Re: DRAFT: debian-legal summary of the QPL
Sven Luther writes:
> On Sat, Jul 24, 2004 at 09:47:43AM -0400, Michael Poole wrote:
>> Sven Luther writes:
>> > On Fri, Jul 23, 2004 at 08:49:14PM -0700, Steve Langasek wrote:
>> >> As a practical consideration, if the requirement extends beyond what
>> >> we're already doing for crypto-in-main (e.g., if it requires us to send
>> >> the government a copy *every time* someone downloads), I think we would
>> > And even that, i think is not acceptable. Already our current policy to inform
>> > the US governement of every contribution a member makes is an dangerous
>> > privacy concern. And if you would go the chinese dissident way (or maybe the
>> > iraqui freedom figther way :), a maintainer could get in trouble over this
>> > reporting.
>> Come again? Under the current rules, we have to give the US
>> government a (single) source code copy of any software that we
>> distribute. The whole world can download the same software.
>> How does that constitute any sort of privacy concern?
> Each time i make a new upload, a notice of the upload is sent to the US
> security agencies, at least this is how i understood it. This include my
> changelog entry, my name and email, my GPG key, and the time at which i make
> this upload.
In other words, they are effectively subscribed to the
debian-*-changes mailing lists? I still don't see how
that is any kind of privacy concern like you claimed.