[License-review] For approval: The Cryptographic Autonomy License (Beta 4)

Nigel T nigel.2048 at gmail.com
Fri Dec 6 14:51:04 UTC 2019

3.2.a seems to imply to me that there is no patent grant when the work is
used as part of a combination or modification. IANAL but this strikes me as
a license I wouldn't touch with someone else's 10 foot pole.

The new version also does not appear to address the issue that if CAL
licensed software does not meet the requirements of 4.2 then the burden of
meeting 4.2 falls on the user even if they had made no changes to the

It is also still unclear what user information is required to meet 4.2.  A
strict reading could imply that 4.2 would require that the user of the
software provide clients with their plain text password.  Does it?  If not,
why not?

The user of the software is the service provider and it strikes me as this
license is a potential minefield for any user other than the original
authors.  What does "fully use an independent copy" or "substantially
identical use of the work" mean in the contexts of the license?

Take this in the context of something like a genealogy service.  The user
data includes my account information (data I provided), profile (data I
provided), my family tree (data I provided), my DNA information (data
generated for me) and potential DNA matches (data generated for me) and
links to historical data and public records (data generated for me).  What
must I provide under the terms of the license for the DNA matches and
links?  If I provide the DNA information in textual format and the software
has no easy way to input DNA data other than doing a SQL call have I still
met 4.2?  Does providing database IDs to records that don't exist in an
independent copy meet 4.2 or do I have to provide that document or image?
That was "data generated by, for or has been assigned to the Recipient".
These are things like yearbook pictures, census records, etc.  For the
potential DNA matches do I also have to provide the DNA information of the
potential match?  On the screen I can see the number of match sequences,
etc.  Is it sufficient to simply provide "J Smith, 756cm across 39
segments" as part of my export?  There is data about "shared matches".  How
much of that is required to be exported?

I don't know. I would need a lawyer and significant effort by a developer
to determine if the original software itself full meets 4.2.

On Fri, Dec 6, 2019 at 8:56 AM Pamela Chestek <pamela at chesteklegal.com>

> On 12/6/2019 3:30 AM, Bruce Perens via License-review wrote:
> > But this led to the much more concerning discovery that the plan is to
> > block interoperable Open Source software through the use of software
> > patents.
> >
> > I can't remember any time in the history of Open Source when a license
> > submitter, or anyone else at all, approached the Open Source
> > initiative with a plan to block implementation of Open Source using
> > software patents. Not to mention one which was well-received by the
> > OSI and its license committee which worked to accommodate the plan. I
> > hope you understand how distressing this is.
> This license has a patent grant of generous scope and there is nothing
> in the license that changes the existing state of open source licensing
> in any way. If your meaning is that the patents will block
> implementation of similar software that would be under a different open
> source license, I agree that's the case. However, that is the case for
> any open source licensed software covered by patents no matter what the
> license is. While the scope of patent licenses in open source software
> licenses is a matter of dispute, I have never heard anyone suggest that
> the patent license would extend to code newly written from scratch.
> Patents on open source-licensed software can also drive the adoption of
> the open source version of the software. If one uses the open source
> version of the software, they are fully licensed under the patents. If,
> however, one choose to write a new version of the software from scratch
> and put it under a proprietary license, then the proprietary licensor
> runs the risk of a patent infringement suit. Having patents on open
> source software therefore discourages the use of proprietary software
> and motivates the use of the open source version of the software, a net
> positive. As mentioned though, this is true of any open source software
> that is covered by patents and there is nothing different about this
> license.
> > I am also concerned that the license committee is now holding Ex Parte
> > proceedings, or at least Van reports such, and does not seem to have
> > any sunshine proceess in which OSI members learn in detail what
> > happened in those proceedings.
> [Putting on OSI Board member hat] As previously mentioned on
> License-Review, the license was discussed by the full Board at our
> face-to-face meeting in November. The Board was not going to approve the
> license in its prior form. I then spoke with Van about what changes he
> could make that would remove the obstacles for the Board. I was clear,
> and Van understood, that the changes would have to be vetted on
> License-Review before the License-Committee would give a recommendation
> to the Board. That is what is happening. There was nothing discussed
> that isn't embodied in the document you are looking at now. The
> alternative would have been to formally reject the license, which would
> have delayed even longer a license that has been pending for a long
> time. That does not seem efficient or productive to me.
> Pam
> Pamela S. Chestek
> Chestek Legal
> PO Box 2492
> Raleigh, NC 27602
> 919-800-8033
> pamela at chesteklegal.com
> www.chesteklegal.com
> _______________________________________________
> License-review mailing list
> License-review at lists.opensource.org
> http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-review_lists.opensource.org/attachments/20191206/e33316c1/attachment.html>

More information about the License-review mailing list