Bonum Certa Men Certa

Open Source Initiative (OSI) Privacy Fiasco in Detail: A "Deep Dive" Into the Complaint at the California Privacy Protection Agency

posted by Roy Schestowitz on Apr 08, 2025,
updated Apr 08, 2025

Alligator in the Weeds

LAST month we published an introduction to this series and the following part explained the urgency/importance. The previous part gave a glimpse into the complaint which had been submitted to the CPPA, the California Privacy Protection Agency.

Today we take a "Deep Dive" - to borrow the words used by the OSI to describe its Microsoft-sponsored lobbying for GPL violations.

From the CPPA site: "Additionally, the CCPA imposes separate obligations on service providers and contractors (who contract with businesses to process personal information) and other recipients of personal information from businesses. The CCPA does not generally apply to nonprofit organizations or government agencies."

We'll deal with the status ("nonprofit organization") some other day.

"Note," the complainant told us, "since OSI is a Nonprofit benefits corporation and may not be considered under CPPA, and if so, I will file a complaint with California DOJ."

"If you have a consumer complaint related to something other than consumer privacy, please report your issue using the California Department of Justice's complaint system," it says.

The OSI is a California Corporation. Incorporated in 1999 by ESR and Ian Murdock. The OSI articles of incorporation:

ARTICLES OF INCORPORATION OF
OPEN SOURCE INITIATIVE

A California Nonprofit Public Benefit Corporation

One: The name of the corporation is Open Source Initiative.

Two: This corporation is a nonprofit public benefit corporation and is not organized for the private gain of any person. It is organized under the Nonprofit Public Benefit Corporation Law for public purposes. This corporation is also organized for educational purposes within the meaning of Section 501(c)(3) of the Internal Revenue Code of 1954 or the corresponding provision of any future United States internal revenue law. The specific purposes of the corporation are to (1) educate the public about the advantages of open source software [software that users are free to modify and redistribute]; (2) encourage the software community to participate in open source software development; (3) identify how software users’ objectives are best served through open source software; (4) persuade organizations and software authors to distribute source software freely they otherwise would not distribute; (5) provide resources for sharing information about open source software and licenses; (6) assist attorneys to craft open source licenses; (7) manage a certification program to allow use of one or more certification marks in association with open source software; and (8) advocate for open source principles.

Here's the full thing in case they remove this page in the future for revisionism purposes:

OPEN SOURCE INITIATIVE

CPPA continued: "Personal information is information that identifies, relates to, or could reasonably be linked to a particular consumer or household. For example, it could include a consumer’s name, email address, records of products purchased, internet browsing history, geolocation data, fingerprints, and inferences about the consumer’s preferences and characteristics."

From the complaint:

L – Right to LIMIT the use and disclosure of sensitive personal information collected about them. 4 years and still showing as of yesterday!

O – Right to OPT-OUT of the sale of their personal information and the right to opt-out of the sharing of their personal information for cross-context behavioral advertising. Never had an option to opt-out of having my personal info showing for 4+ years or ever to my recollection.

C – Right to CORRECT inaccurate personal information that businesses have about them.

K – Right to KNOW what personal information businesses have collected about them and how they use and share it.

It's possible during voting they let me know. However, I didn't want it shared with the world for 4 years.

E – Right to EQUAL treatment. Businesses cannot discriminate against consumers for exercising their CCPA rights.

D – Right to DELETE personal information businesses have collected from them (subject to some exceptions).

Some time later this week we'll show the remainder of this complaint. There are many facets to it and it may be the first complaint of several.

Other Recent Techrights' Posts

Red Hat's Owner is Called "America's Worst Tech Company" (IBM) and Microsoft's Liabilities Grow
Microsoft has about a quarter of a trillion (yes, trillion with a "T") in liabilities
How the SLAPPs From Microsoft Staff Are Connected to the Corrupt OSI, Whose Majority of Money Comes From Microsoft for Openwashing, LLM Hype, and Whitewashing GPL Violations During Class Action Trial
Let's explain how some of these things are connected
 
The Enshittification of Royal Mail (Post Office/Postal Services) Continues
Enshittification is a thing, not only in the digital realm
If the Gossip is True, Today Microsoft Has "Large M1 Meetings" to Discuss Almost 30,000 More Microsoft Layoffs in 2025
the claim is that Microsoft is preparing to lay off 10% of its staff
Microsoft Has a Long and Proven History of Funding Meritless Lawsuits Against Rivals and Critics (It Always Backfires)
It also looks like the solicitor used by two Microsofters to SLAPP us is being urgently replaced
Links 12/05/2025: Gardens and Kitchens
Links for the day
Links 12/05/2025: Media Being Attacked (New Forms of Attack on the Press), Many Data Breaches
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, May 11, 2025
IRC logs for Sunday, May 11, 2025
Links 11/05/2025: Pyotr Wrangel and Kubernetes With FreeBSD
Links for the day
What Happened to the Open Source Initiative (OSI) Elections: A Moment of Silence and Revisionism Amid US Government Investigation and Community Uproar
Not a word this month
Microsoft Florian Becomes Patent Troll, Arranges to Sue Companies (Extorting Money Out of Them)
From campaigner against software patents to paid Microsoft shill to "FOSS patents" (actually attacking FOSS) to revisionism as "books" (for Microsoft)... and now this
Links 11/05/2025: China's Fentanylware (TikTok) Tells Kids to Vandalise Schools' Chromebooks and Increased Censorship in India
Links for the day
You Need Not Be a Big Company to Defeat Microsoft If You Can Successfully Challenge Its Core "Ideas"
Maybe that's just a sign that the ideas of RMS have become too effective and thus "dangerous"
Gemini Links 11/05/2025: Yeeting Oligarch Tech, Offline Browsing
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, May 10, 2025
IRC logs for Saturday, May 10, 2025
One is Simply Doomed to Fail When Working for Violent Men From Microsoft and Attacking Women as Well as People Who Merely Expose Crimes or Report Real Crimes
Imagine saying to people that you "practice law" or "exercise law"
The Tariffs Are Accelerating Microsoft's Decline in China
Judging by the way things are going, there will be considerable adoption of GNU/Linux in years to come, China being one major contributing factor.
Control Your Systems, Control All Your Data
what does it take for us to control our own systems and data?
Misplacing Blame for Security Problems, Sometimes With LLM Slop That Blames "Linux" for Microsoft's Failures
Broken telephones and stochastic parrots beget plenty of Fear, Uncertainty, Doubt (FUD)
Links 10/05/2025: WW2 Revisionism, Further Tit-for-tat in India-Pakistan Conflict
Links for the day
Links 10/05/2025: Germany Considers Smartphone Ban in Schools, Right to Repair Bills
Links for the day
Gemini Links 10/05/2025: Git Server and Great LLM DDoS of 2025
Links for the day
Blizzard/Microsoft Unions Grow Ahead of Mass Layoffs at Microsoft, Apparently Starting Next Week (as Many as 30,000 Workers Laid Off by Year's End)
Microsoft already fired about 5,000-6,000 workers this year by our estimates; that's not counting resignations compelled through pressure (i.e. pushed, did not jump) and contractors
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 09, 2025
IRC logs for Friday, May 09, 2025