Previous member of PrivacyTools (before the split) here.
I have personally found it sad that they relicensed from CC0 for both content and code to CC-BY-ND 4.0 for content and MIT for code. I don't mind MIT, but CC-BY-ND? How am I supposed to contribute to a NoDerivatives project?
> I agree to grant Privacy Guides a perpetual, worldwide, non-exclusive, transferable, royalty-free, irrevocable license with the right to sublicense such rights through multiple tiers of sublicensees, to reproduce, modify, display, perform, relicense, and distribute my contribution as part of this project.
Also when contributing, you have to agree to relicensing by them.
I wouldn't have contributed if that was a case back then.
> How am I supposed to contribute to a NoDerivatives project?
I don’t understand this question, like literally how? The process has not changed.
The FSF recommends CC BY-ND for works which state a viewpoint (opinion) to avoid being misquoted. To distribute a modified version of the website would misrepresent the authors who wrote it, which would serve no useful purpose.
> I don’t understand this question, like literally how? The process has not changed.
IANAL but the licence prevents me from modifying it, which means that I'm not allowed to make any changes, not matter what. Me making a PR would be me breaking the licence.
> The FSF recommends CC BY-ND for works which state a viewpoint (opinion) to avoid being misquoted.
And FSF is silly in many ways. Who would you be misquoted by? Also misquoting is illegal if it was done with malice, just like how breaking licence terms is illegal. And keep in mind that to prevent either, you need to be ready to go to court :).
Thanks for this link, I was actually chatting with someone today about good VPN providers and went to privacy tools. I was very confused why the top recommended VPN was Nord with an affiliate link.
Your link cleared up my confusion. It’s a shame that the project had to be forked.
> This decision was made because PrivacyTools’ founder and controller of the domain name had disappeared for an extended period of time and could not be contacted.
> After the organizational move was completed, the founder of PrivacyTools returned and began to spread misinformation about the Privacy Guides project. They continue to spread misinformation in addition to operating a paid link farm on the PrivacyTools domain. We are creating this page to clear up any misconceptions.
The privacyguides team killed a 200k subreddit for privacy (privacytoolsio) out of spite. I'll never forget that. Their replacement subreddit has yet to reach anywhere near the same number of people (50k) or activity.
I don't know how much spite is behind a complete communication breakdown between the founder and the team that joined him.
The founder felt unhappy about working with his team and ceased all communication. The team felt concerned about this bus factor and wanted to retain the fruits of their labor.
I would say it's understandable that the founder missed being solely independent and that the team wanted to make sure that their organization is more durable. A separation was inevitable and inevitably full of drama. At least both sides roughly ended up with what they wanted.
It seems they need a better review process. One of their recommended apps is Signal, which a long time ago began collecting and permanently storing sensitive user data in the cloud, but they never bothered to update their privacy policy which still explicitly states they don't do exactly the thing they're now doing. Requests that they update their privacy policy and provide an opt-out to the data collection have been ignored.
Signal was also extremely unclear in their communications surrounding that data collection leading to a huge amount of confusion and misunderstandings about what data is collected and when. Pretty much every time I mention this, at least one signal user asks for details because they were entirely unaware that their data was being collected and stored on servers in the cloud.
This is entirely unacceptable for an application that markets itself to human rights activists and whistleblowers whose lives and safety can depend on being aware of their risks.
If privacyguides can recommend an application like that it calls into question their judgement, their screening process, or both. Maybe it's just not updated often enough. They also recommend 1password which isn't as private as it used to be. It seems like new versions don't allow local vaults forcing you to keep your stuff in the cloud and they've started collected telemetry.
I would like to know more about the Signal issue too.
If these issues are that much of a concern, then perhaps they could be brought up. Privacy Guides seems transparent about the discussions they have behind their decisions, unless I am mistaken.
See this thread where objections over the new feature and the security issues surrounding it were mostly ignored (they did allow pins longer than 4 digits, but they continued to call them "pins" which to many users is a 4 digit number): https://community.signalusers.org/t/proper-secure-value-secu...
At this point, I consider the fact that the very first sentence of Signal's privacy policy has been a lie since 2020 to be a dead canary. I suspect that the folks at Signal have been telling people their service cannot be trusted as loudly as they can.
Perhaps that'd also explain why they've made some other odd choices like removing the ability to use Signal for both secure messages and plain old SMS/MMS and adding cryptocurrency features.
I have personally found it sad that they relicensed from CC0 for both content and code to CC-BY-ND 4.0 for content and MIT for code. I don't mind MIT, but CC-BY-ND? How am I supposed to contribute to a NoDerivatives project?
> I agree to grant Privacy Guides a perpetual, worldwide, non-exclusive, transferable, royalty-free, irrevocable license with the right to sublicense such rights through multiple tiers of sublicensees, to reproduce, modify, display, perform, relicense, and distribute my contribution as part of this project.
Also when contributing, you have to agree to relicensing by them.
I wouldn't have contributed if that was a case back then.