Last updated: 2021-10-27
Thousands of organizations use Loomio products. We are proud to give them a trusted platform to have discussions and make decisions. We also recognize that however good the maker’s intentions, technology can amplify the ability to cause great harm. That’s why we’ve established this policy. We feel an ethical obligation to counter such harm: both in terms of dealing with instances where Loomio is used (and abused) to further such harm, and to state unequivocally that Loomio is not a safe haven for people who wish to commit such harm. If you have an account with any of our products, you can’t use them for any of the restricted purposes listed below. If we find out you are, we will take action.
- Violence, or threats thereof: If an activity qualifies as violent crime in Aotearoa New Zealand or where you live, you may not use Loomio products to plan, perpetrate, or threaten that activity.
- Child exploitation, sexualization, or abuse: We don’t tolerate any activities that create, disseminate, or otherwise cause child abuse.
- Doxing: If you are using Loomio products to share other peoples’ private personal information for the purposes of harassment, we don’t want anything to do with you.
- Malware or spyware: Code for good, not evil. If you are using our products to make or distribute anything that qualifies as malware or spyware — including remote user surveillance — begone.
- Phishing or otherwise attempting fraud: It is not okay to lie about who you are or who you affiliate with to steal from, extort, or otherwise harm others.
- Spamming: No one wants unsolicited commercial emails. We don’t tolerate folks (including their bots) using Loomio products for spamming purposes. If your emails don’t pass muster with CAN-SPAM or any other anti-spam law, it’s not allowed.
- Cybersquatting: We don’t like username extortionists. If you purchase a Loomio product account in someone else’s name and then try to sell that account to them, you are cybersquatting. Cybersquatting accounts are subject to immediate cancelation.
- Infringing on intellectual property: You can’t use Loomio products to make or disseminate work that uses the intellectual property of others beyond the bounds of fair use.
While our use restrictions are comprehensive, they can’t be exhaustive — it’s possible an offense could defy categorization, present for the first time, or illuminate a moral quandary we hadn’t yet considered. That said, we hope the overarching spirit is clear: Loomio is not to be harnessed for harm, whether mental, physical, personal or civic. Different points of view — philosophical, religious, and political — are welcome, but ideologies like white nationalism, or hate-fueled movements anchored by oppression, violence, abuse, extermination, or domination of one group over another, will not be accepted here.
How to report abuse
For cases of suspected malware, spyware, phishing, spamming, and cybersquatting, please alert us at email@example.com.
For all other cases, please let us know by emailing firstname.lastname@example.org. If you’re not 100% sure if something rises to the level of our use restrictions policy, report it anyway.
Please share as much as you are comfortable with about the account, the content or behavior you are reporting, and how you found it. Sending us a URL or screenshots is super helpful. If you need a secure file transfer, let us know and we will send you a link. We will not disclose your identity to anyone associated with the reported account.
Someone on our team will respond to let you know we’ve begun investigating. We will also let you know the outcome of our investigation (unless you ask us not to, or we are not allowed to under law).
How we handle abusive usage
We build our products* to enable groups of people to make better, more inclusive decisions together. We are proud of that purpose and trust that our customers use our products for appropriate endeavors.
Sometimes, though, we discover potential abusive usage. When that happens, we investigate using the following guiding principles and process.
Who’s “we”, you ask? Our internal abuse oversight team includes our Loomio Cooperative members, and representatives from teams across Loomio Limited. On rare occasions for particularly sensitive situations or if legally required, we may also seek counsel from external experts.
We have an obligation to protect the privacy and safety of both our customers and the people reporting issues to us. We do our best to balance those responsibilities throughout the process.
Focus on evidence
We base our decisions on the evidence available to us: what we see and hear account users say and do. We document what we observe and ask whether that observable evidence points to a restricted use.
Every case goes through the same general process:
- Decision, sometimes with right to an appeal
How do we discover potential abuse?
From our experience, we learn about potential abuse because:
- Someone alerts us. We give abuse reports our full care and attention. Our Support team also responds to every question or comment that comes in. If we notice anything in those emails that points to a violation, we will look into it.
- We notice an anomaly in our business operations monitoring. We monitor a range of things about our products, like signup volume and error rates of web requests. If we see something weird with those numbers, we get to the bottom of it.
- We stumble upon public web content that links an individual or organization to a Loomio product. We aren’t scouring the Internet looking for those links, but if we do come across any, we check them out.
This list is not exhaustive; there are always edge cases. We will update the list if we find regular new avenues.
How do we investigate?
We focus on the evidence:
- Language and imagery used by users on the account
- Evidence of account users’ power and/or ability to act on spoken claims
- Publicly available information about account users
We strive to balance privacy and safety for all those involved:
- We make every effort to complete our investigations without accessing a customer account. For instance, if there are screenshots or public documents available, we review those. We also consider whether it is appropriate to involve the account owner in a given investigation and seek additional evidence from them.
- As we review the evidence, we look for indications of existing negative impact. We also assess the severity of any potential negative impact, regardless of intent. When relevant, we look for and follow available guidelines from expert institutions.
- If we cannot come to a fair assessment from the information available, we may decide to access a customer account without notice. We do not make this decision lightly. Customer privacy is a big deal to us and we only pursue this course of action if the evidence we have already is very concerning, but not definitive.
While some violations are flatly obvious, others are subjective, nuanced, and difficult to adjudicate. We give each case adequate time and attention, commensurate with the violation, criticality, and severity of the charge.
What happens if someone really broke the rules?
We will terminate an account without advance notice if there is evidence it is being used for a restricted purpose that has, is, or will cause severe harm. If applicable, we will also report the incident to the appropriate authorities.
For other cases, we’ll take a case-by-case approach to clear things up.
Further, as a small, privately owned independent business that puts our values and conscience ahead of growth at all costs, we reserve the right to deny service to anyone we ultimately feel uncomfortable doing business with.
Can you appeal a decision?
If we terminate an account without notice, the decision is final.
For other cases, we will consider good faith appeals sent to email@example.com by the account owner within 14 calendar days.