On Fri, Jan 21, 2005 at 12:52:45PM -0800, Don Armstrong wrote:
> On Fri, 21 Jan 2005, Joel Aelwyn wrote:
> > As others have pointed out, Dissident vs. Desert Island are somewhat
> > different tests. However, I guess it really depends on what
> > information is required by #3, in the intent of the author.
>
> Yes, they sort of grew out of each other, though.[1] [The weak form
> (no compelled release of information to peopple not in the
> distribution path) of the dissident test is equivalent to the dsert
> island test.]
Hmmm. I would argue that it both is, and isn't - in a strictly denotative
sense, you are quite correct; if it boils down to "No requirement to
notify someone not in the information flow", it's Desert, and if it's "No
requirement to notify anyone at all" it's Dissident.
However, connotatively, they do differ. Look at the names of the tests, and
consider the examples normally given to illustrate them. In the first case
(Desert Island), this is about a practical issue - it may be physically
impossible, in some situations, to notify a third party, even when the
second party is quite accessible (in some cases, such as a corporate
copyright and notification requirement, it may become literally impossible
if the corporation is dissolved; the copyright might be sold off, but that
doesn't automatically change the license terms).
The second, the Dissident test, could be argued to be about practicality as
well ("It isn't practical to get authors killed" - or jailed, or whatever),
but it is far more often (in my experience, anyway) laid out as a moral
or ethical argument based on a presumed right to basic privacy in one's
affairs.
Thus, there is some room to argue that even the 'weak form' of the
Dissident test is not actually the same test as the Desert Island
test, though it is effectively a moot point because, in practice, the
requirements are identical.
> > If, on the other hand, it seeks to establish a valid and useful
> > contact address (as appears, on the face of it, to be the intent,
> > since it says 'for support', and an address which cannot be used for
> > obtaining support is useless for that), I have to think it it fails
> > the Dissident test fairly obviously.
>
> My primary purpose here is lies with the identity part of the
> dissident test. That is, to hash out where the balance lies between
> the interests of free software (ie, a desire to know who is
> contributing what for copyright and licensing purposes) and anonymity.
>
> That this license requires individuals to identify themselves to
> whoever they distribute modifications to, and that this violates the
> strong form of the dissident test, I concur completely.
Speaking from the point of experience which many have (that is, having
had to try to track down authors who are unresponsive, possibly
non-existant, or in at least one case, deceased, for licensing issues),
all I can say is that I still believe the Dissident test is a suitable
requirement.
Requiring that changes be marked and noted is about correct attribution
(in particular, about *not* attributing changed code/docs/etc to the
origional author, who may think they stink, are full of bugs, or
whatever). Requiring that they indicate who *actually* wrote it is, in
so many words, "pretty much useless". After all, outside of Debian
itself (which has the signed-by-a-Debian-Developer web of trust that
tries to establish some basic identity), I have no proof whatsoever that
any given author ever even existed, short of a lot of research (and even
that may not suffice). Would you assume "Copyright 2005 John Smith" was
valid? It could be, my ex-supervisor has that on all of his code,
because that is, in fact, his name. Good luck determining whether it's
his, or that of some other random John Smith who writes software.
Okay, I suppose that isn't true; I've met ESR, RMS, and Larry Wall in
person (if quite briefly), so I'm fairly sure people using those names
who match the publicity photos (such as there are) exist, and quite sure
that whomever was using those names that day espoused opinions that seemed
consistant with those associated with the names I see online. But still.
Print authors have used pen names for hundreds of years, and often for very
good reason. Would you demand that they not do so, simply so that you could
track them down to ask them about licensing a publication of their book in
online form more easily?
I think it would behoove us to never forget one thing - while we may set
the terms on which we distribute software, we are also being given a gift
of someone's time and effort. If they choose not to give more than that,
well, as people have so vehemently pointed out about DDs, "You can't make
a volunteer do anything." If they would prefer to give it anonymously, why
should that bother us at all? We have procedures in place to deal with
licensing issues that come up. The worst that happens is that we have to
yank code from the archive - which leaves us exactly where we would have
been if we had not accepted it in the first place, because it was written
anonymously.
All in all, I think that Branden's fifth freedom[1] is important, and
should come into play here. Privacy in one's person includes fundamental
identity, and *certainly* includes things like physical address. Frankly,
given some of the folks I've met who claimed to be authors of (oh, hell,
what is it today, FLOSS? Pick a suitable acronym), and some of the folks
I've heard talking about being Debian users in passing by... there is *no*
way I'm giving them my address in any fashion so obvious. It would be far
too annoying to deal with the courts after I dealt with them trespassing.
(OK, arguably 'address' may imply e-mail address, but I also get enough
spam already, thanks).
It gives us nothing, really - we already have to deal with all of the
problems of an uncontactable author, and with dropping software when we
can't fix a license problem either due to that, or an author who doesn't
want to relicense. We go to moderately significant lengths to try to make
cryptographic software available to our users - but are we willing to say
that a software author's ability to write such a thing, and publish it
anonymously, for whatever reason (quite possibly including 'his or her
government would ensure he or she vanished') is not also worth protecting,
insofar as we can?
[1] http://lists.debian.org/debian-legal/2003/06/msg00096.html
--
Joel Aelwyn <fenton@debian.org> ,''`.
: :' :
`. `'
`-
Attachment:
signature.asc
Description: Digital signature