Subject: Re: Looking for OSI approval of license
From: Karl Fogel <kfogel@red-bean.com>
Date: Thu, 07 Apr 2011 17:44:35 -0400

 Thu, 07 Apr 2011 17:44:35 -0400
Andrew Oliver <acoliver@gmail.com> writes:
>Guys you're STILL actually NOT on license discuss (you replaced the
>description but not the address in <>).  Please reply to this email
>instead so it can be on license discuss instead of the board list. 

Thank you, Andrew.  Could we configure lists so that they look like
this:

  "OSI License Discuss" <license-discuss@opensource.org>

instead of the redundant:

  "license-discuss@opensource.org" <license-discuss@opensource.org>

Then this sort of error won't happen anymore.  I refuse to call it pilot
error: I'm a human, I notice patterns, and I saw me an "@" sign :-).
The UI is the right place for the fix.

[took Rick off CC list, btw]

-K

>Thanks,
>
>Andy
>
>On Thu, Apr 7, 2011 at 5:25 PM, Herrick, Rick <herrickr@mir.wustl.edu>
>wrote:
>
>    Karl,
>    
>    I'll take this to the people that know all the contacts in legal
>    and administration and see what kind of reaction I get.  Thanks a
>    lot for the information, this is the sort of thing that really
>    helps clarify the need for these sorts of changes.
>    
>    
>    -----Original Message-----
>    From: Karl Fogel [mailto:kfogel@red-bean.com]
>    Sent: Thursday, April 07, 2011 4:06 PM
>    To: Herrick, Rick
>    
>    
>    
>    Cc: Jim Jagielski; license-discuss@opensource.org
>    Subject: Re: Looking for OSI approval of license
>    
>    "Herrick, Rick" <herrickr@mir.wustl.edu> writes:
>    >The primary issue is that this has already been through the legal
>    >compliance and approval process at Washington University,
>    Harvard, and
>    >Howard Hughes Medical Institute. Given the nature of the software
>    >(managing clinical research data in compliance with federal HIPAA
>    >requirements), the longevity of the current license (since 2005),
>    and
>    >the lack of, um, nimbleness on the part of large academic
>    institutions'
>    >respective legal departments, I'm not sure it's possible for us
>    to
>    >adopt another licensing scheme within a practical timeframe.
>    
>    Rick, would it be possible to put me in touch with those lawyers?
>    
>    I'm the License Committee Chair of the OSI -- still quite green,
>    as we held the committee elections yesterday, but as it happens I've
>    recently been in similar discussions with some other universities
>    and we ended up persuading them to go with a standard open source
>    license.  I would like very much for that to happen here.
>    
>    One solution:
>    
>    Use a standard license (say, Simplified BSD-style), but include
>    with the software a non-binding human-readable preface, pointing
>    out all the factual -- but non-license-related -- things are
>    currently in the XNAT license, for example:
>    
>     - The fact that this is not a trademark agreement (yes, and that
>       remains true whether the license talks about it or not)
>    
>     - No clinical-use approval implied (right, but that can be
>    pointed out
>       without it being part of the license text)
>    
>     - Etc
>    
>    Even given that the XNAT license is simple in its own right, it is
>    still unfamiliar to everyone.  The thing about a standard open
>    source license is that a given legal department only needs to
>    learn it once.
>    Thereafter, the *marginal* cost of the license drops to nearly
>    zero -- any time you see that license, you know what you're
>    getting, and you don't have to re-evaluate it.
>    
>    Thus in the aggregate, *any* standard open source license is less
>    costly (to the ecosystem as a whole, including even other
>    departments of your own university) than any rarely-used license,
>    even if the latter is a marvel of simplicity and readability in
>    its own right.
>    
>    If they haven't much experience with open source licenses, they
>    probably won't understand how big a problem license proliferation
>    would be.  We
>    *cannot* have every software producer rolling their own license
>    too.  No quantity of lawyers will ever be sufficient to make that
>    sustainable.
>    
>    One way to convey this to them is to point out how much work they
>    would have had to do if every piece of open source software the
>    universities use right now came with its own unique license.  Do a
>    quick survey -- it won't take you long -- and you'll quickly be in
>    the hundreds of thousands of dollars in legal expenses, if
>    accounted fairly.
>    
>    If they don't want to cause that problem to other institutions, or
>    to other parts of their own institutions, then the answer is to
>    use one of the standard licenses, which already provide all the
>    protections they need and can reasonably enforce.  I would suggest
>    the Simplified BSD-style license, but can provide other options or
>    references if they need.
>    
>    Best,
>    -Karl Fogel
>    
>    >I understand that that's not your problem, but that's our
>    motivation :)
>    >
>    >-----Original Message-----
>    >From: Jim Jagielski [mailto:jim@jimjag.com]
>    >Sent: Thursday, April 07, 2011 12:31 PM
>    >To: Herrick, Rick
>    >Cc: osi@opensource.org
>    >Subject: Re: Looking for OSI approval of license
>    >
>    >Hello there Rick, thanks for contacting us.
>    >
>    >A more detailed email follow-up will be coming in a short while,
>    but
>    >what was/is the rationale for requiring a new license; what
>    aspects
>    >prevent you from being able to use one of the many existing
>    >OSI-approved licenses?
>    >
>    >Thx in advance.
>    >
>    >On Apr 7, 2011, at 1:10 PM, Herrick, Rick wrote:
>    >
>    >> Hi, I'm a developer on the XNAT project here at WashU. We're
>    >> interested in trying to get an open-source license for some
>    support
>    >> software (Atlassian stuff) but don't have an OSI-approved
>    license. So
>    >> I have some questions about getting this approved. The license
>    is
>    >> viewable at:
>    >>
>    >> http://www.xnat.org/Download+XNAT
>    >>
>    >> As best I can tell, this license complies with the Open Source
>    >> Definition, but I can't provide you with the license
>    proliferation
>    >> category, as that page seems to be unavailable at the moment.
>    >>
>    >> Please let me know how to proceed with this request. I'm not
>    the
>    >> license steward at this point, but would like to hold off
>    getting him
>    >> involved until such time as it's absolutely necessary, since
>    he's
>    >> pretty busy running the group!
>    >>
>    >> Any help would be much appreciated and any information I can
>    provide
>    >> will be provided forthwith!  Thanks!
>    >>
>    >> Rick Herrick
>    >> Sr. Programmer/Analyst
>    >> Neuroinformatics Research Group
>    >> Washington University School of Medicine
>    >>
>    >>
>    >> The material in this message is private and may contain
>    Protected
>    >> Healthcare Information (PHI). If you are not the intended
>    recipient,
>    >> be advised that any unauthorized use, disclosure, copying or
>    the
>    >> taking of any action in reliance on the contents of this
>    information
>    >> is strictly prohibited. If you have received this email in
>    error,
>    >> please immediately notify the sender via telephone or return
>    mail.
>    
>    The material in this message is private and may contain Protected
>    Healthcare Information (PHI).  If you are not the intended
>    recipient, be advised that any unauthorized use, disclosure,
>    copying or the taking of any action in reliance on the contents of
>    this information is strictly prohibited.  If you have received
>    this email in error, please immediately notify the sender via
>    telephone or return mail.
>