About the calculus for the project
Posted Feb 1, 2012 21:39 UTC (Wed) by jimparis
In reply to: About the calculus for the project
Parent article: A tempest in a toybox
Imagine if you were mayor of a town of 300,000 people, and you had to pay a million dollar fine if someone was caught stealing. You have implemented a set of policies to prevent stealing, and to encourage people not to steal. Could you guarantee that no one ever stole? As mayor, would you pay $1,000 for an insurance policy against the fine? That's similar to the cost/benefit calculus for this project, for large enterprises. It's not that executives are unwilling to enforce compliance, or are actively undermining the license of the code their company ships. They just want to reduce risk.
Logical, but I don't buy it.
Your argument is "We try our best, but we're worried that one mistake will cost us." That's easy
to avoid. Put a link on your product page, "Open-source licenses and source code". Put another link on that page, "Contact us if you have any concerns". And then just respond
to those concerns. Have someone actually answer those emails, someone who has the authority to actually do something about it. If there's a mistake, someone will point it out, you will address it, and you are done
. If it takes a long time to address, put up a new webpage explaining all of the issues and how you're addressing them and why it's taking so long, and update it regularly. We are not stupid; we recognize a good-faith effort when we see one. That's how it usually works. The lawsuits and settlements and veto powers and product delays have always come after
a company has failed to actually solve the problem.
Even the SFLC doesn't file lawsuits until they have to. In the announcement of the big Best Buy
The First Rule of GPL Compliance: “Be Responsive When Contacted”
The SFLC has dealt with over a hundred compliance matters since its inception on behalf of various clients, including BusyBox and developers of significant portions of the GNU/Linux operating system. The vast majority of these matters usually end with violators voluntarily coming into compliance. In the rare cases when a company refuses to cooperate in good faith, the SFLC has been forced to take legal action on behalf of its clients to enforce FOSS requirements.
to post comments)