[QGIS-Developer] Is it allowed to sell data in a QGIS plugin?

Wed Jun 12 04:44:22 PDT 2024

Sandro Santilli via QGIS-Developer <qgis-developer at lists.osgeo.org>
writes:

> On Tue, Jun 11, 2024 at 09:56:15AM +0200, Alessandro Pasotti via QGIS-Developer wrote:
>> On Tue, Jun 11, 2024 at 9:44 AM Christopher Frank via QGIS-Developer <
>> qgis-developer at lists.osgeo.org> wrote:
>> 
>> > We would like to implement in the plugin the whole order process, open
>> > source of course. The user will feel like shoping the data in a geoshop. To
>> > provide the necessary information we communicate with an api of a real
>> > geoshop. Before we start to implement this idea, we would like to be sure
>> > that this is allowed.
>> 
>> As long as the plugin license is compatible with QGIS license, the source
>> code is available and you don't package any binaries with the plugin.
>> I don't see any issue with that.
>
> Would it be possible to add some metadata for plugins doing so,
> like "in-app purchases" ?

Agreed.  This is not a license violation, but I do see it as a
significant anti-feature.  I would also see a plugin that only works if
you have a subscription as having an anti-feature.

I do think we should require descriptions for plugins that access
paywalled data (in-app purchase or not) to say that loudly, at least as
loudly as touting the benefits, so that nobody is mislead.  I don't mean
to discourage people that want to do this, more "This plugin exists to
support access paid data from X, making it easier for those with
subscriptions to get that data.  It further enables plugin users to buy
a subscription from within the plugin." rather than "This plugin lets
you access [description of wonderful data]."

Also from the F-Droid world is the antifeature of tracking.  I think we
should also be careful to not allow that, and I'd be inclined to just
not allow it, vs labeling it.  Obviously when a user asks to do
something that would make a reasonable person expect data to be sent
over the net, that's ok.  But it's a slippery slope, and I think it's
reasonable to have an expectation of data minimization.  One such
minimization might be not sending exact canvas coordinates, but no finer
granularity than 0.1 degree lat/lon, at least until it's clear what it's
doing.  For the actual fetching, I realize that is an issue with all
configured sources, so here I really mean for the signup part.

And, the plugin should not communicate off-host until the user asks it
do do so.  Phoning home isn't ok either.  (Again, not accusing this
not-written-yet plugin of doing that -- thinking in general.)

Separately from the ethical concerns, there's a security question that
comes up from in-plugin purchases which is handling of personal
information and presumably credit card/bank details.  I'm not saying
qgis is insecure -- but it has not really been thought of as handling
that kind of data (just sensitive geodata) before, and adding it brings
us in to new territory.