How the GPL was tempered

    Ever since open source licenses appeared, there was a temptation to test their durability. The GNU Public License is the most uncompromising among them; it protects the freedom of the user and the programmer from misappropriation of the results of someone else’s work, substitution of an open and public product, closed and paid. Not surprisingly, it is the GPL that is most often violated by small, medium and even large companies.





    Enforcing the GPL is a matter of strategic importance to the open community and it is easy to see why this is. The GPL is the cornerstone, the gathering point of the community and its most important supporters. Of these, the most famous is the founder of GNU and the author of the GPL, Richard Stallman. Let's find out how the community fights against license violators, who violated and continues to violate the GPL, and how expropriators of open source expropriate.


    GPL and Copyleft


    The GPL, according to one of the Software Freedom Conservancy Bradley M. Kuhn hawks , is the Constitution of the Free Software World. It defines four basic provisions, four degrees of freedom of a hacker.


    • freedom to execute the program as you like, (degree of freedom 0);
    • the freedom to study the program and its source code in order to understand how it works (degree of freedom 1);
    • freedom to distribute the program in order to help one's neighbor (degree of freedom 2);
    • freedom to spread changes and improvements in the program (degree of freedom 3), so that the community can use your best practices.

    The first version of the license appeared in 1989. GPL v1 solved the following problems.


    1. The manufacturer of the software product does not give the code, but only the binaries. To prevent this, one of the requirements for the program manufacturer is to distribute human-readable source code.
    2. The manufacturer of the software product may impose additional restrictions. To prevent this from happening, the license text says that all changes to the code should also be in the public domain.

    The second version of the license was released shortly after the first in 1991. GPL v2 was released under the motto freedom or death . An important point in the new license was a provision prohibiting the distribution of software in the event that, due to some restrictions, the program manufacturer is not able to properly provide the rights and principles of user freedom. So unscrupulous businessmen are much less tempted to strip patent deductions from manufacturers of free software.


    TiVo





    Richard Stallman published the GPL v3 in 2007. The third version protected the user's freedom from new threats, such as tivoization and the muddy deal between Microsoft and Novell. The changes were mainly caused by the fact that TiVo found a loophole in GPL v2, giving the user a trick instead of the first degree of freedom.


    In the movie Soldiers of Failure, the character Matthew McConaughey is trying to get the whole movie for his friend, the TiVo digital video player. Most likely it was the first version, since not everyone was delighted with the second TiVo. The fact is that the first one could be changed and configured as you like - it’s Linux, but in the second version all the freebie is over .


    Some companies have created all kinds of devices that run programs under the GPL, and then redraw the hardware so that they can change the programs that run on it, but you couldn't. If the device can run arbitrary programs, then this is a general-purpose computer, and its owner must control what this computer does. When the device prevents you from doing this, we call it tivoizatsii.


    As a result of the changes, the user could no longer change the firmware and do everything that was possible in the previous version, despite the fact that the GPL gives the user this right. However, the hardware limitations of the device were not spelled out in GPL v2, which was used by the manufacturer TiVo.


    As for the deal between Microsoft and Novell, it was Steve Ballmer’s same monopoly that went all the way to the bone, thinking that all markets could be crushed in the same way as with desktops. In short, Microsoft began to distribute FUD , the meaning of which is that only Novell SUSE Linux users will not be prosecuted. Allegedly the Linux kernel violates a certain number of patents, but the monopoly on this will turn a blind eye if the user chooses the correct SUSE Linux. However, Richard Stallman knew his business and compiled GPL v3 so that the danger of such discriminatory patent prosecution was neutralized.





    Microsoft made several mistakes in the agreement with Novell, and GPLv3 is designed to turn them against Microsoft, extending this limited patent protection to the entire community. To take advantage of this protection, programs need to use GPLv3.

    How the GPL works in theory and practice


    The theoretical rationale for the GPL is the following:


    • copyright - an institution of civil law that operates internationally and defines the creator's rights to his work;
    • Using a copyright license, grant permission for use and distribution;
    • a condition of the previous is the provision of four degrees of freedom to users;
    • so copyright turns into copyleft.

    And now about how everything really happens.


    There is no single approach in the community and no single point of view on how to deal with violators. However, the principle that the vast majority of participants in the discussions share is the priority of cooperation over litigation and financial performance. If the violator can be persuaded to comply with the GPL without resorting to a lawsuit, then this is exactly what should be done.


    The dubious fame of the first GPL violator belongs, no less, to NeXT and its founder Steve Jobs. The company was using its gcc stuff to the full, but was in no hurry to open the source. NeXT intended to leave it Objective Cprivate, providing only binary * .o files for linking from gcc, but RMS and FSF managed to insist on their own .





    Unfortunately, it’s not always possible to agree on a good one, and sometimes you have to get involved in a fight. Let's look at the most famous litigation around the violation of the GPL.


    FSF vs Cisco


    Quite a long time the Linksys, bought Cisco Systems, used in full gcc, binutils, glibcrasprostronyaetsya under the GPL, while greedy and did not disclose the source. Characteristically, Cisco by that time had participated quite extensively in the development of the Linux kernel, and was an honorary gold member of the Linux Foundation.


    For the first time, the FSF pointed to a violation of the GPL conditions already in 2003. At Cisco they shook their heads, promised to fix everything, but did nothing. After 5 years, FSF's patience snapped and they filed a lawsuit, which ended in a complete victory for open source advocates. Cisco reconciled with the FSF by making a contribution of an unknown amount and opening the source code in accordance with the requirements of the license.


    Jacobsen vs Katzer


    On August 13, 2008, the U.S. Court of Appeal found in Jacobsen vs. Katzer, that the free Artistic License is significant under copyright law. The court defined the Artistic License, Creative Commons, GPL as licenses with significant conditions, which makes them the subjects of copyright law , and not just a commercial contract. Under US law, a violation of the meaningful terms of a copyright license is a violation of copyright itself. At the same time, if the provisions of the license were recognized as contractual, then their violation would be considered in the framework of contract law, which greatly complicates the payment of compensation and determination of the amount of damage for open source licenses.





    What caused the lawsuit? Jacobsen has written train model management software . Katzer used the JMRI code, violating the requirements of a fairly liberal Artistic License , while they themselves willingly sued competitors, intimidating them with their patents.


    The importance of this trial was that for the first time in a US court, a case of violation of an open license was considered. In addition, the Artistic License is based on the same concept of significant copyright terms on which Creative Commons, the GPL and other open source licenses are held. The fact that the court refers to them in substantiating the decision allows the open source developer to rely on favorable decisions in other cases of copyright infringement. Case law in the United States contributes to this.


    Welte vs Fantec


    In June 2013, the Hamburg Land Court found Fantec guilty of violating the terms of the GPL. The FANTEC 3DFHDL multimedia player in one of the firmware contained a netfilter/iptablesGPLv2-licensed firewall . Attempts to reach an agreement were unsuccessful, after which Harald Welte - one of the developers iptables- sued the offenderconventionlicenses. In the case of Harald Welte [1] v. Fantec GmbH, the court ordered the defendant to pay a fine of € 7,000 and to pay all legal fees.


    The FANTEC company tried to deflect the allegations, citing the fact that the firmware was written and installed by a Chinese contractor who assured FANTEC that the licenses were in order. The court, however, considered such justification insufficient.


    Artifex vs Hancom


    The trial in the case of Artifex [2] v. Hancom [3] is ongoing and the latest news give cause for optimism. The Northern California Sector Federal District Court is reviewing Artifex's lawsuit against Hancom, a South Korean firm.


    GhostScript is distributed under a dual license: Affero GPL and commercial. An open license is used in the usual sense, providing 4 degrees of freedom to users and software developers who do not use the product for commercial purposes. For the rest, a commercial license is provided when there is a need to use the package as part of closed products without opening the source code. The South Korean company considered that it was possible to hack the system and chose the third way - to use Ghostscript code in its closed programs for no reason, by refusing to buy a commercial license.


    ThinkFree Office Office Suite for Android OS





    After discovering the fact of the delivery of Ghostscript in Hancom products, Artifex tried to negotiate with the intruder, offering him to redeem the commercial license retroactively for copies of the program already sold, but was refused. Artifex responded with a lawsuit against a South Korean company. Hancom's argument was that it considered the terms of delivery of Ghostscript as a contract that it did not sign and did not record its acceptance of its terms anywhere. Not surprisingly, this argument did not work .


    The court rejected Hancom 's motion to dismiss the proceedings. The whole hitch is that the GPL in conjunction with a commercial license is considered in court as a contract , thereby falling into the field of contractual relations. This position differs sharply from the point of view of the ACT Foundation, which does not consider the GPL to be a contract due to the fact that the user does not have the right to bypass the license at all, while the contract implies the existence of a transaction, benefits and voluntary consent.


    There are certain benefits for the copyright holder to be a plaintiff in a copyright infringement case instead of seeking truth in a contract infringement case. Contract law tends to monetary compensation and quantifiable definitions of material damage, just that which is not easy to calculate and present to the creators of open source software. It is not clear how to achieve the desired result - to open the source code of the program by a court decision . With copyright infringement, it’s much easier to get what you want. There are still fines established by law, $ 30,000 for each violation, or $ 150,000 in case of a malicious violation.


    So far, the result is in favor of Artifex, but the mere fact of considering a violation of the GPL under contract law is fraught with new manipulations by proprietors. We hope, wait, believe.


    Finally


    It may seem that open source proponents win all lawsuits, but this is not really the case. In the SFLC v. VMWare case so far, everything is not in favor of the plaintiff. SFLC and FSF do not keep pace with hundreds of violators and morally unstable hackers are already trying to cash in on this. However, this should be discussed separately.


    Used materials


    1. GPLv3 Quick Start Guide
    2. Samba, GPL enforcement and the GPLv3
    3. GNU GPL, LGPL, Apache license Types and Differences
    4. The court found that the GPL falls into the field of contractual relations
    5. Jacobsen v. Katzer: The Federal Circuit Weighs in on the Enforceability of Free and Open Source Software Licenses


    1. Creator of the GPL violations web resource , one of the iptables developers.
    2. Ghostscript package developer for viewing pdf and PostScript documents.
    3. Creator of the ThinkFree Office office suite .
    Tags:

    Also popular now: