[License-review] For approval: The Cryptographic Autonomy License (Beta 4)
brian at behlendorf.com
Thu Feb 13 19:55:27 UTC 2020
Has anyone considered the PII and GDPR/CCPA/etc implications of the CAL?
Could there be scenarios where the CAL requires behavior that the GDPR
prevents? Those licenses introduce a concept completely foreign to
copyright law, which is data protection rights for the subjects of data
(who that data is about), even if that subject isn't a party to the
transfer of software and thus covered by this license. What would be the
ramifications of such a clash? Could someone using the software have to
stop using it based on a request from a data subject?
On Thu, 13 Feb 2020, Eric Schultz wrote:
> Sorry to bring this up at a late stage but I just thought of a situation I wanted clarification on. Let's say a voice recognition provider using the CAL allows users to confidentially choose to submit
> their voice recordings to improve the quality of recognition. Is there any sort of dynamic here where one user would be able to request access to all of the other users confidential recordings? My
> hunch is no but it's a little bit of a different situation than I had seen considered on the list.
More information about the License-review