Ahahahah - You know Russ - its amazing how WRONG you possibly could be with
that big and powerful Stanford AUP under your belt...
----- Original Message -----
From: "Russ Allbery" <rra(_at_)stanford(_dot_)edu>
To: <ietf(_at_)ietf(_dot_)org>
Sent: Tuesday, July 25, 2006 10:33 PM
Subject: Re: Flaw in the NOTEWell System makes NOTEWELL NOTWELL
todd glassey <tglassey(_at_)earthlink(_dot_)net> writes:
Gee Jeffery A.
Universities provide e-mail services to their students, staff, faculty,
alumni, and frequently guests.
until November of last year I was TGlassey(_at_)Stanford(_dot_)EDU so I
wouldnt
have ever known this... Thanks. And BTW - true - but only through a
limited and very specific EULA usually... and an EULA that BTW prevents
one from access when they violate the terms of the EULA including the
posting of anything through that channel which would violate the
posting-ip management rules of the ISP - in this case the University.
An Acceptable Use Policy is not the same thing as an End User License
Agreement, and using the two terms as if they were synonymous is just
confusing and calls into question what the heck you're talking about.
The EULA pertains to the IP transfered through the facilities constrained by
the AUP-agreements executed by every recipient or every Stanford.EDU
account. The EULA pertains to the IP which is specifically constrained by
the University's DMCA and Takedown Process policies. Also the departments
have their own Ethical Compliance policies (especially the Medical School)
which is why the Campus network is what it is.
Is that clearer or do you need it drawn out with crayola's and paper ...
So does using strange, idiosyncratic terms like "posting-ip management
rules."
Really
Most ISPs, and universities are no exception, have a posted policy on what
you are and are not allowed to do with your access to their systems, and
will terminate your access or take other actions should you violate those
rules.
You mean the AUP...
That's a completely different question than ownership of IP
passing through those systems.
No, they are linked documents and they leverage each other - so they do not
exist in the vacumm that you represent them. The AUP says you may not
violate any other University Policy or Law... trust me its in there. The
other University Policies would be the DMCA Process Policies.
Universities generally have additional
restrictions that they have to impose over and above a typical ISP for
legal (generally tax) reasons, such as not allowing more than incidental
use of their systems to support specific political candidates or run
commercial businesses. Those legal restrictions are highly unlikely to
interfere with IETF work.
No - those specific restrictions DO interfere with the IETF, its just that
the University has no idea what policy and IP management issues actually
exist inside the IETF.
In fact, many universities have strict privacy policies that state that
e-mail belongs to the users and not to the University.
Uh, would that be personal email, work email, or class email? 'cause the
answer is "Uh gee - not always." Class related email always belongs to
the University and is considered deparmental IP and there are numerous
other cases as well so this is blantently not true as a blanket
statement, in fact if you are a grad student they own everything - you
mind - everything - read the admission agreement again.
Likewise if you are a post-graduate researcher they own it all... What
is true is that the Schools may not lay claim to the IP based on the
conversation you are having, but ALL of the commercial entities do and
their employee's know it.
It would be helpful if you would read the specific policies about which
you're publicly declaiming, at least for the institution with which you
were affiliated. Class-related e-mail most certainly does not always
belong to the university. Here is the actual policy for Stanford
University employees:\
yes from the Provost's site. So what?
Stanford policy states that all rights in copyright shall remain with
the creator unless the work:
1. is a work-for-hire (and copyright therefore vests in the University
under copyright law),
So if you are working for the IT Department anything that you did in concert
with that career would be constrained under the WFH model as documented
above and belong to the University. Technology interactions with the IETF
are not "works of Art" but rather either specific works particular to ones
fulfilling their Job in IT or IP that is protected under the following
rules:
2. is supported by a direct allocation of funds through the University
for the pursuit of a specific project,
i.e. Is paid for by the University in any way or form - including any and
all professional association memberships that are used as a part of
"Employee Development"...
3. is commissioned by the University,
Is an officially sanctioned initiative of the University
4. makes significant use of University resources or personnel, or
takes any time out of your performance of your duties as a salaried employee
or subcontractor to the University...
5. is otherwise subject to contractual obligations.
Like the DMCA and the University's DMCA policies.
For work done by students:
In accord with academic tradition, except to the extent set forth in
this policy, Stanford does not claim ownership to pedagogical,
scholarly, or artistic works, regardless of their form of
expression.
True - but the IETF works dont quite fit into that - they not only use
Campus Computers for the drafting oif the 'work itself' they also use those
systems for the prototyping of the property; and that passes IP rights - NOT
just the copyrights to the University...
If you would like I can point you to Stanfords Technologies Licensing people
and they will I assure you explian the actual process and how it fits into
your world to you since you seem to be missing parts of it.
Such works include those of students created in the course
of their education, such as dissertations, papers and articles. The
University claims no ownership of popular nonfiction, novels,
textbooks, poems, musical compositions, unpatentable software, or
other works of artistic imagination which are not institutional works
and did not make significant use of University resources or the
services of University non-faculty employees working within the scope
of their employment. (See Sections 1.H and 5.B below).
For the definition of significant use:
Stanford University resources are to be used solely for University
purposes and not for personal gain or personal commercial advantage,
nor for any other non-University purposes.
Poof - instant ownership.
Therefore, if the creator
of a copyrightable work makes significant use of the services of
University non-faculty employees or University resources to create the
work, he or she shall disclose the work to the Office of Technology
Licensing and assign title to the University.
OTL's lawyers are all there and can explain the whole shebang to you...
Examples of
non-significant use include ordinary use of desktop computers,
University libraries and limited secretarial or administrative
resources. Questions about what constitutes significant use should be
directed to the appropriate school dean or the Dean of Research.
All of the above excerpts are from the Stanford University Research Policy
Handbook, one of the official policy documents of Stanford University.
You can read the copyright policy for yourself at:
<http://www.stanford.edu/dept/DoR/rph/Chpt5.html>
Why bother - I have bunches of copies of it - I ran streaming media as a LNA
for KZSU.
Universities much like ISPs such as Yahoo, Google, AOL, etc. provide
e-mail as a service to their users in order to obtain secondary
benefit.
Ah yes - And they also accept liability therein which is why they ALL
have DMCA compliance policies...
Our DMCA enforcement policy is essentially "we follow the rules stated in
the law for academic institutions," which have nothing to do with
ownership over intellectual property created by people at Stanford and
everything to do with a precise sequence and timing of steps that we have
to take when a third party reports to us a copyright violation that uses
our computing facilities in order to establish a legal defense against
becoming a party to the complaint. No "EULA" is involved.
Nice argument - wrong but nice still.
which gets us to the EULA and whether it is a violation of the EULA
between the University and the IETF's Participants who are subject to
those rules (the University's EULA) when the IETF refuses to meet the
same DMCA control-requirements as the University's mandate internally...
I can't speak to other institutions, but Stanford has no EULA. I can't
imagine what you could find in our Acceptable Use Policy that would be in
conflict with the IETF Note Well statement.
Gee - all of the copyrighted Stanford Software in the IT site has EULA
agreements with it as do all of the streaming media sites on the campus - so
EULA's are there and in place... you crack me up.
As to the Schools, the school's do lay claim to IP that they happen to
already own, in the form of IP that was developed with the use of their
facilities. What is actually the real thing to notice here is "that the
School's do not allow for you to transfer IP through their systems which
you do not already own or hold some tangible rights/license to".
If by this you're trying to say that universities don't allow you to use
their computing facilities to violate other people's copyright, then that
is of course true, but it seems so obvious and so irrelevant to this
discussion that I don't know what you're trying to get at by saying it.
The IETF violates the guidelines of copyright controls by creating a 1-way
trip into print and then by 'giving away' the media for any and all uses,
not just reprinting. This makes it impossible to stop something from
bouncing around without a court order, but I am betting that was the intent
here - software anarchy... I wonder how the Provost will react to that?
"likewise they dont allow the use of their ISP Services by their EULA
constrained users to violate any of their own rules whether you violate
those policies internal to their facilities or through their ISP
facilities to some other site."
The above statement reduces to "ISPs don't allow you to use their services
contrary to their rules for using their services," which is a content-free
truism. The detail lies in what those rules actually *are*, and as you
can see above, you were comprehensively wrong about the rules at Stanford.
I expect you're equally wrong about the rules elsewhere.
No actually I am not.
http://www.stanford.edu/dept/DoR/rph/5-2.html
So if the school has a DMCA policy - then I think it makes sense that
the IETF must also have a matching or acceptable one on its side or
technically speaking - you probably/maybe cant play in this sandbox from
their Infrastructure...
Unless the IETF hosts content from third parties about which it may
receive a copyright complaint and wishes to avail itself of the DMCA safe
harbor provisions for ISPs, it has no need for a DMCA policy. I don't
think you understand the relevance of the DMCA to ISPs at all.
Uh Safe Harbor is about privacy and not the DMCA big guy...
--
Russ Allbery (rra(_at_)stanford(_dot_)edu)
<http://www.eyrie.org/~eagle/>
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf