Do we really want to continue?
Do we really want to continue?
Posted Oct 7, 2025 12:24 UTC (Tue) by paulj (subscriber, #341)In reply to: Do we really want to continue? by Wol
Parent article: F-Droid and Google's Developer Registration Decree
That's fine. Throw X hundred per month at the accountants to whatever is necessary to maintain the necessary web portal for me to add whatever required records and them to take care of whatever else is necessary. They don't know anything about and aren't going to touch CRA stuff though. ;)
> Does your contract say you are a middle-man providing development services to your customers - in which case presumably they affix the mark and pay you extra to fix problems;
Aha. Ok... So, that avoids the issues. I just remain a "development services" firm/NPO, and the Free Software I/we publish is just the sample code of what I/we can provide services for?
I'd hate to think that I could get stuck with loads of red-tape obligations or, worse, must-do-free-work obligations (e.g. requiring me to handle security reports), just cause I/we put some code that we developed for a /paying/ "customer" on a consultancy / development services basis on whichever GitHub. ?
Posted Oct 7, 2025 13:58 UTC (Tue)
by Wol (subscriber, #4433)
[Link] (4 responses)
The idea of the CRA is to apply *exactly* the same logic. A CRA mark *MUST* be applied to every digital component. In the case of a fault, the authorities will follow the chain, from the finished product manufacturer, all the way down to guys who applied the CRA mark to the faulty software.
And if Jo Bloggs Inc downloads your software, puts it into their product as a component, and has trouble with it, the authorities will go hunting for the guys who affixed the mark. If they find you, and you go "Huh? Who's Jo Bloggs Inc?" the authorities will go back to Jo Bloggs Inc and demand to know who affixed the mark. If you have no contract with Jo Bloggs Inc, they have absolutely NO evidence that a mark exists, therefore the authorities will say "You (Jo Bloggs) affixed your mark to your product. Because paulj's software had no mark, therefore Jo Bloggs applied the mark to paulj's software, therefore it's Jo Bloggs' problem".
So it's down to you whether you sell development services and don't affix a mark, or sell a maintenance contract which presumably will include a mark (your customer would be mad to accept a maintenance contract without it). And because the mark is part of the maintenance contract, nobody else can come along and say "hey I'm going to use the same mark".
Cheers,
Posted Oct 10, 2025 16:15 UTC (Fri)
by kleptog (subscriber, #1183)
[Link] (3 responses)
Right. This is the critically important thing I see many people missing here. The terms of the CRA do not apply to the product itself, they apply to the *contract between you and the customer*. They're basically standard Terms and Conditions.
Hence, statements like "is Google Sheets covered by the CRA?" are meaningless. The correct statement is "when I am using Google Sheets, does the CRA apply to our contractual relationship?". Now, since Google probably doesn't feel like maintaining two different versions of Google Sheets, if you're using it for free you probably get the benefits of the CRA, except Google doesn't actually owe you anything. Only the people who actually pay to use Google Sheets (Google Workspace users basically).
You're a non-profit holding some trademarks and keeping a website in the air? The CRA doesn't apply because you don't even know who is downloading stuff. Who are the parties to the contract it would apply to?
Someone clicked on your "donate" button and gave you some money? Again, you never offered them anything so there is no contract for the CRA to apply to.
The only people that need to care are people offering services to do things with free software. They need to make clear they're not actually selling the software, but the end-user is getting that from the original source. I'm sure FSF-Europe or similar have some standard verbiage for that. There are provisions to prevent companies saying things like "you're buying a Splunk service, the Splunk software itself is free and so no CRA". The basic principle is not complicated though.
Posted Oct 10, 2025 18:01 UTC (Fri)
by Cyberax (✭ supporter ✭, #52523)
[Link] (1 responses)
I got a preliminary reply about that, and it's apparently a gray area. While Google is not getting money from you directly, it's still getting (significant) income from showing ads for the free GSheets version. So even it is likely to be covered by the CRA.
Posted Oct 10, 2025 18:59 UTC (Fri)
by Wol (subscriber, #4433)
[Link]
And again, if Google is receiving money from the ad vendors, it is the VENDORS who are covered by the CRA, not users.
Cheers,
Posted Oct 10, 2025 18:57 UTC (Fri)
by Wol (subscriber, #4433)
[Link]
Simply said, you're paying Splunk for a service. So everything Splunk says you need to access the service is covered. Take eg a mail-server.
If Splunk says "you can use the mail client of your choice to access our server", then the client isn't covered. BUT.
If Splunk says "you can only access our server if you're using Outlook", then Splunk is on the hook for security problems with Outlook. Sounds unfair? Well, if you can't access the service you've paid for, without using dodgy insecure software, the CRA doesn't care. Splunk had better have a contract in place with Microsoft !!!
Cheers,
Do we really want to continue?
Wol
Do we really want to continue?
Do we really want to continue?
Do we really want to continue?
Wol
Do we really want to continue?
Wol