<div dir="ltr"><div>Van,</div><div><br></div><div>Why would a clean-room procedure be necessary? It's Open Source software, and everyone has the right to read it. <br></div><div><br></div><div>Let's make sure I have this straight. You can't write other Open Source software that is compatible with Holochain, under any license but the CAL, because only software under the CAL license has a license to the patents?</div><div><br></div><div> Thanks</div><div><br></div><div> Bruce<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Dec 5, 2019 at 6:07 AM VanL <<a href="mailto:van.lindberg@gmail.com">van.lindberg@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>Hello Bruce,</div><div><br></div><div>You seem to be outlining a classic clean-room reverse engineering procedure and asking if it is possible for someone to use such a procedure.</div><div><br></div><div>- In the case of Holochain itself, certain necessary aspects are patent pending. The CAL itself is the mechanism by which the patent is licensed to users and contributors. Someone who attempted to subvert the user protections would thus be exposing themselves to an infringement lawsuit, as they would have bypassed the method by which they could receive a license. Thus patent law, like copyright, is harnessed to protect the software commons.<br></div><div><br></div><div>- In the general case, I don't dispute that there could be a hypothetical clean room procedure that would allow legal reverse engineering. In practice, I believe the law is muddled and the steps needed to create and execute such a clean room procedure are unclear. Maybe Google v. Oracle will give us more clarity.<br></div><div><br></div><div>Thanks,<br></div><div>Van<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Dec 5, 2019 at 12:23 AM Bruce Perens via License-review <<a href="mailto:license-review@lists.opensource.org" target="_blank">license-review@lists.opensource.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hi Van,<div><br></div><div>I hope you've been well.</div><div><br></div><div>The purpose of the CAL is to protect the Holochain (<a href="https://holochain.org/" target="_blank">https://holochain.org/</a>) from bad actors who would sequester user data. I am exploring whether it could possibly be effective at that, which of course has some implication on its usefulness.</div><div><br></div><div>Is there anything in the terms that would prevent a developer from reading the entire code base, and developing a detailed understanding of how it works?</div><div><br></div><div>Would anything in the terms prevent a developer from documenting how Holochain (or any other licensed code) works, and publicly distributing that document under a different license from the original code? Assume that the document only renders descriptions of the functionality necessary for interoperability.</div><div><br></div><div>Would anything in the terms prevent any developer from taking that document, and implementing an interoperable program under any license, or no license?</div><div><br></div><div>Would the CAL terms prevent such an interoperable program from operating as a Holonet node?</div><div><br></div><div>Does Holonet have any other legal means of preventing such an interoperable program from operating as a Holonet node?</div><div><br></div><div>Can the CAL data terms, and the overall intent to keep user data available to the user on Holonet, thus be circumvented by anyone who takes the trouble to develop an interoperable program?</div><div><br></div><div>And if the answer is no, even if the program is under an OSI-approved license?</div><div><br></div><div> Thanks</div><div><br></div><div> Bruce</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Dec 4, 2019 at 12:31 PM VanL <<a href="mailto:van.lindberg@gmail.com" target="_blank">van.lindberg@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>
Based upon ongoing discussions with the license review committee, I am withdrawing Beta 3 and substituting Beta 4 (here attached).</div><div><br></div><div>The primary change between Beta 3 and Beta 4 is the definition of "User Data."<br></div><div><br></div><div>My understanding of OSI's position is that data requirements, such as are addressed by the CAL, are within scope of what an open source license can reasonably address. However, there was a request by the committee to more tightly define the definition of "User Data" so that it was more closely tied to function and experience of using the software by a user who chooses to self-host.</div><div><br></div><div>In consultation with my client, we have proposed and received positive feedback on the following modified definition of User Data (most significant change bolded):<br></div><div><br></div><div>
“User Data” means any data that is an input to or an output from the Work, <b>where the presence of the data is necessary for substantially identical use of the Work in an equivalent context chosen by the Recipient</b>, and where the Recipient has an existing ownership interest, an existing right to possess, or where the data has been generated by, for, or has been assigned to the Recipient.</div><div><br></div><div>There are also a few cleanups and the following minor but substantive changes:</div><div>- Section 7.4, There is a definition of "prevailing party" for attorney fee awards (" A “prevailing party” is the party that achieves, or avoids, compliance with this License, including through settlement.")<br>- Section 5.3, Enforcing against a terminated licensee does not cause termination for the license-enforcing party ("Administrative review procedures, declaratory judgment actions, counterclaims in response to patent litigation, and enforcement actions against former Licensees terminated under this section do not cause termination due to litigation.")</div><div><br></div><div>All other discussion regarding CAL Betas 2 and 3 should apply. <br></div><div><br></div><div>From the original submission:</div><div><br></div><div>
<div><em>Rationale:</em> The CAL is a new network copyleft license
especially applicable for distributed systems. It is designed to be as
protective as possible of downstream recipients of the software,
providing them all that they need to create and use an independent copy
of a licensed work without losing functionality or data.<em><br></em></div><div><em><br></em></div><div><em>Distinguish:</em>
The CAL is most similar to the AGPL, and will have a similar scope of
action in most cases. However, the CAL has provisions that require that
operators provide recipients of the software with a copy of their user
data, enhancing their ability to independently use the software. The CAL
also allows the creation of mixed "Larger Works," provides for
affiliate use, and does not specify a mechanism by which notice is given
to recipients.<br></div><div><br></div><div><i>Legal Analysis</i>: The CAL was drafted by legal counsel. Previous discussions have outlined many aspects of the legal analysis.</div><div><br></div><div>A copy the the license in Markdown format is attached. For those who would prefer it, a Google Docs version of the license is viewable here: <a href="https://docs.google.com/document/d/1-eD9EH6i3wdSXgG4XJbF-a0cSSknOERjYzlVonOwAQ0/edit?usp=sharing" target="_blank">https://docs.google.com/document/d/1-eD9EH6i3wdSXgG4XJbF-a0cSSknOERjYzlVonOwAQ0/edit?usp=sharing</a> <br></div>
</div><div><br></div></div>
_______________________________________________<br>
License-review mailing list<br>
<a href="mailto:License-review@lists.opensource.org" target="_blank">License-review@lists.opensource.org</a><br>
<a href="http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org" rel="noreferrer" target="_blank">http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org</a><br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr"><div dir="ltr"><div><div dir="ltr">Bruce Perens - Partner, <a href="http://OSS.Capital" target="_blank">OSS.Capital</a>.</div></div></div></div>
_______________________________________________<br>
License-review mailing list<br>
<a href="mailto:License-review@lists.opensource.org" target="_blank">License-review@lists.opensource.org</a><br>
<a href="http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org" rel="noreferrer" target="_blank">http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org</a><br>
</blockquote></div>
_______________________________________________<br>
License-review mailing list<br>
<a href="mailto:License-review@lists.opensource.org" target="_blank">License-review@lists.opensource.org</a><br>
<a href="http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org" rel="noreferrer" target="_blank">http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org</a><br>
</blockquote></div><br clear="all"><br>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr">Bruce Perens - Partner, <a href="http://OSS.Capital" target="_blank">OSS.Capital</a>.</div></div></div></div>