[License-review] For approval: The Cryptographic Autonomy License (Beta 4)

Henrik Ingo henrik.ingo at avoinelama.fi
Thu Dec 5 21:47:29 UTC 2019

Hi Van

I've been waiting with interest for the next steps for this license, since
it seemed that already beta3 was close to converging on sufficient

I think the reworded part further tightens your justification that user's
rights to their own data are a necessary part of exercising their software
freedom rights. What was originally something that sounded right on a "gut
feel" basis, is now expressed in a very solid and well defined way.

For my taste the new  text is even too narrow. The whole point of software
freedom is that a derived work need not be "substantially identical" to its
ancestor. But from a practical point of view that is still sufficient to
guarantee that I can get a copy of my own data. Once I'm in possession of
it, I can then proceed to also use it for less identical use cases. I
understand that this very narrow text is necessary now to make it clear to
everyone that this principle is well within the sphere of the OSD.

The other issue that was widely discussed, not the least by myself, were a
couple individual words like "aspect" and "made perceptible" that make
sense from a copyright law point of view, but are unusual words in a
software license. I had argued that it's unclear what exactly could be
claimed by those words and that they seem to present more of a risk than
benefit. I was curious to hear either from Van or Pam whether you discussed
this issue in the latest round at all? At minimum, I would hope to see an
FAQ entry explaining what can and cannot be targeted by those words. After
all, I have frequently asked this question ;-)


On Wed, Dec 4, 2019 at 10:31 PM VanL <van.lindberg at gmail.com> wrote:

> Based upon ongoing discussions with the license review committee, I am
> withdrawing Beta 3 and substituting Beta 4 (here attached).
> The primary change between Beta 3 and Beta 4 is the definition of "User
> Data."
> My understanding of OSI's position is that data requirements, such as are
> addressed by the CAL, are within scope of what an open source license can
> reasonably address. However, there was a request by the committee to more
> tightly define the definition of "User Data" so that it was more closely
> tied to function and experience of using the software by a user who chooses
> to self-host.
> In consultation with my client, we have proposed and received positive
> feedback on the following modified definition of User Data (most
> significant change bolded):
> “User Data” means any data that is an input to or an output from the Work, *where
> the presence of the data is necessary for substantially identical use of
> the Work in an equivalent context chosen by the Recipient*, and where the
> Recipient has an existing ownership interest, an existing right to possess,
> or where the data has been generated by, for, or has been assigned to the
> Recipient.
> There are also a few cleanups and the following minor but substantive
> changes:
> - Section 7.4, There is a definition of "prevailing party" for attorney
> fee awards (" A “prevailing party” is the party that achieves, or avoids,
> compliance with this License, including through settlement.")
> - Section 5.3, Enforcing against a terminated licensee does not cause
> termination for the license-enforcing party  ("Administrative review
> procedures, declaratory judgment actions, counterclaims in response to
> patent litigation, and enforcement actions against former Licensees
> terminated under this section do not cause termination due to litigation.")
> All other discussion regarding CAL Betas 2 and 3 should apply.
> From the original submission:
> *Rationale:* The CAL is a new network copyleft license especially
> applicable for distributed systems. It is designed to be as protective as
> possible of downstream recipients of the software, providing them all that
> they need to create and use an independent copy of a licensed work without
> losing functionality or data.
> *Distinguish:* The CAL is most similar to the AGPL, and will have a
> similar scope of action in most cases. However, the CAL has provisions that
> require that operators provide recipients of the software with a copy of
> their user data, enhancing their ability to independently use the software.
> The CAL also allows the creation of mixed "Larger Works," provides for
> affiliate use, and does not specify a mechanism by which notice is given to
> recipients.
> *Legal Analysis*: The CAL was drafted by legal counsel. Previous
> discussions have outlined many aspects of the legal analysis.
> A copy the the license in Markdown format is attached. For those who would
> prefer it, a Google Docs version of the license is viewable here:
> https://docs.google.com/document/d/1-eD9EH6i3wdSXgG4XJbF-a0cSSknOERjYzlVonOwAQ0/edit?usp=sharing
> _______________________________________________
> License-review mailing list
> License-review at lists.opensource.org
> http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org

henrik.ingo at avoinelama.fi
+358-40-5697354        skype: henrik.ingo            irc: hingo

My LinkedIn profile: http://fi.linkedin.com/pub/henrik-ingo/3/232/8a7
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-review_lists.opensource.org/attachments/20191205/b5cee97a/attachment.html>

More information about the License-review mailing list