<div dir="ltr"><div>Hello Henrik,<br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Apr 26, 2019 at 9:49 AM Henrik Ingo <<a href="mailto:henrik.ingo@avoinelama.fi">henrik.ingo@avoinelama.fi</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
I was not very clear about it, but indirectly I was inviting you to<br>
justify why you think it is *necessary* to use the concept of Public<br>
Performance in CAL. What problem - other than just maximizing the<br>
power of copyright law - does it solve for you that wasn't adequately<br>
solved without it?<br></blockquote><div><br></div><div>There are a couple reasons. First, when dealing with a network copyleft, there aren't a lot of options - only the AGPL. Thus the analysis started with "would the AGPL work" and proceeded from there. In this case, the AGPL was not considered a sufficient vehicle because:</div><div><br></div><div>1. The network aspect of the AGPL only applies to network interaction with a modified version. There are issues with this:<br></div><div> - It doesn't clearly provide attribution or source code for unmodified versions</div><div> - Network interaction is gameable to avoid providing source (Just put a proxy in place - I have seen this happen many times)</div><div> -
In the context of protecting access to User Data, the AGPL's "network
interaction with a modified version" would only be effective in the
cases where the software was modified - a minority of the time.
</div><div>2. The AGPL is ambiguous in its application in a corporate context. For example, if a modified version of an AGPL program is used within a company, and not provided to any outsider, do employees have rights to the code to the modified version? I would argue that they do, and that the employer cannot prevent the spread of trade secret AGPL programs because to do so would be an additional restriction.</div><div><br></div><div>Finally, I personally think that grounding the network interaction in a clearly articulated existing right, already written into copyright law, is superior to defining a new term like "network interaction" that is unique.<br></div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br>
> If you take a look at the exact text, the text is very close to the GPLv3. There was quite a bit of "borrowing" in exactly the way you suggest.<br>
><br></blockquote><div><br></div><div>I am not sure how to respond to your question about the evolution of the GPLv3, maybe Richard can help there. But to be more explicit:</div><div><br></div><div>GPLv3, Section 3:
No covered work shall be deemed part of an effective technological
measure under any applicable law...</div><div><br></div><div>CAL 2.3(a): You may not, by means of cryptographic controls, technological protection measures, or any other method, limit a third party from independently Processing User Data in which they have a Lawful Interest
</div><div><br></div><div>GPLv3, Section 3:
When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work
</div><div><br></div><div>CAL, 2.3(d): You waive any legal power to forbid circumvention of technical protection measures that include use of the Work
</div><div> </div><div>GPLv3, Section 3: You disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.</div><div><br></div><div>CAL: 2.3(e): You waive any claim that the capabilities of the work were limited or modified as a means of enforcing the legal rights of third parties against Recipients
</div></div><div class="gmail_quote"><br></div><div class="gmail_quote">Thanks,<br></div><div class="gmail_quote">Van<br></div></div>