Thanks to all our donors who participated in our historic donation match challenge! Thanks to you, we raised more than $480k to support software freedom:
$204,887 fully matched!
$77,312 additional
raised!

[RSS] Conservancy Blog

Displaying posts tagged conservancy

Keith Packard: Inspired & Inspiring

by Deb Nicholson on December 4, 2018

This is part of our ongoing series to highlight our generous matching donors. Keith Packard has been working in free software for more than thirty years and is a long-time contributor to Debian, X Windows and more recently the Linux graphics driver stack. Keith and several other outstanding individuals are joining Private Internet Access and a big anonymous donor in offering a total of $90K in matching funds to Conservancy for our continued work to provide both a "back-office" for free software and a clear voice in favor of community-driven licensing and governance practices. You can join him and donate today!

Deb: What's the best recent trend you've seen in free software?

Keith: I've been excited to see how rapidly the free software communities I participate in have adopted strong codes of conduct. I feel like the tone of communication has become kinder and accepting. We've still got a long ways to go, but it feels like we've at least accepted that this change is necessary and good.

Keith Packard, holding a light orange cat

Deb: What do you think non-profits are uniquely positioned to accomplish in free software?

Keith: I'm afraid I'll have to be very US-specific with my answer as the US tax code colors how people within non-profit organizations work, even non profit organizations with an international scope.

The free software non-profit organizations that I am involved in have operated under the 501(c)3 rules for public charities. These rules are designed for groups focused on charitable, scientific, educational and certain other purposes and require a strong commitment to the public good. For instance, X.org was able to operate under 501(c)3 rules only after demonstrating (to the US government) a many-year history of providing direct educational assistance to new and existing software developers through our conferences and other outreach programs.

The goals of free software include allowing all people to control their computing environment and allowing people to teach, learn and share all of the software they use. An organization supporting free software for the public good is the best way I know of to defend and promote the essential software freedoms.

Deb: Is there a free software project that you wish existed but (as far as you know) no one has started working on?

Keith: One of my little quirks is that, even in 2018, I run my network infrastructure out of my own home (mostly email, git and web pages). I feel this offers me a better legal framework should someone want to seize any of my data, plus it keeps me from being subject to any corporate policies I might not like.

My web site is published using ikiwiki, which works pretty well but is both overly complicated and missing some key features. I like the general plan -- write markdown, commit to git and publish the resulting web site. I don't like the markdown it uses; it's old and written in perl. I don't like how publication works -- you push source code to a git repository on the web server where a git hook runs to compile that source code into your web site.

I recently packaged cmark-gfm for debian; that's the common mark to HTML conversion program that github uses for all of the markdown content that people publish there. It's fast and self-contained, but it doesn't generate whole web pages, just HTML fragments.

What I'm looking for is a self-contained web site publication program that takes a collection of templates and a collection of common mark files and generates a whole web site from that on my laptop. Once the web site is complete and tested, I should be able to copy it to the web server unchanged where it can be served directly.

Essentially, I'm interested in free software to help make running a simple web presence easier, more secure, and still look good so that people aren't stuck using commercial services where users are the product.

Deb: What do you hope to see Conservancy accomplish in the next five years?

Keith: Of course, I'm hopeful that Conservancy will continue to grow and spread the good news about free software. I expect to see many more member projects join. I'd love to see parallel organizations form supporting freedom in other areas of the arts and sciences -- everything from computer hardware to clothing design. I think those communities can learn much from what Conservancy has accomplished, and I hope we can learn from them as well.

Deb: Anything else you'd like to add?

Keith: I'm so pleased to have been asked by Molly to participate in this fundraising drive; her vision of what we can do as a community is inspiring to all of us.

Please take a minute to help Conservancy continue to spread the good news about free software and meet this exciting year-end match, today!

The picture of Keith with his cat is a selfie and is available under the CC BY-SA 4.0 license.

Tags: conservancy

Molly de Blanc: Free Software Superstar

by Deb Nicholson on November 27, 2018

I recently interviewed the inestimable Molly de Blanc. Molly is on the Board of Directors for the Open Source Initiative, works as a Campaigns Manager for the Free Software Foundation and also happens to be an amazing baker. She has been working in free software for 4 years, and involved for 10 years -- plus she is the driving force behind the individual super-donor part of our year-end donation match. Molly and several other outstanding individuals are joining Private Internet Access and a big anonymous donor in offering a total of $90K in matching funds to Conservancy for our continued work to provide both a "back-office" for free software and a clear voice in favor of community-driven licensing and governance practices.

Deb: I know you're passionate about free software and an enthusiastic supporter of non-profit work. Can you tell me why you think non-profits are important for free software?

Molly: Honestly, I think we just can't trust corporate actors to do the right thing for user freedom without financial incentives. Nonprofits are powered by their donors, members, and supporters. This means that they're working for those people -- people who care -- rather than typical corporate and financial interests. When you have a nonprofit working on a cause, you have someone working for that cause.

Creating good free and open source software and infrastructure isn't enough. We need organizational support for those projects. We also need organized advocacy, which best comes from nonprofits and foundations, whose entire mission is supporting user freedom.

Molly de Blanc, a blue-haired woman holding a brown tabby cat

Deb: How did MollyGive start? Who named it?

Molly: For a little background context, starting somewhere around 2013 or 2014 I began to offer to match people's end of year donations from my own donation fund. I don't remember the exact year, but my blog references it "happened again" in 2015. I forget what I called it for the first year/s, but David Nusinow dubbed it MollyGive, which was catchy if not a little egotistical when I need to refer to it.

I liked donating, but had trouble deciding where to most effectively donate. I wanted to reach out to causes that mattered, but were outside of the sphere of my volunteer work, which at the time was around free software, libraries, and music. I have amazing people in my life, and trust them. It was nice to contract out my decision making to others. I've gotten to reach groups like the American Indian College Fund, Black and Pink, and MassCare. (Check out the complete list here.)

I also wanted to encourage others to give. I started donating when I didn't have a lot of money -- and understand how demoralizing it can feel when you're only able to give $5. I hoped to encourage people to give by helping them to realize how much their giving matters.

It's important to note that I don't consider this an extension of MollyGive -- for me it is how I'm using a large chunk of the MollyGive funds this year. [We] didn't explicitly ask others to participate in MollyGive -- we asked them to help Conservancy.

Deb: How hard was it to find folks to join you on this match after you had the idea?

Molly: Well, Karen helped me! The first few donors were easy to find. Between Linux Conf Australia 2018 and DebConf 18, I picked up a few enthusiastic individuals. After that, I got a lot of "nos." Karen and I together helped them change their minds -- that's how we got two of our matchers. At least one person approached us after hearing about it, which was really inspiring.

Deb: What do you hope to see Conservancy accomplish in the next five years?

Molly: Conservancy is slowly gathering all of my favorite free software projects (that aren't already 501(c)3s) under its umbrella, like the Debian Copyright Aggregation Project, Etherpad, Git, Outreachy, and Reproducible Builds. I expect that in the next five years you'll get the rest.

As someone who has worked at nonprofits for most of their career, I'd say I probably think about the Conservancy differently. For example, I'd like to see the staff expanded, especially to include more organizational infrastructure roles, like a development director. It would be great if it hosted a summit for its member projects.

From a programmatic perspective, I'd really like to see others recognize the Conservancy's role on the cutting edge of working for user freedom. This includes things like being recognized by media outlets as an authority on issues relating to ethics in technology; providing support for developers and engineers looking to build freedom respecting contracts at their work places; and increased copyleft compliance. One of my hopes is to see strong legal wins for copyleft, and I think the Conservancy will play an integral role in that happening.

I see Conservancy as the organization that can do what no other nonprofit can do for software freedom. I see a deep understanding across its entire staff of the necessity of free and open source software. I think that you and I have similar visions for a world where user freedom is built into every piece of technology. I look forward to seeing how the Conservancy helps turn that vision into reality.

Deb: Anything else you'd like to add?

Please donate! I love giving away money -- especially other people's! By donating you're not just helping free and open source software, you're helping me, personally, because I get to have another successful year of matching donations.

I'd like to express my deep gratitude to the other people participating in the match -- whether they're choosing to be public about their identity or staying anonymous. I'd also like to express my gratitude to you, reading this, and everyone else who is choosing to support Conservancy.

You can read more of Molly's thoughts on the Conservancy match this year on her personal blog.The photo of Molly is is CC-BY-SA 3.0 by Luc Rocher.

Tags: conservancy

Thoughts on IBM’s acquisition of Red Hat

by Karen Sandler on October 31, 2018

There’s been quite a stir in our communities following the announcement that IBM is acquiring Red Hat. As I considered the announcement, one part of the email to employees by Jim Whitehurst posted on the Red Hat blog really struck me:

I appreciate that everyone will experience a range of emotions as a result of this news. Excited, anxious, surprised, fear of the unknown, including new challenges and working relationships - these are all ways I would describe my emotions. What I know is that we will continue to focus on growing our culture as part of a new organization. We will continue to focus on the success of our customers. We will continue to nurture our relationships with partners. Collaboration, transparency, participation, and meritocracy - these values make us Red Hat and they are not changing. In fact, I hope we will help bring this culture across all of IBM.

In addition to the normal anxiety, surprise and fear experienced by employees of companies in the wake of an announcement of a merger, takeover or ordinary reorganization, this transaction will also reverberate through the community outside of the company. Free software contributors across many communities and industries are feeling some of the same apprehension and unease that ordinarily would be reserved for employees.

I wish IBM and Red Hat luck, and I’m optimistic that the partnership will yield good things for both companies and their employees. I hope that following the acquisition, Red Hat is able to maintain its special relationship to the free and open source communities it shepherds, and that its employees continue to feel empowered to support critical free software solutions in a community-focused way. I also hope that in its announcement to keep Red Hat its own unit within IBM is an indication of IBM’s support of Red Hat’s unique business and that the deal does wind up bringing that culture to more of IBM. While some folks at IBM are important contributors to free software, IBM’s is primarily a culture of proprietary software and Red Hat’s is one of open source, so in my view this solution is likely to yield the most success anyway.

I’ve heard people imagining the best from this deal, and also people imagining the worst. The one thing everyone can agree on is that there’s a lot of uncertainty, despite whatever reassurances are contained in corporate messaging. Because of this, I think it’s a good time to remind everyone of the ways we can protect ourselves now and in the future from these kinds of uncertainties related to changes in ownership, structure or motivations of corporate players in free and open source software:

  • Use copyleft. Quite a lot of the software projects that Red Hat plays a critical role in are licensed under a version of the GPL. When we use strong copyleft we set the ground rules for corporate actors to participate with each other and with the public. We get a level playing field and assurance that companies will be less incentivized to go their own way. (We also get other good benefits like the right to the source code, allowing us to be in control of the technology we rely on.)

  • Support strong charities. Nonprofits, and in particular charitable nonprofits, keep the community’s interests at the forefront. They can serve as copyright aggregators in a more trusted way, facilitate cooperation of different stakeholders and function in a variety of ways to forward the long term interest of software freedom. The more we invest in our critical foundations, the less vulnerable we are to changes in corporate actors. The stronger foundations like GNOME, Conservancy and the FSF are, the easier it is for communities to weather a new direction from a prominent company.

  • Encourage diversely held interests. Making sure that interests are not aggregated in single for-profit actors insulates communities against a change in ownership of a company. For effective success in using copyleft, copyrights must not only be with for-profit companies but have substantial copyright holding from charities and individuals. Also, technical leadership should include actors from different types of entities. When copyrights are held by many actors in the field (or by charitable nonprofits), it’s much harder to relicense projects as proprietary or on otherwise less ideal terms, and copyleft enforcement is a community-driven rather than for-profit activity. When care of the technical direction of a project isn’t significantly concentrated in one company, free software projects are more robust. Development may be slower with community-led contribution, but we can have greater confidence about the stability of the project and the community.

The interests of companies are not always aligned with the free software community or the public. Companies that seem to be in one stable condition today may change dramatically tomorrow. While I expect Red Hat to flourish under IBM ownership, the acquisition is a good example of the kinds of changes we must be prepared for down the road, whether it be with Red Hat or any of the other companies on which we’ve come to rely.

Tags: conservancy, GPL

Toward Community-Oriented, Public & Transparent Copyleft Policy Planning

by Bradley M. Kuhn on October 16, 2018

More than 15 years ago, Free and Open Source Software (FOSS) community activists successfully argued that licensing proliferation was a serious threat to the viability of FOSS. We convinced companies to end the era of “vanity” licenses. Different charities — from the Open Source Initiative (OSI) to the Free Software Foundation (FSF) to the Apache Software Foundation — all agreed we were better off with fewer FOSS licenses. We de-facto instituted what my colleague Richard Fontana once called the “Rule of Three” — assuring that any potential FOSS license should be met with suspicion unless (a) the OSI declares that it meets their Open Source Definition, (b) the FSF declares that it meets their Free Software Definition, and (c) the Debian Project declares that it meets their Debian Free Software Guidelines. The work for those organizations quelled license proliferation from radioactive threat to safe background noise. Everyone thought the problem was solved. Pointless license drafting had become a rare practice, and updated versions of established licenses were handled with public engagement and close discussion with the OSI and other license evaluation experts.

Sadly, the age of license proliferation has returned. It's harder to stop this time, because this isn't merely about corporate vanity licenses. Companies now have complex FOSS policy agendas, and those agendas are not to guarantee software freedom for all. While it is annoying that our community must again confront an old threat, we are fortunate the problem is not hidden: companies proposing their own licenses are now straightforward about their new FOSS licenses' purposes: to maximize profits.

Open-in-name-only licenses are now common, but seem like FOSS licenses only to the most casual of readers. We've succeeded in convincing everyone to “check the OSI license list before you buy”. We can therefore easily dismiss licenses like Common Clause merely by stating they are non-free/non-open-source and urging the community to avoid them. But, the next stage of tactics have begun, and they are harder to combat. What happens when for-profit companies promulgate their own hyper-aggressive (quasi-)copyleft licenses that seek to pursue the key policy goal of “selling proprietary licenses” over “defending software freedom”? We're about to find out, because, yesterday, MongoDB declared themselves the arbiter of what “strong copyleft” means.

Understanding MongoDB's Business Model

To understand the policy threat inherent in MongoDB's so-called “Server Side Public License, Version 1”, one must first understand the fundamental business model for MongoDB and companies like them. These companies use copyleft for profit-making rather than freedom-protecting. First, they require full control (either via ©AA or CLA) of all copyrights in the work, and second, they offer two independent lines of licensing. Publicly, they provide the software under the strongest copyleft license available. Privately, the same (or secretly improved) versions of the software are available under fully proprietary terms. In theory, this could be merely selling exceptions: a benign manner of funding more Free Software code — giving the proprietary option only to those who request it. In practice — in all examples that have been even mildly successful (such as MongoDB and MySQL) — this mechanism serves as a warped proprietary licensing shake-down: “Gee, it looks like you're violating the copyleft license. That's a shame. I guess you just need to abandon the copyleft version and buy a proprietary license from us to get yourself out of this jam, since we don't plan to reinstate any lost rights and permissions under the copyleft license.” In other words, this structure grants exclusive and dictatorial power to a for-profit company as the arbiter of copyleft compliance. Indeed, we have never seen any of these companies follow or endorse the Principles of Community-Oriented GPL Enforcement. While it has made me unpopular with some, I still make no apologies that I have since 2004 consistently criticized this “proprietary relicensing” business model as “nefarious”, once I started hearing regular reports that MySQL AB (now Oracle) asserts GPL violations against compliant uses merely to scare users into becoming “customers”. Other companies, including MongoDB, have since emulated this activity.

Why Seek Even Stronger Copyleft?

The GNU Affero General Public License (AGPL) has done a wonderful job defending the software freedom of community-developed projects like Mastodon and Mediagoblin. So, we should answer with skepticism a solitary for-profit company coming forward to claim that “Affero GPL has not resulted in sufficient legal incentives for some of the largest users of infrastructure software … to participate in the community. Many open source developers are struggling with a similar reality”. If the last sentence were on Wikipedia, I'd edit it to add a Citation Needed tag, as I know of no multi-copyright-held or charity-based AGPL'd project that has “struggled with this reality”. In fact, it's only a “reality” for those that engage in proprietary relicensing. Eliot Horowitz, co-founder of MongoDB and promulgator of their new license, neglects to mention that.

The most glaring problem with this license, which Horowitz admits in his OSI license-review list post, is that there was no community drafting process. Instead, a for-profit company, whose primary goal is to use copyleft as a weapon against the software-sharing community for the purpose of converting that “community” into paying customers, published this license as a fait accompli without prior public discussion of the license text.

If this action were an isolated incident by one company, ignoring it is surely the best response. Indeed, I urged everyone to simply ignore the Commons Clause. Now, we see a repackaging of the Commons Clause into a copyleft-like box (with reuse of Commons Clause's text such as “whose value derives, entirely or substantially, from the functionality of the Software”). Since both licenses were drafted in secret, we cannot know if the reuse of text was simply because the same lawyer was employed to write both, or if MongoDB has joined a broader and more significant industry-wide strategy to replace existing FOSS licensing with alternatives that favor businesses over individuals.

The Community Creation Process Matters

Admittedly, the history of copyleft has been one of slowly evolving community-orientation. GPLv1 and GPLv2 were drafted in private, too, by Richard Stallman and FSF's (then) law firm lawyer, Jerry Cohen. However, from the start, the license steward was not Stallman himself, nor the law firm, but the FSF, a 501(c)(3) charity dedicated to serve the public good. As such, the FSF made substantial efforts in the GPLv3 process to reorient the drafting of copyleft licenses as a public policy and legislative process. Like all legislative processes, GPLv3 was not ideal — and I was even personally miffed to be relegated to the oft-ignored “GPLv3 Discussion Committee D” — but the GPLv3 process was undoubtedly a step forward in FOSS community license drafting. Mozilla Corporation made efforts for community collaboration in redrafting the MPL, and specifically included the OSI and the FSF (arbiters of the Open Source Definition and Free Software Definition (respectively)) in MPL's drafting deliberations. The modern acceptable standard is a leap rather than a step forward: a fully public, transparent drafting process with a fully public draft repository, as the copyleft-next project has done. I think we should now meet with utmost suspicion any license that does not use copyleft-next's approach of “running licensing drafting as a Free Software project”.

I was admittedly skeptical of that approach at first. What I have seen six years since Richard Fontana started copyleft-next is that, simply put, the key people who are impacted most fundamentally by a software license are mostly likely to be aware of, and engage in, a process if it is fully public, community-oriented, and uses community tools, like Git.

Like legislation, the policies outlined in copyleft licenses impact the general public, so the general public should be welcomed to the drafting. At Conservancy, we don't draft our own licenses0, so our contracts with software developers and agreements with member projects state that the licenses be both “OSI-approved Open Source” and “FSF-approved GPL-compatible Free Software”. However, you can imagine that Conservancy has a serious vested interest in what licenses are ultimately approved by the OSI and the FSF. Indeed, with so much money flowing to software developers bound by those licenses, our very charitable mission could be at stake if OSI and the FSF began approving proprietary licenses as Open, Free, and/or GPL-compatible. I want to therefore see license stewards work, as Mozilla did, to make the vetting process easier, not harder, for these organizations.

A community drafting process allows everyone to vet the license text early and often, to investigate the community and industry impact of the license, and to probe the license drafter's intent through the acceptance and rejection of proposed modified text (ideally through a DVCS). With for-profit actors seeking to gain policy control of fundamental questions such as “what is strong copyleft?”, we must demand full drafting transparency and frank public discourse.

The Challenge Licensing Arbiters Face

OSI, FSF, and Debian have a huge challenge before them. Historically, the FSF was the only organization who sought to push the boundary of strong copyleft. (Full disclosure: I created the Affero clause while working for the FSF in 2002, inspired by Henry Poole's useful and timely demands for a true network services copyleft.) Yet, the Affero clause was itself controversial. Many complained that it changed the fundamental rules of copyleft. While “triggered only on distribution, not modification” was a fundamental rule of the regular GPL, we as a community — over time and much public debate — decided the Affero clause is a legitimate copyleft, and AGPL was declared Open Source by OSI and DFSG-free by Debian.

That debate was obviously framed by the FSF. The FSF, due to public pressure, compromised by leaving the AGPL as an indefinite fork of the GPL (i.e., the FSF did not include the Affero clause in plain GPL. While I personally lobbied (from GPLv3 Discussion Committee D and elsewhere) for the merger of AGPL and GPL during the GPLv3 drafting process, I respect the decision of the FSF, which was informed not by my one voice, but the voices of the entire community.

Furthermore, the FSF is a charity, chartered to serve the public good and the advancement of software freedom for users and developers. MongoDB is a for-profit company, chartered to serve the wallets of its owners. While MongoDB employees1 (like those of any other company) should be welcomed on equal footing to the other unaffiliated individuals, and representatives of companies, charities, and trade-associations to the debate about the future of copyleft, we should not accept their active framing of that debate. By submitting this license to OSI for approval without any public community discussion, and without any discussion whatsoever with the key charities in the community, is unacceptable. The OSI should now adopt a new requirement for license approval — namely, that licenses without a community-oriented drafting process should be rejected for the meta-reason of “non-transparent drafting”, regardless of their actual text. This will have the added benefit of forcing future license drafters to come to OSI, on their public mailing lists, before the license is finalized. That will save OSI the painstaking work of walking back bad license drafts, which has in recent years consumed much expert time by OSI's volunteers.

Welcoming All To Public Discussion

Earlier this year, Conservancy announced our plans to host and organize the first annual CopyleftConf. We decided to do this because we seek to create a truly neutral, open, friendly, and welcoming forum for discussion about the past and future of copyleft as a strategy for defending software freedom. We had no idea when we first mentioned the possibility of running CopyleftConf (during the Organizers' Panel at the end of the Legal and Policy DevRoom at FOSDEM 2018 in February 2018) that multiple companies would come forward and seek to control the microphone on the future of copyleft. Now that MongoDB has done so, I'm very glad that the conference is already organized and on the calendar before they did so.

Despite my criticisms of MongoDB, I welcome Eliot Horowitz, Heather Meeker (the law firm lawyer who drafted MongoDB's new license and the Commons Clause), or anyone else who was involved in the creation of MongoDB's new license to submit a talk. Conservancy will be announcing soon the independent group of copyleft experts (and critics!) who will make up the Program Committee and will independently evaluate the submissions. Even if a talk is rejected, I welcome rejected proposers to attend and speak about their views in the hallway track and the breakout sessions.

One of the most important principles in copyleft policy that our community has learned is that commercial, non-commercial, and hobbyist activity3 should have equal footing with regard to rights assured by the copyleft licenses themselves. There is no debate about that; we all agree that copyleft codebases become meeting places for hobbyists, companies, charities, and trade associations to work together toward common goals and in harmony and software freedom. With this blog post, I call on everyone to continue on the long road to applying that same principle to the meta-level of how these licenses are drafted and how they are enforced. While we have done some work recently on the latter, not enough has been done on the former. MongoDB's actions today give us an opportunity to begin that work anew.


0 While Conservancy does not draft any main FOSS license texts, Conservancy does help with the drafting of additional permissions upon the request of our member projects. Note that additional permissions (sometimes called license exceptions) grant permission to engage in activities that the main license would otherwise prohibit. As such, by default, additional permissions can only make a copyleft license weaker, never stronger.

1, 3 I originally had “individual actors” here instead of “hobbyist activity”, and additionally had expressed poorly the idea of welcoming individuals representing all types of entities to the discussion. The miscommunication in my earlier text gave one person the wrong impression that I believe the rights of companies should be equal to the rights of individuals. I fundamentally believe that companies and organizations should not have rights of personhood and I've updated the text in an effort to avoid such confusions.

Tags: conservancy, GPL, CLA, conferences, law, licensing, Copyleft Conf

Next page (older) » « Previous page (newer)

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 [22] 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51

Connect with Conservancy on Fediverse, X, Facebook, and YouTube.

Main Page | Contact | Sponsors | Privacy Policy | RSS Feed

Our privacy policy was last updated 22 December 2020.