[License-discuss] Data portability as an obligation under an open source license

Russell McOrmond russellmcormond at gmail.com
Wed Jul 10 18:56:17 UTC 2019


On Tue, Jul 9, 2019 at 5:36 PM VanL <van.lindberg at gmail.com> wrote:

> Hi Russell,
>
> You seem to be arguing about a point that no one is making.
>
> On Tue, Jul 9, 2019, 11:59 AM Russell McOrmond <russellmcormond at gmail.com>
> wrote:
>
>> If I am a user of landscaping services, and the company providing that
>> landscaping service happens to use Microsoft Office, I am not through some
>> transitive property a user of Microsoft Office.
>>
>
> You keep on repeating this point, but it doesn't seem relevant to this
> discussion. To even attempt to bring this argument into scope, someone
> responding has to assume a lot of facts not stated.
>


It is an answer to the question of who the user of software is, FLOSS or
otherwise.  When you talk about third parties interacting with software
which are not the author and not the person running the software, you are
talking about interactions via an interface from individuals who are not
users of the software itself (the software is never communicated to them,
they don't have a copy, they don't execute it: none of the bundle of rights
of copyright or patent law are involved).

Moving away from the parties involved with software licensing (creators and
users of the software) is a movement of the debate to discussing exclusive
rights on interfaces.

Many people have been trying to clearly explain in many different ways why
exclusive rights on interfaces is extremely bad for Open Source, and that
we as a community should not only be objecting to license agreements that
use that legal theory, but also doing whatever we can (lobbying
governments, amicus briefs to courts) to ensure that such license clauses
are never enforceable.




Can you clarify what you mean?
>
> Can you also clarify how this line of argument applies to the specific
> question of "can an open source license require that an operator providing
> services to a third party also refrain from withholding that third party's
> own data?
>


Picture this license:

"
As a condition of running this software and providing any interface to
third parties (clients, etc) you must:

  a) Have an Acceptable Use policy that only allows interaction via
authorised client software
  b) Actively enforce that Acceptable Use policy, including potentially via
technological protection measures and lawsuits

The list of authorised client software is available at:
http://really.evil.com/open-source-is-unconscionable
"

Questions:

1) Do you believe these licensing terms should be enforceable?  (You won't
be surprised that I don't)

2) Would the ability of software exclusive rights holders to disallow
compatible software be good or bad for Free/Libre and Open Source?
(Trivially, very bad)

3) What is the difference between this license from Really Evil
Corporation, the Affero clauses within the FSF's AGPL, or CAL submitted by
you?  (They are mildly different uses of the same extremely dangerous legal
theory.  CAL is closer than the AGPL to the Really Evil example as it seeks
to suggest any software offering the API be under a compatible license).



Onward:


Your underlying policy concern about data access and portability is an
important one.


If we were discussing regulation of communications and online service
providers I could note I am already working with you, although in a
different jurisdiction (I live in Ottawa, the capital of Canada).

I believe governments should be regulating these technology providers to
ensure that a minimum level of accountability and transparency exists.
This would include, but not be limited to, users of these services being
able to inspect and extract data submitted by or recorded about that user
which is being stored by the provider.  This would apply to all such
technology providers within their jurisdiction, not merely a tiny few who
happen to run a specific piece of software.

I have made related submissions to parliamentarians and Canadian federal
public sector workers over the years.  It has been discussed in the context
of upgrades to PIPEDA (federal privacy law for private-sector
organisations), and in relation to the European GDPR.  The Office of the
Privacy Commissioner has blogged about the data portability movement
http://www.dataportability.org/

I'm curious what politicians or other policy makers you have spoken to
about this, and what their responses have been?  My bringing up these and
related issues has been met with great interest, but this is not yet seen
as a priority.  I expect after the upcoming federal election that this
issue will continue to be discussed, as regulation of these types of
service providers is a currently active topic (Search for the name "Charlie
Angus" and you'll see the types of things he has been saying -- Charlie and
I have had many discussions about technology policy over the years).

And then there is David Graham
http://mcormond.blogspot.com/2019/06/importance-of-gossip-and-david-graham.html
,
who is one of us (FLOSS community member who is currently a Canadian Member
of Parliament).

I am aware OSI itself can't provide help for this type of work due to its
charitable status, but it is still useful for people to be aware of each
other and coordinate efforts whenever possible.   When CLUE (The Canadian
Linux Users Exchange, later called Canada's Open Source Association) had a
policy coordinator, I was specifically tasked to speak with politicians and
other policy makers about FLOSS policy.



But back to the specific question at hand:


Since we are instead talking about software license agreements and related
contractual terms that pass beyond interfaces, I will always be strongly
opposed. The ends (trying to ensure data accountability/transparency for
CAL, or access to source code in case of Affero clauses) do not remotely
justify the means (providing allegedly open source examples of an extremely
dangerous legal theory).



I have been involved in opposing the "Protection of Broadcasting
Organizations" at WIPO (well, communicating to Canadian delegation members
-- I've never been to a WIPO meeting), which is a legal theory that mere
communications technology providers should get their own independent layer
of copyright for the signals which they communicate  (What next?  Copyright
for HDMI cable manufacturers?).  The more non-creators who get copyright,
the less influence individual creators will have.

The theory that accessing software through an interface is somehow a
"performance" of that software is an even more offensive legal theory,
granting authors of software an extreme level of control over the
activities of the rest of society that should be strongly opposed.  What I
have been baffled by is why this massive expansion of the exclusive rights
of software authors (very often large powerful corporations) over others
(individual human beings) to and through interfaces can be seen as a
positive thing for individuals.


Thanks,
> Van
>

-- 
Russell McOrmond, Internet Consultant: <http://www.flora.ca/>

Please help us tell the Canadian Parliament to protect our property rights
as owners of Information Technology. Sign the petition! http://l.c11.ca/ict/

"The government, lobbied by legacy copyright holders and hardware
manufacturers, can pry my camcorder, computer, home theatre, or portable
media player from my cold dead hands!" http://c11.ca/own
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-discuss_lists.opensource.org/attachments/20190710/8169bb87/attachment.html>


More information about the License-discuss mailing list