AndrewRens
commented
6 years ago Thank you for the suggestion.
We understand that the Linux Foundation which issued the CDLA's drafted the CDLA's meet the Open Source Definition and the Free Software Definition. We have not seen definite concurrence by either the Open Source Initiative or the Free Software Foundation. The CDLA's also appear to meet the Open Definition but are not listed as conformant licenses.
The Fellowship Agreement states in 10.3.3 that Fellows can use one of the listed licences or another Open Definition conformant license for data provided that the Foundation agrees in writing to that alternative license. All that is required is for a Fellow to motivate use of either of the CDLA's in an email and for the Foundation to agree. The Foundation can then learn from a Fellow making the case of use in a particular context.
One concern with the CDLA's is that they do not explicitly prohibit re-identification of personal data although there seems an implicit prohibition on any re-identification that is contrary to clause 4.
Currently Fellows concerned about the possibility of re-identification of personal data can choose to publish under more restrictive terms than the Open Definition or in some instances not to publish certain data. This is set out in 10.7.1. "The Fellow and Intellectual Property Steward are not required to distribute under the Licences specified, nor to upload to the Foundation Git repository any information that is: private or must be kept secret for security purposes or is the subject of a legal duty of confidentiality such as a professional duty"
tbm
10.3.3 of the fellowship agreement lists several data licenses that are permitted.
It might be a good idea to check if the Community Data License Agreement (CDLA) meets the requirements of the Shuttleworth Foundation. (There are two different licenses: CDLA-Sharing and CDLA-Permissive)
Links: