[License-review] For Approval: Convertible Free Software License, Version 1.1 (C-FSL v1.1)

Bruce Perens bruce at perens.com
Thu Sep 27 23:45:08 UTC 2018


>
>
> >> This seems to fall afoul of lots of privacy law and possibly GDPR
>

I don't know much about GDPR yet, but this is yet another reason that we
use contributor license agreements. Nobody's going to rule that you can't
require the identity of a party to an agreement.

Elmar wrote:

>    Nobody is forced to contribute. If a contributor has read the license
> he can then decide thereupon whether he wants to contribute or not.


It is an unfortunate fact that most of the developers do not have access to
legal counsel, and are poorly equipped to parse the license on their own.
So "caveat emptor" isn't a really good argument here. OSI should not
approve a license with language that works as a trap for the unwary
developer.


> This statement is crucial for maintaining the quality of the
> software. If someone has contributed various times introducing blatant
> security risks future contributions of that author may f.i. need to be
> examined in detail.
>

This is why projects like Debian establish a cryptographic web of trust for
their developers. No check-in goes unidentified, and if something malicious
is done, it can be traced (and the law enforced, if necessary). If you
really want to enforce this sort of security, you should do it as part of
your operational process, not in your license.

And finally, the entire purpose of a license is for a judge to parse it
correctly in court and thus decide whether a party has complied with its
terms (and thus avoided infringing copyright) or not. "you need to leave
your name" is not the sort of legal language that we could ever count on a
judge parsing correctly.

Another license, the original Artistic License written by a non-attorney
got to court and the lower court parsed it in a completely unintended
fashion, costing an Open Source developer some money and years of pain, and
requiring various lawyers and I to spend a lot of time helping the appeals
court get it straight. So, OSI should not accept licenses written by
non-attorneys any longer.

    Thanks

    Bruce
-- 
Bruce Perens K6BP - CEO, Legal Engineering
Standards committee chair, license review committee member, co-founder,
Open Source Initiative
President, Open Research Institute; Board Member, Fashion Freedom
Initiative.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-review_lists.opensource.org/attachments/20180927/08c1143b/attachment.html>


More information about the License-review mailing list