Loophole in license (part 2)

[alteholz]

Unfortunately I can not reopen #88, so I need to create a new issue.

The addition of "legitimate" make things a bit better, but don't solve the problem. If you look at the German "Entwurf eines Gesetzes zur Anpassung des Verfassungsschutzrechts (Drucksache 19/24785)" a legitimate use will be the installation of the so called "Staatstrojaner" on mobile devices. I am sure other countries already have or will have similar laws within a short time.

So, your license still forbids you to use your own software unless you get consent from all governmental institutions that might be interested and allowed to put their own data on devices.

Writing licenses is more difficult than it looks like and you should better contact a lawyer to discuss this issue. As it is pretty hard to prove illegal usage of your software, the wording should be flawless in order to be successful in court.

[botherder]

I appreciate the feedback, but I still fail to understand how an intrusion in a device (by definition without consent of the user) would itself constitute a legitimate use. While an intrusion in a device by a state authority might be "legitimate" under the law, it doesn't constitute automatically "legitimate use" of such device. Surely there might be some linguistic differences, but I think any fair interpretation of such language would concur with that. And realistically it seems pretty implausible that anyone would even preemptively be in a position of being aware let alone knowing who would be such purported additional entity they would need to request consent from.

That said, if you have more explicit language to suggest I would welcome changes.

[alteholz]

Legal texts should be written in such a way that there is no need for interpretation. According to the Cambridge Dictionary "legitimate" means "allowed by law" and "legitimate use" is just "use, allowed by law". From my point of view there is no need for any kind of interpretation.

Of course nobody can get the needed consent from every governmental institutions. But this makes your license rather useless, doesn't it? You have clauses in the license, that even forbids you to use the software. How do you want to enforce any violation of the license under this conditions?

Unfortunately English is not my first language, so I am not nearly able to improve your wording. I only can recognize weak spots.

[botherder]

Legal texts should be written in such a way that there is no need for interpretation. According to the Cambridge Dictionary "legitimate" means "allowed by law" and "legitimate use" is just "use, allowed by law". From my point of view there is no need for any kind of interpretation.

To me there's a pretty clear difference between "legitimate" and "legitimate use" considering "use" clearly implies the person to be a "user" of such device. I think an unauthorized intruder hardly classifies as a "user" of the device, let alone a legitimate one.

Of course nobody can get the needed consent from every governmental institutions. But this makes your license rather useless, doesn't it? You have clauses in the license, that even forbids you to use the software. How do you want to enforce any violation of the license under this conditions?

Well, as I have said, I don't agree with your characterization of "legitimate use" so I don't believe that it forbids using the software as intended.

It's pretty evident (as is amply described in the documentation) that the purpose of the license is to discourage adversarial forensics. I don't see why would I want to litigate a legitimate use of this software even under the circumstances you describe.

Would this change satisfy your concerns?

1.17. "Device User" (or "Device Users")
    means an individual or group of individuals who made legitimate use
    of the electronic device from which Data that is extracted and/or
    analyzed originated. "Device User" might or might not differ from
    "Device Owner".

    Any individual or entity who intruded on the device through means such as
    but not limited to exploitation, social engineering or physical tampering,
    and who covertly accessed, manipulated or generated data on the device,
    even if authorized by the law, does not qualify as a "Device User"
    under the terms of this license.