[License-review] For approval: The Cryptographic Autonomy License (Beta 2)

Josh Berkus josh at berkus.org
Thu Aug 22 22:12:19 UTC 2019


On 8/22/19 2:30 PM, Bruce Perens wrote:
> OK, you are trying to say that the user stupidly trusted their
> geospatial data to you, and you won't give it back, and that's the
> problem the software license should protect the user from.

No, I'm not.

So, let's outline the three parties in this equation.

Let's imagine that OpenStreetMap releases a piece of geodata software
that proves extremely popular and useful to vendors.  There are "OSM" in
this.

Next, let's imagine that there's a vendor ("Vendor") who takes a copy fo
this OSM software and embeds it in their larger software package. It
could be SaaS, it could be on-prem, it could be on a device.

Finally, lets take a researcher ("User") who has been using Vendor's
software.

One day, the User decides that Vendor's software isn't adequate for
their research, and they want to take their data and the original OSM
software, and extend the OSM software in a way to suit their needs.
But, the Vendor has encrypted the User's data, and encased it in legal
protections, in such a way that the User cannot take their data and leave.

As I understand it, the CAL argues that the OSM should have the right to
release its software under a license that says that Vendor isn't allowed
to do that.  If they want to use the OSM's bits, the data has the same
distribution requirements as the source code.

You seem to be arguing that, in this story, the freedom of Vendor is
paramount, and the freedoms of OSM and User are insignificant.  Why
would the rights of the intermediate Vendor trump everyone else?

All of this is also leaving aside the other form of data -- things like
configurations and similar that are required for the software to even
run, which I believe that the CAL is also designed to protect.

-- 
Josh Berkus



More information about the License-review mailing list