Language Selection

English French German Italian Portuguese Spanish

Legal

Licensing: FSF Against "Hippocratic License" (Denial of Freedom) and SPDX 2.2 Specification Outsourced by Linux Foundation to Microsoft

Filed under
Legal
  • A roundup of recent updates to our licensing materials: November 2019 to April 2020

    The Hippocratic License 1.1

    This license is the latest addition to our license list, but unfortunately, it falls in the nonfree category. It restricts uses of the software "that actively and knowingly endanger, harm, or otherwise threaten the physical, mental, economic, or general well-being of individuals or groups in violation of the United Nations Universal Declaration of Human Rights." While avoiding harm like this is of vital importance, a copyright license isn't necessarily the correct tool for achieving it. A restriction like this on Freedom 0 (the freedom to run the program for any purpose) may be difficult to enforce, as well as for users to understand, and may cause unintended consequences that could worsen the same problems it aims to solve.

  • SPDX 2.2 Specification Released [Ed: Linux Foundation outsourced SPDX to Microsoft]

    The SPDX technical community is delighted to announce that the 2.2 version of the specification has been released! We started working on the first version of the SPDX specification 10 years ago, and it has continued to improve and evolve to support the automation of more software bill of materials information over the years. This release incorporates a significant amount of input from our tooling and user communities to enable new use cases to be better represented.

    [...]

    The project members would like to thank our recent contributors to this release, who have enriched it with their new perspectives, as well as our ongoing participants. A full list of those who have contributed by participating in the many discussions, adding comments, and making suggestions for improvements to the SPDX specification as it’s evolved over the last 10 years can be found at the Credits page!

The Linux Ownership System Demystified

Filed under
GNU
Linux
Legal

Hence Linux would no longer be just a kernel. Torvalds ended up licensing Linux under the GNU general public license (GPL). This license allows users to modify and distribute the source code. However, whoever distributes Linux has to do so under the same terms. The terms basically assure that any modifications made to the Linux kernel also have to continue being free.

But none of that means that Torvalds himself or any other single entity has ownership of the Linux source code in full. Torvalds himself approves a number of changes made to Linux, but that doesn’t give him the copyright to those changes. Therefore you can contribute code to Linux, which then gets approved by the community, but you get to retain the copyright to that piece of code.

That means you will become one of the thousands of collective owners of Linux. But keep in mind that because of the terms of the GPL, you can’t forbid anyone else from using or modifying your code in the future. Very many people own a copyright in the different parts of the Linux source code. That makes it hard to imagine that the terms Linux is licensed under will ever change.

Read more

Licensing and Tricks/Openwashing

Filed under
OSS
Legal
  • April 2020 Zeta Alliance Weekly Call Summaries

    Changes To Zimbra’s Open Source Policy
    John E. explained that Zimbra 9 introduces a change to Synacor’s open source policy for Zimbra. Starting with Zimbra 9, a binary version of Zimbra 9 will no longer be released to the community and will instead only be made available to Zimbra Network Edition customers. There are currently no plans to release the source code for Zimbra 9 to the community. Zimbra 8.8.15 will remain open source for the community and continue to be supported for the remainder of its lifecycle through December, 31, 2024 (https://www.zimbra.com/support/support- ... lifecycle/). Version 8.8.15 will also continue to receive patches during this time frame. John E. described this new model for Zimbra 9 as “open core” where the open source products on which Zimbra is built will continue to be freely available, but the Zimbra 9 product itself will not be open source. Marc G. asked if Synacor’s plans involved introducing new features to Zimbra 8.8.15, or if the focus for introducing new features will shift exclusively to version 9. John E. said that he did not have the answer to this question. John also shared that starting with Zimbra 9, a source code license will be made available to customers who are licensing Zimbra Network Edition.

    Reactions To Zimbra Open Source Policy Change
    Noah P. said that part of his customer base values that Zimbra is open source and that it has been a marketing advantage over other proprietary email platforms. Marc G. said he felt this change will be hard for the open source community to support. John E. shared his personal opinion that Zimbra has struggled for several years to engage the open source community, as the ratio of people using Zimbra, compared to the number of people contributing back to Zimbra, has been very low. He said the biggest difference currently between Zimbra 8.8.15 and 9.0 is the addition of the new, Modern UI and welcomes feedback from Zimbra partners and the open source community on this policy change. Mark S. shared that many developers he has discussed it with have said that they have found it very difficult (if not impossible) to contribute to the Zimbra project in the past, mainly due to issues with an earlier version of the contributor’s agreement, which was finally updated a couple of years ago. Randy L. mentioned that another open source project, VyOS (https://www.vyos.io/community/), overcame issues with soliciting contributions back to their open source project by making binaries available to those who could demonstrate a meaningful contribution to the project in code or documentation work and suggested that such an approach might be something that Synacor should look at too. John E. invited Zimbra partners concerned about continued open source access to make a business case explaining how the loss of open source access would have a financial business impact for Synacor.

  • Changes To Zimbra's Open Source Policy

    The Zimbra email and collaboration suite will change its open source policy. This post from the Zeta Alliance notes the changes for Zimbra 9. "John E. explained that Zimbra 9 introduces a change to Synacor's open source policy for Zimbra. Starting with Zimbra 9, a binary version of Zimbra 9 will no longer be released to the community and will instead only be made available to Zimbra Network Edition customers.

  • Free Software Legal and Licensing Workshop 2020 cancelled due to COVID-19 outbreak

    This year's FSFE's Free Software Legal and Licensing Workshop has been cancelled. The FSFE thanks our contributors and looks ahead to organizing the event next year.

    Due to the outbreak of COVID-19 currently gripping the world, in early March the FSFE had to make the difficult decision to cancel our upcoming Free Software Legal and Licensing Workshop 2020 (the "Workshop"). Originally scheduled to take place from 15 - 17 April in Barcelona, Spain, the Workshop is an annual conference held every year since 2008 for the FSFE's Legal Network, and serves as a meeting point for FOSS legal experts to discuss issues and best practices surrounding Free Software licensing.

    Many exciting sessions were scheduled for this year's Workshop, including discussions on the technological relevance of copyleft licenses, on the challenges facing Free Software with machine learning and big data, on ongoing litigation from various jurisdictions on software licensing, as well as many other talks and workshops.

  • Update from the CommunityBridge Development Team [Ed: The Linux Foundation works for Microsoft. Not for Linux;
    watch who drives this thing...]
  • TOC Welcomes Dragonfly Into CNCF Incubator

    The CNCF Technical Oversight Committee (TOC) has accepted Dragonfly as an incubation-level hosted project. Dragonfly, which was accepted into the CNCF Sandbox in October 2018, is an open source, cloud native image and file distribution system. The goal of Dragonfly is to tackle distribution problems in cloud native scenarios.

Red Hat Summit and License Track at FOSS-North

Filed under
Red Hat
OSS
Legal
  • A partner’s guide to the Red Hat Summit virtual experience

    Partners play a critical role in Red Hat’s efforts to drive innovation with enterprise open source technology. From OEMs to global systems integrators to cloud and service providers, Red Hat’s extensive partner ecosystem helps customers around the world achieve success and IT modernization. We appreciate our partners and look forward to showcasing their innovative work at the first-ever Red Hat Summit Virtual Experience, a free, immersive multi-day event.

    If you’re a partner participating in Red Hat Summit, you won’t want to miss any of the action. Here are a few insider tips and tricks to help you navigate our newly virtual event.

  • What a License Track!

    This year we had a great set of licensing related talks, and I’d like to discuss them all in this post.

    Monday morning started with Frank Karlitschek and his talk Why the GPL is great for business. This a great overview of how you can build an free and open source business – pros and cons and pitfalls to avoid.

Huawei in OIN

Filed under
Legal

Gresecurity maker finally coughs up $300k to foot open-source pioneer Bruce Perens' legal bill in row over GPL

Filed under
Linux
Security
Legal

After three years of legal wrangling, the defamation lawsuit brought by Brad Spengler and his company Open Source Security (OSS) against open-source pioneer Bruce Perens has finally concluded.

It was clear that the end was nigh last month when California's Ninth Circuit Court of Appeals affirmed a lower court ruling against the plaintiffs.

Spengler and OSS sued Perens for a June 2017 blog post in which Perens ventured the opinion that grsecurity, Open Source Security's Linux kernel security enhancements, could expose customers to potential liability under the terms of the General Public License (GPL).

OSS says that customers who exercise their rights to redistribute its software under the GPL will no longer receive software updates – the biz wants to be paid for its work, a problem not really addressed by the GPL. Perens, the creator of the open-source definition, pointed out that section six of the GPLv2 prohibits modifications of the license terms.

Read more

Antitrust Regulators Turn Attention to Standards Organizations

Filed under
OSS
Legal

It’s well recognized by courts and regulators in many countries that standard setting among competitors can be procompetitive and good for consumers. As noted by the 5th Circuit Court in 1988, “it has long been recognized that the establishment and monitoring of trade standards is a legitimate and beneficial function of trade associations . . . [and] a trade association is not by its nature a ‘walking conspiracy’, its every denial of some benefit amounting to an unreasonable restraint of trade.”(1)

But regulatory sands can shift, and especially at a time when broad and dramatic changes (political and otherwise) seem to be the rule rather than the exception, it makes sense for collaborative organizations to keep vigilant, and to review their policies and procedures on a regular basis to help ensure antitrust compliance.

In my recent blog regarding Antitrust Laws and Open Collaboration, I briefly mentioned recent U.S. Department of Justice (DOJ) investigations into standards organizations. There were two, in particular, both focusing on internal policies and the importance of avoiding rules that might potentially disadvantage consumers or competitors. In this blog entry, we’ll take a deeper look at the specific types of conduct that concerned the regulators, and how the standards organizations under examination were eventually able to address those concerns.

Read more

Continuing Improvements to the OSS Supply Chain Ecosystem

Filed under
OSS
Legal

At the beginning of the 20th century, for the most part, production was local in nature, as it had been for several millennia. By the latter half of the century, with improvements in shipping and telecommunications, companies turned to lean production models (e.g., the Toyota Production System). Telecommunications meant that it was possible to specify components to a third party which was not local. Containerisation and transportation improvements meant that components could be transported cheaply and be delivered just-in-time by a supplier that was not local.

This allowed the production process to be modularised and contracted out, improving the efficiency of production. In today’s world, in which the Internet has driven communication costs down, companies no longer believe it is in their best interests to self-produce or locally source all components. Because of this, the world’s largest companies have built increasingly global and complicated supply chains. Benefiting from the computing and communications revolution that started in the 1990s and continues today, these companies are increasingly flexible in their choice of suppliers. The choices that they make about suppliers are not as rigid as they were when lean production was originally conceptualised.

Linux and other open source software (OSS) projects have driven the computing and communications revolution that has changed the world, including the nature of modern supply chains. Open source technologies are also increasingly being used in products themselves (e.g., Android on mobiles, Automotive Grade Linux in the auto sector, etc), as the world’s best-known brand names fully embrace OSS.

Read more

Some good coronavirus news: Monster Google-Oracle API copyright battle on hold as bio-nasty shuts Supremes

Filed under
Development
Google
OSS
Legal

The ten-year monster battle between Google and Oracle over the use of Java APIs will be delayed until further notice – after the US Supreme Court announced it was suspending oral arguments over coronavirus fears.

The two sides were due to present their argument to the court on Tuesday, March 24 and there has been a flood of filings in the case in the past month. But on Monday, the Supreme Court said that “in keeping with public health precautions recommended in response to COVID-19, the Supreme Court is postponing the oral arguments currently scheduled for the March session (March 23-25 and March 30-April 1).”

It’s not yet known when the case will be rescheduled - a meeting on Friday should provide more details. The court’s statement also noted that its closure is “not unprecedented,” but then gave two precedents there weren’t exactly comforting:

“The Court postponed scheduled arguments for October 1918 in response to the Spanish flu epidemic. The Court also shortened its argument calendars in August 1793 and August 1798 in response to yellow fever outbreaks.” How reassuring.

Read more

Also: Supreme Court Postpones Oral Arguments

What should fit in a FOSS license?

Filed under
OSS
Legal

What terms belong in a free and open source software license? There has been a lot of debate about this lately, especially as many of us are interested in expanding the role we see that we play in terms of user freedom issues. I am amongst those people that believe that FOSS is a movement thats importance is best understood not on its own, but on the effects that it (or the lack of it) has on society. A couple of years ago, a friend and I recorded an episode about viewing software freedom within the realm of human rights; I still believe that, and strongly.

I also believe there are other critical issues that FOSS has a role to play in: diversity issues (both within our own movement and empowering people in their everyday lives) are one, environmental issues (the intersection of our movement with the right-to-repair movement is a good example) are another. I also agree that the trend towards "cloud computing" companies which can more or less entrap users in their services is a major concern, as are privacy concerns.

Given all the above, what should we do? What kinds of terms belong in FOSS licenses, especially given all our goals above?

First, I would like to say that I think that many people in the FOSS world, for good reason, spend a lot of time thinking about licenses. This is good, and impressive; few other communities have as much legal literacy distributed even amongst their non-lawyer population as ours. And there's no doubt that FOSS licenses play a critical role... let's acknowledge from the outset that a conventionally proprietary license has a damning effect on the agency of users.

However, I also believe that user freedom can only be achieved via a multi-layered approach. We cannot provide privacy by merely adding privacy-requirements terms to a license, for instance; encryption is key to our success. I am also a supporter of code of conducts and believe they are important/effective (I know not everyone does; I don't care for this to be a CoC debate, thanks), but I believe that they've also been very effective and successful checked in as CODE-OF-CONDUCT.txt alongside the traditional COPYING.txt/LICENSE.txt. This is a good example of a multi-layered approach working, in my view.

So acknowledging that, which problems should we try to solve at which layers? Or, more importantly, which problems should we try to solve in FOSS licenses?

Here is my answer: the role of FOSS licenses is to undo the damage that copyright, patents, and related intellectual-restriction laws have done when applied to software. That is what should be in the scope of our licenses. There are other problems we need to solve too if we truly care about user freedom and human rights, but for those we will need to take a multi-layered approach.

To understand why this is, let's rewind time. What is the "original sin" that lead to the rise proprietary software, and thus the need to distinguish FOSS as a separate concept and entity? In my view, it's the decision to make software copyrightable... and then, adding similar "state-enforced intellectual restrictions" categories, such as patents or anti-jailbreaking or anti-reverse-engineering laws.

Read more

Syndicate content