diff --git a/compliance-guide.tex b/compliance-guide.tex index d22c351..ba6ff29 100644 --- a/compliance-guide.tex +++ b/compliance-guide.tex @@ -976,7 +976,7 @@ stay in compliance is a company's regular evaluation of their own compliance. First, exercise a request CCS for all copylefted works from all your upstream providers of software and of components embedding software. Then, perform your own CCS check on this material first, and verify that it meets the -requirements. This tutorial presents later a case study of a CEGEO's CCS +requirements. This tutorial presents later a case study of a COGEO's CCS check in \S~\ref{pristine-example}, which you can emulate when examining their own CCS\@. @@ -1000,7 +1000,7 @@ of 10 lines of GPL'd Java code an engineer accidentally pasted into the source of your ERP system. Thus, reject the ``compliance industry'' suggestions that code scanners find -and help solve fundamental compliance problems. Consider how CEGEO's tend to +and help solve fundamental compliance problems. Consider how COGEO's tend to use code scanners. FOSSology is indeed an important part of a violation investigation, but such is the last step and catches only some (usually minor) licensing notice problems. Thus, code scanners can help solve minor @@ -1016,7 +1016,7 @@ alleging that you have infringed copyrights that were licensed to you under the GPL\@. This section outlines a typical enforcement case and provides some guidelines for response. These discussions are generalizations and do not all apply to every alleged violation. However, -CEGEO's in particular universally follow the processes described herein. +COGEO's in particular universally follow the processes described herein. \section{Communication Is Key} @@ -1050,13 +1050,13 @@ generally find that software freedom developers and their lawyers are willing to have a reasonable dialogue and will work with you to resolve a violation once you open the channels of communication in a friendly way. -Furthermore, if the complaint comes from a CEGEO, assume they are -well-prepared. CEGEO's fully investigate compliance issues before raising +Furthermore, if the complaint comes from a COGEO, assume they are +well-prepared. COGEO's fully investigate compliance issues before raising the issue. The claims and concerns will be substantiated, and immediate -denials will likely lead the CEGEO to suspect malice rather than honest +denials will likely lead the COGEO to suspect malice rather than honest mistake. -However, the biggest and most perennial mistake that all CEGEOs see during +However, the biggest and most perennial mistake that all COGEOs see during enforcement is this: failure to include the violators' software development teams in the enforcement discussions and negotiations. As described above, CCS verification and approval is the most time-consuming and difficult part