 Okay, welcome to today's first evening session, so We're now going to have the deviant services agreement one year hence by Bradley Kuhn Welcome Bradley. Thank you for welcoming me back So I'm not gonna do about 20 minutes of like regular slide talk And then it's just gonna be Q&A about the services agreement, but I will I'm how many people saw my keynote last year Okay, so only half the audience that's good So I should do this summary those you saw my keynote last year. You know this from my keynote last year Conservancy is a charity in the United States What that means is we're filed under a specific tax regulation in the US called 501c3 There are various versions of those the mic not working There's the mic just the recording for it's not actually amplifying me So he can't I mean I'll talk louder. Is that okay? Is that messing up the mic? I can talk this loud I have a loud voice anyway, so That that means we serve the public good the specific public good that Conservancy is chartered to serve is advancing software freedom simply put more generally Promoting improvement and creation of free Libre open-source software for people to use and improve So our usual work is what they call in the non-profit Geek space fiscal sponsorship, which basically means we are a home Open-source and free software projects They join us and they receive the benefits of being part of a non-profit charity without having to do the work of Forming their own charity and creating a board of directors and managing the administrative parts of the organization so Generally speaking what we're typically doing for our projects is Getting done those things that are annoying to do and not in the area of expertise of software developers typically But really need to be able to exist and happen for a free software project to succeed that's the squishy way of putting what we do regularly and That we do that usually by providing a non-profit legal infrastructure For those projects that they can live under and receive those services so Debian is not actually a perfect exact fit for those needs. It's not what Debian needed When it came to talk to Conservancy And I think Debian is actually now a really unique free software project I was less unique in the past there were more projects like Debian years ago But Debian is kind of the only one left that has this kind of Worldwide nebulous group of people that actually want to make lots of different affiliations with different types of organizations Around the world. These are just this is probably just a short list the one I grabbed off the website I'll tell them now while Neil was talking. I was busy looking at the web site Checking what all the affiliations you have these are the ones I was able to grab quickly But I think there are others Debian makes friends with everybody and says hey, can you help us with something? Okay, great You're where affiliated with you and you're gonna help us with it and I think that's a good thing I think it's been a wonderful benefit to Debian that you're kind of the the universal receiver of any good will and services that the Community out there in the free software world can provide And I think Debian at least the anecdotally the Debian developers I've talked for you really like this arrangement You like being able to work with everyone and want to continue working with everyone and you also already in the US had an Affiliated organization software in the public interest SPI in fact it was in some sense formed initially to be That service provider to Debian in the US and Conservancy for our part. We've always had a very friendly and cooperative relations with SPI SPI is people have called the Conservancy light It's like the the sort of pared-down version of what Conservancy does for just to focus on handling donations and so forth And so we think that's great because that's what some projects need They don't need the larger group of services that Conservancy provides and they tend to affiliate with SPI when that's what they need and Meanwhile, I guess it was almost how long ago Karen was it two two years ago when Zach contacted you So is that contacted Karen our executive director who's going to join me up here for the Q&A and He said I want somebody to take care of my copyrights. He was at that point leaving DPL And wasn't planning to run again and he was got he hasn't really but at the time I think he was planning to reduce his involvement somewhat in Debian and he said well I'm worried about what happens to all the copyrights. I put into Debian over the years I'm not going to keep track of what's going on to them. They're mostly under the GPL I'm not going to go track and see if people are violating the GPL But I want to make sure that there's somebody out there checking up on that and will enforce the GPL if Those copyrights are violated and I talked at length about this conversation with Zach and all how that all worked last year so the central program that Karen designed for the The Debian services agreement was a copyright assignment process the ability for Debian developers who say you know what? I have all these copyrights, but I don't want to maintain them keep track of them Enforce them on my own. I want a trusted organization that I can have do that that's what the center of the program is and as the agreement was being created the thought was well, what else Does conservancy do that Debian needs that's not being covered by the other organizations that Debian currently has affiliations with and a couple of things we discovered was Not just copyright assignment Because I'm not really a big fan of copyright assignment anymore I like to to quote a rather a big political gaff that happened in the United States years ago I say that with copyright assignment. I was I was for it before I was against it Because I used to really be pro copyright assignment now I'm I sort of don't see as much value in it as I used to for free software projects I think people these coalitions of enforcement Groups can do a lot more than a single entity receiving all the copyrights So we have these copyright enforcement agreements at conservancy with some projects where a group of copyright holders in that project I'll choose to sign an agreement with conservancy and then as a coalition We go out and enforce the GPL or LGPL whichever license is involved on their behalf So we have one of these for Linux. We have one of these for our Samba project Which is also a full-fledged member as well, but we also have a that service plan for them we have that for busy box and Now we have one for Debian as well and Generally speaking we've discovered over the years that there's certain expertise that we as an organization have in Free software licensing free software policies trademark policies but other stuff to organizational policy that kind of thing and We basically decided to offer that to Debian on a regular basis anytime Debian wants our expertise on something We know about Debian can contact us talk in a minute how that works and we try to provide the best advice we can Want to be clear that we're not a law firm. We don't provide legal services I'm not a lawyer at all. I want to be clear about that like that people keep Just while I was at lunch somebody walked up say oh, you're a lawyer in free software, right? I am not a lawyer I do not want to be a lawyer There are very few lawyers. I like Karen you're one of them, but most lawyers. I don't like so I don't want to be a lawyer I'm not a lawyer. I just spent way too much time with them Which is why all developers now think I sound like a lawyer. I have a master's degree in computer science, man I really do like I can program right? I haven't in years, so I'm probably not very good anymore, but I know how to do it So so we're not the the Conservancy is not your law firm not legal services We're not any Debian developers lawyer. We're not the DPL's lawyer. We're not Debian's lawyer And that should be clear so we can provide you know sort of quasi legalistic advice on stuff we know about but it's not going to be actual legal advice from a lawyer and The O and his DPL actually developed a number of relationships if we talk about this morning with other lawyers And I think that's ongoing So I think Debbie in long term is going to have lots of different lawyers that it can talk to when it needs actual legal advice And if ever there's a situation where one of these coalitions has to do something with a lawyer We can get a lawyer that would be both conservancies and Debian's lawyer and we could do what we needed to do if that comes to happen So this agreement which I talked about as I said last year my keynote it came to be by first we asked SPI You know leave it was it was kind of like you know You go to the like the old tradition of going to the parents of the person you want to marry to ask their permission or something Let's SPI and said are you okay with us providing these services to Debian because your Debian's affiliated organization the US We don't want to you know step on your toes SPI is pretty lightweight as I mentioned and actually SPI's board was very glad I think that we were willing to do this It's not service any none of these services or services that SPI typically provides Doesn't really have the infrastructure and or want to build the infrastructure to provide them so They were happy that we were willing to do it So he made kind of an omnibus agreement It's an open-ended Time-wise agreement between Conservancy and Debian the DPL has the power to cancel it the DPL actually negotiated it It was negotiated when Lucas was DPL and negotiated with Karen our executive director to sign the agreement and We also have and is allowed for in that omnibus agreement the creation of individual agreements with individual Debian developers So individual developers if they want to sign copyright they feel like Zach does they just want to give her copyrights That someone they trust and forget about it They can do that or as is actually much more popular as I predicted it would be I told this to Zach many times Most people prefer the copyright enforcement agreement, which is basically a temporary agreement that can be terminated at any time whereby a developer gives Conservancy permission to act on their behalf to enforce the license be a GPL or anything else on their behalf on their Debian copyrights and That and therefore they don't have to pay attention to the day-to-day very annoying activity Frankly of enforcing the GPL and can just be briefed on a regular basis as to what's going on and not have to worry about it And if they're not happy with how Conservancy is doing it they can cancel the agreement. I have in my bag right here a Stack of these agreements so if you want to read them or you'd like to sign one or you'd like to read it for a While and decide if you want to sign it you can do that There's a separate us e you and everywhere rest of world version of the copyright assignment the copyright enforcement agreement is the same Around the world, but you can look at it and we actually just talked with Mehdi and we're gonna put that he says there's an area of file storage for Basically the equivalent of Debbie and private the but file storage. We're gonna put them in there I think Neil you were we sent in you to do that and Betty said it wasn't done So what's your problem? You know cheese we gotta vote you out. Oh, never mind so So what have we done in the past year on the enforcement agreement? We didn't imagine when we signed it that We were gonna spend a lot of time talking about ZFS last year, but we did I'm grateful to Neil because he told you that story this morning. So I don't have to tell it again I want to be clear that for Conservancy. It wasn't merely Debian thing Because almost every Conservancy project that was copy-lefted came to us with concerns I had many phone calls from some of the developers about ZFS. They were concerned because as Neil said this morning, there were implications GPL worldwide Regarding the ZFS situation and so we really were and Linux obviously our Linux enforcement project was very concerned So there was a lot of people inside Conservancy asking us to do something and Neil talked about all the kind of conversations that happened over that another thing we did in the past year is We did some help with SPI not I mean I I don't want to oversell it I did a couple of phone calls and some higher c chats with folks SPI to explain to them how we're doing our accounting I think they're working now to put there You're doing actually add some putting those that you're they're gonna use our same system of accounting that we use Which is a command line based accounting solution, which is really good for a hacker run organization Not so good. It doesn't scale. Well, I've already told them that because when you need to hire a normal bookkeeper They look at it and say I have to edit this in a text file like what? But it's great for those who'd like version control and editing text files, which most of us do So we've helped SPI with that and that's I think helped Be allow SPI to do some more serve better faster service to Debian at least in the long term for their accounting And to be honest, we didn't do much more under the Debian service agreements. We signed up a lot of people Into the enforcement coalition But there actually wasn't any discussion on the enforcement coalition lists all year except about CFS Because I have yet since we started this program a year ago Received a GPL violation report specifically on Debian now I get reports of violations on Linux on a daily basis basically, but those are upstream It's I've yet to get a report that said. Oh, it's actually violating on Linux But it's the way it's violating on Linux is it's a an infringement on all of Debbie And they've taken a Debian distribution and done something nasty with it I got one of those I think the last time like 10 years ago was the last time I saw it was this actually a It was one of these home automation companies It was like a really high-end one and they basically just put a Debian server in your house And then they were doing updates over the air But they were only sending binaries like updates over the air to your to your house when they updated Debbie And so that's the last time I did an enforcement action Before this agreement years before this agreement existed But it was violating everything and to the Sun because everything on the Sun is in Debbie and it's the universal offering system So we did it on busy box in those days, but that's the last time I ever saw a Debian distribution per say exactly in a violation so I Expect we won't get a lot of reports of Debian violations But if you find someone violating a Debian copyrights and one way or another Right to the email address compliance at sfconservancy.org and tell us about it and we'll do something about it But it hasn't come up yet. So we're just we're poised and ready to help you when the time comes So this is my pretty much my last slide The question is what do we do next under this service agreement for Debian? I think you should tell us You all I mean I've given you a basic summary here, but many of you are familiar with conservancy You know what we're capable of what our abilities are. So what of those abilities do you need? We just had a meeting with Mehdi about what we could do how we could better streamline this We're gonna we just decided a few minutes ago. We're gonna create an RTQ in the Debian official RT Mehdi just told me that he's gonna as we're walking over that he's going to let some of the teams Get access to it's not access to it But give them address so they can file tickets in that queue for us to pay attention to But you can also ask us here if there's things you know We're experts about that you think Debian needs that we ought to work on I should be clear that the agreement allows for a certain amount of Zero cost time a couple hours per month And then we do have the option with the DPL's permission to bill Debian for more work What we've done so far is we usually say We can't work on it this month Why don't we just do this next month is it urgent and then we just do it in the next hours next month's hours We're not interested in trying to get a lot of money from Debian over this Actually, we'd like to find a way to give you just what we need under the zero cost hours But we put that provision in there in case something big comes up that we have to work on really hard And bill for and as I said we didn't bill for any of the ZFS stuff because that wasn't just for Debian It was for everybody so it wasn't it wasn't really appropriate to ask Debian to bear the cost of something that also the Linux Compliance project wanted and the Samba developers wanted and etc. But if there's something Debian specific that needs urgent and extensive work, that's something we could talk about doing and See what we need now If you're gonna raise it here, this is being recorded streamed and everything I think it was very useful and it often is very useful to discuss things privately at first I like very much that Debian is is one of the most open free software communities that things are discussed Almost always in public. I am still in the middle of my DD process myself So I'm not on Debian private, but I've known about Debian private for two decades And I've never heard that there's anything that important on there I guess maybe that's controversial to say but most Debian developers tell me yeah, you're not trust me You're not missing anything in fact I one of the things I researched when applying to be a non uploading DD was to make sure I'm not required to be on Debian private Because I don't think I want to be And it turns out you are not as I found out you're not required to be on Debian private So so but there is a value in that there's value in discussing things privately at first and making them public in due course I think it's best to make public things public in due course But I so if you want to stand up and say I have this problem You know think about whether you want to broadcast it to the world today Or maybe we should talk about for a while and in a few months broadcast it to the world and with that I'm going to ask Karen to come up and join me. There's apparently a mic up here for you. Did you get it? You got it? She's she's live And we can't stand we can't stand too close together. Oh wait over here That was that was that was unrelated Okay All right, I think it closer to you Okay, we're safe No feedback. Okay. No, I'm standing over here I don't trust you anymore I'm standing over here. That's it. That's three tries you're out. I'm over here. She's over there I'm not an audio engineer. I'm sorry, but who have questions. I don't I don't have to be standing right next to it That's not required. You're just a troublemaker you Indeed you did Now you're too close to the speaker with that So so what do you what do you want to know about the service agreement? What do you want conservancy be doing for Debian? What should we not be doing for Debian? Hello. Yes. Yeah, you sound live to me. Well, all right Agreement which I read earlier really to be clear. You're asking there's lots of agreements here You're asking about the copyright enforcement agreement. I believe The copyright enforcement agreement. Yes It has this concept that which it mentions twice, which is copyright registration Mm-hmm, and perhaps I'm not very familiar with that or maybe in different terms Maybe you could just elaborate on what that actually does and tails and and even for someone who's not doing this Am I as a independent? Copy-left developer or non-copy-left developer should I be registering my copyright somewhere? I think I probably know more about registration because I've been doing it lately. We know different sides of it Okay, okay, so I will give you the non-lawyer answer and then she can you can give a lawyer answer if you want, okay? So copyright registration exists in various jurisdictions. I don't know which ones it exists in it certainly exists in the United States and What it is it's a it's a process whereby you can file with some central authority Works that are under your copyright Now ostensibly this was invented for posterity But in fact it over the decades and Centuries it evolved into a system whereby the law Treated copyrights that were registered with a certain amount of additional power then works that were not registered so for example in the United States the Stagatory damages you can get and copyright enforcement in cases are substantially higher When your copyrights are registered than when they're not registered, so it's important to register your copyrights because Typically GPL enforcement focuses on the statutory damages a set of actual damages So to explain that because I'm a non-lawyer. Maybe I can say this Back up to that which is to say that when you that you don't need to register copyrights to have a copyright so copyright is This is I'm gonna be very us focused but again I am a lawyer, but I am a US lawyer admitted only to practice in the state of New York, and I am not your lawyer And this is not legal advice I But so So copyright form is the moment you fix You you fix a creative expression in a tangible medium So it used to be that you needed to undertake certain formalities to have your copyrights Duly formed, but now you simply Write your code and then you have a copyright so Registration, it's not something you need to do. It really relates to what you can ask for yeah, and guy in a lot How much does this cost can do this online you have to go in person and Lastly, can you do this retroactively for things for many years ago particularly for copyrights? You held before you started with a new employer or something like that the answer in order are Usually $25. Yes, and yes So so so in the US this is purely a US answer And actually anybody in the world can register with the US copyright office So you don't have to be a US citizen or based in the US or anything like that to register the US copyright office you go to their website and It's I believe 25. I think it went up to 35 at some point recently Dollars to register the copyright if you can do it for any work I recommend it so the confusion about what is a work in software is one that will be heavily litigated About over the next 10 years But generally speaking what I recommend to register is your contributions to a specific released version It's been suggested to me by by somewhat somewhat cagey and and and game playing lawyers that you should register every single patch you make Because then you can say each one's a separate work and then you can get different damages for each one I think it's it's really unclear How any of this is going to be interpreted exactly in particular the copyright holding piece of it and how it fits together and what Yeah, and but but but people in the normal world like not the software world tend to think about things being published Like you publish a book and that was the first edition of the book and the second edition of the book are different So to map that most easily I think the best thing to register is your changes to a version that's released when the official release comes out like When it's when you know it comes out of beta and it goes out there Find all your copyrighted to contributions to that and and register that so register my my contributions in Linux version, whatever right and I was gonna say this is something that we do With our coalition members, right? So the reason James is asking is because the agreement gives Conservancy the authority to register the copyrights on their behalf and I actually had their own their own their online They're actually the currently in get hub because the currency caliphate Server server is not all together so they're only on get hub at the moment But they will be on our caliphate server eventually, but I wrote a number of scripts to help you make it the pearl I'm sorry To make a deposit. So what's what is the positive deposit is the piece of the copyrighted work? You're giving to the office for them to hold on to as the this is your copyrighted work The deposit rules for software in the US are bizarre. They say the first 25 pages in the last 25 pages of the program So You can interpret any way you want because you can sort the print out any way you want So what I actually did so the interesting thing is the online registration process has not kept pace with the the PDF guidance And I worked with our lawyers conservancies lawyers on this and we came to the conclusion that it actually made sense to register the most representative changes to the thing and weirdly The the copyright office itself has interpreted first 25 to last 25 to actually be and this will sound great to everybody A bite count so there was a max bite count They will accept because they want they won't accept the whole work This actually makes sense because if they they don't have the resources to accept the giant amounts of code people would throw them for all registering All the copyrights so what they do is they take a representative sample in a maximum number of bites for that work Well, normally your patches will fit into that bite count the things you contributed to that work So what I do is I just sort by the person and their contributions in their patches And I submit they're the most representative parts of the work to have their copyright in it now You do should submit full files not patches right so what my scripts do is they find all your patches in a get commit log And then they find the files that are most you did the most changes to during that version and then put it in there So that's that's what you should do if you want to do it yourself But all that work is the kind of thing conservancy does under this agreement So we so I do that work for our projects. I haven't actually gotten to registering Debbie and copyrights now We're focused on registering Linux copyrights at the moment because it's much more likely we're going to be in lawsuits over Linux Soon as opposed to Debian So but we will eventually try to do all of them And and so far then if you have a reason why you'd really like to prioritize if you're a Signatory of one of these agreements and you say well actually there's an important reason I'd like my copyrights registered sooner. You can just email us and we can prioritize that one thing We didn't mention or you mentioned in the talk was that we published principles. Yeah, that so a list of principles for enforcing for a community oriented copy-elected project and they're basically principles for for enforcement that essentially treat Today's violator as tomorrow's contributor and sort of like establishing a path for communication That allows a violating company to understand what free software is about and understand how to co about Contributing to the community so that we don't scare companies up and in order to do that We've we have a list of principles that we've bound ourselves to so our enforcement agreements any services that we provide Under these agreements would be subject to the principles And so I Would be interested in how many hours of work you spent on the set of s License clearance I kept track of my hours, too. I did too. I could actually give you an exact count If you really wanted it was a lot Continue your question. I'll give you I'll give you an exact Debian has quite a lot amount of money and I would like to encourage the current DPL to send at least parts of that money for Your work on that of s to being recognized from the Debian project That's that's very nice of you. I appreciate that But I think I mean I think I would rather see that as a just a donation of goodwill We were we were very clear with Neil throughout that We had so many other interests in our community And you know in our member projects which we have much stronger affiliations to conservancy than Debian Because this is just sort of like an arms length services agreement we have with Debian with our other projects They're actually part of us So Samba is a part of conservancy like the legal entity of Samba is Conservancy and they are just like it's like a division of a company and so and Linux enforcement agreement We also have an enforced agreement with many Linux copyright holders and those parties had a lot of interest in how the ZFS thing came out So we were clear with Neil that we were basically negotiating with Neil Effectively is like a third part like a third party. We were we were not trying to say we're doing this for Debian The whole time. I don't think I once said I'm doing this for Debian I was very clear and because I did a lot of negotiations with Neil on ZFS And so and so I would love to see Debian make a not make a big contribution to conservancy That would be much appreciated and wonderful But but I don't think it should be specifically for ZFS It should be you know for for just goodwill and if you would love to do it I think I would be a bad executive director if I didn't say please encourage people to come become supporters of Conservancy like yeah, the great thing about the way we pivoted our business model is that the more people that sign up The more incentivized we are to continue I mean we're gonna wait We were committed doing the right thing and we have a mission statement that locks us into it But when the funding is a part of it It means that we're so directly incentivized to focus on the things that are good to the public and and talk about it As much as possible And so it's it that's a really good thing for us And so if you're happy with the things that we do if you could spread the word it would be huge for us because we really Struggled just to stay in it. I spent 82 hours on ZFS last year That's just me I have a little script that I can run that just I just grep for ZFS Yeah, 82 hours of my year last year was that a fess solely that a fess and mine was not that high But it was pretty high At least at least 40 hours for me Yeah, so that's that's that's not two weeks for me because I work a lot more than 40 hours a week But but it was a lot of time So oh and to add what Karen said actually we really want to be an individual supported organization That gives us a mandate of a constituency So I would ask her to become individual supporters having lots of individual supporters for charity Helps us in a lot of different ways the IRS likes it for one But also when we negotiate with big companies and third parties We can say look we have at this point. We have a 1031 people who have said we believe so much a conservancy output ten dollars a month towards it And when that number gets higher and higher, that's a huge value for us And and this is why if you've heard of the American Association of Retired Persons in the United States It's it has so much power because basically Everybody over almost like something like a huge percentage of people over 50 join it And they go to other agencies and say all the retired people are gonna be angry at you If you don't do something well, we can do the same thing for free software if lots of free software developers are giving us money Yeah, but we were also getting a lot of pressure when we were companies that were trying to pressure us to not do enforcement would At some point would often take the angle people don't care about that You know you and Bradley and Karen you think this is so important, but you're misguided you're living in the past You don't understand what people want. This isn't that important and now Those people will never you know with the over a thousand people already I see that that argument isn't coming up again So the more numbers we get then the more powerful that argument is Yeah, it's kind of relates to that point that I guess I don't know who other people from Debbie and you have so far signed Agreements, but I guess most Debbie and contributor or most Debbie and developers say to make it a narrower point Are maintaining a few packages where they have More or less trivial as in not in not in not trivial in all cases, but frequently fairly trivial packaging and then Maybe patches scattered across many many packages in Debbie and where they found a bug Do you should we be? Encouraging all those kinds of people to to make to sign the agreements I mean how how plausible is it to enforce on that kind of scale and and if someone does sign the agreement Do you try and track down Every place they might have had a copyright or I mean how does that how does that side work when it's on this kind of Very small-scale changes much like the first question Which was the first question is should everybody sign it even though they're packaging Oh, definitely. I mean I think so the it's very difficult to determine what the level of copyright ability is Like what what threshold of creative expression is required to to have so but regardless of whether or not You know, we even if the contribution is small in aggregate with a lot of people signing in and a lot of people participating together in Debbie and project it becomes a much stronger argument towards enforcement and And even simply what we're we're we are planning for the case the unfortunate scenario where we have to be in a lawsuit But what we really want is to be in this productive negotiation with companies that are out of compliance and to say You know we could say X number of Debbie and developers have signed agreements That means that we often don't have to get to the the stronger argument is the less likely it is that a In-house legal team will will be willing to risk going to court. So so yeah, and I don't know what Karen said there's a There's there's strength in numbers, right? So so what often happens when we're criticized for example by big companies that don't want to stop us from enforcing the GPL They say oh, you just have a couple of crazy crazy developers that no one likes They're the only ones who will work with you because you're crazy too by the way But when we have this big number of people like in the Linux enforcement coalition has grown every year We've got more and more developers every just signed up for it who are Linux copyright holders Same thing should happen with Debbie and so that we can say we have you know We don't have this yet not not a hundred but we have a hundred Debbie and developers who have signed this agreement They're all behind this Directly they've signed an agreement to be behind it and I would you know that the more that is the more That's gives us leverage to say you have to take us seriously when we're trying to enforce also Each little bit of changes add up right so if you get a hundred people who have made very small changes to a couple of packages Well now you have a very large set of changes to a couple hundred packages Which is it which is a much bigger copyright holding because they when you do if you do get the litigation Which we never want to but but if it does happen the biggest question litigation is can they write you out of it, right? So if you and go into a courtroom and say why have 50 lines of copyrighted code in this project and you infringe They can say one of the solutions it's always an answer to not infringe anymore That's always the way to end the copyright litigation more or less you there's past damage and stuff Generally speaking stopping infringement is the most important thing well They can take those 50 lines clean room them and write them again So but if it's thousands of lines they there's no viable way for them to clean room that kind of thing So it's not in a reasonable amount of time. So so that's really important And and so getting lots of people for that, right? It should also mention that while we want you to shout from the rooftops if you care about the enforcement of copy left If you don't want anyone to know that you want to copy love enforce You can still sign the agreements and we'll we'll do our best to keep the confidential Yeah, we've already walked through with the lawyers like the first amendment in the US arguments about about whether people can sign an Agreement like this and not have to be disclosed now if you want to if we go into litigation you have to be litigants have to be disclosed but the Usually as you see with the Kristoff-Hellwig case and with VMware, right? And we have a large coalition of Linux copyright holders that we're enforcing for but in the particular VMware case the actual case is Kristoff-Hellwig versus VMware other people's copyrights are involved, but they are not They're not privy to the case because the case is just about how it's copyrights now Do your second question? Yes, like are we going and finding them as I said? I haven't went and looked at doing the copyright registrations for Debian And if there's something in Debian that people think should be prioritized to be registered That's great when we do the registration process is when we'll go and try to find a race contributions finding every last one Isn't necessary finding the big ones is what's important So probably what we'll do is worry doing this with the Linux folks Do do it you know an email conversation with the person to identify where their changes are It's obviously easier in Linux because it's they're all in the git repository for Linux But in that case we'll do it. We'll figure out a process Luke. You had a question over there. No, okay Hi He's done look look look not speak. He refuses. All right. I'm curious like Debian's in the interesting situation of being downstream from many upstreams And if you make upstreams that are then released with Debian Is that part of the Debian services agreement or whatever like like and you know a trivial patch here a trivial patch there? Like like what exactly counts I guess is what it really comes down to we are general rule for this has been upstreams that the kind of Originate with Debian like apt would be a good example upstreams that are really Debbie and upstreams We think that's fine. We we've had people ask like will you enforce on behalf of my copyrights in the upstream project? I think I think we're gonna have to do that on a case-by-case basis the agreement may or may not cover that it depends on the Details of whether the patches were carried in the Debian package or send pack upstream But obviously if there's a violation we can sign a new agreement at the time of violation too So I think focusing just on the things that are truly Debian ie the packaging the patches that are carried by Debian and To true Debian upstream like afts for as the best example That's that's best for this now. I think that any project that wants to do enforcement When they see a violation upstream you should talk with us if you're you seeing upstream violations I mean there's there's no specific reason other than the copy or registration one to worry about it until the enforcement happens And as I was just having this exchange with James you can do and registration yourself too And I'm happy as just a personal matter not on behalf of conservancy to help you do registration If you want to register your own copyrights on your own project So I think that's probably the best way to go for now But if you have tweaks to it feel free and talk to us and say maybe you should do it this way I don't think we're set on any of these as permanent policies You have like two minutes left at this point No, you want to ask again, but if you have a point yeah, go ahead Yeah, he has the microphone so I See this in from a let's call it peripheral country or periphery And I know that of course you're based in the US and of course It makes a lot of sense to start doing this in the US as it's the center of mass for for many things but Say in order to start or to help a similar organizations being formed in places with different set of laws Say I would be thinking of based on the Roman law as most of the American is How much I know that would go out of your charter But how much would you be willing to invest help in aiding other organizations form to do something similar I Mean well, I mean we already work with with others outside of the United States, but for example the the M. R. Suit which conservancy funding is outside of the United States and we are Very focused on the implications of our global community such that we have We have agreements for people outside of the United States and I think we just sort of take the situations of the case-by-case basis and You know some of the major jurisdictions where People are located. We've already have some partnerships with and work with people But I think that if something else becomes relevant, we would definitely be open to finding the right resources. I mean You know the nice thing about doing it as we are as a Territable nonprofit is we just we're we're mandated to just make sure that the right thing gets done That means that we work with the right partners whenever we need to and we recognize that we can't do everything So you're particularly interested in GPL enforcement those jurisdictions or in just general fiscal sponsorship type services in those jurisdictions Yeah, I would be thinking more on how to expand the legal advice regarding well GPL and a general copy left Enforcement outside the jurisdiction of the US, but I know I mean yeah, and I think that there are so with that I'll mention a resource. So so we're in collaboration with the presale Foundation with John over there We're doing a project called copy left or which is a general education about copy left and its enforcement and how it works And that's a project that I'm a sensibly the editor-in-chief of but I haven't had a lot of time to work on it I spent 80 hours. I could have worked on that if the only is that a fast forward GPL But but if we can get more contributors That's a that's itself a copy left in CC by SA project and I'd love for people to contribute to it And it has a lot of references And so the goal with there would be to have the the the handbook of G of copy left around the world So so it's nowhere near close to that yet But I think that would be an end goal and so that's a great way to try and do that better And and it's of course we've invited lawyers from from various jurisdictions to contribute to the guide And some are reviewing it and then We also really welcome translations So it's not that I wanted to censor you but Okay, and I'll step out into the hallway and Karen I'll be out there if you want to ask more questions as the next speaker starts And I've got stickers your last chance to get them