[OSM-dev] GDPR implementation on planet.osm.org
osm at imagico.de
Wed Jun 20 07:47:54 UTC 2018
On Wednesday 20 June 2018, Frederik Ramm wrote:
> In my view, this is not "cargo cult". If someone comes to us, today,
> and complains that their OSM contributions are being used to stalk
> them, then we cannot even point to a rule that says you cannot do
> this. The stalker is, as far as OSMF is concerned, 100% within their
> rightful use of the data. This is something that needs to stop - even
> if, in the future, it only becomes marginally more difficult for the
> stalker to use OSM data, at least we clearly say that (a) this use is
> not allowed, and (b) the stalker knows it.
I am no legal expert on this matter but as i understand it you do not
need a contractual agreement to restrict what others can do with data
user can either use the data under these terms or not at all. If
people use or distribute the data for other purposes they are in
violation of copyright.
According to my layman understanding of the law here a copyright
violation is much less troublesome to prove in a legal struggle than a
contract violation (which would require you to prove the existence of a
valid contract which is likely almost always impossible practically in
> Yes. This also requires the delicate distinction that not everything
> in a .osm file is necessarily under ODbL.
Note you can - based on the current contributor terms - only do this if
you declare the sensitive metadata to not be data contributed by the
users because for contributed data the OSMF only has the mandate to use
or sub-license under an open license. But if you declare the metadata
not ODbL you run into the problem that if you combine it with ODbL
geodata you have to consider the share-alike requirements of the ODbL.
And at least for history data where correct interpretation of the
geodata depends on the timestamps you will have a hard time
interpreting this as a collective database.
More information about the dev