Displaying posts by Karen Sandler
Comments on OpenChain Specification
byon June 6, 2016
Today I submitted comments to the OpenChain specification. OpenChain is a working group formed under the Linux Foundation by companies to collaboratively come up with standards and shared materials around compliance. As community-oriented GPL enforcers, we applaud efforts to improve compliance and have been following the effort with interest to the extent we can with our limited resources. The working group recently put out a public call for comment on the OpenChain specification, which is open until June 17. We encourage people to take a look, perhaps echo our comments if they agree, and even join the calls if they are interested (there's a call today).
Here are the comments I submitted:
- I think text should be added in the introductory section about the value of compliance, generally. Perhaps something like:
Complying with the terms of the free and open source licenses used in industry is not only important for minimizing risk to individual companies, but is also a necessary step towards the preservation, collaboration and improvement of the software infrastructure we all rely on.
- Text should also be added to clarify that completely following the spec does not guarantee full compliance and that the (obvious) intention is that companies need to tailor the guidelines to their own procedures. I think this would fit well in the second to last paragraph on page 3 and perhaps should also be added to G6.1.
- In the definitions, I think the term
OpenChain Compliantis confusing, and can be fixed by using a term other than
compliant. We don't want people to think that following these recommendations is any attestation as to actual compliance (though of course I agree that they will help if followed fully). Calling it
OpenChain Accordantwould work, for example.
- G4.1 should refer to
complete and corresponding source codeinstead of just
- Also in G4.1, a bullet point should be added saying
scripts used to control compilation and installation, as per GPLv2 Section 3 and GPLv3 Section 1 (we may also want to include some reference to this in G3.2, along with a reference to complete and corresponding source code as well). Even though scripts are included in CCS under GPL I think it makes sense to give this its own bullet point to highlight the requirement which is sometimes overlooked. GPLv2 and GPLv3 ensure not only that users receive software freedom in the abstract, but have the technically necessary information to make practical use of those freedoms. Ability to rebuild the binaries from source code, and knowing that everything necessary to produce the binary are present is what matters most in copyleft compliance (this is why, for example, copyleft and security go hand in hand).
- In G5.2, it may be appropriate to recommend considering a Code of Conduct for a company's participation in any community (right now the language is weak anyway and says
might include). This is becoming increasingly common in companies, as I understand it, as a way to limit liability for inappropriate communications by employees in the public and is something they should actively consider.
These comments, like all contributions to OpenChain, are under Creative Commons CC0 1.0 Universal license.
Reporting on OSCON 2016
byon May 28, 2016
Last week was OSCON 2016, and the first year that the conference was held in Austin, Texas. OSCON has always been an important conference for Conservancy and for me personally. In 2011, it was the first conference I ever keynoted (I was also on a keynote panel in 2008, which was the closest I'd gotten before then), and where I really started talking about my heart condition and medical devices. OSCON was also the conference where we had the first Conservancy booth and debuted Conservancy t-shirts and stickers.
Austin seems to really suit OSCON. The feel of the conference was comparable to Portland, but there seemed to be a lot of new local participation resulting in a much more diverse conference. I met a lot of great people for whom it was their first time at the conference and made a lot of good connections. Conferences, and OSCON in particular, are always short on time and often I was in a dead run from one thing to the next.
I participated in two sessions on Thursday. One was a talk I gave on employment agreements. I outlined basic issues to look for in signing an employment agreement but my main point was that employment agreements can often be negotiated. Companies have standard contracts that they use for all employees, but in many areas they may be prepared to edit the agreement as part of an onboarding negotiation. After you receive your offer, but before you sign the employment agreement, you are likely to have more power in the relationship than you will again. The company has expended resources in recruiting and interviewing you, and has come to the decision that you're the best person for the job. Just as you negotiate your salary and other important terms of employment, some of the contractual provisions are also likely to be flexible. I've seen a lot of agreements over the years, and every time I've talked to someone about this issue they've been able to get *some* change.
Because of this, and because it's so hard to know what to ask for if you're not a lawyer like me, Conservancy is working on a project of standard employment agreement provisions that could be worth asking for. If many prospective employees ask for this, some companies may start to give this as a perk to attract top talent.
The second session was a panel about free and open software foundations. Moderated by Deb Bryant, the panel discussed issues around foundation formation, fiscal sponsorship and revenue models. I was really excited that multiple people in the session recommended Conservancy as a nonprofit home, and also encouraged audience members to become Supporters of Conservancy! There are a lot of great organizations in free and open source software and it was so interesting to see how many roles the panelists serve in them.
Conservancy had a booth, so I spent most of the rest of the time there. It was great to be in one of the nonprofit areas with so many other awesome nonprofits in our field. It was also the first time we had multiple stickers, including the very first Outreachy stickers.
I was also able to catch a panel on patents that Bradley was a part of, eloquently reminding everyone how deeply problematic software patents are.
Lastly, it was great to meet with other Outreachy organizers! We don't have a chance to meet in person very often and we always have so much to discuss.
After the conference ended on Thursday, we had a chance to relax and talk about the conference with Conservancy Supporters at our pool party. I'm always struck by how impressive our Supporters are. While walking around the party, I caught conversations about the future of free software, copyleft, enforcement, patents, conferences and even one where we recruited someone great to apply for the GNOME Executive Director job! I was so excited by the enthusiasm of our Supporters. Aside from the financial aspect, which is critical for us, with such a small staff it would otherwise be impossible to do all of our work and tell people about it without their help. While it's taken me all week to recover from the conference and try to catch up on the backlog of work that piled up, I feel reinvigorated and recharged!
See you at LibrePlanet!
byon March 18, 2016
I'm getting ready to head up to Massachusetts for LibrePlanet, one of my favorite conferences! This year will be a bit different, as Conservancy is having our very first booth there. I'm particularly excited about the amazing volunteers who have agreed to staff the booth. We started an email thread to coordinate schedules about who should be in the booth when, and got talking about what message we wanted to convey through the booth.
In a quick summary of talking points, I mentioned that I thought LibrePlanet attendees would be most interested in GPL enforcement and Outreachy. Ira Cooper, Samba Team Member and one of the volunteers wrote back:
Do you think we'll have anyone asking about what benefits the projects recieve? To be honest, as a member of the conservancy, to some degree, the boring things matter most. Without someone to help with handling our finances etc... It'd be chaos.
The fact that there is a structure where multiple projects can share that work, is actually at least as powerful in some ways.
Yes, the GPL and what not, is the flashy stuff. But... It is important to tell people about the things that allow these projects to live and breathe. :)
Soon after, Yamil Suarez, another volunteer with the Evergreen project chimed in:
Also, I wanted to add that to my project (Evergreen), it really matters to have the SFC keeps us in compliance with the IRS. Even though we have a our own board there is always turnaround, the SFC gives us continuation in our regulatory compliance. Which I think is invaluable. Also, when hosting conferences, there are plenty of regulatory minefields involved that the SFC keeps an eye on.
I was truly floored by how clear and eloquent Ira and Yamil were about the usefulness of Conservancy as a fiscal sponsor. I often find it hard to quickly explain that part of the Conservancy's work. Glossing over "the boring stuff" just doesn't explain the challenges we try to address or why we're so valuable to our Member Projects. I'm really looking forward to spending time with all of our volunteers in the booth this weekend. If you're at LibrePlanet, stop by and say hello.
Plus if you can and haven't done so already, please consider signing up as a Conservancy Supporter, and you'll be invited to a cocktail hour celebrating 10 years of Conservancy!. If you are already a Supporter, don't forget to RSVP by tomorrow. Bradley and I will both be there (and at LibrePlanet, generally), excited to talk about software freedom with you. I also have the honor of delivering the closing keynote and will participate in a panel about the high priorities project list. See you there!
Bart Massey on Why You Should Be a Conservancy Supporter
byon January 28, 2016
In this video, Bart Massey talks about why he is a passionate supporter of Conservancy. Bart discusses why he thinks Conservancy is relevant for the next 20 years of software freedom, tells you about his favorite Conservancy project and strongly encourages you to become a Conservancy Supporter.
(Also available on YouTube.)