Query on a P2P EULA

Seth Johnson seth.johnson at RealMeasures.dyndns.org
Wed Aug 28 19:53:07 UTC 2002

(Forwarded from C-FIT Content Control Outreach discussion

-------- Original Message --------
Subject: Protecting against liabilty for P2P usage
Date: Wed, 28 Aug 2002 23:21:29 +1200 (NZST)
From: David McNab <david at rebirthing.co.nz>
To: C-FIT_Release_Community at RealMeasures.dyndns.org

Hi all,

I'm in need of an informed opinion.

The guts of it is: Can an open source EULA exclude certain
parties and uses?

I'm in the planning stages for an entirely new P2P
architecture. While most of the usage of this P2P net will
be legal, I can't rule out that some may want to use it for
infringing purposes. In order to cover myself against any
legal action resulting from actions beyond my control, I've
thought of a plan which might actually employ the DMCA to my

  * Encrypt the source and binary tarballs
  * Provide a utility which can decrypt the tarballs, given
the correct decryption key
  * Provide another utility which provides the decryption
key, upon the user accepting a 'click-wrap' EULA

Since the tarballs are encrypted, the decryption key and
utility would be 'anti-circumvention devices' as defined by
the DMCA.  The EULA could be modelled on existing
open-source license models, but with some additional
conditions, including:

  * I agree to not disclose the existence of this software,
its design, architecture, implementation or capabilities, to
any company or organisation which acts or has ever acted as
a plaintiff (or assisted any plaintiff) in intellectual
property legal actions; such groups include Recording
Industry Association of America, Motion Pictures Association
of America, Business Software Alliance, Microsoft
Corporation, Adobe Corporation, Macromedia Corporation etc.

  * I agree not to disclose to the above, any details of any
other parties (IP addresses, domain names or other
identifying information) whom I discover are using this

  * I will not distribute this software, in source or binary
form, to any other party, unless it is packaged in this
click-wrap agreement. If I make any modifications to the
software, I agree to enclose with my modified version
(and/or patches), a copy of the original unmodified source
code, and a list of modifications made, and to package all
of these in the click-wrap package with this agreement

  * I, personally, and on behalf of my employer, hereby
grant full indemnity to the developers of this software, the
internet service providers who host this software for
download, and any online service providers which carry
traffic generated by this software, from any liability
resulting from any usage of this software by any party.

  * In the event that I breach any of these conditions, I
accept full and total legal responsibility for any damages
that the developers of this software may incur as a result.

  * I recognise that if I breach any of the above
conditions, then I am acting in breach of copyright. Also,
by using the decryption key contained in this download to
decrypt the software's packaging, I accept full
responsibility for employing an 'anti-circumvention device'
as defined under the Digital Millenium Copyright Act, and
accept full resulting criminal liability under the Act.

My question is - would this scheme have any prospects of
standing up in court? Could this prove effective in
protecting me from personal liability from some people's
usage of the software?"

Cheers David

C-FIT Content Control Outreach Discussion List
List Parent: seth.johnson at RealMeasures.dyndns.org
C-FIT Home:  http://RealMeasures.dyndns.org/C-FIT

To Subscribe/Unsubscribe:
Send "[Un]Subscribe C-FIT_Release_Community" To
Listserv at RealMeasures.dyndns.org

license-discuss archive is at http://crynwr.com/cgi-bin/ezmlm-cgi?3

More information about the License-discuss mailing list