Members name (first and last) should not be allowed to be changed

[dpslwk]

Once approved by the membership team users should not be able to change there name
We need to keep correct full legal names on record.
Unfortunately currently members can change there name as they see fit.

[geeksareforlife]

There needs to be a mechanism for them to change it though, people's names
do change!
On 27 May 2015 20:56, "dps.lwk" [email protected] wrote:

Once approved by the membership team users should not be able to change
there name
We need to keep correct full legal names on record.
Unfortunately currently members can change there name as they see fit.

—
Reply to this email directly or view it on GitHub
#90.

[Pyroka]

This is a feature! Or at least was when it was implemented. Since we don't require proof of I'd at sign up (we might do these days?) We had no proof that was their legal name anyway

[geeksareforlife]

That man has a very good point!
On 27 May 2015 21:09, "Pyroka" [email protected] wrote:

This is a feature! Or at least was when it was implemented. Since we don't
require proof of I'd at sign up (we might do these days?) We had no proof
that was their legal name anyway

—
Reply to this email directly or view it on GitHub
#90 (comment).

[dpslwk]

We do and always have required full names for the membership roll, and HMS is our system for that.

‘RepRap’ Matt

On 27 May 2015, at 21:09, Pyroka [email protected] wrote:

This is a feature! Or at least was when it was implemented. Since we don't require proof of I'd at sign up (we might do these days?) We had no proof that was their legal name anyway

—
Reply to this email directly or view it on GitHub #90 (comment).

[geeksareforlife]

We may legally require them, but we don't do any checks.

Maybe we should be talking about implementing checks first, then when we've
decided how to do that we "fix" hms
On 27 May 2015 21:11, "dps.lwk" [email protected] wrote:

We do and always have required full names for the membership roll, and HMS
is our system for that.

‘RepRap’ Matt

On 27 May 2015, at 21:09, Pyroka [email protected] wrote:

This is a feature! Or at least was when it was implemented. Since we
don't require proof of I'd at sign up (we might do these days?) We had no
proof that was their legal name anyway

—
Reply to this email directly or view it on GitHub <
https://github.com/NottingHack/hms/issues/90#issuecomment-106058027>.

—
Reply to this email directly or view it on GitHub
#90 (comment).

[Pyroka]

That's kinda my point, legally they are require but we've never done that. We don't know if any current members are not signed up with their real name, any attempt to require users to prove their identity would likely be far too much work to actually implement (who is going to take care of chasing down that many people?) and probably scare off some of the membership.

Not allowing members to change their name kinda seem like it's just hiding this

[dpslwk]

We do have a human check that they at least look sensible when the membership team approves the members details in the first place.
Maybe that checking needs better documentation and a reminder for the membership team that it’s something they should be doing as part of the process

‘RepRap’ Matt

On 27 May 2015, at 21:14, James Hayward [email protected] wrote:

We may legally require them, but we don't do any checks.

Maybe we should be talking about implementing checks first, then when we've
decided how to do that we "fix" hms
On 27 May 2015 21:11, "dps.lwk" [email protected] wrote:

We do and always have required full names for the membership roll, and HMS
is our system for that.

‘RepRap’ Matt

On 27 May 2015, at 21:09, Pyroka [email protected] wrote:

This is a feature! Or at least was when it was implemented. Since we
don't require proof of I'd at sign up (we might do these days?) We had no
proof that was their legal name anyway

—
Reply to this email directly or view it on GitHub <
https://github.com/NottingHack/hms/issues/90#issuecomment-106058027>.

—
Reply to this email directly or view it on GitHub
#90 (comment).

—
Reply to this email directly or view it on GitHub #90 (comment).

[Pyroka]

I've always been kinda curious as to what the wording of this law/thing is. Like, is it a case of us saying 'to the best of our knowledge, these are our members real names'? Or do we actually have to prove it?

If it's the latter I don't see us ever doing that, since that would presumably require us keeping some sort of proof of ID (which we'd have to keep in accordance with the Data Protection act) and then have some process where a member updates their id? (And let's face it, most people are not going to remember the hackspace when it comes to the mass things you need to do to change your name).

So assuming it's the former, that we just have to have shown good faith in this, can we not just stick a think on the sign-up which is like 'by clicking join you confirm that the above is your real name blah blah blah'?

[dpslwk]

http://www.legislation.gov.uk/ukpga/2006/46/part/8/chapter/2
Companies act 2006 section 113.2.a

Now it's does not state how much checking we need to enforce on the name and date.
Pre HMS we kept all this on a spread sheet by hand, so a basic sanity check was include by default of common sense of the trustee entering that information in the register.

My understanding for HMS was that this sanity check was now delegated to the membership team as part of the approve details step where they also check the address.
I'm in no way suggest we try and introduce hard checks against government ID.
But as per CA 2006 we need a name on record and having a member change there name in the system to "Mouse" (sorry for picking on you Mouse) is not something I think we can allow
HMS does not track changes to records so we have no way of looking at what name was originally accepted.

I accept there are legal changes to a name that we do need to allow for (marriage/divorce)

So maybe we need change to name (and possible address) to go form approval via the membership team or trustees, but I defiantly think free edit needs to be ruled out.

Yes we should update the signup pages to indicate the there are legal requirements behind us asking for certain bits of information.

Now Mouse did give me a reason tonight for why he change his name. He didn't want his name given out on something publicly visible. To which I replied that HMS is not, but he pointed out to me that the tools calendar uses the members full name. As the calendar is back by a public google calendar I can see his concern. But for me that is something to be fixed in the tools side by changing it to correctly use the username field (as is used on IRC and was used on Twitter)
I'll start another issue for that topic though

'RepRap' Matt

On 27 May 2015, at 21:40, Pyroka [email protected] wrote:

I've always been kinda curious as to what the wording of this law/thing is. Like, is it a case of us saying 'to the best of our knowledge, these are our members real names'? Or do we actually have to prove it?

If it's the latter I don't see us ever doing that, since that would presumably require us keeping some sort of proof of ID (which we'd have to keep in accordance with the Data Protection act) and then have some process where a member updates their id? (And let's face it, most people are not going to remember the hackspace when it comes to the mass things you need to do to change your name).

So assuming it's the former, that we just have to have shown good faith in this, can we not just stick a think on the sign-up which is like 'by clicking join you confirm that the above is your real name blah blah blah'?

—
Reply to this email directly or view it on GitHub.

[geeksareforlife]

I agree with all that, apart from that check was never communicated to the
membership team.

That means we will need to do an audit after changing this
On 28 May 2015 00:58, "dps.lwk" [email protected] wrote:

http://www.legislation.gov.uk/ukpga/2006/46/part/8/chapter/2
Companies act 2006 section 113.2.a

Now it's does not state how much checking we need to enforce on the name
and date.
Pre HMS we kept all this on a spread sheet by hand, so a basic sanity
check was include by default of common sense of the trustee entering that
information in the register.

My understanding for HMS was that this sanity check was now delegated to
the membership team as part of the approve details step where they also
check the address.
I'm in no way suggest we try and introduce hard checks against government
ID.
But as per CA 2006 we need a name on record and having a member change
there name in the system to "Mouse" (sorry for picking on you Mouse) is not
something I think we can allow
HMS does not track changes to records so we have no way of looking at what
name was originally accepted.

I accept there are legal changes to a name that we do need to allow for
(marriage/divorce)

So maybe we need change to name (and possible address) to go form approval
via the membership team or trustees, but I defiantly think free edit needs
to be ruled out.

Yes we should update the signup pages to indicate the there are legal
requirements behind us asking for certain bits of information.

Now Mouse did give me a reason tonight for why he change his name. He
didn't want his name given out on something publicly visible. To which I
replied that HMS is not, but he pointed out to me that the tools calendar
uses the members full name. As the calendar is back by a public google
calendar I can see his concern. But for me that is something to be fixed in
the tools side by changing it to correctly use the username field (as is
used on IRC and was used on Twitter)
I'll start another issue for that topic though

'RepRap' Matt

On 27 May 2015, at 21:40, Pyroka [email protected] wrote:

I've always been kinda curious as to what the wording of this law/thing
is. Like, is it a case of us saying 'to the best of our knowledge, these
are our members real names'? Or do we actually have to prove it?

If it's the latter I don't see us ever doing that, since that would
presumably require us keeping some sort of proof of ID (which we'd have to
keep in accordance with the Data Protection act) and then have some process
where a member updates their id? (And let's face it, most people are not
going to remember the hackspace when it comes to the mass things you need
to do to change your name).

So assuming it's the former, that we just have to have shown good faith
in this, can we not just stick a think on the sign-up which is like 'by
clicking join you confirm that the above is your real name blah blah blah'?

—
Reply to this email directly or view it on GitHub.

—
Reply to this email directly or view it on GitHub
#90 (comment).

[Pyroka]

I think mouse actually joined pre HMS? He must have joined prior to the splitting of the first/last name fields (since both are now mandatory) so it's not like the old system guaranteed real names

[dpslwk]

Mouse does also have something in the last name field, is some unicode chars that look like a rat/mouse.

'RepRap' Matt

On 28 May 2015, at 07:52, Pyroka [email protected] wrote:

I think mouse actually joined pre HMS? He must have joined prior to the splitting of the first/last name fields (since both are now mandatory) so it's not like the old system guaranteed real names

—
Reply to this email directly or view it on GitHub.

[jamesfowkes]

This is an interesting read about the subject:
http://www.kalzumeus.com/2010/06/17/falsehoods-programmers-believe-about-names/

Names are hard, man.

On Thu, May 28, 2015 at 7:52 AM, Pyroka [email protected] wrote:

I think mouse actually joined pre HMS? He must have joined prior to the
splitting of the first/last name fields (since both are now mandatory) so
it's not like the old system guaranteed real names

—
Reply to this email directly or view it on GitHub
#90 (comment).