<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Ok, thanks for the clarification.</p>
<p><br>
</p>
<p>Pam</p>
<p><br>
</p>
<div class="moz-signature">Pamela S. Chestek<br>
Chestek Legal<br>
4641 Post St.<br>
Unit 4316<br>
El Dorado Hills, CA 95762<br>
+1 919-800-8033<br>
pamela@chesteklegal<br>
<a class="moz-txt-link-abbreviated" href="http://www.chesteklegal.com">www.chesteklegal.com</a><br>
<br>
<br>
</div>
<div class="moz-cite-prefix">On 9/19/2025 11:56 AM, Barksdale,
Marvin wrote:<br>
</div>
<blockquote type="cite"
cite="mid:DM6PR04MB6558193E0F950444E296D934CE11A@DM6PR04MB6558.namprd04.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style type="text/css" style="display:none;">P {margin-top:0;margin-bottom:0;}</style>
<div style="font-family: Aptos, Aptos_EmbeddedFont,
Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size:
11pt; color: rgb(0, 0, 0);" class="elementToProof">
Pam: </div>
<p style="text-align: left; text-indent: 0px; background-color:
rgb(255, 255, 255); margin: 0in;" class="elementToProof">
<span style="font-family: Aptos, Aptos_EmbeddedFont,
Aptos_MSFontService, Calibri, Helvetica, sans-serif;
font-size: 11pt; color: rgb(0, 0, 0);">Thanks for the mark-up
version. By way of our previous submissions, MGB has been
explicit in the fact that it
</span><span style="font-family: Aptos, sans-serif; font-size:
11pt; color: rgb(36, 36, 36);"> "looks forward to putting the
full weight of its internal and external resources behind its
Open Science Program Office, the MGB Open Science Digital Hub,
and an OSI approved open-source License. "</span></p>
<p style="text-align: left; text-indent: 0px; background-color:
rgb(255, 255, 255); margin: 0in;" class="elementToProof">
<span style="font-family: Aptos, sans-serif; font-size: 11pt;
color: rgb(36, 36, 36);">We hope that it is clear that we
remain consistent in viewing the OSI as a welcome partner in
this work in supporting our researchers and innovators open
source activities. Although we have consulted with several of
our must influential labs and researchers in the open source
community on MGB 1.0's iterations and received
cross-functional institutional approval to implement the
latest version, our approach remains to ideally gain OSI
approval before announcing the license as default to our
workforce that currently spans over 300 individual repository
owners on Github. </span></p>
<p style="text-align: left; text-indent: 0px; background-color:
rgb(255, 255, 255); margin: 0in;" class="elementToProof">
<span style="font-family: Aptos, sans-serif; font-size: 11pt;
color: rgb(36, 36, 36);"><br>
</span></p>
<p style="text-align: left; text-indent: 0px; background-color:
rgb(255, 255, 255); margin: 0in;" class="elementToProof">
<span style="font-family: Aptos, sans-serif; font-size: 11pt;
color: rgb(36, 36, 36);">As the license has not yet gone in
production or been announced by our OSPO, we are not creating
another license; simply modifying our latest submission to the
OSI, as it has now been approved by the institution. </span></p>
<div style="font-family: Aptos, Aptos_EmbeddedFont,
Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size:
11pt; color: rgb(0, 0, 0);" class="elementToProof">
<br>
</div>
<div class="elementToProof" id="Signature">
<p style="margin-top: 1em; margin-bottom: 1em;"
class="elementToProof"><span style="font-family: "Calibri
Light", sans-serif; color: rgb(0, 156, 166);"><b>__________________</b></span></p>
<p style="margin-top: 1em; margin-bottom: 1em;"
class="elementToProof"><span style="font-family: "Calibri
Light", sans-serif; font-size: 16pt; color: black;">Marvin
Barksdale, JD</span></p>
<p style="margin-top: 1em; margin-bottom: 1em;"
class="elementToProof"> </p>
</div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt"
face="Calibri, sans-serif" color="#000000"><b>From:</b> Pamela
Chestek <a class="moz-txt-link-rfc2396E" href="mailto:pamela@chesteklegal.com"><pamela@chesteklegal.com></a><br>
<b>Sent:</b> Friday, September 19, 2025 1:56 PM<br>
<b>To:</b> License submissions for OSI review
<a class="moz-txt-link-rfc2396E" href="mailto:license-review@lists.opensource.org"><license-review@lists.opensource.org></a><br>
<b>Cc:</b> Barksdale, Marvin <a class="moz-txt-link-rfc2396E" href="mailto:mbarksdale@mgb.org"><mbarksdale@mgb.org></a><br>
<b>Subject:</b> Re: [License-review] Request for approval of
new "MGB 1.0" license</font>
<div> </div>
</div>
<div>
<p><span style="padding:3px 10px; border-radius:5px;
color:#ffffff; font-weight:bold; display:inline-block;
background-color:#ff0000"> External Email - Use
Caution </span></p>
To the list:<br>
<br>
For easier reference, I'm attached a copy marked up with what
has changed from the Apache license. The definitions were
re-ordered in this license, so a mechanical comparison didn't
work, meaning there may be errors in my manual markup.<br>
<br>
Strikethrough is what in the Apache license was removed and the
highlighting is for the strickethroughs and newly added
language.<br>
<br>
To Marvin:<br>
<br>
I am confused by the naming. You previously submitted "MGB 1.0,"
which, if I recall correctly, you said was already in use. Are
you creating a second "MGB 1.0" license with different text?
That's not workable, you'll need to have different names to
distinguish the two licenses.<br>
<br>
Pam (in my personal capacity)<br>
<br>
<div class="x_moz-signature">Pamela S. Chestek<br>
Chestek Legal<br>
4641 Post St.<br>
Unit 4316<br>
El Dorado Hills, CA 95762<br>
+1 919-800-8033<br>
<a class="x_moz-txt-link-abbreviated moz-txt-link-freetext"
href="mailto:pamela@chesteklegal.com" moz-do-not-send="true">pamela@chesteklegal.com</a><br>
<a class="x_moz-txt-link-abbreviated"
href="http://secure-web.cisco.com/1clJXsJA3txq3qKrshpwCCn9f_PyQ8wfhhGi-55LIC3_FQjcCa1REvvrPw5ImUgAC6_9yHJ5uWKre7tqcBNMMtIc5Fdc3W1zL9WQEqI0LPFjgn0MIG4KvovpkzmjTwot2T34uhw7BD5MPbrcI4PL4BCbLvfyGTmRgN9swDmSumghPtjkatWISp1Z8kXXKzkkE4AyyO-MutN0AHd0qtQJyeaOcfRH5YZplmyiZSxrrfimOsNd7pDgnyHhX_c4Cwe_hbC0ymPslM92BXYQLkowHC33nl6JVy1w1Cu94lK_OUZhK5GHNgwvZ4XthOC6tjqsl/http%3A%2F%2Fwww.chesteklegal.com"
moz-do-not-send="true">www.chesteklegal.com</a><br>
<br>
</div>
<div class="x_moz-cite-prefix">On 9/19/2025 9:03 AM, Barksdale,
Marvin via License-review wrote:<br>
</div>
<blockquote type="cite">
<style type="text/css" style="display:none">p
{margin-top:0;
margin-bottom:0}</style>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
I Marvin Barksdale JD, the license steward and license
submitter, attests that this new \u201cMGB 1.0\u201d license complies
with the Open Source Definition, including:</div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
OSD 3 \u2013 The license must allow modifications and derived
works and must allow them to be distributed under the same
terms as the license of the original software.</div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
OSD 5 \u2013 The license must not discriminate against any person
or group of persons.</div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
OSD 6 \u2013 The license must not restrict anyone from making use
of the program in a specific field of endeavor.</div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
and OSD 9 \u2013 The license must not place restrictions on other
software that is distributed along with the licensed
software. For example, the license must not insist that all
other programs distributed on the same medium must be open
source software.</div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
License Rationale</div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
The MGB Open Source License 1.0 (\u201cMGB 1.0\u201d) is a permissive
open source license that was created to catalyze open source
distribution and open science among the health care
innovator and research development community, particularly
those employed at Academic Medical Centers (AMCs) receiving
federal grant funding, such as Mass General Brigham
Incorporated (MGB). AMCs are collectively organized
hospitals and laboratories that are integrated with a
medical school, featuring a federally regulated mission to
provide patient care, train healthcare professionals, and
conduct innovative research. In recent years these complex
organizations have evolved to perform several ancillary
commercial functions including IP co-development,
administration, and out-licensing, all of which aimed to
support their central mission of the advancement of
medicine. Aligned with this central mission is the
proliferation of open science activity at AMCs, in that many
of their researchers and developers have shifted to open
collaborative approaches where research data, methodologies,
source code and findings are shared at no cost to spur
innovation. But, despite the alignment with system goals,
AMCs have been slow to adopt open source best practices.
At Mass General Brigham, for example, despite receiving over
$77M in NIH funding over the past 10 years to support 200+
software research projects in yielding fruitful open source
communities and innovations, instead there is a large silo
of health care researchers, clinicians, and developers who
operate in the grey areas of open source, NIH, Open Access
Journal, and MGB compliance.</div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
The goal of MGB 1.0 is to provide developers who are
building innovative technology within highly regulated
health care environments with a permissive open source
license that incorporates the best practices of digital
health licensing, enabling compliant open source
collaboration both across and external to AMCs.</div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
Beyond addressing the open data, open source, and open
access approaches of digital health researchers and software
developers, MGB 1.0 also looks to support the rise of open
AI model development that often utilizes sensitive health
data for training purposes. Thus, although MGB 1.0 uses a
similar licensing approach as Apache 2.0, it expands its
applicability to AI models and other shared works and
derivatives spanning \u201cmodel architecture, code, data
descriptions, data, and the model weights.\u201d This expanded
scope is important because there are few open source
licenses in current use that are suitable for releasing AI
models and their related artifacts.</div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
Through internal cross-functional approval MGB 1.0 is now
the default open source license for emerging MGB research
and innovations involving open science, and for over 500
active GitHub repositories authored and / or controlled by
MGB clinicians, researchers, labs, and developers. The MGB
Open Science Program Office manages the MGB IP Policy
pertaining to open source licensing and drives compliance
through the promotion of open science best practices.</div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
Legal Analysis</div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
Although MGB 1.0 uses a pro-commercialization,
pro-modification, highly compatible licensing scheme similar
to Apache 2.0, it is critically different in three ways:
clarified patent terms, coverage of AI artifacts, and
clarified interaction with data regulation. Licensors of
open source software have long struggled with the
ambiguities of the patent license grant in Apache 2.0. In
this license each Contributor grants a no-charge patent
license to the Work, applying to \u201cpatent claims that are
necessarily infringed by their Contribution(s) or by the
combination of their Contribution to the Work.\u201d As
evidenced by the AFL, and later, the GNU v3 licenses, all
approved by OSI, there has been a shift in OSI license
patent grants to language that \u201capplies only to specific set
of patent claims\u2026that are embodied in the in the Original
Work as furnished by the Licensor. [They are] not license[s]
to the Licensor\u2019s entire patent portfolio.\u201c [Lawrence Rosen
\u201cOpen Source Licensing \u2013 Software Freedom and Intellectual
Property Law\u201d p 189].</div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
As Apache 2.0\u2019s patent grant features a broad patent grant
application extending to those claims infringed by the
combination of the original Work and a Contribution, MGB
1.0 builds on Rosen\u2019s focused approach: \u201cclaims embodied by
the original work,\u201d to explicitly apply to patent claims
claiming inventions embodied in contribution. The license
also leverages clarifying patent language from Section 2.3
of the Mozilla Public License version 2.0 also approved by
OSI. </div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
MGB 1.0 was co drafted by myself, Marvin Barksdale JD,
Preston Regehr Esq. of Tech Law Ventures PLLC, and Heather
Meeker Esq. of Tech Law Partners LLP before being reviewed
and approved for system use by Mass General Brigham\u2019s Office
of General Counsel\u2019s IP Group. </div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
Summary</div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
MGB 1.0 provides express licensing provisions that are best
practice in digital health, while explicitly preserving
opportunities for commercial activity by licensors who are
patent portfolio holders and innovators. To these ends,
MGB 1.0 utilizes a clearer approach than the MIT, BSD and
Apache 2.0 licenses. Furthermore, MGB 1.0, explicitly
contemplates the inclusion of AI model artifacts in the
licensed work. Beyond the clarified patent grant, MGB 1.0
also adds HIPAA acknowledgement language that will provide
AMC\u2019s and other open source innovators sharing models
trained on health data comfort that they can release
materials under this license and still comply with law in a
heavily regulated field. MGB 1.0 provides developers who are
building innovative software within highly regulated health
care environments with a permissive open source license that
incorporates the best practices of digital health licensing,
catalyzing compliant open source collaboration.</div>
<div class="x_elementToProof" style="line-height:1.38;
margin:0in 0in 8pt;
font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
</div>
<div class="x_elementToProof"
style="font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
<br>
</div>
<div class="x_elementToProof" id="x_Signature">
<div class="x_elementToProof"
style="font-family:Aptos,Aptos_EmbeddedFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif;
font-size:11pt; color:rgb(0,0,0)">
<br>
</div>
<p class="x_elementToProof" style="margin:0in;
font-family:Calibri,sans-serif; font-size:11pt">
<span style="font-family:"Calibri
Light",sans-serif; font-size:14.6667px;
color:rgb(0,0,0)"><br>
</span></p>
<p class="x_elementToProof" style="margin:0in;
font-family:Calibri,sans-serif; font-size:11pt">
</p>
</div>
<p class="x_MsoNormal">The information in this e-mail is
intended only for the person to whom it is addressed. If
you believe this e-mail was sent to you in error and the
e-mail contains patient information, please contact the Mass
General Brigham Compliance HelpLine at <a
href="https://secure-web.cisco.com/12nLMa0ntuAGIOEuIBXpNjxHJFmn-9q_t3vS2rm1yX25BXFS3mFAnpXqPDdsdVkS0gSZcTKOi4wmeT9LQjmMLntDB96ds3lp-TZparu-8wUdMfW7Htxn_9NyElPYCiJ00DQ_XXu6X9iDihbHeZhM8d3NW0AZejzA7TLCw6vdpfcBrosuAiqf5rT1rvFFIQsLeYz46V4AdYL7Pxcgz04lqNOgJ4hSrkTWoyE_YtfvOIpPTWkkjkbo4hXTkDIgLLCgLnNnuQpcUw2qokgEmZzmGYsgYpLR896OqRyhVkH6xmznPFK4ho13tRrcQAZOIvT-d/https%3A%2F%2Fwww.massgeneralbrigham.org%2Fcomplianceline"
class="x_moz-txt-link-freetext" moz-do-not-send="true">
https://www.massgeneralbrigham.org/complianceline</a> .</p>
<br>
<p class="x_MsoNormal">Please note that this e-mail is not
secure (encrypted). If you do not wish to continue
communication over unencrypted e-mail, please notify the
sender of this message immediately. Continuing to send or
respond to e-mail after receiving this message means you
understand and accept this risk and wish to continue to
communicate over unencrypted e-mail.
</p>
<br>
<fieldset class="x_moz-mime-attachment-header"></fieldset>
<pre class="x_moz-quote-pre">_______________________________________________
The opinions expressed in this email are those of the sender and not necessarily those of the Open Source Initiative. Communication from the Open Source Initiative will be sent from an opensource.org email address.
License-review mailing list
<a class="x_moz-txt-link-abbreviated moz-txt-link-freetext" href="mailto:License-review@lists.opensource.org" moz-do-not-send="true">License-review@lists.opensource.org</a>
<a class="x_moz-txt-link-freetext" href="http://secure-web.cisco.com/1WS-KFozntvEXPX81G7vX-kmaP1gZdboBYFNF8pHwcG1RMKius24DSzSSZNTDya3ovOwkgaNf4xEzdLOVC9r_cXqocMsjsX8cmUpQiLtCz_nOhoiR8lnsh_Npe0p52SrtbwMJkIU9qADxhUoHJjsGN8ZoJ7mlxGkkGYQSlFYRx5VPmY5VL646y-NkgeKCdqM0P6fXKfkbVXAs1ffleHiwZkGBEIRVCZIDZDihg-8og4OoF0Djzr6wOwf8RyjEPlxl_e4QlUBoVrvZAkrSmojTliwfDeZfDESdj4XPgJ6mliqFjlXgDXrHV-9bmHUc63GZ/http%3A%2F%2Flists.opensource.org%2Fmailman%2Flistinfo%2Flicense-review_lists.opensource.org" moz-do-not-send="true">http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org</a>
</pre>
</blockquote>
<br>
</div>
<p class="MsoNormal">The information in this e-mail is intended
only for the person to whom it is addressed. If you believe
this e-mail was sent to you in error and the e-mail contains
patient information, please contact the Mass General Brigham
Compliance HelpLine at <a
href="https://www.massgeneralbrigham.org/complianceline"
moz-do-not-send="true" class="moz-txt-link-freetext">https://www.massgeneralbrigham.org/complianceline</a>
.</p>
<br>
<p class="MsoNormal">Please note that this e-mail is not secure
(encrypted). If you do not wish to continue communication over
unencrypted e-mail, please notify the sender of this message
immediately. Continuing to send or respond to e-mail after
receiving this message means you
understand and accept this risk and wish to continue to
communicate over
unencrypted e-mail. </p>
</blockquote>
</body>
</html>