'Online Accounts' Legal notice violates GFSD
A bug regarding this issue has already been filed. You can sneak over to the bug report at the URL;
https://trisquel.info/en/issues/13171
Brief Description of "Online Accounts Legal notice" for quick Review***:-
................................................................................................................................
1. Mentions about collecting and storing user's credentials and enabling authentication cookies, which may impose a back door/act as a spyware.
2. Any trademarks, logos and service marks displayed on Online Accounts are the property of their owners, meaning verbatim copying and redistribution of the trademark/logo can be legally challenged by third party trademark holders in respective states/countries of use.
Please share your valuable suggestions in this regard.
I've read the GFSD [1] and I don't think there is a problem.
1. Looks like the notice says that the credentials and cookies will be stored on your computer and will not be accessed by Canonical in any other way. The GFSD mentions malware but I don't think this qualifies.
2. I think the trademarked logos are Non-functional Data and "the practical requirements are reasonable".
What I believe is a Big Problem is mentioning Ubuntu and Canonical as their trademark policy forbids this. I've reported this at https://trisquel.info/en/issues/5052#comment-61395
Having said that, I'm not a lawyer.
[1] https://gnu.org/distros/free-system-distribution-guidelines.html
lembas,
There are some issues which the legal notice does not address;
1. It does not explicitly say whether the authentications cookies are encrypted or not. Often crackers can access an unencrypted cookie and can steal the user credential.
2. Authentication cookie is a functional data. Unless a user knows what goes into it, we cannot explicitly understand what it does. The source code/cookie format needs to be published in that case.(Just like Libre-Javascript.)
3. It does not explicitly mentions who all can acces the cookies, only the concerned service provider or someone else. It also does not tells what information the cookie conveys to the authentication service.
4. It does not mentions whether these authentication cookies are accessible to the user.
5. One more addition:- Canonical can change the legal notice at any time; This makes clear they can change their policy regarding how they use the user credentials, or what data the authentication cookies can deliver to the authentication site (eg. Facebook).
These are enogh defense to consider 'Online Accounts' with suspicion.
Hi lembas,
I agree with you - trademarked logos are non-functional data and can be excluded.
But the legal notice also mentions the "trademark of Canonical". According to your suggestion, trademark of canonical cannot be used without their prior permission and Trisquel cannot explicitly use it in that case.
Thank you for correcting me.
I will always welcome an 'online accounts' software, provided it respects all my four freedoms.
I believe the community will take my concerns in the right spirit.
The price of freedom is eternal vigilance.
+1
You are right.
And thanks a lot for promoting my bug report to 'Comprehensive Trisquel Branding Issue page'.
Please mark the original bug as a *duplicate* to comply with the Guidelines.
Happy Hacking...!!
I was hesitant to mark it as a dupe as it included other concerns besides the branding/trademark issue. Maybe I'll leave it to the Big Boys. :)