The Universal Donor

It’s not enough for you to have the rights you need; your community needs the same rights.


A few people reacted negatively to my article on why Public Domain software is broadly unsuitable for inclusion in a community open source project. Most argued that because public domain gave them the rights they need where they live (mostly the USA), I should not say it was wrong to use it.

That demonstrates either parochialism or a misunderstanding of what public domain really means. It should not be used for the same reason code known to be subject to software patents should not be used — namely that only code that, to the best efforts possible, can be used by anyone, anywhere without the need to ask permission (e.g. by buying a patent license) or check it it’s needed (e.g. is that PD code PD here?) can be used in an open source project. Public domain fails the test for multiple reasons: global differences in copyright term, copyright as an unalienable moral rather than as a property right, and more.

Yes, public domain may give you the rights you need. But in an open source project, it’s not enough for you to determine you personally have the rights you need. In order to function, every user and contributor of the project needs prior confidence they can use, improve and share the code, regardless of their location or the use to which they put it. That confidence also has to extend to their colleagues, customers and community as well.

Some members of the Apache Software Foundation describe this condition as “being a universal donor” of software. The ASF has rigorous rules concerning the licensing of all the software they maintain. They require contributors to confirm the originality or proven origin of their contributions, and to grant to the ASF as a legal entity unrestricted copyright and patent rights. They prohibit use of licenses that might require code recipients to take further licensing actions — this even means banning some OSI-approved licenses such as the GPL.

They have recently also banned use of additional patent statements that modify rights under otherwise acceptable licenses (the recent Facebook example was the origin of this). They permit public domain code, but only after a large amount of due diligence to ensure everyone has the necessary rights. Their goal is to ensure all known obstacles to use, improvement and sharing are removed in advance so their own community can innovate freely and also so that unknown others can freely use Apache code.

Public Domain per se breaks this conditionof being a universal donor. While there is a good chance that many contributors will discover they have sufficient rights, the problem is that every one of them has to make their own local determination. That breaks the community. It’s not enough that you have the rights you need; in a community everyone needs those rights, and by including public domain code you give everyone a burden rather than a benefit.

(A version of this appeared in the Linux Voice section of issue 206 of Linux Magazine)

20 Years And Counting

The third decade of open source software starts in February 2018. How did it rise to dominance, and what’s next?

The Journey

20 years ago, in February 1998, the term “open source” was first applied to software, Soon afterwards, the Open Source Definition was created and the seeds that became the Open Source Initiative (OSI) were sown. As the OSD’s author Bruce Perens relates,

“Open Source” is the proper name of a campaign to promote the pre-existing concept of Free Software to business, and to certify licenses to a rule set.

Twenty years later, that campaign has proven wildly successful, beyond the imagination of anyone involved at the time. Today open source software is literally everywhere. It is the foundation for the Internet and for the worldwide web. It powers the computers and mobile devices we all use, as well as the networks they connect to. Without it, cloud computing and the nascent Internet of Things would be impossible to scale and perhaps to create. It has allowed new ways of doing business to be tested and proven, allowing giant corporations like Google and Facebook to start from the top of a mountain others already climbed.

Like any human creation, it has a dark side as well. It has also unlocked dystopian possibilities for surveillance and the inevitably consequent authoritarian control. It has provided criminals with new ways to cheat their victims and unleashed the darkness of bullying delivered anonymously and at scale. It allows destructive fanatics to organise in secret without the inconvenience of meeting. All of these are shadows cast by useful capabilities, just as every human tool through history has been useful both to feed and care and to harm and control. We need to help the upcoming generation to strive for irreproachable innovation. As Richard Feynman quoted,

To every man is given the key to the gates of heaven. The same key opens the gates of hell.

As open source has matured, so the way it is discussed and understood has also matured. The first decade was one of advocacy and controversy, while the second was marked by adoption and adaptation.

  1. In the first decade, the key question concerned business models – “how can I contribute freely yet still be paid”, while during the second more people asked about governance – “how can I participate yet keep control/not be controlled”.
  2. Open source projects of the first decade were predominantly replacements for off-the-shelf products, while in the second decade they were increasingly components of larger solutions.
  3. Projects of the first decade were often run by informal groups of individuals, while in the second decade they were frequently run by charities created on a project-by-project basis.
  4. Open source developers of the first decade were frequently devoted to a single project and often worked in their spare time. In the second decade, they were increasingly employed to work on a specific technology – professional specialists.
  5. While open source was always intended as a way to promote software freedom, during the first decade conflict arose with those preferring the term “free software”. In the second decade this conflict was largely ignored as open source adoption accelerated.

So what will the third decade bring?

  1. The Complexity Business Model — The predominant business model will involve monetising the solution of the complexity arising from the integration of many open source parts, especially from deployment and scaling. Governance needs will reflect this.
  2. Open Source Mosaics — Open source projects will be predominantly families of component parts, together being built into stacks of components. The resultant larger solutions will be a mosaic of open source parts.
  3. Families Of Projects — More and more projects will be hosted by consortia/trade associations like the Linux Foundation and OpenStack and by general purpose charities like Apache and the Software Freedom Conservancy.
  4. Professional Generalists — Open source developers will increasingly be employed to integrate many technologies into complex solutions and will contribute in a range of projects.
  5. Software Freedom Redux — As new problems arise, software freedom (the application of the Four Freedoms to user and developer flexibility) will increasingly be applied to identify solutions that work for collaborative communities and independent deployers.

I’ll be expounding on all this in conference keynotes around the world during 2018. Watch out for OSI’s 20th Anniversary World Tour!


(This article, as well as my work at OSI, is supported by Patreon patrons)

Permission In Advance

Open source ensures developers already have permission to innovate and don’t need to ask first.


If you want your code to be open source, it needs an OSI-approved copyright license. Code with no license to the copyright isn’t open source. But project success needs more than just an OSI-approved license — it needs “permission in advance” for every developer and deployer. Continue reading

MP3 Is Dead! Long Live MP3!

Ignore the coverage saying MP3 is dead. Now all the patents blocking it have expired, it can start to live!

Finally Free

Back in May, there was an unexpected surge in press coverage about the MP3 audio file format. What was most unexpected about it was it all declared that the venerable file format is somehow “dead”. Why did that happen, and what lessons can we learn?
Continue reading

Open Source Means Choice Of Insurance

No, using open source doesn’t automatically mean going it alone.

Small Fish

Some say that companies don’t want open source because they want the security of a relationship with a big business. But this outlook reflects misunderstandings of the real values of open source. It’s yet another consequence of the “price frame”.  Continue reading

Why OSI License Approval Matters

Individual judgement about the presence of software freedom in a license is not the same as community consensus expressed through OSI approval.

Three Legged Buddah

Does it really matter if a copyright license is OSI Approved or not? Surely if it looks like it meets the benchmark that’s all that matters? I think that’s the wrong answer, and that OSI license approval is the crucial innovation that’s driven the open source revolution. Continue reading