<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Anand,</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">that's a very good suggestion, in my
humble opinion. The implementation of that suggestion looks quite
hard (details are important here), but anything along the lines of
providing more information in the space where today we have proper
attribution and reasonable copyright notice is less likely to be
at odds with the OSD rules and principles, yes. I am currently
working on where one can push the limit WRT AGPLv3, and there you
can find guidance, methinks.</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Carlo</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">On 06/02/19 15:30, Anand Chowdhary
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:541a6e9f-a026-4ed3-a18e-f6f28ec6751d@Spark">
<meta http-equiv="content-type" content="text/html;
charset=windows-1252">
<title></title>
<div name="messageBodySection" style="font-size: 14px;
font-family: -apple-system, BlinkMacSystemFont, sans-serif;">Hi
Lukas,
<div><br>
</div>
<div>Thank you for your thorough evaluation. I agree with you,
especially how a better license can be created with
transparency requirements. I will definitely think about this
some more.</div>
<div><br>
</div>
<div>Carlo, I would like you thank you once again for your
in-depth explanation. Do you think your perspective changes
with a transparency requirement, since there is not laws
mandated?</div>
</div>
<div name="messageSignatureSection"><br>
<div class="matchFont">Best,
<div style="font-size: 14px; font-family: -apple-system,
BlinkMacSystemFont, sans-serif;"><br style="font-size: 14px;
font-family: -apple-system, BlinkMacSystemFont,
sans-serif;">
</div>
<div style="font-size: 14px; font-family: -apple-system,
BlinkMacSystemFont, sans-serif;">Anand Chowdhary
<div style="font-size: 14px; font-family: -apple-system,
BlinkMacSystemFont, sans-serif;">Chief Executive Officer</div>
<div style="font-size: 14px; font-family: -apple-system,
BlinkMacSystemFont, sans-serif;"><a
href="https://oswaldlabs.com" style="font-size: 14px;
font-family: -apple-system, BlinkMacSystemFont,
sans-serif;" moz-do-not-send="true">Oswald Labs</a></div>
<div style="font-size: 14px; font-family: -apple-system,
BlinkMacSystemFont, sans-serif;"><br style="font-size:
14px; font-family: -apple-system, BlinkMacSystemFont,
sans-serif;">
</div>
<div style="font-size: 14px; opacity: 0.8; font-family:
-apple-system, BlinkMacSystemFont, sans-serif;">
<div style="font-size: 14px; font-family: -apple-system,
BlinkMacSystemFont, sans-serif;">NL +31 644691056</div>
<div style="font-size: 14px; font-family: -apple-system,
BlinkMacSystemFont, sans-serif;">IN +91 9555297989</div>
<div style="font-size: 14px; font-family: -apple-system,
BlinkMacSystemFont, sans-serif;"><a
href="http://mailto:ceo@oswaldlabs.com"
style="font-size: 14px; font-family: -apple-system,
BlinkMacSystemFont, sans-serif;"
moz-do-not-send="true">ceo@oswaldlabs.com</a></div>
</div>
</div>
</div>
</div>
<div name="messageReplySection" style="font-size: 14px;
font-family: -apple-system, BlinkMacSystemFont, sans-serif;">On
6 Feb 2019, 15:11 +0100, Lukas Atkinson
<a class="moz-txt-link-rfc2396E" href="mailto:opensource@lukasatkinson.de"><opensource@lukasatkinson.de></a>, wrote:<br>
<blockquote type="cite" style="margin: 5px 5px; padding-left:
10px; border-left: thin solid #1abc9c;">While any open source
license expresses certain values, I do not think<br>
licenses are a good vehicle of ethics. To fulfil the goal of
Twente,<br>
the next best available Open Source license would likely be a
network<br>
copyleft like the AGPL: that way, end users can at least
inspect the<br>
software they are using.<br>
<br>
Here, a problem is that the Twente License aims to regulate
*use* of<br>
the software, not just the copying and modification of the
software.<br>
I.e. it regulates something that is out of scope for
copyright, and<br>
takes away rights that users would otherwise have. (Similar
problems<br>
have been discussed regarding the SSPL). This is definitively
an<br>
OSD-incompatible restriction in jurisdictions where these
privacy<br>
rules wouldn't be mandatory anyway.<br>
<br>
I'd like to point out that even the EU is such a jurisdiction,
as the<br>
Twente License has a weird intersection with the GDPR: Twente
covers a<br>
more narrow area, but in that area is more restrictive.<br>
- Twente covers only collecting PII from users and releasing
that data<br>
to third parties. GDPR covers any processing of any personal
data, and<br>
has a clear concept of Data Processors that are not third
parties.<br>
- Twente only recognizes consent as the basis for collection
&<br>
release. GDPR also recognizes legitimate interest, necessity
for<br>
fulfilment of a contract, and legal obligations (like a
warrant, or<br>
maintaining accounting records).<br>
- Twente does not define critical terms such as user, PII,
collect,<br>
consent, release, third party.<br>
<br>
In a literal reading of the Twente license, the privacy
paragraph<br>
could be circumvented by running the Twente-covered software
as a<br>
separate service so that it neither collects nor releases any
data<br>
directly. If Twente's restrictions do not apply to the
*software* but<br>
to the *operator* of the software, this makes it so much
clearer that<br>
this is indeed an OSD #6 violation.<br>
<br>
I am also not sure whether Twente-covered software could
realistically<br>
be used e.g. for e-commerce solutions due to the high bar that<br>
“unambiguous prior consent” represents, for example when
sharing<br>
necessary data with a payment processor or logistics provider.<br>
<br>
I think it might be possible to construct a better license by
dropping<br>
any usage restrictions and substituting transparency
requirements.<br>
E.g. when the software is conveyed in non-source form or
publicly<br>
performed so that others can interact with the software, then
the<br>
software must provide (a) proper attribution like under the
normal MIT<br>
license; and (b) a statement on who acts as a Data Controller
in the<br>
sense of the GDPR. Unfortunately, that would make it very
difficult to<br>
distribute binaries without taking on responsibilities as a<br>
Controller.<br>
<br>
_______________________________________________<br>
License-review mailing list<br>
<a class="moz-txt-link-abbreviated" href="mailto:License-review@lists.opensource.org">License-review@lists.opensource.org</a><br>
<a class="moz-txt-link-freetext" href="http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org">http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org</a><br>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
License-review mailing list
<a class="moz-txt-link-abbreviated" href="mailto:License-review@lists.opensource.org">License-review@lists.opensource.org</a>
<a class="moz-txt-link-freetext" href="http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org">http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org</a>
</pre>
</blockquote>
<p><br>
</p>
</body>
</html>