Software Freedom Conservancy

Conservancy needs 750 Supporters to continue its basic community services & 2,500 to avoid hibernating its enforcement efforts! The next 21 supporters who sign up before next Friday will count twice thanks to an anonymous match donor!
370 have joined so far and match pledges reduced our 2,500 maximum need by 62 !

[RSS] Conservancy Blog

Displaying posts tagged GPL

November 26, 2015 by Bradley M. Kuhn

Do You Like What I Do For a Living?

I'm quite delighted with my career choice. As an undergraduate and even in graduate school, I still expected my career extend my earlier careers in the software industry: a mixture of software developer and sysadmin. I'd probably be a DevOps person now, had I stuck with that career path.

Instead, I picked the charity route: which (not financially, but work-satisfaction-wise) is like winning a lottery. There are very few charities related to software freedom, and frankly, if (like me) you believe in universal software freedom and reject proprietary software entirely, there are two charities for you: the Free Software Foundation, where I used to work, and Software Freedom Conservancy, where I work now.

But software freedom is not merely an ideology for me. I believe the ideology matters because I see the lives of developers and users are better when they have software freedom. I first got a taste of this IRL when I attended the earliest Perl conferences in the late 1990s. My friend James and I stayed in dive motels and even slept in a rental car one night to be able to attend. There was excitement in the Perl community (my first Free Software community). I was exhilarated to meet in person the people I'd seen only as god-like hackers posting on perl5-porters. James was so excited he asked me to take a picture of him jumping as high as he could with his fist in the air in front of the main conference banner. At the time, I complained; I was mortified and felt like a tourist taking that picture. But looking back, I remember that James and I felt that same excitement and just were expressing it differently.

I channeled that thrill into finding a way that my day job would focus on software freedom. As an activist since my teenage years, I concentrated specifically on how I could preserve, protect and promote this valuable culture and ideology in a manner that would assure the rights of developers and users to improve and share the software they write and use.

I've enjoyed the work; I attend more great conferences than I ever imagined I would, where now people occasionally walk up to me with the same kind of fanboy reverence that I reserved for Larry Wall, RMS and the heroes of my Free Software generation. I like my work. I've been careful, however, to avoid a sense of entitlement. Since I read it in 1991, I have never forgotten RMS' point in the GNU Manifesto: Most of us cannot manage to get any money for standing on the street and making faces. But we are not, as a result, condemned to spend our lives standing on the street making faces, and starving. We do something else., a point he continues in his regular speeches, by adding: I [could] just … give up those principles and start … writing proprietary software. I looked for another alternative, and there was an obvious one. I could leave the software field and do something else. Now I had no other special noteworthy skills, but I'm sure I could have become a waiter. Not at a fancy restaurant; they wouldn’t hire me; but I could be a waiter somewhere. And many programmers, they say to me, “the people who hire programmers demand [that I write proprietary software] and if I don’t do [it], I’ll starve”. It’s literally the word they use. Well, as a waiter, you’re not going to starve.

RMS' point is not merely to expose the false dilemma inherent in I have to program, even it's proprietary, because that's what companies pay me to do, but also to expose the sense of entitlement in assuming a fundamental right to do the work you want. This applies not just to software authorship (the work I originally trained for) but also the political activism and non-profit organizational work that I do now.

I've spent most of my career at charities because I believe deeply that I should take actions that advance the public good, and because I have a strategic vision for the best methods to advance software freedom. My strategic goals to advance software freedom include two basic tenets: (a) provide structure for Free Software projects in a charitable home (so that developers can focus on writing software, not administration, and so that the projects aren't unduly influenced by for-profit corporations) and (b) uphold and defend Free Software licensing, such as copyleft, to ensure software freedom.

I don't, however, arrogantly believe that these two priorities are inherently right. Strategic plans work toward a larger goal, and pursing success of a larger ideological mission requires open-mindedness regarding strategies. Nevertheless, any strategy, once decided, requires zealous pursuit. It's with this mindset that I teamed up with my colleague, Karen Sandler, to form Software Freedom Conservancy.

Conservancy, like most tiny charities, survives on the determination of its small management staff. Karen Sandler, Conservancy's Executive Director, and I have a unique professional collaboration. She and I share a commitment to promoting and defending moral principles in the context of software freedom, along with an unrelenting work ethic to match. I believe fundamentally that she and I have the skills, ability, and commitment to meet these two key strategic goals for software freedom.

Yet, I don't think we're entitled to do this work. And, herein there's another great feature of a charity. A charity not only serves the public good; the USA IRS also requires that a charity be funded primarily by donations from the public.

I like this feature for various reasons. Particularly, in the context of the fundraiser that Conservancy announced this week, I think about it terms of seeking a mandate from the public. As Conservancy poises to begin its tenth year, Karen and I as its leaders stand at a crossroads. For financial reasons of the organization's budget, we've been thrust to test this question: Does the public of Free Software users and developers actually want the work that we do?.

While I'm nervous that perhaps the answer is no, I'm nevertheless not afraid to ask the question. So, we've asked. We asked all of you to show us that you want our work to continue. We set two levels, matching the two strategic goals I mentioned. (The second is harder and more expensive to do than the first, so we've asked many more of you to support us if you want it.)

It's become difficult in recent years to launch a non-profit fundraiser (which have existed for generations) and not think of the relatively recent advent of gofundme, Kickstarter, and the like. These new systems provide a (sadly, usually proprietary software) platform for people to ask the public: Is my business idea and/or personal goal worth your money?. While I'm dubious about those sites, I do believe in democracy enough to build my career on a structure that requires an election (of sorts). Karen and I don't need you to go to the polls and cast your ballot, but we do ask you consider if what we do for a living at Conservancy is worth US$10 per month to you. If it is, I hope you'll “cast a vote” for Conservancy and become a Conservancy supporter now.

Posted by Bradley M. Kuhn on November 26, 2015

Tags: conservancy, GPL, supporter

November 24, 2015 by Karen Sandler

Our fundraiser and awesome Supporters pitching in

** Photo of Conservancy Supporters.  Photo by-Carlo-Piana under CC-0 **

You may have noticed that Conservancy launched a big fundraising campaign this week. As we talk about more fully on our Supporter sign up page, over the past year and in particular since we launched the VMware suit some of our corporate funding has been pulled because we tackle important but controversial issues, like GPL compliance. We have even have had talks blocked or canceled at conferences.

In order to ensure that we can continue our work, we must transition to a primarily individual-supported model. We will continue to seek corporate support, of course, and we're grateful for the corporate donors whose support has continued. But our constituency is the software freedom community, and that's where our support should ultimately come from. It's not enough for us to think that the work we do is right - a significant portion of the public must also agree and be willing to vote with their money. Without that support we simply cannot continue. The 10% that our member projects contribute doesn't cover even one staffer plus basic overhead.

We have structured the campaign with two make-or-break levels: a lower level that will just sustain the organization for a "bare minimum" service plan to our member projects, and a separate, higher level to continue doing copyleft enforcement. If we don't meet these goals we'll be forced to radically restructure.

You can see the names of some of our Supporters who choose to be acknowledged, and they are a very impressive bunch!

One Supporter, the very awesome Christopher Allan Webber took some time to sit down with Bradley and me to talk about the campaign and about GPL enforcement generally. You can hear it as the latest episode of Bradley's and my oggcast Free as in Freedom. It's the first episode of FaiF that we've released in some time, and I'm glad we were able to get it together in time for this important fundraiser.

In the coming weeks we will have a few videos from other Supporters about why they choose to support us. Carol Smith of Google was very kind to do one:

Many thanks to Carol for supporting sofware freedom and our organization! Join Carol and become a supporter of Conservancy today.

Posted by Karen Sandler on November 24, 2015

Tags: conservancy, GPL, supporter

November 9, 2015 by Bradley M. Kuhn and Karen M. Sandler

GPL Enforcement and the Trans-Pacific Partnership

Many people have criticized the proposed Trans-Pacific Partnership (TPP) treaty since the text was released. In particular, some of the terms in the agreement are bad for software freedom and other social justice causes. Despite the TPP's stated intention to bring "social benefits" in addition to economic growth, the terms of TPP work against social benefits and awards too much power and control to large multinational corporations, including proprietary software companies.

The agreement text is lengthy and complex, filed with bad provisions. A few days ago, the Free Software community uncovered the following text from the TPP:

1. No Party shall require the transfer of, or access to, source code of software owned by a person of another Party, as a condition for the import, distribution, sale or use of such software, or of products containing such software, in its territory.

2. For the purposes of this Article, software subject to paragraph 1 is limited to mass-market software or products containing such software and does not include software used for critical infrastructure.

3. Nothing in this Article shall preclude:

(a) the inclusion or implementation of terms and conditions related to the provision of source code in commercially negotiated contracts; or

(b) a Party from requiring the modification of source code of software necessary for that software to comply with laws or regulations which are not inconsistent with this Agreement.

4. This Article shall not be construed to affect requirements that relate to patent applications or granted patents, including any orders made by a judicial authority in relation to patent disputes, subject to safeguards against unauthorised disclosure under the law or practice of a Party.

The revelation of this clause has confused our community, as it appears as if this provision, once adopted, might impact or restrict the international operation of copyleft licenses. Below we explain that, while everyone should reject and oppose this provision — and the rest of TPP — this provision has no dramatic impact on copyleft licensing.

First, as others have pointed out, Party is a defined term that refers specifically to government entities that sign the treaty. As such, the provision would only constrain the behavior of governments themselves. There are some obviously bad outcomes of this provision when those governmental entities interfere with public safety and ethical distribution of software, but we believe this provision will not interfere with international enforcement of copyleft.

Copyleft licenses use copyright as a mechanism to keep software free. The central GPL mechanism that copyright holders exercise to ensure software freedom is termination of permission to copy, modify and distribute the software (per GPLv2§4 and GPLv3§8). Under GPL's termination provisions, non-compliance results in an automatic termination of all copyright permissions. In practice, distributors can chose — either they can provide the source code or cease distribution. Once permissions terminate, any distribution of the GPL'd software infringes copyrights. Accordingly, in an enforcement action, there is no need to specifically compel a government to ask for disclosure of source code.

For example, imagine if a non-US entity ships a GPL-violating, Linux-based product into the USA, and after many friendly attempts to achieve compliance, the violating company refuses to comply. Conservancy can sue the company in US federal court, and seek injunction for distribution of the foreign product in the USA, since the product infringes copyright by violating the license. The detailed reasons for that infringement (i.e., failure to disclose source code) is somewhat irrelevant to the central issue; the Court can grant injunction (i.e., an order to prevent the company from distributing the infringing product) based simply on the violator's lost permissions under the existing copyright license. The Court could even order the cease of import of the infringing products.

In our view, the violator would be unaffected under the above TPP provision, since the Court did not specifically compel release of the source code, but rather simply ruled that the product generally infringed copyrights, and their distribution rights had fully terminated upon infringement. In other words, the fact that the violator lost copyright permissions and can seek to restore them via source code disclosure is not dispositive to the underlying infringement claim.

While TPP thus does not impact copyright holders' ability to enforce the GPL, there are nevertheless plenty of reasons to oppose TPP. Conservancy therefore joins the FSF, EFF, and other organizations in encouraging everyone to oppose TPP.

Help support Conservancy and its efforts to defend the GPL by becoming a Supporter today.

Posted by Bradley M. Kuhn and Karen M. Sandler on November 9, 2015

Tags: conservancy, GPL

September 30, 2015 by Karen Sandler

Linaro Connect, Volkswagen and Developer Ethics

Last week I had the privilege of delivering Friday's keynote address at Linaro Connect. I was so excited and pleased that I had been asked to speak about compliance there. As Linaro is a consortium for Linux kernel related initiatives on ARM, I was excited and curious as to what the conference was like and thrilled to be given the chance to talk about why copyleft and GPL compliance are so fundamental to the success of collaborative engineering initiatives like Linaro. The fact that the conference is so developer focused was a huge bonus.

One of the topics I touched on, given its newsworthiness was the situation with Volkswagen. Many people have talked about the implications of so-called dieselgate and its implications for free and open source software. In my talk I focused on another aspect of this - engineer and developer culture.

When I was in engineering school at The Cooper Union we had a mandatory course during our first year where we read the book To Engineer Is Human (which incidentally, if you buy you can sign up to support Conservancy on Amazon Smile first). The book discusses prominent engineering failures (including the dramatic Tacoma Narrows Bridge collapse “Galloping Gertie”), why they failed and how such failure is ultimately a part of successful societal engineering. In the class we talked about the culture of engineering ethics and how engineers ultimately have a special responsibility in society on behalf of the people who are impacted by the work they do.

In the recent case of Volkswagen, the failure of the company to behave ethically not only caused a negative impact on the environment and alienated VW's customer base, but also had a massively negative effect on the company's bottom line and financial outlook. How many engineers at the company felt horribly about what was happening and felt powerless to do anything about it? And in that case, the failure of Volkswagen to do the right thing was bad for the company in a number of levels.

As we see that copyleft and best security are linked (I talked about the Honeymoon Effect during the talk, and you can read my old paper on medical device safety plus many great discussions by folks like Matthew Garrett and even Bruce Schneier) and we embark upon an Internet of Things network, the ethical implications of software freedom become all the more poignant. In addition to the ethical aspects inherent in sharing code and the ethical considerations of following a license under which you received software for your use, there's an additional ethics layer in the safety implications of keeping GPL'd code closed. Because software so often interacts in complex ways (as shown in the car vulnerability demonstrations that go through the wheel maintenance system to exploit the critical ignition and brake systems), it's impossible to predict which software the next failure will be based on.

We need companies to understand that complying with the GPL isn't just good community participation or a safeguard from lawsuits - it is fundamental to their longterm financial success in a myriad of ways. Developers play a key role in that process. It's not always easy to stand up for the right thing in a corporate context. Doing so can cause reprisal in the form of some penalty. Obviously, if an engineer had been able to take action at Volkswagen, they would have saved the company a lot of embarrassment and lost revenue but without the hindsight of seeing how that situation actually played out it's likely that there was a real fear of penalty for speaking up.

Fortunately, where copylefted software is involved there are external mechanisms to help with some of these issues. Because companies must make good on providing source when they distribute, an outsider could determine that a company is not meeting its obligations. This is the main reason why having the option of participating anonymously in our coalition of developers who want to enforce the GPL is so important. In software development, coming out in favor of enforcement may not cause you any negative repercussions with your current employer but many developers rightly worry that other future employers may negatively view their participation in the coalition.

In the same vein as my ethical education in engineering school, developers should include the long term ethical considerations in their core technical analysis of what free and open source software licenses their companies should use and how they comply with it on a long term basis. While failures are terrible to have, they're essential to learn from and work towards better technical and ethical infrastructure.

Video of the full talk is available. You can sign up to our GPL Compliance Project for Linux Developers by emailing <>.

Posted by Karen Sandler on September 30, 2015

Tags: conservancy, GPL

Next page (older) »

[1] 2 3

Main Page | Contact | Sponsors | Privacy Policy | RSS Feed

Follow Conservancy on and twitter. Flattr us!