A draft scorecard for determining if a software project is open as bait for a business pivot or genuinely keeping your freedoms protected.
The seven signs a project is following the rights-ratchet route to riches and the framework for going beyond licensing can be augmented by some straightforward indicators of an issue. None of these alone is necessarily a cause for concern, but the more clicks, the more risks. Here’s a rough-and-ready first draft of a scorecard to check whether your software supplier considers you a community peer and will respect and protect your essential freedoms, or visualises you more like one of those pods in The Matrix. Just count the clicks; the more clicks, the higher the risk this is a rights-ratchet that will end up closed.
Need to send a file most people won’t need to edit? Send a file that’s both editable and final form at the same time, a kind of Schrödinger’s Document – a Hybrid PDF.
One of the scourges of e-mail is file attachments, and particularly those from people sending files made by their newly updated word-processor or presentation programme that half the people receiving it can’t open. While proprietary software vendors love this errant behaviour (it keeps up the pressure for people to re-purchase software they don’t really need so they can read other people’s work – AKA “upgrades” – or to subscribe to an online service that keeps them trapped), it’s really anti-social behaviour.
How similar are open source development and standards development? Not at all, and even the words they have in common mean different things in each.
It is often asserted that open source and open standards are in some way similar. For example, in the accompanying letter to a recent submission to the European Commission, a major European-based technology company that is very active is standardisation said:
All open source licenses are permissive. They give you permission in advance to use the software for any purpose, to improve the software any way you wish and to share the software with whoever you want. They are the opposite of proprietary licenses, which place restrictions on each of these freedoms. Any license with restrictions would not be considered OSD compliant.
All open source licenses include conditions. Some relate to attribution. Some relate to reciprocal licensing. None of them restrict how you can use, improve and share the software, although you must comply with the conditions in order to do so. Some people consider some conditions so onerous they rise to the level of restrictions, but the consensus of the community has been they are wrong.
Today’s licensing games are thus mainly about testing where the accumulated burden of conditions is effectively a restriction – “constructive restriction”. There’s certainly a line where that would become true – for example, where the conditions associated with deploying the software as a cloud service are so hard to comply with that the software is effectively unusable in that field of use.
The OSD doesn’t include much to help with this so it’s contentious every time and sometimes leads to sophistry. This is probably the area where the Open Source Initiative needs to do the most work to modernise the license approval process.
Of late there have been a number of interventions sponsored by the world’s largest and most profitable tech patent holders to muddy the waters about open source and FRAND licensing of patents in standards by arguing contentious minutiae like the intent of the authors of the BSD license. This is happening because of the clash of industries I wrote about in 2016, with companies fundamentally based on extracting patent royalties unable to imagine any other way of doing business so mistaking the issue of FRAND as being about license compliance rather than as it being an obstacle to the very purpose of open source in commercial software — collaboration with others.
I found an amazing number of experienced and expert colleagues across industries failing to grasp this fundamental, so I’ve written a paper 🗎 about it. Published today by Open Forum Europe, it explains why compliance legalities are the wrong lens for studying the issue and introduces terms for exploring why representatives from different industry background fail to understand each other despite apparently using the same terminology (spoiler: they mean different things by the same words).
Many thanks to the colleagues who have made valuable suggestions that have improved the clarity of the document, and to the various patrons who have contributed to covering my time. Get in touch if you’d like me to come to your event or company and talk about these things.
Tomorrow here in Portland at OSCON, OSI will be celebrating 20 years of open source. I’ve had a few comments along the lines of “I’ve was saying ‘open source’ before 1998 so why bother with this 20 year celebration?”
That’s entirely possible. The phrase is reputed to have been used descriptively about free software — especially under non-copyleft licenses — from at least 1996 when it appeared in a press release. Given its appropriateness there’s a good chance it was in use earlier, although I’ve not found any reliable citations to support that. It was also in use in another field well before then, to describe military or diplomatic intelligence obtained by studying non-classified sources. Continue reading →
The Electronic Frontier Foundation has published a letter from more than 70 leaders in the emerging meshed society (including me) which criticises Article 13 of the European Union’s proposed new copyright regulations. This Article starts from the assumption that the only role of an individual is to consume copyrighted works and hence deduces that any act of publication on the part of an individual must be infringing the copyrights of a corporation unless proven otherwise. The text doesn’t state things that clearly, but the effect is unmistakable. It’s as if a politician was proposing to ban syringes because addicts use them, without considering that hospitals do too. Continue reading →
A group of computer experts – including me – asked a US court to think again about fair use of APIs this month.
It was an unlucky fact that Oracle’s case against Google over Android started with patents. Their initial case fell apart almost immediately, with almost all the patent claims invalidated. The implausable backstop copyright case Oracle made against Android’s use of language-essential definitions in the Java APIs (and thus against the freedom of developers everywhere) carried on though. The initial patent case meant that the appeal when Oracle soundly lost ended up at the Court of Appeals for the Federal Circuit (CAFC) — the specialist patent appeals court in the USA — and not at a court competent to dispense copyright justice. Continue reading →
You’re entitled to your opinion but in open source licensing only the consensus of the community really matters.
In a recent conversation on the Apache Legal mailing list, a participant opined that “any license can be Open Source. OSI doesn’t ‘own’ the term.” He went on to explain “I could clone the Apache License and call it ‘Greg’s License’ and it would be an open source license.” Continue reading →
Data protection laws are about controlling triangulation, not (just) direct privacy
At the end of May 2018, the new General Data Protection Regulation (GDPR) will come into effect in Europe. It creates a whole set of new responsibilities that are causing concern for businesses across the EU. It has effects outside Europe as well, because it will control the way businesses located in Europe can share data across borders, both within their company and with other companies. Continue reading →