Message-ID: <3AC8ADEA.3080904@kalifornia.com>
Date: Mon, 02 Apr 2001 09:50:50 -0700
From: Ben Ford <ben@kalifornia.com>
User-Agent: Mozilla/5.0 (X11; U; Linux 2.2.17-14 i686; en-US; 0.8.1)
MIME-Version: 1.0
To: linux-kernel@vger.kernel.org
Subject: [Fwd: [Copyright/Licensing] "Dual-copyright/licensing" of your IP withOUT your  permission]
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org

What do people think about this?

-b


-------- Original Message --------
Subject: [Copyright/Licensing] "Dual-copyright/licensing" of your IP 
withOUT your permission
Date: Mon, 02 Apr 2001 12:39:31 -0400
From: Bryan-TheBS-Smith <thebs@theseus.com>
Reply-To: thebs@theseus.com, b.j.smith@ieee.org
Organization: (Personal)
To: linux-xfs@oss.sgi.com, nfs@lists.sourceforge.net


-------- Original Message --------
From: Bryan-TheBS-Smith *
Subject: [Copyright/Licensing] "Dual-copyright/licensing" of your IP
withOUT your permission
Date:  2001 April 02

[Copyright/Licensing] "Dual-copyright/licensing" of your IP withOUT
your permission


USING A PASSPORT.COM-ENABLED SERVICE WILL DUAL-COPYRIGHT/LICENSE
YOUR ORIGINAL WORK

I just want to throw this out for *OFF-LIST* discussion.  I am
currently writing an article on the new licensing agreement at
Microsoft's Passport.COM.  What most people don't realize is that if
you use MSN, Hotmail, Expedia and, in some cases, just MS
IE/Outlook, you have _already_agreed_ to this license.  Why?  In the
case of MSN, Hotmail and Expedia, your passwords are stored on
Passport.COM (remember when Microsoft went down in late 1999 because
of their expiration of Passport.COM?).  I am still researching the
depth of Passport.COM's interaction with MS IE itself (seperate from
these services), and other Microsoft and non-Microsoft,
Internet-enabled software.

The problem?  In a nutshell, any outgoing information, software
and/or services of your original copyright/license/IP are "dual
copyrighted/licensed" to Microsoft c/o this new agreement.  This can
be _very_dangerous_ from the standpoint of free software
development.  Worse yet is the fact that no one currently knows to
what extent the Passport.COM licensing agreement applies, but it
seems all MSN, Hotmail and Expedia users are subject to it, possibly
all users of MS IE as well.


GPL DOES NOT OVERRIDE YOUR COPYRIGHTS (NOR YOUR ABILITY TO ASSIGN
THEM TO OTHERS)

Now you may think the GPL (and/or other GNU licensed works like the
LGPL, FDL, etc...) protects your work.  What you may not realize is
that Copyright Law is the _ultimate_ law.  The software that cracked
the encryption (really "uglification") and revealed the follies of
popular "Internet Filtering" software were perfect examples.  The
software was released GPL, but then revoked later.  How?  Because
the creators ultimately have "all rights reserved" to their
copyright, and can revoke any license at any time (like they did
when the popular filtering software vendors bought the rights). 
When you post, upload or otherwise transmit through a
Passport.COM-enabled service, you are effectively giving Microsoft
a non-exclusive, "blank 'copyright' check" to use your work.

Now one way you can "protect" your free software/works from being
submissive to this "hole" in Copyright Law is to assign all rights
to the Free Software Foundation.  In fact, this is exactly what the
FSF recommends you do with any GNU licensed work.  If you have not
done so already, consider doing this with any GPL, LGPL, FDL or
other GNU-licensed work that you do not plan to "dual-license"
yourself or other entity.


IS THIS AN "ANAL" STANCE?  MICROSOFT "REALITY CHECK":

Now before you think I'm going off an being "anal" on this, or
screaming "the sky is falling," realize the following:

1.  Many companies are looking for new avenues of revenue and the
"total forfeit" or "dual-copyright/licensure" of your
copyright/licenses/IP is nothing new.

2.  Microsoft (among others, even non-Windows vendors) have been
shown time and time again to be all for #1, and abusing the rights
of others in the name of profits.

3.  *BIG ONE*:  Anyone who has interviewed with Microsoft, or
visited the Microsoft campus knows that Microsoft's future goals
_include_ the revenue stream of _charging_you_ to even see your own
data!

4.  *ANOTHER*:  Microsoft has identified "dual-copyright/licensure"
as a key method to "bypassing" the "GPL virus."

5.  *MOST IMPORTANTLY*:  Microsoft is currently the biggest lobbyist
of the US government, and expends the most in legal costs of any
American company.  Lawyers are difference between something just
being just "unethical and not legally binding" and "unethical but
quite legal binding and quite enforcable."

#5 is what makes the Passport.COM licensing agreement the most
scary, even though it is nothing new in some circles.


WHAT SHOULD THE FREE SOFTWARE COMMUNITY DO TO COMBAT THIS?

Other than avoiding these services and any other that use
Passport.COM (which will only get harder and harder as .NET makes it
presence), there are some _real_issues_ to doing _anything_ on the
Internet that will require our action.  At least two key issues need
to be addressed (with possible solutions):

1.  "Identify" users who are using these services when they contact
your web site, archive, CVS repository, etc...  They need not only
be informed of these issues -- but they need to "sign" a "counter
agreement" that they agree to the policies of our site, archive,
repository, etc... which either "prohibit" uploading from services
where there is such an agreement and/or somehow put the
responsibility on the consumer and/or service to NOT allow such
"dual-copyright/licensure" rights to be applicable to those original
works.  "Identification" is where the difficulty may come in, but
searching for a cookie or other known "resource" on the client
system should provide us with a good indicator that the client is
using these services.  Our service then will "redirect" them to the
proper page with the agreement (and kick them off if they do not).

2.  Draft new licenses, or create "addendeum" to existing licenses
that explicitly target these other agreements and render them either
null and void, or somehow limit their application to our projects. 
This will be most difficult as the creators of these "agreements"
have been smart enough to make their copyright/licensure
"non-exclusive" -- which allows the creation of a
"dual-copyrighted/licensed" version they can use (whereas an
"exclusive" agreement would not hold up in court).

Again, these are serious issues that need to be addressed ASAP.  I
hope the free software community pulls together and does its due
dillengence to combatting this serious violation of our IP and our
ability to control who, what and how it is copyrighted and/or
licensed.


LINKS TO MORE INFORMATION:

As a follow-up, please take the time to read the following URLs:

Microsoft Passport.COM terms of use:
http://www.passport.com/Consumer/TermsOfUse.asp

The Register.COM article:
http://www.theregister.co.uk/content/4/18002.html

Troubleshooters.COM new copyright and other articles:
http://www.troubleshooters.com/cpyright.htm
http://www.troubleshooters.com/tpromag/200104/200104.htm#_new_copyright
http://www.troubleshooters.com/tpromag/200104/200104.htm#_three_articles

LEAP Thread (first article in thread):
http://lists.leap-cf.org/pipermail/leaplist/2001-April/011248.html


-- Bryan "TheBS" Smith
   OSS/GNU/Linux Participant, Advocate, Packager and Developer


P.S.  Feel free to forward this to others, provided you are
courteous enough to not cross-post a single message among several
lists (i.e. please send one message per list or two).

--
Bryan "TheBS" Smith          chat:thebs413 @AOL/MSN/Yahoo
Engineer      mailto:b.j.smith@ieee.org,thebs@theseus.com
*********************************************************
"Never apply a Star Trek solution to a Babylon 5 problem"
                                    -- Nicholas C. Weaver
*

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/