[OSM-talk] GDPR introduction

Christoph Hormann osm at imagico.de
Tue Apr 17 13:31:22 UTC 2018

On Tuesday 17 April 2018, Simon Poole wrote:
> > * When you add new 'terms of use' or 'data processing agreement'
> > provisions that people who want to access OSM data with metadata
> > need to agree to does that constitute an amendment of the ODbL and
> > therefore a change in license?  If not would any downstream data
> > user who distributes a derivative database be allowed to add
> > similar terms of use that restrict use of the data to the data they
> > distribute?
> As the mail said, the exact details are not nailed down there yet,
> however it is likely that we will not want to enter in to an
> agreement with such people, but would simply offer to help with their
> obligations from Art. 14. It is not as if the GDPR suddenly
> disappears when we distribute data on ODbL terms so people processing
> the full dataset are going to be subject to it in any case.

Ok - that is much clearer (and IMO also addresses what Andrew wondered 
about).  If it is sufficient for the GDPR to (a) not have technically 
unrestricted access and (b) make sure everyone receiving the data is 
made aware of the legal obligations that seems something that can be 
reasonably dealt with.

The terminology used in the position paper however seems to point into a 
somewhat different direction (i.e. that providing bulk metadata would 
be subject to a specific contractual agreement).

Christoph Hormann

More information about the talk mailing list