Displaying posts tagged GPL
August 4, 2016 by Bradley M. Kuhn
Monday 1 February 2016 was the longest day of my life, but I don't mean that in the canonical, figurative, and usually negative sense of that phrase. I mean it literally and in a positive way. I woke up that morning Amsterdam in the Netherlands — having the previous night taken a evening train from Brussels, Belgium with my friend and colleague Tom Marble. Tom and I had just spent the weekend at FOSDEM 2016, where he and I co-organize the Legal and Policy Issues DevRoom (with our mutual friends and colleagues, Richard Fontana and Karen M. Sandler).
Tom and I headed over to AMS airport around 07:00 local time, found some breakfast and boarded our flights. Tom was homeward bound, but I was about to do the crazy thing that he'd done in the reverse a few years before: I was speaking at FOSDEM and LinuxConf Australia, back-to-back. In fact, because the airline fares were substantially cheaper this way, I didn't book a “round the world” flight, but instead two back-to-back round-trip tickets. I boarded the plane at AMS at 09:30 that morning (local time), and landed in my (new-ish) hometown of Portland, OR as afternoon there began. I went home, spent the afternoon with my wife, sister-in-law, and dogs, washed my laundry, and repacked my bag. My flight to LAX departed at 19:36 local time, a little after US/Pacific sunset.
I crossed the Pacific ocean, the international dateline, left a day on deposit to pickup on the way back, and after 24 hours of almost literally chasing the sun, I arrived in Melbourne on the morning of Wednesday 3 February, road a shuttle bus, dumped my bags at my room, and arrived just in time for the Wednesday afternoon tea break at LinuxConf Australia 2016 in Geelong.
Nearly everyone who heard this story — or saw me while it was
happening — asked me the same question:
Why are you doing
this?. The five to six people packed in with me in my coach section on
the LAX→SYD leg are probably still asking this, because I had an
allergic attack of some sort most of the flight and couldn't stop coughing,
even with two full bags of Fisherman's Friends over those 15 hours.
But, nevertheless, I gave a simple answer to everyone who questioned my crazy BRU→AMS→PDX→LAX→SYD→MEL itinerary: FOSDEM and LinuxConf AU are two of the most important events on the Free Software annual calendar. There's just no question. I'll write more about FOSDEM sometime soon, but the rest of this post, I'll dedicate to LinuxConf Australia (LCA).
One of my biggest regrets in Free Software is that I was once — and you'll be surprised by this given my story above — a bit squeamish about the nearly 15 hour flight to get from the USA to Australia, and therefore I didn't attend LCA until 2015. LCA began way back in 1999. Keep in mind that, other than FOSDEM, no major, community-organized events have survived from that time. But LCA has the culture and mindset of the kinds of conferences that our community made in 1999.
LCA is community organized and operated. Groups of volunteers each year plan the event. In the tradition of science fiction conventions and other hobbyist activities, groups bid for the conference and offer their time and effort to make the conference a success. They have an annual hand-off meeting to be sure the organization lessons are passed from one committee to the next, and some volunteers even repeat their involvement year after year. For organizational structure, they rely on a non-profit organization, Linux Australia, to assist with handling the funds and providing infrastructure (just like Conservancy does for our member projects and their conferences!).
I believe fully that the success of software freedom and GNU/Linux in particular has not primarily come from companies that allow developers to spend some of their time coding on upstream. Sure, many Free Software projects couldn't survive without that component, but what really makes GNU/Linux, or any Free Software project, truly special is that there's a community of users and developers who use, improve, and learn about the software because it excites and interests them. LCA is one of the few events specifically designed to invite that sort of person to attend, and it has for almost an entire generation stood in stark contrast the highly corporate, for-profit/trade-assocation events that slowly took over our community in the years that followed LCA's founding. (Remember all those years of LinuxWorld Expo? I wasn't even sad when IDG stopped running it!)
Speaking particularly of earlier this year, LCA 2016 in Geelong, Australia was a particular profound event for me. LCA is one of the few events that accepts my rather political talks about what's happening in Open Source and Free Software, so I gave a talk on Friday 5 February 2016 entitled Copyleft For the Next Decade: A Comprehensive Plan, which was recorded, so you can watch it, or read the LWN article about it. I do warn everyone that the jokes did not go over well (mine never do), so after I finished, I was feeling a bit down that I hadn't made the talk entertaining enough. But then, something amazing happened: people started walking up to me and telling me how important my message was. One individual even came up and told me that he was excited enough that he'd like to match any donation that Software Freedom Conservancy received during LCA 2016. Since it was the last day of the event, I quickly went to one of the organizers, Kathy Reid, and asked if they would announce this match during the closing ceremonies; she agreed. In a matter of just an hour or two, I'd gone from believing my talk had fallen flat to realizing that — regardless of whether I'd presented well — the concepts I discussed had connected with people.
Then, I sat down in the closing session. I started to tear up slightly when the organizers announced the donation match. Within 90 seconds, though, that turned to full tears of joy when the incoming President of Linux Australia, Hugh Blemings, came on stage and said:
[I'll start with] a Software Freedom Conservancy thing, as it turns out. … I can tell that most of you weren't at Bradley's talk earlier on today, but if there is one talk I'd encourage you to watch on the playback later it would be that one. There's a very very important message in there and something to take away for all of us. On behalf of the Council I'd like to announce … that we're actually in the process of making a significant donation from Linux Australia to Software Freedom Conservancy as well. I urge all of you to consider contributing individual as well, and there is much left for us to be done as a community on that front.
I hope that this post helps organizers of events like LCA fully understand how much something like this means to us who run a small charities — and not just with regard to the financial contributions. Knowing that the organizers of community events feel so strongly positive about our work really keeps us going. We work hard and spend much time at Conservancy to serve the Open Source and Free Software community, and knowing the work is appreciated inspires us to keep working. Furthermore, we know that without these events, it's much tougher for us to reach others with our message of software freedom. So, for us, the feeling is mutual: I'm delighted that the Linux Australia and LCA folks feel so positively about Conservancy, and I now look forward to another 15 hour flight for the next LCA.
And, on that note, I chose a strategic time to post this story. On Friday 5 August 2016, the CFP for LCA 2017 closes. So, now is the time for all of you to submit a talk. If you regularly speak at Open Source and Free Software events, or have been considering it, this event really needs to be on your calendar. I look forward to seeing all of you Hobart this January.
Posted by Bradley M. Kuhn on August 4, 2016
July 19, 2016 by Bradley M. Kuhn and Karen M. Sandler
The GNU General Public License (GPL) was designed to grant clear permissions for sharing software and to defend that freedom for users. GPL'd code now appears in so many devices that it is fundamental to modern technology. While we believe that following the GPL's requirements is neither burdensome nor unreasonable, many fail to do so. GPL enforcement — the process to encourage those who fail to correct problems and join our open software development community — is difficult diplomacy.
Our community learned together over the last 20 years how to do this work well. Last year, Conservancy and the FSF published the concise but comprehensive Principles of Communited-Oriented GPL Enforcement. The Principles are endorsed by Conservancy, FSF and gpl-violations.org — the three historic community-oriented GPL enforcement organizations, as well as other non-enforcing organizations such as OSI. Recently, these principles were also endorsed by the Netfilter team, a core and essential group of Linux developers. However, despite our best efforts, we have been unable to convince all enforcers to endorse these Principles. Here, we express our concern and desire to ameliorate that situation as best we can. Furthermore, we also bring some transparency and context where enforcers seem unlikely to ever endorse the Principles.
One impetus in drafting the Principles was our discovery of ongoing enforcement efforts that did not fit with the GPL enforcement community traditions and norms established for the last two decades. Publishing the previously unwritten guidelines has quickly separated the wheat from the chaff. Specifically, we remain aware of multiple non-community-oriented GPL enforcement efforts, where none of those engaged in these efforts have endorsed our principles nor pledged to abide by them. These “GPL monetizers”, who trace their roots to nefarious business models that seek to catch users in minor violations in order to sell an alternative proprietary license, stand in stark contrast to the work that Conservancy, FSF and gpl-violations.org have done for years.
Most notably, a Linux developer named Patrick McHardy continues ongoing GPL enforcement actions but has not endorsed the community Principles. When Patrick began his efforts, Conservancy immediately reached out to him. After a promising initial discussion (even contemplating partnership and Patrick joining our coalition) in mid-2014, Patrick ceased answering our emails and text messages, and never cooperated with us. Conservancy has had no contact with Patrick nor his attorney since, other than a somewhat cryptic and off-topic response we received over a year ago. In the last two years, we've heard repeated rumors about Patrick's enforcement activity, as well as some reliable claims by GPL violators that Patrick failed to follow the Principles.
In one of the many attempts we made to contact Patrick, we urged him to join us in co-drafting the Principles, and then invited him to endorse them after their publication. Neither communication received a response. We informed him that we felt the need to make this public statement, and gave him almost three months to respond. He still has not responded.
Patrick's enforcement occurs primarily in Germany. We know well the difficulties of working transparently in that particular legal system, but both gpl-violations.org and Conservancy have done transparent enforcement in that jurisdiction and others. Yet, Patrick's actions are not transparent.
In private and semi-private communications, many have criticized Patrick for his enforcement actions. Patrick McHardy has also been suspended from work on the Netfilter core team. While the Netfilter team itself publicly endorsed these Principles of enforcement, Patrick has not. Conservancy agrees that Patrick's apparent refusal to endorse the Principles leaves suspicion and concern, since the Principles have been endorsed by so many other Linux copyright holders, including Conservancy.
Conservancy built a coalition of many copyright holders for Linux enforcement so that we as copyright holders in Linux could share with each other our analysis, strategy, plans and diplomacy. Much like Linux development itself, enforcement functions best when copyright holders collaborate as equals to achieve the desired result. In coding, Linux copyright holders seek to create together the best operating system kernel in history, and in an enforcement coalition like ours, we seek to achieve proper compliance in the best possible way for the community. (More collaboration is always better for various reasons, and we always urge copyright holders in Linux, Debian, Samba, and BusyBox to join our coalitions.)
Nevertheless, Conservancy does not object to individual copyright holders who wish to enforce alone; this is their legal prerogative, and with such limited resources for (and political opposition against) GPL enforcement on Linux, everyone who wants to help is welcome. However, Conservancy must denounce anyone who refuses to either endorse the Principles, or (at least) publicly explain why the Principles are not consistent with their efforts to advance software freedom.
There are few public facts on Patrick's enforcement actions, though there are many rumors. That his enforcement work exists is indisputable, but its true nature, intent, and practice remains somewhat veiled. The most common criticism that we hear from those who have been approached by Patrick is an accusation that he violates one specific Principle: prioritizing financial gain over compliance. Meanwhile, some who criticize Conservancy's enforcement efforts ironically believe we are “too nice” — because we don't seek to maximize financial gain, and therefore we ultimately fund some license compliance work with donations from the general public. Despite that criticism, and the simple fact that Conservancy's settlement funds from GPL enforcement usually fail to cover even the staffing costs associated with our enforcement efforts, we continue to abide by the Principle that compliance is paramount over monetary damages. While we sympathize with those who wish GPL enforcement would fund itself, we also see clear problems if an enforcer prioritizes financial gain over compliance — even if the overarching goal is more comprehensive enforcement in other areas.
Conservancy does all our enforcement specifically through a USA 501(c)(3) charity, precisely because that makes us transparently financially accountable. The IRS requires that our work benefit the general public and never bestow private inurement to anyone. Success in enforcement should never personally benefit one individual financially, and a charity structure for GPL enforcement ensures that never happens. Furthermore, the annual Form 990 filings of charities allows for public scrutiny of both enforcement revenue and expenditure1.
Conservancy, as a charity in the center of GPL enforcement, seeks to make enforcement transparent. We devised the Principles in part to clarify long-standing, community-accepted enforcement procedures in a formalized way, so that violators and GPL-compliant adopters alike can discern whether enforcement behavior is acceptable under community norms. We welcome public debate about any enforcement action's compliance with the Principles (i.e., its meta-compliance with the Principles). We encourage all those who enforce GPL to come forward to either endorse the Principles, or publicly propose updates or modifications to the Principles. (We've created the mailing list, principles-discuss, as a public place for that discussion.) We urge developers to state that they support enforcement undertaken in a principled manner, including litigating only as a necessary last resort and to never prioritize financial gain.
We chose the phrase “meta-compliance with the Principles” carefully. Applying the Principles themselves to compliance with those Principles seems apt to us. For example, we publicized the concerns about Patrick's enforcement only after two years of good-faith attempts to discuss the problems with him, and we waited for more than a year before publicizing the problem, and only after both ample warning to Patrick, and discussion and coordination with the Netfilter team. Just as we would with a GPL violator, we exhausted every path we could find before making this statement publicly.
Thus, we now call on Patrick to endorse the Principles or publicly engage in good faith with the community to discuss proper methods of enforcement. We further welcome anyone who does not currently abide by these Principles to join us anew in our coordinated community-oriented GPL enforcement work.
In conclusion, to contrast GPL enforcement with the much more common proprietary software litigation, violators should always have a simple and solid method to quickly resolve the rare legal action around the GPL: compliance. GPL enforcers should always seek compliance as the primary and paramount resolution to any enforcement matter. In this manner, where community-oriented enforcement exists and thrives, the risk for danger from lawsuits diminishes. Today's violators can then become tomorrow's contributors.
Finally, if you are in a situation where you are unsure what your obligations are under GPL, we urge you to read and study the Copyleft Guide to learn more about how to properly comply with GPL and other copyleft licenses.
1 Looking at Conservancy's Form 990s, you can see by examining Page 2 (Part III) (in FY 2011, see Page 25, Schedule O, for continuation) each year how much revenue Conservancy received from enforcement settlements, and how much Conservancy spends on license compliance activity. Most notably, Conservancy has not received a single dollar in GPL enforcement revenue since FY 2012.
Posted by Bradley M. Kuhn and Karen M. Sandler on July 19, 2016
April 11, 2016 by Bradley M. Kuhn and Karen M. Sandler
FSF Confirms Conservancy's Analysis & Urges ZFS Copyright Holders to License Under GPL
In a statement today, the Free Software Foundation (FSF), the charity that publishes all versions of the GNU General Public License (GPL), issued a statement regarding GPL-incompatible licenses and their interactions with strong copyleft licenses. The statement, written by Richard M. Stallman, President of the FSF and author of all versions of the GPL, confirms various points that we made previously in our blog post on the matter in late February.
The FSF's statement covers various topics, but most importantly, it confirms that distribution of software created by combining GPL-incompatibly licensed copyrighted works with GPL'd works violates GPL, stating:
The only permissible way to make available a binary (non-source) work that includes GPL'd material is under the GPL. … Code under GPL-incompatible licenses cannot be added, neither in source nor binary form, without violating the GPL.
The FSF's statement also reiterates many important points that are central to Conservancy's work on GPL compliance, particularly as it relates to combined works, such as Linux modules, which are “dynamically linked”:
[I]f you distribute modules meant to be linked together by the user, you have made them into a combined work, and you must release the entire combined work under the GNU GPL.
Specifically regarding the ZFS matter, the FSF has joined Conservancy in calling on Oracle to also license their ZFS copyrights under GPL, so that combinations with Linux are permitted:
[T]he copyright holders of ZFS … can give permission to use it under the GNU GPL, version 2 or later, in addition to any other license. This would make it possible to combine that version with Linux without violating the license of Linux. This would be the ideal resolution and we urge the copyright holders of ZFS to do so.
The FSF does point out that as stewards of the GNU project, they look to organizations like Conservancy, with a direct relationship with substantial Linux copyright holders, to assure compliance with the GPL for Linux. The FSF lauded our efforts to enforce the GPL, concluding with:
[W]e enthusiastically encourage enforcement of the GPL on Linux in accord with the Principles of Community-Oriented GPL Enforcement, and we wish the enforcers success in bringing violators into compliance, thus maintaining the GPL's integrity so it can defend users' freedom.
Both of us, in addition to our work in our day jobs with Conservancy, also volunteer our time to help the FSF — Bradley has been an FSF volunteer (focused primarily on licensing issues) since 1997 and Karen since 2006. We have been grateful to have a fruitful collaborative relationship with the FSF, and we appreciate that both John Sullivan and Richard Stallman actively sought our direct feedback and input on the FSF's statement over the last month.
Conservancy has also engaged in many more formal collaborations with the FSF in the past two years. Most notably, Conservancy and FSF co-published the aforementioned Principles of Community-Oriented GPL Enforcement. Conservancy and the FSF also jointly manage the copyleft.org effort, which publishes the most comprehensive guide ever created on the use of and compliance with GPL and copyleft.
In the six weeks since publication of our blog post about the license compliance problems with Canonical, Ltd.'s inclusion of ZFS in Ubuntu, some have opined with statements that do not fit with the interpretations and analysis that the FSF has carefully created over the last 30 years regarding how copyleft works. We believe the FSF's statement definitively settles this issue, showing that the FSF position remains consistent. We're glad the FSF has clarified the confusion created by the many pundits who have published inaccurate licensing advice.
Conservancy, now joined by the FSF, continue to call on copyright holders of ZFS to end the licensing problems and simply grant permission under GPL for ZFS' inclusion in Linux. Without such permission, users who seek to combine Linux and ZFS live in a precarious situation without the necessary copyright permissions to exercise their software freedom. The easiest path to resolution is a responsible and community-friendly licensing action by ZFS's copyright holders. Oracle should lead the way, as the largest single copyright holder in the ZFS codebase, to either relicense ZFS, or, if they prefer, publish an updated CDDL that is compatible with the GPLv2 and GPLv3 (which would be another viable route to solve the same problem).
Posted by Bradley M. Kuhn and Karen M. Sandler on April 11, 2016
February 29, 2016 by Bradley M. Kuhn
On last Thursday, Christoph Hellwig and his legal counsel attended a hearing in Hellwig's VMware case that Conservancy currently funds. Harald Welte, world famous for his GPL enforcement work in the early 2000s, also attended as an observer and wrote an excellent summary. I'd like to highlight a few parts of his summary, in the context of Conservancy's past litigation experience regarding the GPL.
First of all, in great contrast to the cases here in the USA, the Court acknowledged fully the level of public interest and importance of the case. Judges who have presided over Conservancy's GPL enforcement cases USA federal court take all matters before them quite seriously. However, in our hearings, the federal judges preferred to ignore entirely the public policy implications regarding copyleft; they focused only on the copyright infringement and claims related to it. Usually, appeals courts in the USA are the first to broadly consider larger policy questions. There are definitely some advantages to the first Court showing interest in the public policy concerns.
However, beyond this initial point, I was struck that Harald's summary sounded so much like the many hearings I attended in the late 2000's and early 2010's regarding Conservancy's BusyBox cases. From his description, it sounds to me like judges around the world aren't all that different: they like to ask leading questions and speculate from the bench. It's their job to dig deep into an issue, separate away irrelevancies, and assure that the stark truth of the matter presents itself before the Court for consideration. In an adversarial process like this one, that means impartially asking both sides plenty of tough questions.
That process can be a rollercoaster for anyone who feels, as we do, that the Court will rule on the specific legal issues around which we have built our community. We should of course not fear the hard questions of judges; it's their job to ask us the hard questions, and it's our job to answer them as best we can. So often, here in the USA, we've listened to Supreme Court arguments (for which the audio is released publicly), and every pundit has speculated incorrectly about how the justices would rule based on their questions. Sometimes, a judge asks a clarification question regarding a matter they already understand to support a specific opinion and help their colleagues on the bench see the same issue. Other times, judges asks a questions for the usual reasons: because the judges themselves are truly confused and unsure. Sometimes, particularly in our past BusyBox cases, I've seen the judge ask the opposing counsel a question to expose some bit of bluster that counsel sought to pass off as settled law. You never know really why a judge asked a specific question until you see the ruling. At this point in the VMware case, nothing has been decided; this is just the next step forward in a long process. We enforced here in the USA for almost five years, we've been in litigation in Germany for about one year, and the earliest the Germany case can possibly resolve is this May.
Kierkegaard wrote that
it is perfectly true, as the philosophers say,
that life must be understood backwards. But they forget the other
proposition, that it must be lived forwards. Court cases are a prime
example of this phenomenon. We know it is gut-wrenching for our
Supporters to watch every twist and turn in the case. It has taken so
long for us to reach the point where the question of a combined work of
software under the GPL is before a Court; now that it is we all want this
part to finish quickly. We remain very grateful to all our Supporters
who stick with us, and the new ones who will join
funding makes it possible for Conservancy to pursue this and other
matters to ensure strong copyleft for our future, and handle every other
detail that our member projects need. The one certainty is that our best
chance of success is working hard for plenty of hours, and we appreciate
that all of you continue to donate so that the hard work can continue.
We also thank the Linux developers in Germany, like Harald, who are
supporting us locally and able to attend in person and report back.
Posted by Bradley M. Kuhn on February 29, 2016