““Operating system provider” means a person or entity that develops, licenses, or controls the operating system software on a computer, mobile device, or any other general purpose computing device.”
This definition doesn’t really fit within the framework of free software.
Unfortunately System 76 is already thinking about compliance, Canonical and Redhat too, I assume.
I’d like to ask how reasonable would it be to fully block any open-source software from California as response? Because that seems like the only solution to stop laws like this here rather than waiting for more states to push this idiotic stuff.
Have an option for California special devices with blank HDDs/SSDs and have users install the OS, would this meet the requirements?
Just started watchin Ten Pound Poms” on Britbox. Maybe you can tell me what a “Pom” was/is?
Most people understand that the executive office does not create legislation (or create taxes/tariffs, or declare wars); that is the domain of the congress. In that regard, this bill passed the State Assembly with a vote of 76-0 and the State Senate with a vote of 38-0.
You can pretend to blame some boogeyman if you wish, but this is a bipartisan move.
[Edit: The bill was authored by Buffy Wicks, a Democrat … but more importantly … serving for the district containing Google. So, really, this is likely a Google-pushed/authored bill.]
And, while I initially indicated that it’s not a big deal since it didn’t have any requirement that the information be correct, I was forgetting how politicians act. With politicians one must assume the “worst case slippery slope”. In this case, once the mechanism is in place (AB 1043), they will almost certainly impose further requirements in a year or two (e.g. requiring that the admin assert they inspected the drivers license, passport, or birth certificate).
As I understand it, but would love to be corrected: “Pom” is to “British Immigrant” arriving in Australia in a certain era as “Mick/Paddy” is to “Irish Immigrant” arriving in the US in the mid-1800’s. A derogatory nickname associated to an immigrant of a particular origin.
So you would like to block open-source and/or Free software from California? Like Android. Like any additions Google makes to the Linux kernel. Like firefox (Mozilla is located in CA). Like Chromium. Kubernetes. Tensorflow. Go. Flutter.
But even more funny: Purism is located in CA. Say goodby to PureOS!
Remember that if California were its own country, it would rank as the 4th largest in terms of GDP (it used to be 6th; not anymore). In order: US, China, Germany ($5 trillion), CA ($4.3 trillion), Japan ($4.28 trillion), India, …
Remember that if California were its own country, it would rank as the 4th largest in terms of GDP (it used to be 6th; not anymore). In order: US, China, Germany ($5 trillion), CA ($4.3 trillion), Japan ($4.28 trillion), India, …
So how long do you think that would be like this if all FOSS projects would start geo-blocking CA, stop working in CA timezone and neither offering updates or downloads? Because CA has actually forbid their software by law.
I mean how do you even define OS provider in Linux distributions? Are mirror servers so called “OS provider”? Are maintainers of certain packages “OS providers”? Are http servers with ISO images “OS providers”?
It’s not clear. So the only responsible approach is blocking. Not to mention that since they address operating systems as a whole… servers, smart watches, fridges, cars, gps trackers, drones, … all require your age now? WTF? - No, block them.
They haven’t forbid all FOSS software. CA has only put penalties on the providers of an operating system without a certain feature if children are going to be users of the system (the penalty is only “per affected child”).
So this only affects OS distributors, not all Free Software projects. The OS distributors are either going to comply or put “not for use in CA” disclaimers, in which case the person installing it might be the only person to is liable … and probably not even them.
It’s the opposite ethos of Free software … so it wouldn’t happen. There might be some very few projects that do this, but they would almost certainly be labeled as crazy and, if the project had value, forked.
In the end, pretty much all projects that geo-blocked the EU because of GPDR … either stopped or folded. No surprise. You might be interested to know that these forums weren’t prepared to deal with the GPDR (and, my guess, they still aren’t).
LOL. Do you know how timezones work???
what i mean is that software could actually parse timezone settings where CA has a unique one. So not filtering by offset to zero.
Also I don’t think blocking is that unreasonable even for FOSS. Because you either comply, potentially get fined or block providing software.
Even if this only affects OS distributors… it’s still not answered who that is when it comes to Linux distributions? Does providing an ISO or image file count but providing essential packages does not?
It certainly leaves questions as to which company (or other corporate entity) is affected by the legislation and who, if anyone, would be fined.
In the case of PureOS, I think it is reasonably clear that Purism is responsible (they develop, they release, they distribute, and noone else does) and they are obviously located in such a way that they are within the reach of US law. So compliance may be difficult to avoid.
Hopefully Debian just implements something and that will cover Purism, Canonical. Not that I really want this legislation at all.
I can well imagine that in the Linux world different distros will go off in their own incompatible directions, particularly as right now this is purely a California issue.
As currently written, the whole thing is a bit silly because Linux encourages you to own your own computer, which means having control over it. For example, with root access, not much about this law is going to make sense. With being able to (re)install other operating systems at any time at the drop of a hat, the dob info doesn’t have a lot of rigour.
The law is really targeted at proprietary blackbox systems that are locked in to whatever the manufacturer says.
e.g. pom - Wiktionary, the free dictionary
(Australia, New Zealand, South Africa, mildly derogatory slang) An Englishman; a Briton; a person of British descent.
etymology disputed but the link provides one
Specifically who do you think should block CA and why them? e.g. Do you think the GNU coreutils project should “block CA” and why? This requirement has nothing to do with their software even though it’s a component of virtually all the distros.
If the answer is “Canonical, RedHat, Fedora, …” I can understand that. I just don’t think it will happen.
The whole of how Free software copyrights work (especially copyleft ones) is dependent on legal definition in copyright law of derived works. In this case, if one creates a derived work and that derived work is an OS, this law applies to them. As I understand it, that creator, given their legal liability, should disclose that it should not be installed in CA.
Don’t overthink this if you are not an OS creator.
As long as that essential package is not an OS … then it does not count.
Don’t overthink this if you are not an OS creator.
Who is and who is not? Did they define what OS means? I don’t think so.
As long as that essential package is not an OS … then it does not count.
Isn’t GNU the OS or is it not? Is systemd the OS? The Linux kernel? The desktop environment?
In my opinion there is not a single package or dependency which is the OS. So why would anyone comply? Why would someone distributing an image with packages be liable but not someone distributing packages via repository structure? Does not make sense.
Why would someone providing a mirror server be treated differently? Does not make sense either.
So as far as I see it. Nobody is liable or everyone is. Unless they provide a clear definition of what “operating system” means. But if they do, Linux distributions are very likely to workaround this because of the flexibility by free software. So either way, compliance is wrong.
If you comply to this, you agree to the idea that they can make up terms without reason. Why would you do this? Fear?
As this would be completely new functionality, it could easily be that no project takes ownership of the issue. The distributed, sometimes uncoordinated, way in which the various projects operate suggests to me that in the end the distributor of the distro will be held accountable (e.g. Purism, Canonical) and hence it might be they who say that the distro is not authorised for use in CA.1
But to me that wouldn’t make sense for Purism (as a CA-based company). So if Debian doesn’t pick up the ball, I would think that Purism would have to cobble something together itself (possibly excepting the Librem 5) and maybe seek an implied exemption for the Librem 5.
1 I would make the analogy with prospectuses. Many prospectuses here say that the prospectus is not authorised for distribution to any US-based entity or for use in the US - because they couldn’t be bothered complying with the minutiae of US securities law. But do you think it is actually enforceable or enforced? Any motivated US-based entity will find a way.
No. You’re probably referring to GNU coreutils. It is not a complete OS.
No.
No.
No.
Here’s a definition: Operating system - Wikipedia
Because I think you’re are being pedantic, here’s an analogous conversation: I don’t know what a “novel” is. Are the characters in a story a “novel”; novels contain characters? Is the word “it” a novel; every novel I’ve read has the word “it”? What about the “setting” for a storye; is that a “novel”? What if I randomly strung a bunch of words together from a dictionary, would that be a “novel”?
Are they the creator of the derivative work or are they just providing people with a copy of the derivative work?
[Aside: In the publishing world, people put together “collections”, “anthologies”, or even a “compendium”; they are gathering together a collection of works by other authors. e.g. short stories of a certain theme, e.g. a poetry anthology, e.g. a study guide …. They license those other works and don’t own them. However the person who puts together the “collection” is creating a derived work and while they don’t own the copyright to the components, they own the copyright to the collection (order, theme, explanations, etc.). They are the copyright owner of that collection even though they don’t own the copyrights to most of the parts.]
Because I think you’re are being pedantic
Why don’t I simply cite the actual bill to show you why it opens a fire? Shall we?
“Operating system provider” means a person or entity that develops, licenses, or controls the operating system software on a computer, mobile device, or any other general purpose computing device.
So that means every developer, every contributor or maintainer but even every user or person/entity that shares the software (because they license it) is an “operating system provider”.
While you say that an operating system is…
An operating system (OS) is system software that manages computer hardware and software resources, and provides common services for computer programs.
…it’s still unclear which packages, libraries or binaries this would include and which it would not include. However since the bill says “operating system software”, it might even include more. It’s not clearly defined in the bill.
Additionally the bill requires an “account holder” at account setup which needs to be “an individual who is at least 18 years of age” and it needs to be “associated with a user’s device”. So that implies every device needs to have an adult individual linked to it for it to function. Also it requires a certain age for this “account holder”, not a simple age bracket.
It continues by demanding:
The bill would require a developer to request a signal with respect to a particular user from an operating system provider or a covered application store when the application is downloaded and launched.
So it’s not just the OS which would need to setup an interface, store age brackets for all user accounts and applications to request a permission for launching… no. It explicitly demands that for downloading as well.
That means not just all kinds of applications need to implement a new API, potentially via libportal talking to some sort of store application. Also all kinds of libraries, services or tools that allow HTTP or FTP requests/connections to cater to it.
It’s completely unreasonable. All of this until January…
Do like Apple and MSFT and redomicile to Ireland?
Although I think nowdays Mick and Paddy are terms of endearment.
