I am a big fan of open source software, butI don't think open source licenses are relevant to the cloud based services that have become popular in recent times. The issue is that people are looking to avoid being tricked into using services with unreasonable rules on intellectual property , but it is possible for a cloud based service that is implemented with open source software to have totally unreasonable rules (and of course it is also possible to develop a service with proprietary software that respects their users' rights in a very enlightened way). Therefore we need to develop a new idea of what are reasonable licenses in an era of cloud based services.
In the traditional model of computing, the flow of intellectual property is from the software developer to the user. Therefore, an organisation that develops software will distribute it with a license which is a legal definition of the restrictions on what users are allowed to do with the software. However, with cloud based services the transfer of intellectual property is often in the reverse direction. For example, if you are a Facebook user you will be providing valuable content to Facebook every time you upload a photograph or post a status message. Therefore the most important part of the Facebook terms of service is not the rules about what the users are allowed to do, but the rules about what Facebook is allowed to do with this content provided by users.
People rarely read the license that comes with their software, so organisations need to be able to communicate briefly what are the rules about the use of their software. For example, if a company says that their software is "Open Source" users will assume that they will enjoy the four freedoms defined by the Free Software Foundation. In fact most companies publishing open source software won't write their own license, but will use something like the GPL or the Apache license so potential users can know the restrictions without having to read the license at all. In a similar way companies publishing software under a proprietary software will try to summarise the restrictions in a single sentence e.g. "can be used by up to 100 named users" or "can be used for non-commercial purposes only".
What cloud based services need is a similar shorthand way to communicate to potential users of the service what are the terms and conditions associated with using the service (e.g. will your data be shared with 3rd parties looking to target you with advertisements). This is a rapidly evolving area so there is not yet any consensus about what constitutes reasonable restrictions. The best proposal I have seen yet is the Open Cloud Manifesto which was recently launched by a number of important companies active in the cloud services space (including my employer IBM), but this proposal still does not have the backing of several other key players in the industry. This manifesto is geared towards a definition of cloud services where the service provider mainly provides computing power to the users (e.g. the way Amazon or Racksppce do), but different concerns need to be addressed when the service provider is hosting a complete service (e.g. the way Google or Facebook do).
In the traditional model of computing, the flow of intellectual property is from the software developer to the user. Therefore, an organisation that develops software will distribute it with a license which is a legal definition of the restrictions on what users are allowed to do with the software. However, with cloud based services the transfer of intellectual property is often in the reverse direction. For example, if you are a Facebook user you will be providing valuable content to Facebook every time you upload a photograph or post a status message. Therefore the most important part of the Facebook terms of service is not the rules about what the users are allowed to do, but the rules about what Facebook is allowed to do with this content provided by users.
People rarely read the license that comes with their software, so organisations need to be able to communicate briefly what are the rules about the use of their software. For example, if a company says that their software is "Open Source" users will assume that they will enjoy the four freedoms defined by the Free Software Foundation. In fact most companies publishing open source software won't write their own license, but will use something like the GPL or the Apache license so potential users can know the restrictions without having to read the license at all. In a similar way companies publishing software under a proprietary software will try to summarise the restrictions in a single sentence e.g. "can be used by up to 100 named users" or "can be used for non-commercial purposes only".
What cloud based services need is a similar shorthand way to communicate to potential users of the service what are the terms and conditions associated with using the service (e.g. will your data be shared with 3rd parties looking to target you with advertisements). This is a rapidly evolving area so there is not yet any consensus about what constitutes reasonable restrictions. The best proposal I have seen yet is the Open Cloud Manifesto which was recently launched by a number of important companies active in the cloud services space (including my employer IBM), but this proposal still does not have the backing of several other key players in the industry. This manifesto is geared towards a definition of cloud services where the service provider mainly provides computing power to the users (e.g. the way Amazon or Racksppce do), but different concerns need to be addressed when the service provider is hosting a complete service (e.g. the way Google or Facebook do).
No comments:
Post a Comment