Plenary-wide proceedings and in the elections of officers and129 delegates. ¶ The requirements for qualification as an Observing Member are defined in section 1.4, Member130 Rights and Responsibilities.131 1.2.3. Member Representatives. Each Member Organization shall designate one person as its official132 Member Representative. Each Member Organization shall determine its own process for selecting its Member133 Representative. Each Member Organization is authorized to designate alternate Member Representatives in the134 event a primary Member Representative is unable to attend a meeting. Member Representatives shall be135 responsible for acting on behalf of the Membership Organization[,] for executing the Membership Agreement and136 maintaining currency of Member Associates. ¶ Individual Members shall be considered their own Member137 Representative. No person shall represent more than one Member Organization. <** E: Typo.>138 1.2.3.1. Participating Member Representatives. Member Representatives of Participating Members shall139 be referred to as Participating Member Representatives. <** See definition in sec. 0.16.> Participating Member140 Representatives shall be responsible for casting votes in the Plenary.141 1.2.3.2. Observing Member Representatives. Member Representatives of Observing Members shall be142 referred to as Observing Member Representatives. <** See definition in sec. 0.12.>143 1.2.4. Member Associates. Each Member Organization may have multiple employees or associates from144 its organization who participate in the Standing Committees and Working Groups of the Plenary. All Member145 Associates shall be listed in the Membership Agreement and shall comply with the same obligations as the146 Member Organization under the Membership Agreement.147 1.3. Stakeholder Group Affiliation. Each Member shall self-select into the Stakeholder Group that they148 consider best represents its roles or interests in the Identity Ecosystem. Affiliation into these Stakeholder Groups149 shall be used for the purposes of electing delegates to the Management Council. Member Representatives and150 Member Associates shall be affiliated with the Stakeholder Group selected by their respective Member151 Organization. Individual Members shall have the option to self-identify into any of the 14 Stakeholder Groups,152 including Unaffiliated Individuals. (See section 1.3.1, Stakeholder Groups.)153 1.3.1. Stakeholder Groups. Members shall choose to affiliate with one of the following Stakeholder Groups.154 For detailed descriptions of the Stakeholder Groups see the Charter. {NIST fn2: Charter sec.3.2.2, Stakeholder155 Groups: http://j.mp/NSTICchtr#_Toc330932484.}156 «1.3.1.» 1. Privacy & Civil Liberties157 «1.3.1.» 2. Usability & Human Factors158 «1.3.1.» 3. Consumer Advocates159 «1.3.1.» 4. U.S. Federal Government160 «1.3.1.» 5. U.S. State, Local, Tribal, and Territorial Government161 «1.3.1.» 6. Research, Development, Education & Innovation162 «1.3.1.» 7. Identity & Attribute Providers
    • 163 «1.3.1.» 8. Interoperability164 «1.3.1.» 9. Information Technology (IT) Infrastructure165 «1.3.1.» 10. Regulated Industries166 «1.3.1.» 11. Small Business & Entrepreneurs167 «1.3.1.» 12. Security168 «1.3.1.» 13. Relying Parties169 «1.3.1.» 14. Unaffiliated Individuals170 1.3.2. Additional Stakeholder Groups. The Steering Group may add, remove, or modify Stakeholder171 Groups at any time, as necessary [, by amending these By-laws]. <**F: Rule hygiene.>172 1.4. Member Rights and Responsibilities. Rights and responsibilities of Participating and Observing173 Members are described in the sections that follow.174 1.4.1. Rights of Members. Members shall have the right to:175 «1.4.1.» a. Serve as members for as long as they meet the requirements of membership defined in176 section 1.4.2, Responsibilities of Members.177 «1.4.1.» b. Submit proposed requirements for the Identity Ecosystem Framework.178 «1.4.1.» c. Participate in the Plenary process and establish the overall direction of the Plenary through179 active participation in Working Groups, Standing Committees, or other organizational teams established as180 needed to address specific issues.181 «1.4.1.» d. Participate in the consensus decision-making process.182 1.4.2. Responsibilities of Members. Members shall have the responsibility to:183 «1.4.2.» a. Abide by the Membership Agreement and comply with the Charter and these By-laws.184 1.4.3. Additional Rights and Responsibilities of Participating Members. Participating Members shall have185 the right to:186 «1.4.3.» a. Vote in Steering Group elections in accordance with these By-laws.187 «1.4.3.» b. Vote on proposed Plenary standards, policies, and procedures in accordance with these By-188 laws.189 «1.4.3.» c. Stand for nomination for Management Council Delegate, At-Large Delegate, and Plenary190 and Management Council Chair positions.191 «1.4.3.1.» Participating Members shall have the responsibility to:192 «1.4.3.1.» a. Participate in Plenary meetings. (See section 5.3.2. Qualifications for Voting Privilege and193 Restoration.)194 «1.4.3.1.» b. Review Plenary documents.195 «1.4.3.1.» c. Ensure that their attendance is accurately recorded by the Secretariat.196 1.5. Membership Agreement. To become a member, the Member Representative shall complete and197 execute the Steering Group Membership Agreement. ¶ The completed and executed Membership Agreement198 shall be sent to the Secretariat who shall collect and record the Membership Agreements. [The form of199 Membership Agreement and any amendments thereto shall be approved by the Plenary,] A Member200 Organization may designate someone other than an employee to represent its organization. {NIST fn3: At the
    • 201 initial meeting of the Steering Group a draft Membership Agreement shall be finalized for ratification.}202 <**G: Immediate; Contract issues.>203 1.6. Changes in Membership Status. Changes in a member’s status are described in the sections that204 follow.205 1.6.1. Withdrawal of Membership. Members may voluntarily withdraw from the Steering Group at any time206 by stating their intention in writing to the Secretariat.207 1.6.2. Termination of Membership. The Management Council may terminate a membership as a result of a208 material violation of the By-laws.209 1.6.3. Administrative Modification of Membership. Any change in legal status of members shall result in the210 appropriate modification of their membership by the Secretariat. ¶ Situations that may result in the modification211 of membership include, but are not limited to:212 «1.6.3.» a. Dissolution of a Member Organization.213 «1.6.3.» b. Acquisition of Member Organization by another Member Organization.214 «1.6.3.» c. Change in employment status or affiliation of an individual.215 2. Steering Group Structure & Responsibilities.216 The Steering Group shall consist of two bodies: the Plenary and the Management Council. The Steering Group217 shall also have a Secretariat serving as its administrative arm. The roles and responsibilities of each component218 are described in the sections that follow.219 2.1. Identity Ecosystem Plenary. The Plenary shall be responsible for reviewing and recommending220 technical standards for adoption, establishing and maintaining the procedures and policies for governing the221 Identity Ecosystem, developing and establishing accountability measures to promote broad adherence to these222 procedures, and facilitating the ongoing operation of the Steering Group. The Plenary shall provide for the223 Plenary Chair, Working Groups and Standing Committees. The roles, responsibilities and participation224 requirements of each component are described in the sections that follow.225 2.1.1. Plenary Membership. The Plenary shall be open to all Steering Group members.226 2.1.2. Plenary Chair. The Plenary shall be led by the Plenary Chair. The role of the Plenary Chair is227 defined in the Charter. {NIST fn4: Charter, sec.2.1, Plenary Chair: http://j.mp/NSTICchtr#_Toc330932477.}228 2.1.2.1. Election. With the exception of the initial election, nominees for this position shall be approved229 by the Nominations Committee. The Plenary Chair shall be elected by the Participating Members within the230 Plenary in accordance with section 3, General Elections.231 2.1.2.2. Duties. The Plenary Chair is responsible for the overall management of the Plenary, including232 the Standing Committees and Working Groups. In fulfilling this role, the Plenary Chair shall act in a purely233 neutral capacity, divesting him- or her-self of any organizational or technical position.234 «2.1.2.2.» a. Guide the Secretariat in carrying out its duties and responsibilities as they pertain to the235 Plenary.236 «2.1.2.2.» b. Guide the consensus processes in the Plenary, ensuring that all points of view, to include237 minority views, are adequately expressed and understood by all present.238 «2.1.2.2.» c. Ensure that all information and decisions are clearly and effectively communicated.239 «2.1.2.2.» d. Coordinate with the Management Council and ensure that the policy and strategic goals240 of the Steering Group are being met.241 «2.1.2.2.» e. Foster an open and amiable atmosphere at Plenary meetings.
    • 242 «2.1.2.2.» f. Assist in the resolution of any appeal against a Plenary decision.243 2.1.2.3. Term of Service. The Plenary Chair shall serve a [one]two-year term. <**H:244 Overcentralization.> The Plenary Chair may serve no more than two terms consecutively but may serve any245 number of non-consecutive terms. If the Chair is unable to complete his or her term of office, the Plenary shall246 elect a successor in accordance with section 3, General Elections. <But see sec. 11.3.>247 2.1.2.4. Authority. The Plenary Chair shall have authority to table or terminate discussion, call for248 affirmation of consensus, mediate with dissenting parties, and commit or recommit a matter to committee for249 further action. In the event the Plenary Chair is also a Member Representative, he or she may not continue to250 act as Member Representative.251 2.1.3. Plenary Responsibilities. The specific responsibilities of the Plenary are described in the sections252 that follow.253 2.1.3.1. General Responsibilities. The Plenary shall:254 «2.1.3.1.» a. Facilitate the timely review, recommendation and adoption of standards related to the255 development and governance of the Identity Ecosystem.256 «2.1.3.1.» b. Develop and maintain work products and governing documents to include:257 «2.1.3.1.b.» i. A framework for testing and certifying Identity Ecosystem components.258 «2.1.3.1.b.» ii. The Identity Ecosystem Framework, as described in the NSTIC.259 «2.1.3.1.b.» iii. Other work products and governing documents deemed necessary to establish and260 maintain the Identity Ecosystem and to promote its adoption.261 «2.1.3.1.» c. Recommend creation or dissolution of Standing Committees and Working Groups to262 perform the Plenary’s work.263 «2.1.3.1.» d. Develop and establish accountability measures for the Plenary and its components.264 «2.1.3.1.» e. Facilitate the ongoing operation of the Steering Group.265 «2.1.3.1.» f. Perform all other acts [as provided under these By-laws or otherwise] necessary and266 appropriate to the conduct of the Plenary’s activities and achievement of the Plenary’s goals. <**I: Rule267 hygiene.>268 2.1.3.2. Conducting & Participating in Elections. The Plenary shall be responsible for electing269 Management Council Delegates, At-Large Delegates, and Plenary and Management Council Chairs in270 accordance with section 3, General Elections.271 2.1.4. Plenary Standing Committees and Working Groups. The roles of the Plenary Standing Committees272 and Working Groups are defined in the Charter. {NIST fn5: Charter, Secs. 2.1.2, Plenary Standing273 Committees: http://j.mp/NSTICchtr#_Toc330932478 and 2.1.3, Plenary Working Groups:274 http://j.mp/NSTICchtr#_Toc330932479}275 2.1.4.1. Administration. Standing Committees may be proposed by the Plenary or the Management276 Council and shall be officially established by the Management Council. Standing Committees and Working277 Groups shall create their own charters, which shall be [circulated for comment to the Participating Members and278 then ]approved by the Management Council. <**J: Immediate; Overcentralization.> Charters shall, at a279 minimum[,] outline the missions, operations, decision making procedures, and leadership selection processes.280 <**K: Typo.> All charters will support the NSTIC Guiding Principles and the Steering Group operating principles.281 {NIST fn6: Charter, Secs. 1.3, Adherence to the NSTIC Guiding Principles:282 http://j.mp/NSTICchtr#_Toc330932466 and 1.4, Operating Principles: http://j.mp/NSTICchtr#_Toc330932467.}
    • 283 2.1.4.2. Working Groups. Participation in and meetings of the Plenary Working Groups shall be open to284 all members.285 <** Annotation: the Charter names five Standing Committees: the Policy Coord. Comm., the Standards Coord. Comm.,286 The Accreditation Coord. Comm., the Privacy Coord. Comm. and the Nominations Comm.>287 2.1.4.3. Standing Committees. Standing Committee Charters shall also outline participation288 requirements[, and shall be open to all Members unless otherwise provided in their approved charter].289 <**L: Overcentralization.>290 <** Annotation: the Charter names three Working Groups: the Usability and Accessibility WG, the Security WG, and291 the Internationalization Coord. WG.>292 2.2. Identity Ecosystem Management Council. The Management Council shall be comprised of the293 Management Council Delegates, the Management Council Chair, the Vice Chair, and the Ombudsman. Their294 roles and responsibilities are described in the sections that follow. The Management Council shall provide295 guidance to the Plenary on the broad objectives envisioned by the NSTIC, produce workplans to prioritize work296 items and monitor progress, and ensure that Steering Group work activities align with the NSTIC Guiding297 Principles. The Management Council shall ratify policy and standards recommendations <**M: Rule hygiene.>298 approved by the Plenary[, subject to the procedures set forth in these By-laws]. <**N: Overcentralization.> The299 Management Council shall also be responsible for managing the Steering Group’s resources and procuring300 services once the Steering Group is self-sustaining.301 2.2.1 Management Council Participation. The Management Council shall be open to all Participating302 Members through the election process prescribed in section 2.2.3, Mgmt. Council Delegate Selection Process.303 [Stakeholder Group] Management Council Delegates and At-Large Delegates shall attend Management Council304 meetings and shall have the right to vote on Management Council matters. <**B: Rule hygiene.>305 2.2.2. Management Council Delegates. The Management Council shall be composed of 16 voting306 delegates including 14 delegates who are elected from the Stakeholder Groups and two At-Large Delegates.307 2.2.2.1. Stakeholder Group Delegates. There shall be 14 Management Council Delegates elected from308 the Stakeholder Groups in accordance with section 2.2.3.1, Stakeholder Group Delegates.309 2.2.2.2. At-Large Delegates. There shall be two At-Large Management Council Delegates elected in310 accordance with section 2.2.3.2, At-Large Delegates.311 2.2.3. Management Council Delegate Selection Process. The management council selection processes is312 described in the sections that follow.313 2.2.3.1. Stakeholder Group Delegates. Stakeholder Group Delegates shall be selected through an314 election held among the Participating Members within each Stakeholder Group in accordance with315 section 3, General Elections.316 2.2.3.2. At-Large Delegates. At-Large Delegates shall be selected through an election held among the317 Participating Members within the Plenary. All Participating Members may vote for candidates being elected for318 At-Large Delegate positions in accordance with section 3, General Elections.319 2.2.3.3. Delegate Selection Criteria. The Stakeholder Group Delegates and At-Large Delegates shall320 be selected in accordance with the criteria detailed in the Charter. {NIST fn7: Charter, sec.3.2.1, Delegate321 Selection Criteria: http://j.mp/NSTICchtr#_Toc330932483.}322 2.2.3.4. Management Council Delegate Term of Office. The terms of Management Council Delegates323 shall be as follows:324 «2.2.3.4.» 1. Management Council Delegates shall serve two-year terms. <But see sec. 11.3.> <And325 see last sentence of this section.>326 «2.2.3.4.» 2. There are no term limits for delegates.
    • 327 In the first term of office following the initial interim period – where all delegates shall serve for a period of328 six months (see Section 11, Initial Interim Period) – one-half of Stakeholder Group Delegates and one At-Large329 Delegate shall serve a one-year term.330 2.2.3.5. Mid-Term Vacancies. Mid-term vacancies may occur due to a Management Council Delegate331 voluntarily relinquishing their position or a change in a member’s status according to section 1.6, Change in332 Member Status. ¶ Should a delegate become unable to fulfill their commitment, they shall be expected to333 vacate their seat. Once vacated, a replacement must be chosen by election at the earliest reasonable334 opportunity in accordance with section 3, General Elections. Vacancies shall not affect the ability to make335 decisions.336 2.2.4. Management Council Officers. The Management Council Officers shall include the Chair, Vice-337 Chair, and Ombudsman. The selection processes, terms, and responsibilities are described in the sections that338 follow.339 2.2.4.1. Management Council Chair. The selection process, duties, and term of office are described in340 the sections that follow. For details on the role of the Management Council Chair see the Charter. {NIST fn8:341 Charter, sec.3.1, Mgmt. Council Composition: http://j.mp/NSTICchtr#_Toc330932481.}342 2.2.4.1.1. Selection Process. Nominees for this position shall be approved by the Nominations343 Committee. The Management Council Chair shall be selected by Participating Members in the Plenary in344 accordance with section 3, General Elections.345 2.2.4.1.2. Duties. The Management Council Chair shall be responsible for the overall management346 of the Management Council. The Chair shall:347 «2.2.4.1.2.» a. Act in a purely neutral capacity, divesting him or her of any organizational or348 technical position in Management Council activities.349 «2.2.4.1.2.» b. Guide the Secretariat in carrying out its duties and responsibilities as they pertain to350 the Management Council.351 «2.2.4.1.2.» c. Guide the consensus process in the Management Council.352 «2.2.4.1.2.» d. Preside over meetings and oversee votes of the Management Council.353 «2.2.4.1.2.» e. Ensure that all decisions are clear and made available in written form to the354 Secretariat.355 «2.2.4.1.2.» f. Coordinate with the Plenary Chair as necessary to ensure that Steering Group356 strategic and policy goals are being met.357 «2.2.4.1.2.» g. Act as the lead spokesperson for the Management Council between meetings.358 «2.2.4.1.2.» h. Assist in the resolution of an appeal against a Management Council decision.359 2.2.4.1.3. Term of Office. The term of the Management Council Chair shall be [one year]three years,360 with no restriction on the number of consecutive terms. <**O: Overcentralization.> <But see sec. 11.3.>361 2.2.4.2. Management Council Vice-Chair. The duties and term of office of the Management Council Vice-362 Chair are described in the sections that follow. For details on the role of the Management Council Vice-Chair see363 the Charter. {NIST fn9: Charter, sec.3.1, Mgmt. Council Composition: http://j.mp/NSTICchtr#_Toc330932481.}364 2.2.4.2.1. Duties. The Management Council Vice-Chair shall:365 «2.2.4.2.1.» a. Promote Identity Ecosystem stakeholder involvement and engagement.366 «2.2.4.2.1.» b. Build consensus on policy frameworks necessary to achieve the vision.367 «2.2.4.2.1.» c. Actively participate within and across relevant public and private sector forums.
    • 368 «2.2.4.2.1.» d. Assess progress against the goals, objectives, and milestones of the NSTIC.369 2.2.4.2.2. Term of Office. As an ex-officio position on the Management Council, the Vice Chair370 position may be held without limit.371 2.2.4.3. Ombudsman. The selection criteria, duties, term of office and authority of the Ombudsman are372 described in the sections that follow. For the role of the Ombudsman see the Charter. {NIST fn10: Charter,373 Sec. 3.1, Mgmt. Council Composition: http://j.mp/NSTICchtr#_Toc330932481.}374 2.2.4.3.1. Selection. The role of the Ombudsman shall be provided by the Secretariat. The375 Management Council shall establish criteria for the selection of the Ombudsman. The Ombudsman shall:376 «2.2.4.3.1.» a. Be independent from Steering Group members and Stakeholder Groups.377 «2.2.4.3.1.» b. Be capable of maintaining objectivity in the execution of all duties and378 responsibilities.379 «2.2.4.3.1.» c. Have strong communication, interpersonal, and problem solving skills.380 «2.2.4.3.1.» d. Have experience in complaint resolution and investigation.381 2.2.4.3.2. Duties. The Ombudsman shall:382 «2.2.4.3.2.» e. Uphold the NSTIC Steering Group Charter, By-laws, and Operating Principles.383 «2.2.4.3.2.» f. Facilitate balanced representation within the Steering Group.384 «2.2.4.3.2.» g. Develop and implement complaint and issue resolution policies and procedures for385 the Steering Group [and for the Ombudsmans office, including for the transparency of issue resolution activity,386 and any procedures necessary to preserve appropriate privacy concerns of parties to a resolved issue].387 <**P: Openness.>388 «2.2.4.3.2.» h. Investigate and assist in the resolution of issues and complaints associated with389 Steering Group processes.390 «2.2.4.3.2.» i. Report on Ombudsman activities to the Management Council [, and publish written391 records of all issue resolutions identifying the issues in detail, made available to all Members]. <**Q: Openness.>392 «2.2.4.3.2.» j. Maintain and safeguard records of all Ombudsman activities.393 «2.2.4.3.2.» k. Provide information on Ombudsman activities, policies, procedures, and processes394 to the general public including, but not limited to, periodic reports outlining disputes, complaints,395 recommendations, resolutions and final dispositions.396 2.2.4.3.3. Authority. The Ombudsman shall have the authority to:397 «2.2.4.3.3.» a. Attend all Steering Group meetings and functions.398 «2.2.4.3.3.» b. Conduct investigations and fact finding into complaints and issues arising399 from Steering Group proceedings.400 «2.2.4.3.3.» c. Make recommendations and assist in the resolution, mitigation, and401 prevention of issues and complaints.402 2.2.4.3.4. Steering Group Responsibilities. All members of the Steering Groups shall cooperate with403 the Ombudsman in the execution of his or her duties. Appropriate Steering Group leadership shall record and404 [publicly]publically report all actions taken pursuant to Ombudsman recommendations. {**} <**R: Typo.>405 2.2.4.3.5. Term of Office. [The Ombudsman serves at the pleasure of the Secretariat.]There are no406 term limits for the Ombudsman. {*} <**S: Rule hygiene.>
    • 407 2.2.5. Management Council Responsibilities. The Management Council shall provide guidance to the408 Plenary on the broad perspectives envisioned by the NSTIC and ensure that Steering Group work activities409 adhere to the NSTIC Guiding Principles. The Management Council shall ratify policy and standards410 recommendations approved by the Plenary. The Steering Group shall be initiated with the support of the Federal411 Government. Following the initiation period, the Steering Group shall transition to a self-sustaining organization.412 The Management Council shall be responsible for managing the Steering Group’s resources and procuring413 services once the Steering Group is self-sustaining.414 2.2.5.1. Administrative Activities. The Management Council shall perform administrative duties to415 facilitate the operations of the Steering Group. The Management Council shall:416 «2.2.5.1.» a. Approve and prioritize work programs and action plans.417 «2.2.5.1.» b. Manage the resources necessary to execute work programs and action plans and to418 operate the Plenary.419 «2.2.5.1.» c. Ratify recommendations from the Steering Group for the standards, policies, and other420 components of the Identity Ecosystem Framework.421 «2.2.5.1.» d. Approve charters of the Standing Committees and Working Groups.422 «2.2.5.1.» e. Maintain and update Steering Group organizational policies and procedures including423 Charter, By-laws, Membership Agreement, and intellectual property rights policies.424 «2.2.5.1.» f. Manage marketing and public relations activities.425 [2.2.6. Initial approval of Charter and By-laws. Notwithstanding the foregoing, the Plenary may adopt426 amendments to the Charter and these By-Laws without the ratification or approval of the Management Council427 for the first 180 days after the initial approval of those documents by the Plenary. However, the Management428 Council may make recommendations to the Plenary with respect to any such proposals.] <** X: Immediate;429 Overcentralization.>430 [2.2.7. Management Council Ratification and Inaction.431 2.2.7.1. If, 90 days after the approval by the Plenary of a recommendation for standards, policies or432 other components of the Identity Ecosystem Framework, the Management Council (a) declines to ratify it, or433 (b) fails to approve or reject that recommendation, or (c) ratifies it with changes not approved by the Plenary,434 then, at its next meeting, the Plenary may vote to finalize the recommendation in its originally approved form,435 without requiring or permitting further action from the Management Council. In order to be effective, that Plenary436 vote must be reached by Consensus, or, failing consensus, by the positive vote of 66% of those Participating437 Members voting in that vote, plus one vote (a "Plenary Supermajority").438 2.2.7.2. If, 90 days after the delivery in writing to the Management Council of a proposed amendment to439 the Charter or these By-laws, or a proposed committee or working group charter or amendment thereto, the440 Management Council (a) rejects it, or (b) fails to approve or reject the proposal, or (c) approves it with changes441 not agreed by the proposer, then, at its next meeting, the Plenary may vote to ratify and finalize the proposal in442 its originally delivered form, without requiring or permitting further action from the Management Council. In order443 to be effective, that Plenary vote must be reached by Consensus, or, failing consensus, by the positive vote of a444 Plenary Supermajority.] <** T: Overcentralization.>445 2.3. Secretariat. The Secretariat shall serve as the administrative body of the Steering Group and promote446 alignment of the Steering Group’s operations with the NSTIC Guiding Principles. The role and responsibilities of447 the Secretariat are described in the sections that follow.448 2.3.1. Selection of Secretariat. The Secretariat shall initially be provided by the NSTIC National Program449 Office. At such time that the Steering Group becomes self-sustaining, the Management Council shall be450 responsible for acquiring secretariat services support.451 2.3.2. Secretariat Responsibilities. The Secretariat shall act in a neutral capacity, divesting itself of any452 technical or other point of view. The Secretariat is responsible for ensuring that these By-laws and the decisions
    • 453 of the Steering Group are followed. The Secretariat is responsible for facilitating, monitoring, reporting, and454 ensuring active progress of the Steering Group work to conclusion. The Secretariat shall:455 «2.3.2.» a. Distribute Steering Group documents and process received comments and input.456 «2.3.2.» b. Assist the Steering Group leadership in establishing work priorities, agendas, target dates457 and other management activities as needed.458 «2.3.2.» c. Record and make available all decisions of the Steering Group for confirmation, and prepare459 reports for the Steering Group as requested.460 «2.3.2.» d. Support the Steering Group’s efforts to ensure alignment with the NSTIC Guiding Principles461 and operating principles.462 «2.3.2.» e. Enable timely and public distribution of Steering Group products and information; including,463 but not limited to, maintenance of the Steering Group Website.464 «2.3.2.» f. Provide the resources and personnel for the Ombudsman position.465 «2.3.2.» g. Take and record attendance at Plenary meetings.466 «2.3.2.» h. During the initial election of delegates and officers, the Secretariat shall satisfy the467 requirements outlined for the Nominations Committee in section 3, General Elections. Once the Nominations468 Committee is fully established the Secretariat will no longer be required to fill this role.469 2.4. Transparency & Dissemination of Information. The Steering Group shall conduct all operations and470 administrative actions in an open and transparent manner.471 2.4.1. Open Meetings. Where ever possible, meetings of the Steering Group [and its committees and472 working groups] shall be open for public attendance. Electronic tools and mechanisms shall be made available to473 enable remote attendance and participation. <** U: Openness.>474 2.4.2. Publication of Operations. Essential information about Steering Group activities shall be made475 publicly available through the Steering Group’s website.476 2.4.3. Material Distribution. The Steering Group shall distribute the results of its activities through the477 Steering Group website. The website shall include all Plenary deliverables. This includes, but is not limited to,478 documents, conference presentations, meeting minutes, and publications.479 3. General Elections480 The processes for the electing Management Council Delegates, Plenary Chair and Management Council Chair481 are described in the sections that follow.482 3.1. General Requirements. The general requirements for the election process are:483 «3.3.» 1. Only Participating Members of a Stakeholder Group may vote for Management Council Delegate484 candidates being elected from that Stakeholder Group.485 «3.3.» 2. Only Participating Members may vote for At-Large Management Council Delegates, the Plenary486 Chair, and the Management Council Chair.487 3.2. Election Process. The election process is described in the sections that follow.488 3.2.1. Call for Candidates When one or more seats become available, the Nominations Committee shall489 hold a call for candidates as follows:490 «3.2.1.» a. For Management Council Delegate vacancies, the request shall indicate the number of seats491 to be filled and provide guidance on specific candidate attributes that may be needed to fulfill requirements for492 skills, experience, and cross-industry representation.
    • 493 «3.2.1.» b. For the Plenary Chair and Management Council Chair positions, the request shall be made494 up to three months prior, but not less than one month prior, to the end of terms of the Plenary Chair or495 Management Council Chair.496 «3.2.1.» c. If no candidate is slated at the end of the evaluation process, the Management Council Chair497 may request the Nominations Committee to initiate another call for candidates.498 «3.2.1.» d. The Secretariat shall hold the initial call for Management Council candidates.499 3.2.2. Submission of Candidate Recommendations. The process for the submission of candidate500 recommendations is as follows:501 «3.2.2.» 1. For Plenary Chair, Management Council Chair, and Management Council At-Large Delegate502 positions, any member may submit recommendations for vacancies.503 «3.2.2.» 2. For Management Council Stakeholder Group Delegate positions, any member affiliated with504 the Stakeholder Group for which there is a vacancy may submit recommendations.505 3.2.3. Candidate Evaluations. The Nominations Committee shall evaluate nominations in accordance with506 eligibility criteria established for each open position. <But see sec. 2.3.2.h.> These criteria include:507 «3.2.3.» a. Members may hold only one leadership position within the Steering Group. Leadership508 positions include:509 «3.2.3.a.» i. Management Council Delegate (Stakeholder Group and At-Large)510 «3.2.3.a.» ii. Management Council Chair511 «3.2.3.a.» iii. Plenary Chair512 «3.2.3.» b. The nominee must confirm his or her willingness to be a candidate for the position.513 «3.2.3.» c. Selection criteria for Management Council Delegates in the Charter. {NIST fn11: Charter,514 sec.3.2.1, Delegate Selection Criteria: http://j.mp/NSTICchtr#_Toc330932483.}515 «3.2.3.» d. The nominee must be a Participating Member.516 «3.2.3.» e. Additional criteria to determine the eligibility of candidates for the positions of Plenary Chair517 and Management Council Chair include:518 «3.2.3.e.» i. Breadth of experience.519 «3.2.3.e.» ii. Contributions to the identity management community.520 «3.2.3.e.» iii. Demonstrated ability to effectively lead a significant organization or organization’s board.521 3.2.4. Preparation of a Slate. The Nominations Committee shall develop a slate of all eligible candidates522 from the candidate nominations received during the call for candidates corresponding to the requirements for523 vacant seats. Candidates shall only appear once per slate [, except for the initial Steering Group elections].524 <**V: Rule hygiene.>525 3.2.5. Confirmation and Approval for Slate of Candidates. The process for confirming and approving the526 slate of candidates is as follows.527 «3.2.5.» a. The slate of eligible candidates and their qualifications shall be presented by the Nominations528 Committee before the sitting Management Council.529 «3.2.5.» b. Except for the nominations for the initial Management Council, the sitting Management530 Council shall review and ratify the slate.531 «3.2.5.» c. Cause for rejection shall be clearly documented so that the Nominations Committee may532 propose a new slate or a partial slate.
    • 533 3.2.6. Voting for Candidates. The process for voting for candidates is as follows:534 «3.2.6.» a. The Secretariat shall prepare ballots for each election and distribute sample ballots535 no less than 15 days prior to an election.536 «3.2.6.» b. The Secretariat shall administer the vote, tally the ballots, and report the results.537 «3.2.6.» c. For elected positions a simple majority vote shall decide the winner. In the event that538 there is no majority the candidates with the two highest vote counts shall participate in a run-off.539 «3.2.6.» d. In the event of an election tie, another ballot that includes only the tied candidates540 shall be conducted in a timely fashion.541 4. Meetings542 The Steering Group meeting requirements are described in the sections that follow.543 4.1. Meetings Requirements & Procedures. Except as otherwise noted, the Plenary and Management544 Council, and all Working Groups and Standing Committees shall conduct meetings as follows:545 «4.1.» a. Meetings shall be presided over by the respective chair.546 «4.1.» b. Attendance shall be recorded for all meetings.547 «4.1.» c. At the start of every meeting, participants shall review the intellectual property disclosure policy548 and activities that violate anti-trust law.549 «4.1.» d. The Plenary and Management Council each shall hold face-to-face meetings at least two times550 per year. Provisions shall be made to allow for members to attend via remote electronic mechanisms.551 «4.1.» e. There shall be no defined maximum limit on the number of meetings that can be convened. The552 scheduling of meetings shall be left to the discretion of the Steering Group body that calls the meeting.553 «4.1.» f. Minutes shall be recorded for all meetings.554 «4.1.» g. Draft meeting minutes shall be distributed or otherwise made available to the members in555 attendance for comment and shall be revised accordingly. Approved minutes shall be made publicly available as556 soon as practicable after meetings.557 4.2. Meeting Administration. The sections that follow describe administrative requirements for Steering558 Group meetings.559 4.2.1. Prior Notice of Meetings. Announcements of full Plenary and Management Council meetings must560 be made no fewer than 30 days in advance by email notice to members, delegates, and officers and posted on561 the Steering Group website. Meetings of Standing Committees and Working Groups should be announced as562 far in advance as practicable.563 4.2.2. Meeting Agenda. An agenda shall be included in the meeting notice and shall include the date and564 time for the meeting, the meeting’s subject matter, relevant recommendations of the Working Groups and565 Standing Committees, web links to any related working papers, anticipated votes, member contributions, and566 other relevant and useful materials. Plenary contributions shall be posted on the Steering Group website at least567 15 business days in advance.568 4.2.3. Attendance. Attendance at Plenary meetings is an obligation of Participating Members. The569 Secretariat shall record the presence of each member at each Plenary meeting. It shall be the responsibility of570 members to make their attendance at meetings known to the Secretariat.
    • 571 5. Decision Making.572 The decision making procedures for the Steering Group are described in the sections that follow.573 5.1. Quorum. A Quorum of the Plenary is defined as greater than fifty percent of Participating Members and574 shall be sufficient for the transaction of business.575 5.2. Consensus. The Steering Group shall seek to reach its decisions through a consensus process that576 emphasizes due diligence and cooperation. When no consensus can be reached in a timely manner, the577 decision shall be reached by voting as defined in section 5.3, Voting.578 5.2.1. Consensus Process The following procedures shall be used in the consensus process:579 «5.2.1.» a. A quorum is required to reach consensus.580 «5.2.1.» b. The chair of the respective body shall act as the facilitator of the consensus process.581 «5.2.1.» c. Items that require decisions shall be clearly presented with all available research and582 information by the individual, Working Group, or standing committee responsible for the proposal.583 «5.2.1.» d. The proposal shall be discussed and debated by those in attendance and any584 amendments or modifications to the proposal shall be presented.585 «5.2.1.» e. A call for objections shall be made to all members.586 «5.2.1.» f. The absence of sustained objection shall be considered consensus.587 «5.2.1.» g. Sustained objections which cannot be resolved through continued discussion will588 result in the motion being moved to a vote or tabled for modification. (See section 5.3.1 Matters for589 Voting.)590 «5.2.1.» h. All members of the Steering Group shall be allowed to participate in the consensus591 decision-making process.592 5.3. Voting. The requirements and processes for voting within the Steering Group bodies are described in593 the sections that follow.594 5.3.1. Matters for Voting. Any matters that are not able to be resolved through the consensus process595 may be voted upon by the Participating Members of the Plenary.596 5.3.2. Qualifications for Voting Privilege and Restoration. Any Participating Member who is absent for two597 consecutive Plenary meetings shall forfeit the privilege of voting on Plenary matters. Participating Members who598 lose voting privileges shall maintain all the rights and responsibilities of Observing Members. ¶ A Participating599 Member whose voting privileges are suspended shall have voting privileges restored upon attendance at two600 consecutive meetings. Restoration of voting privileges begins after determination of quorum at the second601 consecutive meeting attended. ¶ All Participating Members attending the first two meetings shall be eligible to602 vote at those meetings. Thereafter, the provisions of [this Section]these By-laws shall take effect. <**W: Rule603 hygiene.>604 5.3.3. Voting Process. The voting process is described in the sections that follow.605 5.3.3.1. Voting Procedures. Voting percentages shall be calculated in terms of the number of “yes” and606 “no” votes cast. ¶ A record of voting on all measures requiring a vote shall be maintained by the Secretariat.607 Participating Members may choose to qualify their votes with comments for the record.608 5.3.3.2. Requirements for Approval. An affirmative vote of seventy-five percent [of those voting (a609 "Recommendation Supermajority") , in a quorate meeting or ballot,] shall be required to pass technical610 recommendation measures. Technical measures are those that deal with standards, procedures, policies, for the611 identity ecosystem framework. ¶ An affirmative vote of a simple majority [of those voting, in a quorate meeting612 or ballot,] shall be required to pass administrative measures. Administrative are those that deal with the internal613 operations of the identity ecosystem steering group. <**Y: Rule hygiene.>
    • 614 6. Intellectual Property Policy.615 The Steering Group policy related to Intellectual Property is based on the following principles.616 «6.0.1.» The Steering Group shall function in an open working environment. The Steering Group and its617 members shall not accept any documentary or oral disclosure of proprietary information from any member as a618 part of the conduct of business. In addition, no information of a secret or proprietary nature shall be made619 available as official documents, and no such documents (or documents marked as such) will be made official620 documents or forwarded to the membership.621 «6.0.2.» All proprietary information which may nonetheless be publicly disclosed by any participant during622 any meeting shall be deemed to have been disclosed on a non-confidential basis, without any restrictions on use623 by anyone, except that no valid copyright or invention right shall be deemed to have been waived by such624 disclosure.625 «6.0.3.» There may be Steering Group proceedings (e.g., accreditations process) that will require separate626 or specific intellectual property requirements or non-disclosure statements.627 6.1. Steering Group Patent Policy - Inclusion of Patents in Steering Group Products. Some Steering628 Group products may include the use of an essential patent claim if technical reasons justify this approach. If the629 Steering Group receives a notice that a proposed or an approved Steering Group product may require the use of630 such a patent claim, the procedures in the following sections will be followed.631 6.1.1. Statement from patent holder. The Steering Group will request from the patent holder or a party632 authorized to make assurances on its behalf, in written or electronic form an assurance that a license to such633 essential patent claim(s) will be made available to applicants desiring to utilize the license for the purpose of634 implementing the Steering Group product either:635 «6.1.1.» a. On a non-discriminatory basis and under reasonable terms and conditions; or636 «6.1.1.» b. Without compensation and under reasonable terms and conditions that are demonstrably637 free of any unfair discrimination.638 If the patent holder or party authorized to make assurances on its behalf does not agree to these terms,639 then this decision will be documented clearly. As it may pose risks to the implementation of the Identity640 Ecosystem, this decision will be seriously considered by the Steering Group in any related activity or vote.641 6.1.2. Record of statement. A record of the patent holder’s statement will be retained in the Steering642 Group files and posted on-line.643 6.1.3. Notice. When the Steering Group receives from a patent holder the assurance set forth in 6.1.1644 above, the expected result will include a note substantially as follows:645 NOTE – The user’s attention is called to the possibility that compliance with this expected result may require use646 of an invention covered by patent rights. By publication of Steering Group expected results, no position is taken647 with respect to the validity of any such claim(s) or of any patent rights in connection therewith. If a patent holder648 has filed a statement of willingness to grant a license under section 6.1.1, details may be obtained from the649 patent holder.650 6.1.4. Responsibility for identifying patents. The Steering Group is not responsible for identifying patents651 for which a license may be required for use of a Steering Group expected result or for conducting inquiries into652 the legal validity or scope of those patents that are brought to their attention.653 6.2. Copyrights. Copyright in materials produced prior to Membership in the Steering Group remains the654 property of the copyright owner. However, copyrighted materials offered for incorporation into Steering Group655 outputs must be made available on a royalty-free basis. ¶ Standards developers whose standards are656 referenced in Steering Group outputs retain copyright ownership and control of the standards themselves.
    • 657 7. Conflict of Interest.658 Members shall anticipate any situation in which a conflict of interest may arise and shall bring these concerns659 before the Steering Group and the Secretariat for resolution. Steering Group members must be sensitive to660 conflict of interest issues; however, being a member of the Steering Group should not disadvantage an individual661 or their organizations. ¶ Members may present arguments and evidence of a conflict of interest to the662 Management Council and the Secretariat. ¶ In the event a Participating Member Representative has a conflict663 of interest on a particular vote or discussion and the Member Organization does not, the Member Organization664 may designate a different Member Representative for the purposes of participating in the particular vote or665 discussion.666 8. Non-Liability.667 Members, delegates, and officers shall not be liable for the debts, liabilities, or other obligations of the Steering668 Group.669 9. Charter and By-laws Ratification & Amendments.670 Ratification of the initial Charter and By-laws [, and any amendments offered for 180 days afterwards,] shall be671 accomplished by simple majority vote of [those] Participating Member Representatives [voting at a quorate672 meeting]. <**X: Immediate; Overcentralization> ¶ Any subsequent amendments to the Charter or By-laws shall673 be accomplished by a [Consensus, or, failing consensus, a Plenary Supermajority (66% of those Participating674 Members voting in that vote, plus one vote),] super majority vote (75%) of the Participating Member675 Representatives following a review and approval of the proposed amendment by the Management Council [,676 subject to Section 2.2.5]. <**Z: Overcentralization.>677 10. Severability.678 If any part of these By-laws shall be determined to be invalid, illegal or unenforceable, the validity, legality and679 enforceability of the remaining provisions shall not be affected.680 11. Initial Interim Period.681 Due to the need to quickly initiate a new organization, the provisions of this section define an initial interim period682 for the Steering Group. The provisions of this section shall be in effect for an initial interim period of 90 days from683 the date of ratification of these By-laws. All By-laws shall be in effect upon ratification except as specified in this684 section. After the initial 90-day period, the provisions of this section will no longer be in effect.685 11.1. Participating and Interim Members. An organization or individual shall be permitted to join the686 Steering Group by executing the Membership Agreement as a Participating Member or by expressing the intent687 to join as an Interim Member. Interim Members shall have the same rights and responsibilities as Participating688 Members. Interim Members shall execute the Membership Agreement no later than the end of the initial interim689 period in order to remain members.690 11.1.1. Member Representatives. Each Interim Member shall designate a Member Representative in691 accordance with section 1.2.3 of these By-laws.692 11.1.2. Stakeholder Group Affiliation. Each Interim Member shall self-select into the Stakeholder Group693 that they consider best represents its roles or interests in the Identity Ecosystem.694 11.2. Elections. The Secretariat shall assume all responsibilities of the Nominations Committee for the initial695 Steering Group elections. The Secretariat shall prepare and distribute candidate slates and ballots for initial696 Steering Group elections as far in advance as practicable.697 11.3. Officer and Delegate Terms of Service. The initial terms of service for the Management Council Chair,698 Plenary Chair, and Management Council Delegates elected during the initial interim period shall be 6-months.699 END OF DRAFT BYLAWS
    • PRODUCTION INFORMATION This is file "NSTICdraftBylawsAugust2012comments.pdf". There is a related ASCII document "NSTICdraftBylawsJuly2012.txt". The normative February 2012 NIST Draft Charter (PDF) is here : http://www.nist.gov/nstic/reports/SG_Draft_Charter.pdf Mirrored Charter, with internal cites (HTML): http://j.mp/NSTICchtr > http://www.nstic.us/wp-content/uploads/2012/07/Charter-Final.htm The normative July 2012 NIST v2 Draft Bylaws (PDF) is here: http://www.nist.gov/nstic/reports/Discussion_Draft_By-laws_V2.pdf Mirrored Bylaws, with internal cites (HTML): http://j.mp/NSTICjulybylaws > http://www.nstic.us/wp-content/uploads/2012/07/Draft_By-laws_Revised.htm The source text for this document and its ASCII sister version is the www.nstic.us mirror of the NIST v.2 draft Bylaws. This text reflects the July 2012 drafts substantive content, but is marked [like this to show change proposals]. The ASCII text was cleaned up as to format, but not content, to allow for editing and regular-expression searches. jamie.clark@oasis-open.org700 PROPOSED AMENDMENTS REFLECTED IN THIS DOCUMENT: NON-NORMATIVE701 General comment: The proposed rules should allow reconsideration of these issues, in six months, so these702 proposals distinguish the few changes that may be immediately advisable. Only the five "IMMEDIATE" proposals are703 reflected in the ASCII version of this document. See also the proposed amendments to the Charter.704 Types of amendments:705 IMMEDIATE (5): C, G, J, V, X.706 Typos (4): A, E, K, R707 Rule hygiene / logic (4): B, D, F, I, M, S, U, V, W, Y.708 Contract issues (2): C, G.709 Overcentralization (9): D, H, J, L, N, O, T, X, Z.710 Openness (3): P, Q, U.711 A. Class of amendment: Typo. Later.712 Place: Line 11. <Preface.>713 Edit: Decapitalize "Operating."714 Reason: Punctuation. The next word "procedure" is lower-case. There does not appear to be a defined term,715 though the meaning of this phrase may need attention later.716 B. Class of amendment: Rule hygiene. Later.717 Place: Lines 39 + 300. Secs. <0.7> + 2.2.1.718 Edit: In <0.7>, Replace the first period and the phrase "There are an additional" with the new word "plus", and in719 2.2.1, replace the words "Management Council" with the words "Stakeholder Group."720 Reason: Corrects ambivalence in the draft on whether "Management Council Delegate" means only the 14721 elected by stakeholder Groups, or all 16 voting members.722 C. Class of amendment: IMMEDIATE; Contract issues.723 Place: Lines 60 + 72: Secs. <0.12> + <0.16>.724 Edit: In each section, replace the word "selected" with the new word "designated," and replace the phrase "to725 execute" with the new phrase "in its executed."726 Reason: Membership agreement enforceability. The person who signs for the Organizational Member, and thus727 may bind the entity legally, may or may not be their primary "representative" in NSTIC.728 D. Class of amendment: Rule hygiene, overcentralization. Later.729 Place: Line 81. Sec. <0.18>.730 Edit: Add the sentence: "A quorum of the Management Council is defined as greater than fifty percent of731 Management Council Delegates and shall be sufficient for the transaction of business."732 Reason: There is no quorum requirement for the MC otherwise. Without one, a handful can meet and do733 anything. Untidy.
    • 734 E. Class of amendment: Typo. Later.735 Place: Line 137, Sec. 1.2.3.736 Edit: Insert a comma before the words "for executing".737 Reason: Grammar; makes clear that there are three duties. Note, having the Representatives sign the738 membership agreement themselves, whether or not they are an enforceable binding organizational signature,739 probably is a good idea, and at a minimum is harmless.740 F. Class of amendment: Rule hygiene. Later741 Place: Line 173, sec. 1.3.2.742 Edit: Add the words "by amending these By-laws" at the end of the sentence.743 Reason: When ground rules (like stakeholder classes) are changed, they should be documented somewhere744 clearly, like the By-laws. Otherwise it is not clear here how a change would be made. Significant because the745 balance in NISTs suggested 14 classes may be the subject of proposed amendments later. A similar746 amendment has been proposed to the Charter.747 G. Class of amendment: IMMEDIATE; Contract issues.748 Place: Line 200. Sec. 1.5.749 Edit: Add this sentence after the second sentence: "The form of Membership Agreement and any amendments750 thereto shall be approved by the Plenary."751 Reason: Membership agreement enforceability, and stability. It should be clear how the MA is approved, and752 changes are made. The Steering Group should assume that the uniformity of content of the MA is important to753 participants, and changes should be made sparingly. Section 11 will help with that issue, at first.754 H. Class of amendment: Overcentralization. Later.755 Place: Line 245. Sec. 2.1.2.3.756 Edit: Replace the word "two" with the new word "one."757 Reason: The best check on officers is to allow the Plenary to re-elect them, or not. Antidemocratic. Two years is758 the life of this projects first phase, and probably too long. Note, this election happens 6 months from now.759 I. Class of amendment: Rule hygiene. Later.760 Place: Line 267. Sec. 2.1.3.1.f.761 Edit: Add the words "as provided under these By-laws or otherwise" after the phrase "all other acts".762 Reason: Resolves ambiguity about whether a power listed in the Bylaws is excluded if not enumerated in this763 section.764 J. Class of amendment: IMMEDIATE; Overcentralization.765 Place: Line 279. Section 2.1.4.1.766 Edit: Add "circulated for comment to the Participating Members and then" before the words "approved by the767 Management Council".768 Reason: NISTs draft gives too much unchecked power to the 16-voter Management Council to override the769 entire membership. In this case, committee charters and charter changes should be seen by the members770 before approval. A similar amendment has been proposed to the Charter.771 K. Class of amendment: Typo. Later.772 Place: Line 280, Sec. 2.1.4.1.773 Edit: Insert a comma after the phrase "at a minimum">.774 Reason: Grammar.775 L. Class of amendment: Overcentralization. Later.776 Place: Line 288, sec. 2.1.4.3.777 Edit: Insert ", and shall be open to all Members unless otherwise provided in their approved charter" at the end778 of the sentence.779 Reason: While standing committee charters may have voting participation limitations for balance reasons, those780 should be made clear in the charter, and the committees should be open to all if the charter does not provide781 otherwise. (Also, the Charters general openness principles apply to observers.)
    • 782 M. Class of amendment: Rule hygiene. Later.783 Place: Line 295, sec. 2.2.784 Edit: Delete the words "policy and standards".785 Reason: The apparent intent of this rule was to have the MC ratify the official recommendation outputs of the786 Plenary. Policies and standards are only two of the 3+ classes of named outputs; for example, accreditation787 guidelines were omitted.788 N. Class of amendment: Overcentralization.789 Place: Line 296, sec. 2.2.790 Edit: Insert "subject to the procedures set forth in these By-laws" at the end of the fourth sentence.791 Reason: The MCs ability to override anything and everything the Plenary does may be limited by other792 provisions of the Bylaws. Thats true whether or not other amendments are made, but some specific793 amendments on that topic also are proposed below.794 O. Class of amendment: Overcentralization. Later.795 Place: Line 357, Sec. 2.1.2.3.796 Edit: Replace the words "three years" with the new words "one year."797 Reason: The best check on officers is to allow the Plenary to re-elect them, or not. Antidemocratic. Three years798 is well past the life of this projects first phase, and probably too long. Note, this election happens 6 months799 from now.800 P. Class of amendment: Openness. Later.801 Place: Line 383. Sec. 2.4.3.2.g.802 Edit: Add the phrase "and for the Ombudsmans office, including for the transparency of issue resolution803 activity, and any procedures necessary to preserve appropriate privacy concerns of parties to a resolved issue"804 at the end of the first sentence.805 Reason: Brings the activities of the Ombudsmans office within the general principles of the project. Permits806 appropriate exceptions for privacy reasons.807 Q. Class of amendment: Openness. Later.808 Place: Line 384. Sec. 2.4.3.2.i.809 Edit: Add the phrase ", and publish written records of all issue resolutions identifying the issues in detail, made810 available to the Members." at the end of the first sentence.811 Reason: Brings the activities of the Ombudsmans office within the general principles of the project. Less of a812 dark hole, that way.813 R. Class of amendment: Typo. Later.814 Place: Line 402. Section 2.2.4.3.4.815 Edit: Change "publically" to "publicly."816 Reason: Use same spelling for word throughout rule documents. (Both versions appear in Charter as well.817 Proposed correction also offered there.)818 S. Class of amendment: Rule hygiene. Later.819 Place: Line 403. Sec. 2.2.4.3.5.820 Edit: Replace sentence with: "The Ombudsman serves at the pleasure of the Secretariat".821 Reason: Clearer. Removes some questions about MC rights.
    • 822 T. Class of amendment: Overcentralization. Later.823 Place: Line 428, sec. 2.2.7 (new).824 Edit: Add the following:825 "2.2.7. Management Council Ratification and Inaction.826 2.2.7.1. If, 90 days after the approval by the Plenary of a recommendation for standards, policies or other827 components of the Identity Ecosystem Framework, the Management Council (a) declines to ratify it, or (b) fails to828 approve or reject that recommendation, or (c) ratifies it with changes not approved by the Plenary, then, at its829 next meeting, the Plenary may vote to finalize the recommendation in its originally approved form, without830 requiring or permitting further action from the Management Committee. In order to be effective, that Plenary vote831 must be reached by Consensus, or, failing consensus, by the positive vote of 66% of those Participating832 Members voting in that vote, plus one vote (a "Plenary Supermajority").833 2.2.7.2. If, 90 days after the delivery in writing to the Management Council of a proposed amendment to the834 Charter or these Bylaws, or a proposed committee or working group charter or amendment thereto, the835 Management Council (a) rejects it, or (b) fails to approve or reject the proposal, or (c) approves it with changes836 not agreed by the proposer, then, at its next meeting, the Plenary may vote to ratify and finalize the proposal in837 its originally delivered form, without requiring or permitting further action from the Management Council. In order838 to be effective, that Plenary vote must be reached by Consensus, or, failing consensus, by the positive vote of a839 Plenary Supermajority."840 Reason: The largest group of stakeholders ultimately is the voice of the ecosystem. Permitting approved work841 to be sidetracked or delayed without limit by a smaller committee probably is unwise. Antidemocratic. This is842 related to Amendment Z.843 U. Class of amendment: Rule hygiene, openness. Later.844 Place: Line 469. sec. 2.4.1.845 Edit: Add the words "and its committees and working groups" after the phrase "Steering Group".846 Reason: Clarity. Removes ambiguity in the draft on whether this requirement applies to all of the committees847 and groups.848 V. Class of amendment: IMMEDIATE; Rule hygiene.849 Place: Line 521. sec. 3.2.4.850 Edit: Add the phrase: ", except for the initial Steering Group elections", at the end of the last sentence.851 Reason: While Im not sure its advisable, the current election process *is* allowing candidates to double up.852 Its probably better if we amend this rule so that we are not breaking it. Otherwise, reject the amendment, and fix853 the slate.854 W. Class of amendment: Rule hygiene. Later.855 Place: Line 600, sec. 5.3.2.856 Edit: Replace the words "these By-Laws" with "this Section".857 Reason: Removes the ambiguity so that the sentence only suspends the two-meetings-in-a-row rule of this858 Section, for the first few meetings, as opposed to suspending the entire By-Laws.859 X. Class of amendment: IMMEDIATE; Overcentralization.860 Place: Lines 423, 668 and 671. Secs. 2.2.6 (new) and 9.861 Edit: Add new section 2.2.6 as follows:862 "2.2.6. Initial approval of Charter and By-laws. Notwithstanding the foregoing, the Plenary may adopt863 amendments to the Charter and these By-Laws without the ratification or approval of the Management Council864 for the first 180 days after the initial approval of those documents by the Plenary. However, the Management865 Council may make recommendations to the Plenary with respect to any such proposals.",866 and in sec. 9, add the phrase ", and any amendments offered for 180 days afterwards," after the words "initial867 Charter and By-laws"; and add the word "those", after "simple majority vote"; and add the words "voting at a868 quorate meeting" at the end of the first sentence.869 Reason: This should give us some time to work on the documents fine points before its locked down with a870 supermajority. Better than a push to re-write the whole thing right now.
    • 871 Y. Class of amendment: Rule hygiene. Later.872 Place: Lines 606 + 609. sec. 5.3.3.2.873 Edit: Add, after the phrase "seventy-five percent", the phrase "of those voting (a "Recommendation874 Supermajority"), in a quorate meeting or ballot," and add, after the phrase "simple majority", the phrase "of those875 voting, in a quorate meeting or ballot,"876 Reason: Clarity on applying the percentage and imposing a quorum requirement.877 Z. Class of amendment: Overcentralization. Later.878 Place: Lines 664 + 667. sec. 9.879 Edit: Add, replacing the words "super majority votes (75%) of the Participating Member Representatives", the880 new phrase: "[Consensus, or, failing consensus, a Plenary Supermajority (66% of those Participating Members881 voting in that vote, plus one vote)," and add at the end of the last sentence the phrase ", subject to Section882 2.2.5".883 Reason: Bring the defined consensus process back into this clause, and impose a reachable voting884 requirement. The NIST drafts suggestion of an absolute 75% vote of all voting members -- present or not --885 would be a severe obstacle to any later changes, even though a review is expected in 6 months, in connection886 with the interim turnover elections provided under section 11. Antidemocratic. This is related to Amendment T.