[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What to do when DD considers policy to be optional? [kubernetes]

On 26.03.20 19:57, Andrej Shadura wrote:
> An example: commercial users. They need to know *exactly* what they
> are running and under which licenses.

The only way to know that is by performing your own due diligence.

> They are often bound by regulations with heavy fines for violating
> them, and not only fines, but a threat of your product being banned,
> and that often means they want only specific licenses in their
> products.

There is no way whatsoever that a regulator, or a court, will accept
checking a single third-party file (debian/copyright), created by an
unpaid volunteer one has never even met, much less have a business
relation with, as proper due diligence in a copyright infringement case.

[Well, technically, you could use your own lawyer to perform the due
diligence and have them submit any necessary changes to the BTS, but I
think it's safe to assume that that is a theoretical example.]

Don't get me wrong, debian/copyright is certainly useful in general, but
the only value in a legal conflict I can see is for Debian, namely to
demonstrate our own compliance when distributing binaries (see Scott's
and Sean's replies).

Reply to: