Eric Schultz3d ago

RE: https://social.treehouse.systems/@wwahammy/116264430375745593

I want everyone who says "this is the law, distros need to comply" I want you to explain a plausible set of circumstances to lead to the following:

* That the AG of California will sue a random Linux distro which has effectively no money
* Prove who the OS distributor actually is (is it the committers? Committers of what part? Their bank account with $12 in it?)
* Prove by preponderance of the evidence how many children used the OS in order to set the fines
* get a judge and jury to think this isn't a massive waste of their time
* That it isn't just a violation of the law but is a "negligent" or "intentional" violation
* all the while, the OS maker and everyone else having effectively zero knowledge of who uses it since there's no continuing relationship with users.

How does all of this happen?

Show threadMre. Dartigen [maker mode]

@wwahammy I'm thinking that the most likely scenario is that someone got some questionable legal advice (either through the grapevine, or from a lawyer not in the least bit familiar with the software/OS side of things), panicked, and then their panic has been amplified. And/or too aggressively covering their butts.

Granted, I'm not a lawyer either. But I'd want to see the opinions from some actual lawyers who are also familiar with how Linux distros work and how software development works, who can give a clearer picture of whether this is ridiculous over-compliance likely to cause more trouble than good (which is what it seems like to me) and what anyone involved in development would actually need to do (if anything at all) to be compliant.

(If it's not the case though, then I'd also want to hear what the options are. Because this just screams being set up to find out just how expensive it can be to comply with privacy laws - especially if you're an individual or not making any money out of it. And the penalties for breaching privacy laws can also be pretty scary.)

Mar 22 at 1:43amWeb