> With the advice of counsel, we can begin accepting scanned copies of assignments from all contributors, regardless of where they reside. With a small update to our assignment contract, we can finally make it possible for all contributors to avoid having to send their forms via the post.
Uhh, having to scan a printed and signed document is not much better than having to use snail mail.
When I see "full digital support" I understand that to mean I can use just a computer.
Many other projects accept a digital signature (basically filling out a form -- in a browser). Why isn't that sufficient for the FSF?
FWIW: the term in the industry for that is "electronic signature". "Digital" signatures usually refer to crypto.
And one reason for worry, historically, is that international law for paperless/signatureless contract enforcement is sort of a mess. Wikipedia has a page here with links to various nations and their requirements: https://en.wikipedia.org/wiki/Electronic_signatures_and_law
Not a lawyer nor speaking for the FSF. But it seems not entirely unreasonable to me that a conservative approach to copyright assignment would have picked the path they chose. It's just a hard problem.
If you want to ding the FSF, ding them on the copyright assignment requirement. Whining about the process seems a little too much to me.
Good god, if you don't care about the project enough to not sign a piece of paper and scan it, just don't contribute to it. FSF has programmers and lawyers alike that are also working to further computing freedom, I don't believe they are imposing this paperwork for messing around.
Lawyers and judges don't understand GPG. Your silly hacker shenanigans don't hold up in court. Or maybe they will, but it's a gamble.
Yes, it's a creaky, old system, but that's how it works: with paper and signatures and old, wrinkly men sitting on benches deciding your fate based on their incomplete understanding of modern technology.
Passing legislation or bringing in expert witnesses (and risk having their testimony being questioned) are all harder than just appeasing the old, wrinkly guys sitting on the benches.
> Lawyers and judges don't understand GPG. Your silly hacker shenanigans don't hold up in court.
Presumably, lawyers and judges will understand state (notably, UETA, in all but three states) and federal laws (notably, E-SIGN) governing the use and validity of electronic signatures.
This has been available for contributors in the United States for some years now, and I've used it to sign the assignment documents in the past. It might not be available in all countries though.
> If you use GPG, you can sign your assignment using a
detached signature in the following manner:
> gpg -a --detach-sig ASSIGNMENT
> Where ASSIGNMENT is the PDF file(s) as you have received it from us.
> Then simply email the assignment, key ID, and signature file back to us
at assign@gnu.org. Please make sure that your key is listed on a public
keyserver.
I'm actually surprised that no one mentioned this sooner. It's too bad that this isn't an option for most other legal documents that one has to submit in a lot of situations.
Well played, sir. Given the nature of FSF's business you'd think they'd be on the cutting edge of digital identification and authentication. GPG keys a thousand times better at properly identifying an owner than an easily forged pen-and-paper signature.
For that matter, why not have a blockchain assignment process? Given what a vanguard for technology FSF used to be it's a shame to watch it devolve at the pace of bureaucracy.
> Given the nature of FSF's business you'd think they'd be on the cutting edge of digital identification and authentication.
The FSF is very careful about the legal system. Signed paper contracts are a robust legal technology. When something important happens, they don't want a judge to be distracted by unfamiliar things.
edit: they also have digital signing in a couple of different forms.
It would be a matter of checking if there's any judicial precedent for digital signatures. If not, then an expert witness explaining the principles behind public/private keys, PKIs (how they're used in industry to verify the authenticity of servers), and how it compares to the "web of trust" model in terms of verifying authenticity and how it applies to FSF contributors.
These days whenever I'm asked to print, sign, and scan a form I now just use OSX Preview to insert my digital signature, save it, and send it back. (I have no idea if there are legal issues with this but nobody's ever complained to me that this isn't okay.)
I still hate when I'm asked to do this but it's vastly more convenient than actually printing and scanning a form.
I've done this using Inkscape a few times, usually works but I've had one company come back to me saying "uh no, print it out". They were in finance so maybe a regulatory thing or maybe just luck.
For what it's worth, I do all my "scanning" with my phone camera these days. There are various apps that can even make it look like a traditionally scanned document in addition to converting it to PDF.
Uhh, having to scan a printed and signed document is not much better than having to use snail mail.
When I see "full digital support" I understand that to mean I can use just a computer.
Many other projects accept a digital signature (basically filling out a form -- in a browser). Why isn't that sufficient for the FSF?