Test Bed: Icepick

Continuing the discussion from Another Kyle Adventure:

This was very valuable feedback. I’ve started the process of restructuring the terms for more clarity and punch, project name “Icepick”.

The repo is here. But here’s my current “skeleton”, without specific conduct rules:

Icepick

Version {version}

Purpose

This is a weapon of mass user protection.

There are many ways to protect transparency and control for people who rely on software. These terms leverage the power vested in software creators by intellectual property law.

Using these terms, the creators of this software surrender the greater part of their power. They make this software free for everyone to use, study, change, build on, and share.

They retain their power, and wield it through these terms, only to stop others misusing this software to deny you or others transparency or control. They invite and empower you to defend those rights for yourself.

User Rights

These terms terms ensure you all the following rights, so long as you respect the same rights of others.

Purpose

The purpose of these rights is to give you and others who rely on this software substantially the same transparency and control you would enjoy if you ran the software entirely for yourself.

Principles

Your rights under these terms reflect four key principles:

  1. Access: You must be given access to the materials used to store, process, and communicate your data.

  2. Completeness: You must be given all the materials used.

  3. Practicality: You must be given materials in the preferred form for storing, processing, and communicating.

  4. Permission: You must be given all the necessary permission for the materials to store, process, and communicate yourself.

Aspects

Your rights under these terms project the four key principles into four key dimensions:

  1. Software: instructions for computers to store, process, and communicate your data

  2. Data: data that you provide to the software, and data the software collects about your use

  3. Processing: the computer that runs the software on your data

  4. Networking: the infrastructure that communicates software and data to others

Software

TODO

Data

TODO

Processing

TODO

Network

TODO

Acceptance

In order to receive any license under these terms, you must agree to their rules. Those rules are both obligations under an agreement among developers, providers, and users of this software, and conditions to all your licenses under these terms. You must not do anything with this software that triggers a rule you cannot or will not follow.

Enforcement

Any contributor to this software, any recipient of this license, and any user of this software or software services provided with it can enforce any rule of this license.

Illegal Terms

If any adjudicator of these terms decides than any part is invalid or unenforceable, but enforcing the rest would not defeat the purpose of these terms, the rest of these terms will still apply.

Copyright

Each contributor licenses you to do everything with this software that would otherwise infringe that contributor’s copyright in it, so long as you respect the User Rights of others.

Notices

You must ensure that everyone who gets a copy of any part of this software from you, with or without changes, also gets the text of this license or a link to <{url}>.

Excuse

If anyone notifies you in writing that you have not complied with any of these terms, you can keep your licenses by taking all practical steps to comply within 30 days after the notice. If you do not do so, your license ends immediately.

Patent

Each contributor licenses you to do everything with this software that would otherwise infringe any patent claims they can license or become able to license, so long as you respect the User Rights of others.

Reliability

No contributor can revoke any license under this compact.

No Liability

As far as the law allows, this software comes as is, without any warranty or condition, and no contributor will be liable to anyone for any damages related to this software or this license, under any kind of legal claim. This rule does not apply to claims against contributors for breaking the rules of these terms.

1 Like

Yaas! :raised_hands:

Done a bit of thinking on this.

The tightest summary of what we’re after here is roughly:

Ensure users the same level of control they would enjoy running the software for themselves when it is run for them by others instead.

That’s an agency problem. Which means we have a framework:

  • Transparency: You must be able to tell if others are running this software for you as you would run it for yourself.

  • Accountability: Those who mislead you must face consequences.

  • Independence: If you decide that others aren’t running this software for you as you would for yourself, you must be able to switch to running this software for yourself, or to having someone different run it for you, without loss of functionality or data.

In practice, I think that takes the form of a several more specific requirements:

  • Disclosure: You must have information about the processing and communication of your data, the environments in which that occurs, and the software used to accomplish it.

  • Completeness: You must have all information necessary to assess whether others are running this software for you as you would run it for yourself.

  • Practicality: You must have that information in the most practical formats.

  • Permission: You must have all necessary permission to use that information.

  • Noninterference: You must not be stopped receiving or using this software, your data, or the information you require.

We’ve seen those requirements applied to software, through copyleft and anticircumvention waivers. But we could extend them to other elements of computing:

Element Approach
Software Copyleft, Noninterference, Anti-anti-circumvention
Data Rights of Access, Erasure, Portability
Processing Disclosure
Networking Disclosure
Environment Disclosure, Transfer Rules

On the disclosure side, here’s what I have so far:

Processing

  1. What architecture, operating system, and other specifications would they need to procure a system to run this software as you have?

  2. What configuration would they need to configure such a system to run this software as you do?

Networking

  1. What are the network addresses of the systems you are using to process their data?

  2. What organizations, like Internet service providers, have custody over the systems connecting the systems processing their data to the systems they use to interact with them?

Environment

  1. Which legal jurisdictions govern your processing of their data?

  2. What organizations, like employers, have control of your processing of their data with this software?

  3. What organizations, like computing platform providers, have custody or control over the systems processing their data?

I suppose I could group those questions into two categories:

  1. Red Flags that potentially indicate that I don’t want someone processing my data the way they’re doing it.

    For example, information on which jurisdictions processors are subjecting my data to.

  2. To-Dos on the checklist for transitioning to running the software for myself.

    For example, information on the kinds of computer systems I’ll need to run the software for myself.

@boris, think of anything I’m missing? I’m sure this list is incomplete.

1 Like

This is pretty much what we are going for with the CAL, and beta 2 adopts a lot of similar positioning. Also, although not as explicit about the framework, I think the same elements are present.

1 Like

@vanl Have a look at the much improved: Icepick v1.0.0-pre.2

We’re not alone. Not hardly.