25 comments

[ 2.8 ms ] story [ 70.8 ms ] thread
Not to be confused with citizenlab.ca, a research lab of University of Toronto that deals with high profile civil right violations using OSINT and tech analysis.
That's gotta be deeply frustrating for the original Citizen Lab who was founded 15 years before this company.

It makes me wonder how much of their income has come from the good work and reputation of the original Citizen Lab.

They are focused on completely different things though, this seems to be neighbourhood projects in Belgium and the Netherlands. Not focused on privacy and citizen data at all. But yeah they should have picked a different name.
I really hope they change the name. Citizenlab.ca is quite well established and doing important work.
This confused me as well - I thought I had misremembered the name of the original CitizenLab but I couldn't figure out what was different.

Especially since the domain (including TLD) is only a single letter off

I worked in the same co-working space as Wietse, Aline and Koen, the three co-founders of Citizenlab, when they were launching their service. They're a super competent team with a fantastic vision and execution - I'm excited to see this new step in their story.
How does the choice for AGPL influence third-party consumers of governments deployments the citizenlab platform? I understand this license closes the network loophole in GPL by forcing all calling code to be released under the AGPL, so I be interested to know if I can call apis and download data of my government website without sharing it or talking to citizenlab. Maybe I am a little paranoid but this feels like a big brain play, or some just sloppy oversight.

[EDIT] Clarification.

The loophole is someone hosting a modified instance without publishing their source code changes. I don't think it affects data or APIs at all.
Oh so I can basically do a SaaS and as long as I don't change the codebase without charing the changes its ok
I don't think it's as simple as the parent says, but I don't know better either. Talk to a lawayer.
Yes. If you don't change the code base to modify or add a new feature, there is nothing to share. If you add to, or modify any of the existing features of the web application, you are obliged to share the code for the same under AGPL, on request.
> forcing all calling code to be released under the AGPL

No. If you modify an AGPL network service you have to share the changes. If you call the API from a client you have no obligations.

They're asking contributors to sign a CLA which assigns copyright for your changes to them. Quick reminder: do not sign this kind of agreement. It's deliberately designed for them to pull the rug out from under you and make this proprietary again after a period of enjoying the benefits of community contributions. Shame on them for asking in the first place.
This is important, +1.

If you want an example of what successful OSS looks like for over 10 years now, https://github.com/artsy, MIT license.

What do you mean "pull rug out of you"? If they decide to discontinue GPL edition, you are free to pick it up from where they left.
It signals that they're not making a long-term committment to open source. When they pull the rug out from under you, the community will have to scramble to put together a viable fork. It is a highly disruptive event that we've seen happen many times. Some communities never recover.
It is not that hard to fork. Just look at the sheer number of Chromium forks.

Even Firefox had one or two until recently.

The author of the above comment has a blog post on CLAs, which was submitted to HN a couple years ago and drew quite a bit of discussion. That discussion is here [1], in case anyone wants more detail on his position or wants to argue against it without just rehashing things already dealt with.

[1] https://news.ycombinator.com/item?id=18148365

On a different issue - Without such a CLA, can they dual-license and commercialise their product? How did MySQL work for example?
I'm genuinely wondering how is it legal for a company to take the same name as an unaffiliated nonprofit?
It's not unless it's a trademark violation (e.g. if the name collision might cause confusion).
To make sure I understand correctly: you are saying it would be fine to start a nonprofit called Google, whose mission is to let's say raise awareness about recycling?
(IANAL) No, but only because Google is a ubiquitous brand. If Google were still a small startup, yes. But my knowledge of this stuff is only surface level. I can do more digging.
Closed source to an open-core model, fwiw.