Antitrust Laws and Open Collaboration

If you participate in standards development organizations, open source foundations, trade associations, or the like (Organizations), you already know that you’re required to comply with antitrust laws. The risks of noncompliance are not theoretical – violations can result in severe criminal and civil penalties, both for your organization and the individuals involved. The U.S. Department of Justice (DOJ) has in fact opened investigations into several standards organizations in recent years. Maybe you’ve had a training session at your company, or at least are aware that there’s an antitrust policy you’re supposed to read and comply with. But what if you’re a working group chair, or even an executive director, and therefore responsible for actually making sure nothing happens that’s not supposed to? Beyond paying attention, posting or reviewing an antitrust statement at meetings, and perhaps calling your attorney when member discussions drift into grey zones, what do you actually do to keep antitrust risk in check? Well, the good news is that regulators recognize that standards and other collaboration deliverables are good for consumers. The challenge is knowing where the boundaries of appropriate conduct can be found, whether you’re hosting, leading or just participating in activity involving competitors. Once you know the rules, you can forge ahead, expecting to navigate those risks, and knowing the benefits of collaboration can be powerful and procompetitive. We don’t often get glimpses into the specific criteria regulators use to evaluate potential antitrust violations, particularly as applicable to collaborative organizations. But when we do, it can help consortia and other collaborative foundations focus their efforts and take concrete steps to ensure compliance. In July 2019, the DOJ Antitrust Division (Division) provided a new glimpse, in its Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations (Guidance). Although the Guidance is specifically intended to assist Division prosecutors evaluating corporate compliance programs when charging and sentencing, it provides valuable insights for building or improving an Organization’s antitrust compliance program (Program). At a high level, the Guidance suggests that an effective Program will be one that is well designed, is applied earnestly and in good faith by management, and includes adequate procedures to maximize effectiveness through efficiency, leadership, training, education, information and due diligence. This is important because organizations that detect violations and self-report to the Division’s Corporate Leniency program may receive credit (e.g. lower charges or penalties) for having an effective antitrust compliance program in place.

today's howtos

• Install these popular desktop apps and more on your Chromebook with Flatpak

• How to install Sentrifugo HRM on Ubuntu Server 18.04

• How To Set Up An Environment For Data Science On Google Cloud Platform

• Terraforming my blog

• How to Build a Hacking Station with Raspberry Pi and Kali Linux

• How to download files using curl

• Everthing you need to know about tmux – Panes

Events: SUSECON, OpenShift Troubleshooting Workshop and Kubernetes Contributor Summit Amsterdam

• Get Expert Guided Hands-On Experience at the SUSECON 2020 Pre-Conference Workshops

  Are you ready for SUSECON 2020? It’s coming up fast! Join us in Dublin Ireland from March 23 – 27 for a week packed with learning and networking.

• Get Certified During SUSECON 2020

  Working in IT is not for the feint of heart; the work is demanding, and change is constant. Right now, your organization is undoubtedly seeking new ways to extend the value of their investment in IT and get more done faster.

• The OpenShift Troubleshooting Workshop

  The first workshop in our Customer Empathy Workshop series was held October 28, 2019 during the AI/ML (Artificial Intelligence and Machine Learning) OpenShift Commons event in San Francisco. We collaborated with 5 Red Hat OpenShift customers for 2 hours on the topic of troubleshooting. We learned about the challenges faced by operations and development teams in the field and together brainstormed ways to reduce blockers and increase efficiency for users. The open source spirit was very much alive in this workshop. We came together with customers to work as a team so that we can better understand their unique challenges with troubleshooting. Here are some highlights from the experience.

• [Kubernetes] Contributor Summit Amsterdam Schedule Announced

Security: Patches, Bugs, RMS Talk and NG Firewall 15.0

• Security updates for Wednesday

  Security updates have been issued by CentOS (firefox, java-1.7.0-openjdk, ksh, and sudo), Debian (php7.0 and python-django), Fedora (cacti, cacti-spine, mbedtls, and thunderbird), openSUSE (chromium, re2), Oracle (firefox, java-1.7.0-openjdk, and sudo), Red Hat (openjpeg2 and sudo), Scientific Linux (java-1.7.0-openjdk and sudo), SUSE (dbus-1, dpdk, enigmail, fontforge, gcc9, ImageMagick, ipmitool, php72, sudo, and wicked), and Ubuntu (clamav, linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-aws-5.0, linux-azure, linux-gcp, linux-gke-5.0, linux-oracle-5.0, linux-azure, linux-kvm, linux-oracle, linux-raspi2, linux-raspi2-5.3, linux-lts-xenial, linux-aws, and qemu).

• Certificate validity and a y2k20 bug

  One of the standard fields of an SSL certificate is the validity period. This field includes notBefore and notAfter dates which, according to RFC5280 section 4.1.2.5, indicates the interval "during which the CA warrants that it will maintain information about the status of the certificate" This is one of the fields that should be inspected when accepting new or unknown certificates. When creating certificates, there are a number of theories on how long to set that period of validity. A short period reduces risk if a private key is compromised. The certificate expires soon after and can no longer be used. On the other hand, if the keys are well protected, then there is a need to regularly renew those short-lived certificates.

• Free Software is protecting your data – 2014 TEDx Richard Stallman Free Software Windows and the NSA

  Libre booted (BIOS with Linux overwritten) Thinkpad T400s running Trisquel GNU/Linux OS. (src: https://stallman.org/stallman-computing.html) LibreBooting the BIOS? Yes! It is possible to overwrite the BIOS of some Lenovo laptops (why only some?) with a minimal version of Linux.

• NG Firewall 15.0 is here with better protection for SMB assets

  Here comes the release of NG Firewall 15.0 by Untangle with the creators claiming top-notch security for SMB assets. Let’s thoroughly discuss the latest NG Firewall update. With that being said, it only makes sense to first introduce this software to the readers who aren’t familiar with it. As the name ‘NG Firewall’ suggests, it is indeed a firewall but a very powerful one. It is a Debian-based and network gateway designed for small to medium-sized enterprises. If you want to be up-to-date with the latest firewall technology, your best bet would be to opt for this third-generation firewall. Another factor that distinguishes the NG Firewall from other such products in the market is that it combines network device filtering functions and traditional firewall technology.