Subject: Re: External deployment / Otherwise Make Available (was Re: OVPL summary)
From: Alex Bligh <alex@alex.org.uk>
Date: Thu, 15 Sep 2005 19:52:37 +0100

Michael,

> You ignored it in your reply to me in that other branch of this thread.

Sorry - that was not my intention - you are raising interesting points
and I am changing my view.

>> In the instance above, if there is an employee "in the way" I don't
>> think
>> there is "use" (as would be construed in an IP sense) by a
>> non-employee.
>
> That's still avoiding the point. McBurger's website (built with non-OVPL
> code) allows users to order. Once the order is finalized, the
> Web-ordering system sends the order into the OVPL system. Burger-making
> employees only interact with the OVPL system to get orders, but users
> are 'using' the OVPL system by proxy through the Web system to
> communicate their order to those employees, albeit only indirectly.
>
> Is this 'use' by non-employees according to the license? I think it
> could easily go either way, but I'm interested to hear your
> interpretation.

The "employee" point is only relevant to the carve-out in the definition.
It's "humans in the way" I was getting at (see 2 below). See below for the
rest.

> Or are you saying categorically, that if there is no employee 'in the
> way' and only software proxies of one sort or another, that the code is
> definitely being 'made available for use'?
>
> Let's take it a step further. Let's assume that the OVPL'd code is
> McBurgers' inventory management system or accounting system. Now,
> *every* other IT system McBurgers has (intranet, extranet, or public
> internet) needs to interface with the OVPL code in *some* way. Is it
> even possible to be reasonably confident that private changes made to
> such a system will not obligate the licensee to release them to the ID?

I am coming round to the view (see my post to Larry) that I was wrong
in the way I interpreted "use", and that even if I interpret it the
way I think Larry wants me to in the OSL, there is a problem there
and also with the proposed OVPL mod I asked people to comment on (so
this is very useful) - it's not in the OVPL as sent for approval.

I think you can interpret "use" one of three ways:

1. The software that is "directly interacted with" by some non-excluded
   person (i.e. a non-employee). This definition is specious in a
   layered network model, because there is all sorts of software in
   the way which possibly makes the interaction indirect. Does the
   web-browser being between the user and the licensed software stop it
   being direct? (obviously that's not the intention). The windowing
   system? The network stack? A firewall? A web server at the server
   end? Middleware? If the answer to all those is no, then who knows
   what the middleware could be connected to. I don't see a LEGAL way
   of drawing the line at all (let alone knowing where it should be drawn).

2. Any software that the non-excluded person interacts with in an automatic
   manner (i.e. without human intervention). This is a plausible definition,
   but is very very wide. As you say, a modified OSL licensed accounts
   system that happened to have a link into an online system, which (for
   instance) let the user order things (involving checking credit balances)
   would be covered. Perhaps after all, that's the right thing. If they
   can see their statement on-line, then isn't that an ASP accounts system?

3. As (2), but excluding "use" which is "merely incidental", or "not
   the primary purpose" or similar. This at least allows for a line
   drawing exercize, though it's unclear where.

Perhaps the CDDL folk had it right with "make available" (current OVPL
wording). I don't think in your example you could argue McBurgers is
"making their accounts system available" every time you order a burger.

Alex