Emerald Project Team:
We have removed the Emerald viewer from our Third-Party Viewer Directory because of its multiple violations of our Policy on Third-Party Viewers.
Our Policy prohibits the intentional targeting of third-party sites as was done recently by the Emerald viewer’s login page. Specifically, the Policy prohibits the distribution of harmful functionality like denial of service attacks or griefing attacks. (TPVP section 2.d.iii)
In addition to violating our Policy on Third-Party Viewers, these actions are significant breaches of the trust of the Second Life community. Please remedy these breaches immediately by taking the steps outlined below. Taking these steps is critical to providing transparency around Emerald’s viewer functionality and collection of user data, and to ensuring that the viewer complies with Linden Lab policies and the law. The steps alone do not, however, guarantee that the Emerald viewer will be readmitted to the Third-Party Viewer Directory.
- Provide transparency in your development efforts to both the Second Life community and Linden Lab, including:
- Use open mailing lists or forums for your developer communications.
- Provide a publicly viewable source code repository.
- Provide public code commit notices.
- Demand accountability from each and every Emerald developer, including:
- Require each committer to provide real-world identity information to Linden Lab as a signatory to the certification of compliance with the Third Party Viewer Policy.
- End the participation of any developer who has deliberately violated Linden Lab policy or the law.
- The Emerald viewer’s closed source emkdu library is not in compliance with the GPL. Bring all current and future versions of the Emerald viewer into compliance with the GPL by omitting emkdu. Use OpenJPEG or other GPL-compatible code.
- Do not distribute any functionality that conceals information in Second Life assets, including through encryption or steganographic techniques, with the sole exception of information that LSL scripts produce or consume. We will be updating the Third-Party Viewer Policy shortly to clarify this requirement. Be sure to bring all current and future versions of the Emerald viewer into compliance with the requirement.
Please respond to this notice no later than this Friday, August 27 and confirm the date by which you will have completed the above steps. Failure to comply with the steps may result in further action by Linden Lab, beyond removal from the Third-Party Viewer Directory. We look forward to your prompt response.
And our second response from LL was.
Your responses are acceptable, with the following exceptions and clarifications:
- We have considered your request to retain Phox, Skills, and Discrete on the team in some advisory capacity, and have made a final decision: No association with the project in any capacity is acceptable. All connections between those individuals and Emerald Viewer project must be terminated, and that fact made public by the team.
- The time frame for a release that does not include the emkdu.dll is not acceptable. A release must be made available that will not use an emkdu.dll or an llkdu.dll even if they are on the users system must be made available.
Each of the above issues must be addressed no later than Friday September 3rd or Linden Lab will begin taking steps that will culminate in blocking all access by the Emerald Viewer.
With respect to the identification of contributors: the use of age or payment verification will not be sufficient. We will provide more details on the new requirements as part of updates to the Third Party Viewer Directory policies; these will apply to all new applications, not just yours. Specifics are still being worked on, and I’ll share them publicly as soon as possible, but the essence of the change is that each person with commit access to the viewer code or any project web assets served through the viewer will need to individually execute a certification of compliance with the Third Party Viewer Policy, including real identification and addressing information. Those identities will be confidential.
With respect to the public code repository – the googlecode repository is acceptable, but a link to it should be added to the set of links in your project web site footer, not only on the FAQ page.
It’s pretty clear, there was no choice but to have those three people off the team in order for emerald to continue.