Re: old notes ("certified pod providers")

I've been slow in replying and getting involved here. Apologies. Going back
a little, though, I'd like to weigh in on this list. I'll copy Johannes and
reply in-line, recognizing that this list was originally from a slightly
different discussion:



On Fri, Dec 4, 2015 at 10:11 AM, Sandro Hawke <sandro@hawke.org> wrote:

>
> Some possible requirements for a CPP:
>
> - all key information in machine readable form, but also legally binding
>

What is "key information"?


- faithfully implements some version (or versions) of the pod spec
>

I'd like to see this as a separate layer, if it exists at all. For now I
think the simplest possible way of references TOS would be good - and keep
it legal rather than technical.



> - uses standard data-shape for TOS, pricing, which versions implemented,
> etc
>

I think pricing does not belong in a TOS document. I've spoken to quite a
few businesses lately who deliberately don't publish their pricing
information for a range of reasons, and the price someone pays for
something does not necessarily affect their rights and rules as a customer.

In many ways I'd be okay with a centrally-linked TOS document, Creative
Commons style. This *couldn't* include pricing.



> - must provide 90 day notice before shutting down, changing the TOS, or
> raising prices (notice to be provided using appropriate pod messaging
> protocols, at least)
>

Again, I strongly don't believe that pricing belongs in a TOS document. I'm
in favor of a notification requirement with a notification period specified
by the company. In a centrally-linked document, perhaps it would just
require direct notification by reasonable means (ie, you can't just blog
it).



> - must implement protocols (when defined) for easy service termination
> with migration elsewhere, without penalties or awkwardness
>

Can we just specify that it must be possible to easily terminate your
account and migrate your data? Perhaps we could also state that reasonable
efforts will be made to allow you to export that data in a standard format.
Again, I'm not in favor of mandating specific technology solutions in the
TOS.



> - must provide URL forwarding and subdomain portability after service
> termination for no more than 10% of the price of the service at the time of
> termination  (alternatively: must allow people to switch to a
> forwarding-only service priced at no more than 10% of their existing
> service)
>

I'd like to better understand the current legal reality around pointing
your (as a company) domain elsewhere. eg, if piratebay.example.com ends up
pointing to a mirror of the Pirate Bay, could example.com be liable under
any current regulations? Might this change in the future?

I do think being able to bring your own domain is a reasonable requirement
for web-based services, but might preclude (eg) apps.



> - must be non-discriminatory in providing backlinks.  (in particular, we
> want vocabularies to link to their competitors, and products to link to
> sources of reviews of those products.)
>

That's going to be hard to enforce. But we can probably enforce neutrality
around user-contributed data. In other words, a social network couldn't
censor links to articles critical of that social network.



> - must be clear about how their infrastructure is secured; maybe require
> minimums like the credit card companies do
>

I'd love to see this in another layer. I don't think it's a core TOS issue,
necessarily, and it's very granular in its own right.



> - participate in good faith in a review and dispute resolution system (eg
> listen when people post complaints; don't create fake complaints about
> others)
>

I think it's worth considering what a "dispute" is here. Many companies use
arbitration, for example. Does this supersede that? Does it *require
*arbitration
(hopefully not)?



-- 
Ben Werdmuller
<http://goog_1933028737>
benwerd.com | werd.io

+1 (312) 488-9373