[License-review] For approval: The Cryptographic Autonomy License (Beta 4)

Henrik Ingo henrik.ingo at avoinelama.fi
Fri Feb 14 21:55:25 UTC 2020


I think it's worth adding to the previous responses that the
obligations of the CAL wrt User Data seem to be a strict subset of the
obligations a site operator would have under the GDPR anyway.
Therefore under such jurisdictions the additional burden from CAL is
zero. Since the EU tries to make GDPR reach also to web sites hosted
outside of EU, this conclusion may apply to operators outside of the
EU.

The obligations wrt cryptographic keys probably would not be
obligations under the CAL.

henrik

On Thu, Feb 13, 2020 at 9:56 PM Brian Behlendorf <brian at behlendorf.com> wrote:
>
>
> Has anyone considered the PII and GDPR/CCPA/etc implications of the CAL?
> Could there be scenarios where the CAL requires behavior that the GDPR
> prevents? Those licenses introduce a concept completely foreign to
> copyright law, which is data protection rights for the subjects of data
> (who that data is about), even if that subject isn't a party to the
> transfer of software and thus covered by this license. What would be the
> ramifications of such a clash? Could someone using the software have to
> stop using it based on a request from a data subject?
>
> Brian
>
> On Thu, 13 Feb 2020, Eric Schultz wrote:
> > Sorry to bring this up at a late stage but I just thought of a situation I wanted clarification on. Let's say a voice recognition provider using the CAL allows users to confidentially choose to submit
> > their voice recordings to improve the quality of recognition. Is there any sort of dynamic here where one user would be able to request access to all of the other users confidential recordings? My
> > hunch is no but it's a little bit of a different situation than I had seen considered on the list.
> > Eric
> >
> >_______________________________________________
> License-review mailing list
> License-review at lists.opensource.org
> http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org



-- 
henrik.ingo at avoinelama.fi
+358-40-5697354        skype: henrik.ingo            irc: hingo
www.openlife.cc

My LinkedIn profile: http://fi.linkedin.com/pub/henrik-ingo/3/232/8a7



More information about the License-review mailing list