Category Archives: Uncategorized

  • 0

The Copyfair Initiative is based on substantive equality

Category : Uncategorized

After getting some feedbacks,  I need to expand what is the purpose of the Copy fair Initiative.


  • 0

POLYMORPHIC LICENSES

Category : Uncategorized

Brief introduction

Copyright holders decide how to manage their exploitation rights through copyright licenses. Licenses work on top of copyright law, and are interpreted by judges under different jurisdictions, and different applicable laws. As copyright is very rigid, copyright holders can make it more flexible through licenses.

However, most generic-purpose licenses are not flexible, and this does not help Creators with specific needs for their products. When Generic-purpose licenses don’t reach the particular needs of makers, customization is a most. Can we synchronize customization with the Open source Software and P2P production principles? Sure we can. Our answer is POLYMORPHIC LICENSES.

PURPOSE

The main purpose of a copyright license is functional. A copyright license is a legal tool used to decide the permissions and conditions for the exploitation of protected works. You can decide about the right to use, the right to distribute, the right of public communication, the right to create derivative works, combined works, and so on.

Beyond this functional nature of a copyright license, generic-purpose public licenses have helped to create an open world, in many domains such as software, culture, literature, databases, music, 3d-models, and so on. Generic purpose licenses have been the legal representation of some philosophies, and copyright initiatives. Some of the most relevant are: The 4 free software freedoms definition (FSF), the open source software initiative, the free culture definition, and the copyfree initiative.

Until now, you have chosen a generic-purpose public license if it fits to your own needs or perhaps philosophically. However, most of them are not flexible to customization. As emergent technologies appear, sometimes situations are very specific, and customization is a must.

Polymorphic licenses don’t aim to compete with well established initiatives or philosophies, instead, they will provide makers the possibility of taking the best out of such open movements, and reach the particular goals of their production through customization.

What is a polymorphic license?

In programming, “polySmorphism is the provision of a single interface to entities of different types1. Let’s see an example in cpp code:

class Production {

virtual string type() = 0;

}

class Production_Music: public Production{

string type() {return (“

Commercial uses that require permission for exploiting this work are: Publicity, Movie soundtracks.

Time of permission: 1 year.

Compensation: $100 or equivalent in BTC

Royalties: I collect my own royalties from live shows.”);}

}

class Production_Drone-models: public Production{

string type() {return (“

Commercial uses that require permission for exploiting this work are: Anyone who sells drones built with these models.

Time of permission: undefinite.

Compensation: 10 built drones with the model for the copyright holders”);}

}

This is a very powerful object oriented programming concept, because it allows us to write a single interface, but produce different results. Thus, polymorphism is an excellent methodology for license customization. Let’s analyze the previous cpp example:

1. The class Production. This may be any generic-purpose copyright license if it allows different options. The Production License.

2. The subclass Production_Music. It inherits all clauses from the Production License, but with some environmental variables that are specific to music.

The copyright holder decides that only Publicity and Movie soundtracks are commercial uses that must pay a compensation, and the authorization lasts 1 year. Furthermore, he decides to collect his own royalties only from live shows.

3. The subclass Production_Drone-Models. It also inherits all clauses from the Production_Generic_License, but with a different focus. It requires some of the built drones in return.

How does it work?

Method: Licenses would be generated by an open source software called LTK (License-Tool-Kit). Copyright holders may generate their customized licenses using LTK, or by using their own tools.

Authenticity: The license’s output must come in more than one format. The md5 and sha1 hashes will be automatically generated. This will avoid license spoofing.

Reliability: The copyright holder(s) will keep their own customized license in their own server, website, or within the products. However, we will also set up a registry of polymorphic licenses with their correspondent hashes.

Current projects that may implement it

The polimorphic licenses methodology is currently developed by the FOSS lawyers legal community. But we want to promote the polymorphic license methodology to FOSS and P2P projects.

Currently we are working on two generic-purpose licensing projects:

– Common based reciprocity licenses (Copyfair).

– Ubiquitous commons.


  • 0

DO WE NEED A KBA STANDARD?

Category : Uncategorized

//Foss lawyers will be present in Amsterdam between may 18th – may 22th, for the OWASP project submission. The OWASP KBA-PMP project. The project is growing

complete version: KBA paradigms and challenges

Can we say that static KBA is no longer suitable for today’s security challenges? During the last years, we have heard rumors about the death of the KBA. While some part of the industry wants to kill all KBA procedures, Dynamic KBA providers want to only kill static KBA. The truth is that static KBA is the oldest method of authentication, and will remain for a while due to its low cost (compared to biometric authentication), its effectiveness for remote procedures of identification (can be used from anywhere), and especially, the option that users have to change their information or simply lie to the web application to increase security. We cannot blame non developed countries to implement it.

Static KBA is not insecure by itself, it is a matter of implementation. But static KBA confronts 2 huge problems today: (1) Secret information is not secret anymore, (2) Most users will tell the truth to the application.

For dynamic KBA software vendors, KBA has evolved from the challenge questions, to a much more sophisticated way of implementing dynamic KBA. The information comes from public records, credit records, judicial records, your ID card, and perhaps social networks. These have happened in recent years, and it seems to work for many. However, there are some issues to resolve, some of them seems to be universality, and privacy.

Universality.- When I contacted some of the dynamic KBA vendors, my biggest concern was that they don’t have universal solutions. They had access to country based public records, especially in the USA, UK, Canada and Australia. So what about the rest of the world? It is clear that for a transnational dynamic KBA solution, vendors will need to have data sources everywhere. Central American banks may not use dynamic KBA, because KBA providers don’t have data sources in those countries. So how can we kill static KBA, if Dynamic KBA solutions are not available in most countries?

Privacy.- Data protection, and privacy laws are stronger in some countries than others. So the meaning of public records, is related to jurisdictions. As an example, let’s think about personal data in Europe. The Data Protection directive forbids the transfer of personal data to third countries without an adequate level of protection1. Let’s analyze what is personal data under European law2:

(a) ‘personal data’ shall mean any information relating to an identified or identifiable natural person (‘data subject’); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;

Furthermore, personal data has to be processed lawfully, fairly, and only for specific and legitimate purposes. The data subject has to “unambiguously give his consent”3 unless process is necessary for contract performances, legal obligations, vital interests of the data subject, or the public interest.

Following of all these paradigms and challenges, the answer is YES, we need to develop a KBA standard. Web application security is not only about secure coding, encryption, and patching vulnerabilities. Remote authentication is the core of security, and KBA implementations must follow basic guidelines, but not only for higher risk environments as banks, because security is interconnected and attackers will always find the weakest point of the security chain.


  • 0

THE COPYFAIR INITIATIVE

Category : Uncategorized

/*This project is evolving. It started months ago as a technical foss lawyers  research project with the purpose of  creating a different type of  public licenses, focusing on the real needs of  creators.  By now, we got a very good connection with the common based reciprocity licenses project promoted by the P2P foundation.   Our “polymorphic licenses style” seems to fit very well with  their approach to commons, fairness, and P2P production. We think is a very good idea to work together on this.*/

Copyfair means “copyright fairness”. There is not real freedom without justice. As fairness is a subjective matter, creators must have the option of taking decisions about some crucial issues such as “the time of permission of the work”, “decide in which cases an economical remuneration must be paid”, and “fixing the value of the remuneration”.

The purposes of the Copyfair initiative are:

– To benefit society with free and accessible culture for non commercial uses. Culture and knowledge must not only benefit privileged groups. Copyright holders must decide which commercial uses must pay en economical value, but they cannot forbid the “non commercial” uses of the protected work.

– To benefit artists and cooperatives because they are also part of society. The right to work and get paid for your work is not negotiable. Artists, and Cooperatives work very hard, and they must get paid for their work, if it is used for profitable purposes.

– Allow the use and free distribution on the cyberspace. Protected works shall be distributed without restrictions because the access to knowledge and culture must be universal. The copyright holder  will decide which commercial uses must pay an economical compensation, but he cannot forbid the distribution of the work.

The only way to reach these 3 objectives is through the creation of a single license which allows different options, and permits copyright holders, the option of taking decisions about the most relevant aspects of their copyrights.

LEGAL PERSPECTIVE

In legal terms, the copyfair is an initiative with the purpose of creating SPECIALIZED, FAIR, FLEXIBLE, and UNDERSTANDABLE copyright licenses.

SPECIFIC. Copyfair licenses are focused in particular areas of culture. Cultural works are too diverse, so we cannot apply the same rules to wikipedia writers, bloggers, musicians, film makers, or data base producers. We should evolve from generic purpose licenses, to specific purpose licenses.

FAIRNESS. Creators must decide about the most important aspects of their copyright license such as: time of permission for commercial uses, the price of permission, which uses he consider as commercial, if the economical compensation will benefit a community for development projects, or even who collects his royalties(if applicable). However, conditions shall not be discriminatory.

FLEXIBILITY. Copyright must be flexible. As the time of copyright protection will last the life of the creator(+50), creators must always have different options. Ej: the option of getting paid if their work is used for commercial uses, such as publicity.

UNDERSTANDABILITY. Copyfair licenses must be short, simple, and use an understandable legal language, because most artists are not legal experts.

 


  • 0

RE-THINKING THE “FREE CULTURE” FREEDOMS

Category : Uncategorized

 

BACKGROUND

In the Internet era, copyright law has gained enormous relevance. As we know, the concept of copying has changed dramatically. In traditional formats it was harder to make copies out of an original, and these were generally of lower quality (Consider copying a vinyl into cassettes, or a book into photocopies). In digital formats, copies are made sometimes to unconsciously (such as automatic backups of files), and a copy has the same quality as the original. Therefore, all digital copies are legally considered as originals.

The most important legal source of Copyright  dates back to the Bern Convention of 1886, and revised in 1979. This Convention has been ratified by 166 countries, setting the legal basis for copyright laws in those. The Bern Convention’s sets important legal issues such as moral rights (rights of attribution and transformation of the work), economic rights (copyright, right of public communication, translation rights, the right to distribute modified versions …) terms of protection, exceptions to copyright (or fair uses), among many others.

We can say that by default, everything is prohibited, and permission must be given by the author of the work, excepting fair uses. However, the author could decide to regulate their economical rights through a license. Therefore, the license of the author, is the legal instrument by which the author manages its economical rights, and permissions.

In theory, copyright law is wonderful for the creators, but in practice everything has been distorted, and in the internet era, this fact has become more evident. The World Wide Web was born in 1989, so we can deduce that the Berne Convention is part of the pre-internet era. Here I present some of the underlying problems founded on copyright laws:

1. They prevent free distribution on the internet. The author must sign a permission with all Internet websites (such as standard YouTube license) to distribute his works.

2. Artistic works and software are different. By most copyright laws, software is still protected as “literary work”, but the nature and scope of development are different. This is a historical error that has caused serious problems for interpretation and adaptation. Of course in 1886 there was no software.

3. Monopolistic practices have distorted the goals of copyright law. It is no secret that in practice, copyright benefits the industry more than the artist. Example: An independent musician has no access to radio or TV, so he does not receive royalties, as there is no media pluralism in our contemporary society. Most times, radios and media request money to artists in order to promote them.

4. Lack of transparency and abuse of copyright collective societies. Often royalties do not reach the composer because of the lack of transparency. Other times collective societies charge fees to independent artists by default, even if those works are not included in the collective society’s records.

Considering that most independent artists organize their own events, it is unfair and illegal that they cannot collect royalties directly, without passing through a collective society.

FREE SOFTWARE BROKE THIS SCHEME

To understand how free culture has emerged, we must necessarily refer to free software.

On the software industry, similar monopolistic practices of the entertainment industries, were made by corporations, proprietary software, which proposed a model of privatization of knowledge, preventing open technological development, which generated inequality between the rich and the poor. To understand it better, consider that until recent times, users were not allowed to buy a computer without the Windows operating system installed by default. Users also used to pay such license by default. Also consider that Windows does not allowed had no way of knowing what was violated installing , after Windows does not allow access to its source code.

Free software broke this abuse of copyright law. Free software was born in the 80s, with the help of Richard Stallman and the GNU project. The free software philosophy is based on “Free as freedom, and not free as free beer”. The freedoms of free software are:

(0) Freedom to run the program for any purpose.

(1) Freedom to study the source code and make modified versions.

(2) Freedom to redistribute copies of the program.

(3) Freedom to distribute your modified versions of the program.

An optional mechanism to protect these freedoms is the copyleft. Copyleft is a general method for making a program “free”, and requiring all modified and extended versions are also being “free”.

This was the departure point for Generic purpose public licenses. The first public open source license was The EMACS public license released in 1988, which was the predecessor of the “well known” GNU general public license (GPL) released in 1989. Then came the GPL v2 license in 1991, and the GPL v3 in 2007. the GPL is still the most popular free software license, and software of great importance, such as the Linux kernel, WordPress, MySQL, or Tor, is licensed under the GPL terms.

Today, there are many generic purpose public licenses, which follow the free software philosophy, or other initiatives that emerged later, such as the Open Source Initiative (focused on software development), or the Copyfree initiative (“Free as free beer”, another definition of freedom).

Many software companies are using the FOSS model (Free and Open Source Software). If you still do not believe, think that very successful projects such as the Google Android operating system (the Apache v2 license), or the social network Twitter (the MIT license), are using free software licenses.

The FOSS model became self-sustaining. In this new economic model, most enterprises are not financing their projects in royalties, but in services (such as Red hat enterprise model). Since free software does not prohibit profit, other FOSS developers are founding their projects by selling derived and enhanced versions. Others have managed to make their self-sustaining model through donations.

So, Is it possible to create similar self-sustaining economical models in culture?

INCONSISTENCIES IN THE DEFINITION OF THE FREE CULTURE

The philosophy of free culture comes from “Free as Free speech”. Many people are confusing free culture with Creative Commons. This confusion is a serious mistake, because free culture is a philosophy about sharing culture based on certain freedoms, while Creative commons are legal tools (generic purpose licenses) with the purpose of helping artists to manage their rights. In fact, only 2 of 6 Creative Commons licenses qualify as free-culture licenses (CC by, or  CC by SA).

Free culture was born from an adaptation of the 4 free software freedoms.

“Free culture freedoms” are:

– Freedom to use the work and enjoy the benefits of using it.

– Freedom to study the work and to apply knowledge acquired from it.

– Freedom to make and redistribute copies, in whole or in part, of the information or expression.

– Freedom to make changes and improvements, and to distribute derivative works.

The big mistake about this adaptation is not taking into account that software  and culture have  different environments.  But even culture can be divided into educational and scientific oriented works such as tutorials and information, and purely artistic works such as music or films. Free culture  freedoms might work great for knowledge oriented platforms such as Wikipedia, but not for most musicians or film makers.

This difference is detailed in the telekommunist manifesto by Dmitry Kleiner, who distinguishes clearly the software(as a capital oriented good) and culture (as consumer oriented good). Richard Stallman himself has repeatedly held that the artistic works do not have to be free, because they are not oriented to produce capital. This is the main difference from artistic works, and Software, writing supplies, or 3D  models for printers.

The main element that supports the free software freedoms is the transmission of the source code(knowledge). With no source code in the artwork, it is necessary to re-think the free culture freedoms.

Comparing the free culture freedoms, with the free software freedoms, we find some inconsistencies:

– Freedom to use the work and enjoy the benefits of using it. This freedom has been thought for the benefit of the end user. This means that you can use someone else’s logo on your Website, or someone else’s song as soundtrack in your video. The unfair part is for the artist, because as he gives his economic rights to everybody, fair and unfair uses of his song(if musician) are allowed. Thus, It can be used in a Monsanto video, and his name will have to be there (right of attribution of the composer).

– Freedom to study the work and to apply knowledge acquired from it. In artistic works there is not source code, unless you think that a score, or the patches of a program can be the equivalent. What would be the source code? Perhaps the final work as a recording? As a musician, I can certify that if we want to study composers such as Stockhausen, or  Bach, the scores of the works are necessary. The scores are the “KNOW HOW” of their music.  So this freedom is misconceived, because there is not obligation to pass the knowledge, just the final work.

– Freedom to make and redistribute copies, in whole or in part, of the information or expression. It is the only well adapted free culture freedom, because it solves the issue of Internet distribution. This could Benefit users and creators. Perhaps this freedom should be the only one.

– Freedom to make changes and improvements, and to distribute derivative works. This freedom is also ambiguous in the cultural environment. E.g. It benefits the end user because he could get some photos and use them to transform his video. But on the other hand, it can seriously harm the creator. Suppose a musician composes a song, but a religious sect uses the song, change the lyrics and distributes it on TV and radio to get followers. That would be unfair.

In my opinion, the main problems of free culture appear when we confront the freedom to use, and the freedom to create and distribute derivative versions, with the real world. In the software (capital good) this problem is not relevant, as the same software can be used by non-commercial users, advertisers, or religious sects, without compromising the image of the software developer. Instead, the artistic works (consumer goods) are much closer to the artist, and the absence of a limit on certain uses may seriously compromise their image.

In conclusion, we must re-think free culture freedoms,  and adjust them to the real world. The free culture freedoms are poorly defined, and this does not benefit free culture. The initiative of free culture should be based on the differences between the world of software, and the world of culture, and the differences between education oriented works, and artistic oriented works. Let’s not replicate the same mistakes of the Bern Convention.