incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis E. Hamilton" <>
Subject RE: [WWW] Privacy Policy ( was [Fwd: Assistance with rewriting TOU/PP for Apache podling])
Date Mon, 29 Aug 2011 16:41:25 GMT
The legal-internal list has taken the TOU proposal under legal review.  We should not do any
refinement until we learn more about that.  This is apparently an area where RTC is expected,
not CTR.

We also need to figure out what we are doing in taking over something that is, I presume,
not part of the Oracle SGA and how we protect the ASF's interests and respecting the original
sources of the content in so doing.

I presume we need to let legal-discuss know exactly what the considerations are for the web
site, the forums, the wiki, and the bug tracker.  

Not quite sure how to make that clear and also straightforward.

 - Dennis

-----Original Message-----
From: [] On Behalf Of Rob Weir
Sent: Monday, August 29, 2011 08:27
Subject: Re: [WWW] Privacy Policy ( was [Fwd: Assistance with rewriting TOU/PP for Apache podling])

On Thu, Aug 25, 2011 at 12:01 PM, drew <> wrote:
> On Sun, 2011-08-14 at 07:37 -0400, drew wrote:
>> Howdy,
>> Sending along copy of the email to the legal-discuss list.
>> Cliff Notes version
>> Down and dirty 1st draft of new TOU here:

Sorry for the delay in reviewing this.  A few points on the TOU:

4(b) we're talking about source code contributions.  Why not just say
it is always under ALv2?  Why "the license posted for that Project"?
Will this website ever contain projects that are not Apache 2.0? I
don't think that is possible.

4(c) Other Submissions.   I think we want Apache 2.0 for these as
well.  Translations, documentation, help,etc.  But there may be other
things like community contributions to the wiki or forums that are
not.   So the distinction is really between things that might
forseably be part of a release (including source code, doc,
translations, templates, etc,) and things that are not.  The source
code versus "other" distinction is not the important one.

We cover that at another level, but not accepting patches unless they
are clearly under ALv2, but it would not hurt to be consistent in the
TOU as well.

4(d) Private projects?  Do we even have private projects?  I don't
think so.  If not, we should remove this clause.

4(e) This states that other projects might have their own licensing
terms and if so, those terms have precedence.  I don't think we can
allow this.  We can't be running a forge with a diversity of licenses
within the project.

>> I'll update the draft page to reflect discussion from the two lists,
>> please feel free to do so yourself, should you so prefer.
> Howdy List,
> Ok, well the TOU has been available for review for a while, no comments
> TD. One small issue, still missing wording for a Privacy Policy.
> If you look at the draft TOU it references a currently non-existent PP
> page as :
> I've appropriated the text from another ASF project, made a few minor
> edits and placed a draft for same at:

Thanks for drafting that statement.

Are we sure this is complete and accurate?  I'd be surprised if, for
example, neither the wikis, Bugzilla nor the forums stored a cookie to
enable persistent login sessions.

Or was this statement only for use with the static website?  But we
make want to have a comprehensive privacy policy statement at the site
level, e.g., something that can be used for both

The statement "We do not track or collect personally identifiable
information or associate gathered data with any personally identifying
information from other sources" is problematic.  The issue is that IP
address are interpreted as being "personally identifiable information"
in some places.  For example, in Germany, that is the root of the
controversy with Google Analytics.

So better, I think, to be straightforward and factual, say exactly
what we do track, but not make any further assertions or

> So - this assumes that for now there will be no third party analytics,
> which I would propose as the correct way to proceed at this moment.

But currently, this assumption is false.  For example, I see GA used
in the OOo wiki:

<script type="text/javascript">

  var _gaq = _gaq || [];
  _gaq.push(['_setAccount', 'UA-1087265-7']);

  (function() {
    var ga = document.createElement('script'); ga.type =
'text/javascript'; ga.async = true;
    ga.src = ('https:' == document.location.protocol ? 'https://ssl' :
'http://www') + '';
    var s = document.getElementsByTagName('script')[0];
s.parentNode.insertBefore(ga, s);


 We can discuss a change in that area, and implement such a change, if
that is what we want.  But we should probably start with a privacy
policy that is consistent with what the website actually does.


> Thanks for you time,
> //drew
> ps. Will send similar email to legal-discuss now.
>> -------- Forwarded Message --------
>> From: drew <>
>> Reply-to:
>> To:
>> Subject: Assistance with rewriting TOU/PP for Apache
>> podling
>> Date: Sun, 14 Aug 2011 05:30:47 -0400
>> Hello,
>> is coming to the ASF, as part of this transfer a number
>> of websites will need to be re-branded and re-hosted. Part of this
>> process will be to re-write the Terms of Use and Privacy polices for
>> these sites.
>> Some of the current websites are hosted by third parties,
>> for example Oregon State University, and will not be re-hosting but will
>> need still to be re-branded.
>> The TOU used at the main website is found at
>> The current website supports individual user
>> accounts, support for individual user accounts at this URL is not
>> planned to continue after transfer to ASF hosted servers.
>> This same TOU is currently used by the User support websites found at,
>> and will continue to support
>> individual, site specific, user accounts after transfer to ASF servers.
>> The website found at currently
>> supports individual, site specific, user accounts and MAY continue to do
>> so after transfer to ASF servers. Currently the site does NOT use the
>> TOU policy found at the main site, it is proposed to do so after the
>> transfer.
>> The website found at and
>> is currently hosted by Oregon
>> State University Open Source Labs for the project. This
>> site supports individual, site specific, user accounts. This will
>> continue after the transfer. This site does NOT currently use the TOU
>> policy from the main website, it is proposed to do so after the
>> transfer.
>> The Wiki, User Support and Extension/Template websites currently support
>> user content submissions under various licenses and will continue, I
>> think, to do so after the transfer.
>> The TOU policy at the main website references Privacy Policy and this
>> will also need to be rewritten for the transfer.
>> This is not an exhaustive list of websites that are currently part of
>> the infrastructure, or even those that will transfer to
>> ASF, you can find that at:
>> So - long enough introduction I think.
>> Have created a page on the Apache AOO community wiki for
>> editng the TOU text - current contents is my first pass on edits against
>> the TOU page reference above. That page is at:
>> Have not created a page for the Privacy Policy draft yet, will do so and
>> post back to the ML with the address.
>> Looking for help on this from the legal side, questions from folks I
>> guess, too start..please.
>> Thans very much and looking forward to meeting you all,
>> Drew Jensen
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail:
>> For additional commands, e-mail:

View raw message