Last modified by Stefano Maffulli on 2023/02/17 01:53
Hide last authors
Joseph Potvin 1.1 1 (% style="color:green" %)
Joseph Potvin 10.2 2 = Structuring the FLOW of Responsibility =
Joseph Potvin 1.1 3
Joseph Potvin 20.4 4 >**__//Learning Outcomes//__//~://**// Participants will advance their understanding of conceptual and operational perspectives on a diversity of agreement types associated with the distribution of intellectual resources. Operational methods such as licensing, contributor agreements, employment contract clauses and compliance verification solutions are framed in relation to the new ISO 19600 Guidelines on Compliance Management Systems. All of this is first grounded in a bedrock theory of responsibility.//
Joseph Potvin 18.1 5
Joseph Potvin 28.1 6 == Conceptual Foundations of Responsibility ==
7
Joseph Potvin 13.1 8 === Theory of Responsibility ===
9
Joseph Potvin 12.2 10 * Responsibility (Internet Encyclopedia of Philosophy) http://www.iep.utm.edu/responsi/
Joseph Potvin 12.1 11 * A Bibliography on Responsibility http://scholarship.law.duke.edu/cgi/viewcontent.cgi?article=3868&context=lcp
Joseph Potvin 14.2 12 * //[[Whodunnit?>>url:http://en.wikipedia.org/wiki/Whodunnit#Etymology||rel="__blank" title="Whodunnit?"]]//
13 ** Excerpt from Hart, H.L.A. 1949. [[The Ascription of Responsibility>>attach:Hart_1949_ExcerptFrom_AscriptionOfResponsibility.png||rel="__blank" title="The Ascription of Responsibility"]]. Proceedings of The Aristotlean Society.
Joseph Potvin 13.2 14 ** Hart's Critics on Defeasible Concepts and Ascriptivism http://www1.cse.wustl.edu/~loui/ail2.pdf
Stefano Maffulli 55.1 15 * [[Working-Groups-Incubator-Projects.flow-syllabus.Structuring the FLOW of Responsibility.The Principle of Subsidiarity.WebHome]] (in the context of [[nested hierarchies>>url:http://www.isss.org/hierarchy.htm||title="nested hierarchies"]])
Joseph Potvin 11.1 16 * Chain of Responsibility
Joseph Potvin 13.1 17 ** In a non-IT context (freight transportation) https://www.nhvr.gov.au/safety-accreditation-compliance/chain-of-responsibility
Joseph Potvin 11.1 18 ** In an IT context (GPLv2 violation) http://opensource.com/law/13/7/fantec-german-foss-compliance
19 — Regional Court Hamburg judgement against FANTEC http://gpl-violations.org/news/20130626-fantec_judgement.html
20 * Create a Culture of Responsibility http://www.inc.com/peter-economy/create-culture-of-responsibility.html
21
Joseph Potvin 13.1 22 === Management of Responsibility ===
Joseph Potvin 12.2 23
Joseph Potvin 31.1 24 ==== A Documentation Specification: Software Package Data Exchange (SPDX) ====
25
Joseph Potvin 32.1 26 * Licensing and Packaging FOSS with SPDX (Video) https://fosdem.org/2014/schedule/event/spdx/
Joseph Potvin 31.1 27 * Software Package Data Exchange (SPDX) http://spdx.org/
28 * SPDX Vocabulary Specification http://spdx.org/rdf/terms
29 * A Common Software Package Data Exchange http://www.linuxfoundation.org/sites/main/files/publications/lf_foss_compliance_spdx.pdf
30
31 ==== A Compliance Management Process: ISO 19600 ====
32
33 __**Note:**__ An adaptation of ISO 19600 to FLOW development methodology remains to be described. References in this section are, at present, only based on the generic compliance management system guideline.
34
Stefano Maffulli 54.1 35 * Development of an ISO [[Working-Groups-Incubator-Projects.flow-syllabus.Structuring the FLOW of Responsibility.Standard.WebHome]] on compliance management http://www.nen.nl/web/file?uuid=ee11eb45-59bb-41e5-805c-464ad42cfb98&owner=ea37f954-bd1b-41bd-bbf5-df167fd313d8
Joseph Potvin 16.4 36 * Foreword & Introduction to ISO 19600 (Excerpt): http://infostore.saiglobal.com/store/PreviewDoc.aspx?saleItemID=2672998
Joseph Potvin 35.1 37 * Development of a Global Standard on Compliance Management http://www.esv.info/download/zeitschriften/BUCO/leseprobe_2.pdf
Joseph Potvin 17.1 38 * ISO 19600 Compliance Management Systems: Guidelines (//__Note__: ISO documents are //[[//not Free/Libre/Open//>>url:http://www.oreillynet.com/xml/blog/2007/08/where_to_get_iso_standards_on.html||rel="__blank" title="Not Free/Libre/Open"]]) http://www.iso.org/iso/home/store/catalogue_tc/catalogue_tc_browse.htm?commid=4395782
Joseph Potvin 33.6 39 * ANSI 2013 Refresher Counse on "Changes to the ISO Directives" http://www.standardslearn.org/Presentations/ISODirectivesUpdates2013/2013-ISO-Refresher-Course.pdf
Joseph Potvin 36.1 40 * Questioning Copyrights in Standards http://www.law.berkeley.edu/faculty/profiles/facultyPubsPDF.php?facID=346&pubID=169
Joseph Potvin 38.1 41 * [[Visualizing the Reduction of Uncertainty and Management of Risk with Time/Effort Invested in Compliance Management>>attach:Uncertainty Risk_ComplianceManagementPDF.pdf||title="Visualizing the Reduction of Uncertainty and Management of Risk with Time/Effort Invested in Compliance Management"]]
Joseph Potvin 12.2 42
Joseph Potvin 14.2 43 === Management of Intellectual Provenance (IP) Responsibilities ===
Joseph Potvin 1.1 44
Joseph Potvin 13.1 45 * Intellectual [[Provenance>>url:http://osi.xwiki.com/bin/Projects/Definitions+%E2%80%94+Factors+of+Productions#HSomeNotesontheTerminologyof22IP2228or...22YouSayTom-8-to2CIsayTom-a-to2229||title="Provenance"]]
46 * W3C PROV Family of Documents
47 — An Overview of the PROV Family of Documents: W3C Working Group Note http://www.w3.org/TR/prov-overview/
48 — A Free/Libre/Open Source Implementation of W3C-PROV in Taverna Workflow Management System http://www.taverna.org.uk/documentation/taverna-2-x/provenance/
49
Joseph Potvin 17.1 50 * Operational Aspects of Intellectual Provenance Management (DRM)
51 ** Management Methods and Processes
52 — Electronic Discovery in Canada: Best Practices and Guidelines http://www.cch.ca/_resources/pdf/ebook/b109.pdf
53 ** Open Digital Rights Language (ODRL)
Joseph Potvin 13.1 54 — Resource Description Framework (RDF) http://www.w3.org/RDF/
55 — ODRL Community Group http://www.w3.org/community/odrl/
56 — Describing Copyright in RDF http://creativecommons.org/ns#
57 — Introducing RDF for GNU Licenses http://www.fsf.org/blogs/licensing/2009-06-rdf See: http://www.gnu.org/licenses/gpl-3.0.rdf
Joseph Potvin 17.1 58 ** eXtensible Rights Markup Language (XrML)
59 — A Formal Foundation for XrML http://www.cs.cornell.edu/home/halpern/papers/xrml.pdf
Joseph Potvin 13.1 60 — XrML Reference Implementation:
61 — MPEG-21 Rights Expression Language http://mpeg.chiariglione.org/standards/mpeg-21/rights-expression-language
62 — MPEG-21 Rights Data Dictionary http://mpeg.chiariglione.org/standards/mpeg-21/rights-data-dictionary
63
Joseph Potvin 15.1 64 * __Discussion__: A company, foundation or project community benefits in several ways when it puts in place an Intellectual Provenance (IP) compliance management process aligned with the ISO 19600 Guidelines:
65 ** The effort demonstrates tangible "due diligence" in any potential litigation process;
66 ** This makes it much easier, faster (and thus less expensive) for your lawyers to help you in the event of litigation;
67 ** Multiple parties can more easily adopt a shared compliance management process:
68 *** Different organizations involved in commons-based peer production;
69 *** Different sections/departments within an organization.
70 ** Sustainable innovation is enhanced with responsible risk management, since team-members know what is in and what is out of bounds.
Joseph Potvin 13.1 71
Joseph Potvin 15.1 72 == Licensing: The Delegation Responsibility ==
73
Joseph Potvin 6.1 74 === The Main Currents of FLOW Licensing ===
75
76 //"Similarities; Differences; Choices; Trends; Linkages to Other Types of Agreements"//
77
Joseph Potvin 1.1 78 * "License Haiku" http://www.aaronsw.com/weblog/000360
Stefano Maffulli 53.1 79 ** A [[Working-Groups-Incubator-Projects.flow-syllabus.Spectrum of FLOW Licenses.WebHome]]
Joseph Potvin 1.1 80 ** License Proliferation http://www.rosenlaw.com/pdf-files/LicenseProliferation.pdf
81 ** Google says no to license proliferation (3-part series) http://www.zdnet.com/blog/burnette/google-says-no-to-license-proliferation/192
82 ** List of Licensing Tools http://wiki.opensource.org/bin/view/Projects/List__of__Licensing__Tools\\
83 ** Telekom Open Source License Compendium http://dtag-dbu.github.io/oslic/releases/oslic-0.98.1.pdf (About: http://dtag-dbu.github.io/oslic/ )
84 ** Comparing Free/Libre/Open Licenses http://www.tldrlegal.com/browse
85 ** Schematic representation of license directionality http://www.ploscompbiol.org/article/info%3Adoi%2F10.1371%2Fjournal.pcbi.1002598
Joseph Potvin 41.2 86 ** [[Five Permissive Licenses Side-by-Side>>attach:Compare_5PermissiveLicensesPDF.pdf]]
Joseph Potvin 1.1 87 ** Apache License v2.0 and GPL Compatibility http://www.apache.org/licenses/GPL-compatibility.html
88 — A patent license that is GPL compatible: Firestar Software v. Redhat http://www.redhat.com/f/pdf/blog/patent_settlement_agreement.pdf
89 — Explanation of the Firestar Software v. Redhat Settlement http://www.groklaw.net/articlebasic.php?story=20080715054748526
Joseph Potvin 39.4 90 ** CC BY-SA 4.0 now one-way compatible with GPLv3 https://creativecommons.org/weblog/entry/46186
Joseph Potvin 38.2 91 ** Can Mozilla Unify Open Source? http://www.computerworlduk.com/blogs/simon-says/can-mozilla-unify-open-source-3569569/
Joseph Potvin 1.1 92 ** A Guide to the Legal Documentation for Eclipse-Based Content http://www.eclipse.org/legal/guidetolegaldoc.php
93 — The Eclipse Legal Process www.eclipse.org/legal/EclipseLegalProcessPoster.pdf
94 ** Choosing a Software License (In: A Quick Guide to Software Licensing for the Scientist-Programmer) Scroll half-way down in: http://www.ploscompbiol.org/article/info%3Adoi%2F10.1371%2Fjournal.pcbi.1002598
Joseph Potvin 19.1 95 ** FOSS Licensing http://en.wikibooks.org/wiki/FOSS_Licensing
Joseph Potvin 20.1 96 ** A Legal Issues Primer for Open Source and Free Software Projects http://www.softwarefreedom.org/resources/2008/foss-primer.html
Joseph Potvin 25.1 97 ** Why the Public Domain Isn't a License http://www.linuxjournal.com/article/6225
Joseph Potvin 1.1 98
Joseph Potvin 13.1 99 === Dual/Multi Licensing Options (for individual commits and for whole projects) ===
Joseph Potvin 1.1 100
101 * Maintaining Permissive-Licensed Files in a GPL-Licensed Project: Guidelines for Developers http://www.softwarefreedom.org/resources/2007/gpl-non-gpl-collaboration.html
102 * Challenges with Hybrid Protection Models http://www.iprinfo.com/julkaisut/verkkojulkaisut/ipr-series-b/fi_FI/proprietary-softvare-vs-foss-b4-ballardini/_files/88735925433140131/default/B4_Ballardini.pdf
103 * Understanding GPL Exceptions
104 — Sample License Notices http://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs
105 — On Selling Exceptions to the GNU GPL http://www.fsf.org/blogs/rms/selling-exceptions
106 — GCC Runtime Library Exception http://gcc.gnu.org/onlinedocs/libstdc____/manual/license.html
107
Joseph Potvin 13.1 108 == The FLOW Subscription Model ==
109
110 * Open Source Procurement: Subscriptions http://blogs.computerworlduk.com/simon-says/2011/03/open-source-procurement-subscriptions/index.htm
111 * Open Source Business Innovation and the Subscription Model http://stephesblog.blogs.com/my_weblog/2007/08/open-source-bus.html
112 * Why Subscriptions? http://www.redhat.com/about/whoisredhat/subscriptions.html
113 * Open source procurement: Indemnity http://opensource.com/law/11/2/open-source-procurement-indemnity
114 * Indemnification Parameters. In: Open Source Software Issues in Commercial Transactions http://about.bloomberglaw.com/practitioner-contributions/open-source-software-issues/
Stefano Maffulli 52.1 115 * Google Glass: [[Working-Groups-Incubator-Projects.flow-syllabus.Something like a Subscription.WebHome]]
Joseph Potvin 13.1 116
Joseph Potvin 27.1 117 == License Compliance Verification ==
Joseph Potvin 1.1 118
Joseph Potvin 27.1 119 === Policies and Approaches for License Compliance Verification ===
Joseph Potvin 6.1 120
121 * Compliance Guides from The Linux Foundation http://www.linuxfoundation.org/publications/compliance
122 * The (Telekom) Open Source Compliance Advisor http://opensource.telekom.net/oscad/
Joseph Potvin 33.1 123 * The Open Source License Compendium Manifesto http://dtag-dbu.github.io/oslic/
Joseph Potvin 6.1 124 * Useful Compliance Tips For Vendors http://fsfe.org/projects/ftf/useful-tips-for-vendors
125 * A Practical Guide to GPL Compliance http://www.softwarefreedom.org/resources/2008/compliance-guide.html
Joseph Potvin 11.1 126 * Common Mistakes in GPL License Compliance ?http://gpl-violations.org/faq/vendor-faq.html
Joseph Potvin 6.1 127 * GPL Software Certification Program http://www.fsf.org/licensing/compliancelab.html
128 * Maintaining Permissive-Licensed Files in a GPL-Licensed Project: Guidelines for Developers http://softwarefreedom.org/resources/2007/gpl-non-gpl-collaboration.html
129 * Reporting and Fixing License Violations http://fsfe.org/projects/ftf/reporting-fixing-violations
Joseph Potvin 7.2 130 * IT Policy Compliance for Dummies http://www.qualys.com/forms/ebook/it-policy-compliance-for-dummies/
Joseph Potvin 6.1 131
Joseph Potvin 27.1 132 === Technical Analysis of FLOW License Compliance Verification ===
Joseph Potvin 6.1 133
Joseph Potvin 13.1 134 //All of the solutions listed below are themselves provided under FLOW licenses.//
135
Joseph Potvin 6.1 136 **Binary Analysis Tool:** The Binary Analysis Tool (BAT) is a modular framework that uses the same approach applied by gpl-violations.org to discover issues in consumer electronics. It can open many types of firmware, detect Linux and BusyBox issues, and report outcomes in XML format. It also features knowledge-base support to allow high fidelity customization for advanced users. BAT is available for free under the Apache license so that everyone can use, study, share and improve it. The project frequently adds new features.
137 Website: http://www.binaryanalysis.org
138
139 **Code Janitor Tool:** The Code Janitor is a tool released by the Linux Foundation that helps to search source code to make sure that developers did not leave comments that might reveal future products, product code names or discuss competitors and their products. It maintains a database of keywords to scan for, and can be customized as necessary. It is available without charge. Website: http://www.linuxfoundation.org/programs/legal/compliance/tools
140
141 **Dependency Checker Tool: **The Dependency Checker is a tool released by the Linux Foundation that helps identify source code combinations that will lead to dynamic and static linking, and in the context of a license policy framework can create a list of items that need to be flagged before products are released. Website: http://www.linuxfoundation.org/programs/legal/compliance/tools
142
143 **FOSSology:** FOSSology started as an internal project at HP to support governance processes. It is a tool that analyses all the files in a project and reports on the licenses used, basing its results on license declarations and tell-tale phrases. It also has the ability to scan for copyright notices, email addresses and URLs, allowing users to create custom reports. The project is hosted by the Linux Foundation, is available as Free Software, and is maintained in both English and German by developers from HP and other organizations. Website: http://fossology.org
144
145 **Ninka:** Ninka is a lightweight license identification tool for source code. It is sentence-based, and provides a simple way to identify open source licenses in a source code file. It is capable of identifying several dozen different licenses (and their variations). It has been designed to be lightweight, fast and to avoid making errors. It is available under a Free Software license. Website: http://ninka.turingmachine.org
146
Joseph Potvin 26.1 147 **CORAS:** Model-Driven Risk Analysis (CORAS Integration Platform, licensed LGPLv2)
148 http://heim.ifi.uio.no/~ketils/kst/Others/021008.platform-poster.pdf
149
Joseph Potvin 6.1 150 == FLOW Contributor Agreements ==
151
Joseph Potvin 1.1 152 * Project Harmony: Contributor agreements for free and open source software http://www.harmonyagreements.org/
153 * The trouble with Harmony http://opensource.com/law/11/7/trouble-harmony-part-1 and http://opensource.com/law/11/7/trouble-harmony-part-2
154 * OpenStack Project Individual Contributor License Agreement https://review.openstack.org/static/cla.html and OpenStack: How To Contribute https://wiki.openstack.org/wiki/How_To_Contribute
155 * NDA Program Confidential Disclosure Agreement for Contributors, The Linux Foundation http://www.linuxfoundation.org/images/2/2e/NDA_contributors.pdf
156 * Linux Foundation's Generic Open Source Review Board Contribution Form http://www.linuxfoundation.org/publications/compliance/generic-osrb-contribution-form
157 * LLVM Developer Policy http://llvm.org/docs/DeveloperPolicy.html
158 — LLVM comments on "Copyright, License, and Patents" http://llvm.org/docs/DeveloperPolicy.html#copyright-license-patents
159 — University of Illinois/NCSA Open Source License http://opensource.org/licenses/UoI-NCSA.php
160 — FSF Comments on the University of Illinois/NCSA Open Source License http://www.gnu.org/licenses/license-list.html#NCSA
161 — FSF Comments on the Modified (3-clause) BSD License http://www.gnu.org/licenses/license-list.html#ModifiedBSD
162
163 == FLOW in Employment Contracts ==
164
165 * Who Owns Copyright at Work? http://zvulony.ca/2010/articles/intellectual-property-law/copyright-law/copyright-at-work/
166 * Who Owns the Intellectual Property: The Employee or the Employer? http://www.lmlaw.ca/who_owns.pdf
167 * Sign on the Dotted Line: NDAs and Free and Open Source Software http://faif.us/cast/2011/apr/12/0x0D/ (See slide deck at http://faif.us/cast-media/FaiF_0x0D_NDAs.odp )
168 * Contracts for people to work on Open Source Software http://andrew.mcmillan.net.nz/foss_friendly_employment_contracts
169 * Beware Employment Contracts http://developers.slashdot.org/story/02/03/21/0139244/beware-employment-contracts?sdsrc=rel

Submit feedback regarding this wiki to webmaster@opensource.org

This wiki is licensed under a Creative Commons 2.0 license
XWiki 14.10.13 - Documentation