The Privacy License (PL)

Copyright © 2021 <copyright holders>

The Privacy License 1.0 (PLv1)

Copyright (C) 2021 Privacy-License.org. https://privacy-license.org/ Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.

0. PREAMBLE

The Privacy License is a free, copyleft license for software and other kinds of works.

The licenses for most software and other practical works are designed to govern the freedom of a person distributing the software (the “Publisher”). These licenses may restrict – or in some cases, prevent anyone from restricting – the Publishers’ rights to copy, modify, license, sub-license, or distribute this software and any software derived from it (the “Software”).

The Privacy License is intended to gurantee certain rights of any person interacting with this software or derived software (the “User”). We recognize that the user may not be aware of how the Software is designed, how it is used, or what restrictions bind the Distributor in dealing with this software.

We recognize that the User may not read an end-user license agreement (EULA), that even if a User does read the EULA, they likely will not understand it, that even if a User does read and fully understand a EULA, they may not be able to determine when or if a Distributor has violated the terms of the EULA. And we recognize that, even if a User reads, fully understands, and discovers a violation of the EULA, the User may not be adequately compensated, or will have an undue burden to pursue compensation. We affirm that a User who chooses not to read a EULA is still a person, and they still retain their rights. Likewise, a person who is unable to understand a EULA, or is not aware when Distributor has violated the EULA, or who is unable to successfully pursue compensation, retains their rights nonetheless.

This license therefore prohibits Distributor from violating User’s rights as enumerated here, notwithstanding any EULA that a User agreed to.

Therefore, this license grants the Distributor the freedom to use, copy, modify, redistribute, and license this software, provided they do not modify this license, and that the Software conforms to the below practices designed to protect the privacy of the User and their personal information.

1. RECOGNIZING A USER, AUTHENTICATION, AND LOGINS

1.0 Relevance of Section 1 - If Software has any functionality to recognize a User or to store their personally identifiable data for later retreival, and requires User to supply any information for that purpose, then Distibutor is bound to all restrictions here in Section 1.

1.1 Authentication - It is an unacceptable burden on User to require them to supply an unique username and a password as the sole method of authentication or recognition. We recognize that Users may not be aware of the likelihood or the risk that their account information may be stolen or used against their knowledge or consent. We recognize that this practice encourages User to reuse usernames and passwords accross multiple Software instances, and encourages short or insecure passwords. To require a User to create a username and password is a gurantee that some Users will have their credentials stolen. Therefore, Software may request a username and password, and must allow authentication through OAuth (described in section 1.2)

1.2 OAuth - The software must sopport OAuth as method of authetication available to all users. The software must support multiple providers for the user to choose. OAuth providers must be “common” (defined as being listed as a known provider in Wikipedia at https://en.wikipedia.org/wiki/List_of_OAuth_providers at the time Software is released). At least one oAuth provider must be “independent” (defined as not being owned or operated by this Distributor).

1.3 Contact Opt-in - A User may supply certain contact information in order to be recognized by this Software, or to store information for later retreival. This contact information cannot be used for any other non-essential communication without explicit, opt-in consent from the user. Non-essential communications include, but are not limited to: marketing, advertising, notifications about other User(s) activity within the software, and any suggestion to interact with the software or with User(s) of the software. This consent can not be granted through acceptance of a EULA. We again affirm that User may not read EULA, notwithstanding the Users gurantee that they have read it.

1.4 Essential Communications - If User supplied contact information and knowingly created an account/login, it is acceptable to contact User for the following reasons:

• Direct messaging from another User or Users within the software, provided these Users are also natural persons, and not automated or virtual accounts
• Message or comment within groups or on posts, comments to which the user has already interacted with, or has opted-in to join.

1.5 Account Deletion - The software must allow the user to permanently delete their account and all information related to it, including any activity, posts, messages, comments, updates, and any of their user-created content. This ability must be accesible via similar means to the method of account creation. A user shall not be required to contact the operator of the software though email, phone, or mail, unless required by law.

2. ACCEPTING AND PROCESSING PAYMENTS

2.0 Relevance of Section 2 - If this software includes a method of payment for any purpose, then Distibutor is bound to all restrictions in this section.

2.1. Trusted Payment Partners - It is an unacceptable burden to require a User to supply a credit card number directly to the Software for the purpose of payment. Human progress has brought us myriad payment providers that securely store and protect our payment details. We recongnize, as Distributors of Software, we are not as clever as we would like, and far too many distributors store credit card or other payment details unencrypted or with weak encryption. The software must support a third-party payment provider as a method of payment, which does not require the user to provide a credit card, bank account number, or other direct bank-tied information directly to the Distributor, unless the Software meets exceptions in 1.2. We recognize that Payment Card Industry (PCI) standards can be vague and are self-reported by providers themselves. For the purpose of this license, a “Trusted Payment Partner” is a provider or ateway listed in Wikipedia https://en.wikipedia.org/wiki/List_of_online_payment_service_providers at the time the Software is published.

2.2 Exception to Payment Partner Requirement - The software may collect a credit card number, bank account number, or other bank-tied information directly, provided the following conditions are met:

• This payment is non-recurring, and information is stored only in partial form after the purchase is completed. Only the last 4 digits of a card number or account can be stored.

3. NON-MODIFICATION OF THE LICENSE

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.