Weekly Edition
Return to the Front page
| |||||||||||||
OLS: Enforcing the GPL
Harald Welte, the current netfilter maintainer, ran a session on dealing
with GPL violations. Harald has made a name for himself over the last year
by reaching settlements with several manufacturers who were shipping
products containing the netfilter code without complying with its licensing
requirements. In most cases, these settlements have been relatively easy
to reach, with the offending companies releasing their code and, in many
cases, making a donation to the FSF or a related worthy cause. Harald is
also the force behind the injunction in the Sitecom case, which just
received another court ruling that the GPL is valid and enforceable in
Germany.
Harald's approach differs from that of the Free Software Foundation. The FSF tries to resolve GPL violations in the most quiet, friendly way possible; in most cases, the wider world never even hears that there is a problem. Harald found himself frustrated with this way of doing things; it takes far too long (perhaps longer than the lifetime of the offending product) and gives no real disincentive for companies considering ignoring the GPL. So he took matters into his own hands; by bringing in lawyers early, making violations public, and threatening immediate damage to the offenders' bottom line, he has gotten some real results. Some interesting features of the German legal system have worked in Harald's favor in this campaign. By (his lawyers' interpretation of) German law, simple use of the netfilter/iptables internal API is a strong indication of a derivative work. Since it is not a "standard" API, there is no copyright boundary there; by this same reasoning, any binary-only kernel module is a GPL violation. This interpretation of the GPL also rules out putting GPL-licensed code onto hardware which only runs signed binaries - unless the key is distributed with the source. German law requires that any request for injunctive relief be filed within four weeks of the discovery of the infringement. This is an inflexible, externally-imposed deadline which forces companies to move quickly to resolve the issue. When a company has received a cease-and-desist notice, it knows that it cannot drag it issue out over time; it will, instead, find itself in court in short order. Harald was asked about the completeness of the code releases he has won so far; apparently not all vendors have released kernels which actually can be rebuilt into a working image - or which even compile. His response is that his ability to compel code releases really only extends as far as his copyrights in the netfilter code. If a vendor does not release a full kernel, copyright holders in other parts of the system will have to get involved. The last part of the talk covered things developers can do to help make copyright enforcement easier. They include:
Expect to hear about more resolved violations in the near future. Harald indicated that a couple of settlements have been reached, but the companies involved have been given a grace period to prepare for the fallout once the situation has been made public. Once that period has passed, the press releases will go out. (Log in to post comments)
OLS: Enforcing the GPL Posted Jul 24, 2004 20:32 UTC (Sat) by jmshh (guest, #8257) [Link] The actual verdict in the Sitecom case is available as a PDF here (in German).
OLS: Enforcing the GPL Posted Jul 26, 2004 13:38 UTC (Mon) by dcoutts (guest, #5387) [Link] Grocklaw now has an unofficial translation
OLS: Enforcing the GPL Posted Jul 24, 2004 22:19 UTC (Sat) by stockholm (subscriber, #3939) [Link] In my opinion it is mostly good for the own ego to come down hard uponthe companies violating the GPL. By acting like that we don`t stand out compared to corporate legal practice. Do we win anything of lasting value (like cool code, good will and good relations) that way? Wouldn`t it be more likely that we got that by acting cooperativly and friendly? In my opinion Harald mostly manages to properly burn companies`s development department for their (courageous?) decision to use linux and teach them for good that this really, really hurts and it is much less trouble to use a propriatory product like before. Is that what we want? Hardly. These kind of legal victories damages us in the long run. It seems the FSF`s way is more quite but wise and was successfull for some time.
OLS: Enforcing the GPL Posted Jul 24, 2004 22:26 UTC (Sat) by piman (subscriber, #8957) [Link] It's considerably more trouble to use a proprietary product; they will still have to negotiate a proprietary license. On the other hand, there is no negotiation necessary with the GPL because you already have a lot of permission. If you want even more permission, you can work it out with the copyright holders the same way you can with proprietary code.Calling the actions of these companies "courageous" is stupid. They are software hoarders, and should be treated no better than any others.
OLS: Enforcing the GPL Posted Jul 24, 2004 22:53 UTC (Sat) by stockholm (subscriber, #3939) [Link] Even if it is more trouble to use a proprietary product, it is whatpeople are used to and what they are good at. It is most likely a novelty to abide to the "free" GPL and properly play by it's rules. Probably you have some enthusiastic engineers pointing out the technical merits of linux to their management, everone is slightly licence-illiterate (especially regarding the GPL) and think free software is free (as in beer). (Hence the name.) It is not necessary to imply willfull software hording at all, just plain human error and oversight. Now imagine the situation after the legal action by Harald. Both the lower management and the engineers will not have happy days for quite some time and the turn to linux in that company is over for good. What a victory for freedom and free software.
It's never just ignorance Posted Jul 24, 2004 23:18 UTC (Sat) by tialaramex (subscriber, #21167) [Link] A case doesn't get to court without the parties having prior contact. If they screwed up through ignorance (as you suggest) that's a great time to say "Ok, hand on my heart I screwed up, and I'm going to drop everything to give you what you want."Whereas on the other hand if they've already explicitly decided that they're not too interested in obeying the terms of the license, then when someone threatens a lawsuit they're going to say "Sure pal, whatever. You haven't got anything on me" and hope it's a bluff. This guy isn't bluffing. That's all it comes down to.
It's never just ignorance Posted Jul 25, 2004 14:43 UTC (Sun) by fjf33 (subscriber, #5768) [Link] Not from what I read. It seems his policy (as opposed to FSF's) is to get the lawyers out fast and get to trial fast so that companies don't drag their feet. Essentially he assumes there is an intent to steal from the corporations to begin with. Not a mistake or missinformation as the previous poster does. Is the FSF disingenous? Maybe, maybe not.
It's never just ignorance Posted Jul 26, 2004 13:19 UTC (Mon) by pflugstad (subscriber, #224) [Link] At this point, any company that uses GPL'd software knows what the license means. If they don't, they deserve to get sued, and fast. I'd be completely surprised if there are any cases of a company using GPL'd software and not complying with the license through ignorance. Which means that companies are making the concious decision to NOT comply with the GPL - so they get sued - so what, they'll drag it out in court until it doesn't matter any more. If you don't think this is a concious business decision on their part, you are completely naive. Companies do this as a matter of course, regardless of the nature of the license on the software they are using (commercial or otherwise). The intent to steal is definately there, as is the intent to delay getting taken to court as long as possible.
OLS: Enforcing the GPL Posted Jul 25, 2004 17:21 UTC (Sun) by JoeF (subscriber, #4486) [Link] Both the lower management and the engineers will not have happy days for quite some time and the turn to linux in that company is over for good. What a victory for freedom and free software.
Obviously, you have never worked in a company that sells software. The first thing any reputable company does is checking what licenses the tools/libraries/etc. that they are using have.
OLS: Enforcing the GPL Posted Jul 26, 2004 9:50 UTC (Mon) by minichaz (guest, #630) [Link] The free/Free misunderstanding is a purely English thing. English happens to have one word that means free as in beer and free as in freedom. Most languages have two different words for these meanings. French for example has "gratis" for free as in beer and "libre" for free as in freedom.Anyone know the situation in German? Anyone know of another language that has one word for both these concepts? Thanks.
OLS: Enforcing the GPL Posted Jul 26, 2004 13:56 UTC (Mon) by greve (subscriber, #8385) [Link] I can tell you that in German there are two words possible here: "frei" and "gratis".- "gratis" is exclusively only ever used for zero price - "frei" is clearly referring to freedom according to linguists, although I know the same to be true for Spanish, Portugese, Italian, Korean, Japanese at least -- in fact English is the only language I ever encountered that was so weak on this aspect.
OLS: Enforcing the GPL Posted Jul 26, 2004 18:49 UTC (Mon) by iabervon (subscriber, #722) [Link] But I know of a case of a French to English translation of "libre" to "uncopyrighted". In no language does the equivalent of "free" mean "granting freedom" rather than "having freedom", with, as far as I know, the sole exception of "free speech", which is short for "freedom of speach" ("of" denoting type, not possession) and related to "speak freely". So other languages have what is probably a worse confusion, that the software has been granted self-determination as opposed to being owned by someone, which most easily suggests public domain.
OLS: Enforcing the GPL Posted Jul 29, 2004 8:24 UTC (Thu) by chepelov (guest, #23542) [Link] Care to give the reference for that translation?There is a corner case, though: the expression "libre de droits", which is more or less equivalent to public domain ("unobstructed by [intellectual property]rights"). But nobody without an intent of infrigement would seriously think of "logiciel libre" to mean "public domain software". (now, mainstream press journalists, that's a different matter....)
OLS: Enforcing the GPL Posted Aug 5, 2004 12:28 UTC (Thu) by Wol (guest, #4433) [Link] The original was French, and it was an (American iirc) Reuters translation.
So it was an English speaker who screwed up the translation ...
Cheers,
OLS: Enforcing the GPL Posted Jul 25, 2004 4:40 UTC (Sun) by set (guest, #4788) [Link] Harald is enforcing his copyright, which is the the whole underpinningof the GPL. You can whinge about 'what *we* should do, or what is better for *us*', but it is the copyright holders who get to make these kinds of decisions about the license they chose for the software *they* wrote. And I say good for Harald; businesses need to know that the GPL is a real license and unless they follow it, they cannnot distribute. Let them use BSD or similarly licensed code if they dont want to.
OLS: Enforcing the GPL Posted Jul 30, 2004 15:47 UTC (Fri) by Baylink (subscriber, #755) [Link] Indeed. And while clearly this is not legal precedent anywhere in the US, if he succeeds -- excuse me: when he succeeds :-) -- it will certainly stand as *business* precedent, which isn't quite the same thing.
OLS: Enforcing the GPL Posted Jul 25, 2004 6:55 UTC (Sun) by akumria (subscriber, #7773) [Link] I work for a company which does development for an OEM. The very first thing they say is what licenses we are allowed to use on the project. Some they don't mind if we use GPL, some they do. In all cases though we are required to deliver a report at the end detailing each component, what its license is and the status of our compliance with it. That also goes for the propreitary modules. The only change between doing this with propreitary modules versus using Free Software is that sometimes the license of Free Software stipulates extra conditions regarding when/where you have to make the code and/or your changes available. If a company can't be bothered complying to a Free Software license (which are realtively simple) what makes you think they would bother complying to a commercial one? Either a company actually determines and lives up to its obligations or it doesn't. Free Software doesn't mean you can have a free ride. Everything has a cost - the companies Harald has exposed just believed they could get away with it. If no one pushed the GPL then we would have more damage in the long term with companies believing they had no obligations at all - which just isn't the case.
OLS: Enforcing the GPL Posted Jul 25, 2004 8:33 UTC (Sun) by jmshh (guest, #8257) [Link] There is nothing "courageous" in this context. The case is a very indirect one: Some manufacturer from an East-Asian country, where copyrights are just ignored, made the product. It was imported by the European headquarter based in the Netherlands and then sold by the German subsidiary in Germany. What this verdict does is banning further sales in Germany, nothing more :-(. This is the most one can get without fighting cases far away: just a little itch to an I-don't-care company. Other contacts with more accessible manufacturers were more successful and needed no involvement of the courts.
OLS: Enforcing the GPL Posted Jul 26, 2004 0:43 UTC (Mon) by khim (subscriber, #9252) [Link] It's not that simple. Yes, one case will not change situation with "I-don't-care company". Once you'll get the same verdict for the rest European countries, USA and Japan suddenly "I-don't-care company" start to care. Yes, it's long and hard battle but it can be done and was done previously.
It would be nice if their email worked Posted Jul 25, 2004 5:01 UTC (Sun) by Ross (guest, #4065) [Link] I tried to contact them twice and was never successful. Here's thebounce from that last attempt.
This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its webmaster@gpl-violations.org ------ This is a copy of the message, including all the headers. ------ Date: Mon, 3 May 2004 15:05:20 -0500 The website mentions three mailing lists but none seem to be the proper -Ross
It would be nice if their email worked Posted Jul 25, 2004 5:48 UTC (Sun) by dlang (✭ supporter ✭, #313) [Link] you can only enforce the copyright and therefor the GPL on code that you have the copyright on.As such the netrilter group can only enforce violations of the netfilter code (as was mentioned when he was asked about the fact that some of the code release isn't a full linux kernel, he can only go after the netfilter code, other copyright holders would have to go after the other code, but I would expect that aafter having lost on the netfilter code it would be much easier to get the other code as well)
It would be nice if their email worked Posted Jul 25, 2004 6:21 UTC (Sun) by Ross (guest, #4065) [Link] I'm aware of that. I thought they might offer resources to other peoplewanting to enforce the GPL. But if not that's a rather sweeping domain name for only Netfilter related inquiries.
It would be nice if their email worked Posted Jul 25, 2004 10:42 UTC (Sun) by MathFox (guest, #6104) [Link] On the FSF website you can find information about the GPL enforcement activities by Eben Moglen.If you feel you should act upon infringement of your own copyrighted code, there is one advice I can give you: Hire a lawyer! First, the lawyer can evaluate with you whether your lawsuit stands a chance; secondly, he knows the correct route through the maze of laws and rules to get the best result for you.
It would be nice if their email worked Posted Jul 25, 2004 13:03 UTC (Sun) by ncm (subscriber, #165) [Link] dlang wrote, "you can only enforce the copyright and therefor the GPL on code that you have the copyright on."While that is true in a strict sense, section N (N=3 IIRC) provides a little more leverage. Having violated your copyright, they have lost the right to distribute your code. To regain that right, they have to satisfy whatever conditions the judge agrees to let you enforce. One such condition may be that they release source to all the code linked with yours. Another might be that they pay for your lawyer, and other expenses. Another might be that they make a substantial donation to the FSF. Another might be that they pay extra damages to you for having made you bring the whole thing to court, instead of doing the right thing when it was brought to their attention. It would not be unreasonable to ask for all of those, and a public apology besides.
It would be nice if their email worked Posted Jul 25, 2004 14:05 UTC (Sun) by laf0rge (subscriber, #6469) [Link] I am terribly sorry, but there was some disagreement between the DNS records and the mailserver configuration :(Email is working now... please resend.
OLS: Enforcing the GPL Posted Jul 26, 2004 4:14 UTC (Mon) by stock (guest, #5849) [Link] Do not become a Darl Mcbride of GPL-ed software. Smacking many commercialsoftware corporations in this way, only leads to more anger, and U.S. Judges may then be much more willing to only consider the commercial interests of these companies. I would suggest to only come in action when _REAL_ violations of the GPL come to surface when actually people or companies using the software (END-USERS) are confronted with them. Much more in the philosophy as RMS originally started the GPL. This would be more like a advisory board for software users. Sending a valid complaint to the FSF would then be a legitimate reason to start a law case. Robert
OLS: Enforcing the GPL Posted Jul 26, 2004 9:46 UTC (Mon) by piman (subscriber, #8957) [Link] These companies are distributing to end-users! Linux and netfilter are installed in all sorts of proprietary firewall products, with no offer of source. This means people wanting to hack the firewalls to do more stuff, can't. Any security holes, they're stuck with; any outright stupid design, they're stuck with; and bugs, they're stuck with those too."Real" violations of the GPL happen when someone violates the terms of the GPL, which these companies are doing. I don't know what you think "fake" violations of the GPL are. What does the FSF have to do with software they have no copyright on? Why should all legal requests involving GPLd software have to go through the FSF?
OLS: Enforcing the GPL Posted Jul 26, 2004 14:27 UTC (Mon) by greve (subscriber, #8385) [Link] The Free Software Foundations have the longest-standing experience in dealing with the GNU (Lesser) General Public License in terms of writing it, maintaining it and enforcing it.They are also the most aware party in terms of global legal implications and the political/tactical situation. So if you want the best for GNU GPL and the Free Software licensed under it, you definitely want to involve one of the FSFs.
OLS: Enforcing the GPL Posted Jul 26, 2004 15:11 UTC (Mon) by piman (subscriber, #8957) [Link] > The Free Software Foundations have the longest-standing experience in dealing with the GNU (Lesser) General Public License in terms of writing it, maintaining it and enforcing it.The Free Software Foundation has the longest standing experience in dealing with infringements on their own copyright. They are not general GPL enforcers; they do not have the time, resources, or interest in that. > They are also the most aware party in terms of global legal implications and the political/tactical situation. I doubt that. Debian probably has much more experience with global legal implications of various licenses. I'm not sure what you mean by "political/tactical situation" -- are you trying to imply that RMS good at handing delicate situations? > So if you want the best for GNU GPL and the Free Software licensed under it, you definitely want to involve one of the FSFs. The FSF have already shown themselves untrustworthy with their continued pushing of non-free licenses like the GNU FDL. If I want the best for my GPLd software, I will pursue my methods of dealing with infringement, that do not involve an irrelevant third party like the FSF.
OLS: Enforcing the GPL Posted Jul 26, 2004 17:24 UTC (Mon) by JoeBuck (subscriber, #2330) [Link] The folks on debian-legal are a bunch of amateurs. Eben Moglen, who does the enforcement for the FSF, is a law professor at Columbia University whose specialties are copyright law (as represented both in US law and in international treaties like the Berne Convention) as well as legal history. Now that FSF Europe exists, the FSF has considerable European expertise on tap as well. Debian people who are not lawyers should not assume that they know their own country's copyright laws better than Prof. Moglen does. It is arguable that the FSF's approach to GPL enforcement is too quiet, but before deciding that I suggest that you read about it.
OLS: Enforcing the GPL Posted Jul 26, 2004 18:40 UTC (Mon) by piman (subscriber, #8957) [Link] The folks on debian-legal may be "amateurs" (some are in law school), but I would wager that they have read and dissected more copyright licenses than Prof. Moglen. And please read my message in the context of parent poster. I don't mean to insult Prof. Moglen in any way at all, I think he's a genius. But to suggest that he has the time to look into every possible infringement of the GPL is absurd; and other FSF members are also an amateurs, with much less experience than debian-legal. licensing@gnu.org isn't a direct line to a lawyer; it gets you Dave Turner. He's a smart guy, but his situation is almost exactly that of debian-legal, just less breadth. For the grandparent's idea to be implemented, the FSF would need dozens of real lawyers.That FSF Europe exists does not give the FSF any European copyright expertise by fiat. Who works for FSFE that has the kind of experience Prof. Moglen does? Or, more likely, are there just a few "amateurs" -- good at what they do, but still with little breadth of experience in licensing, and little or no legal training. I'm familiar with the FSF's approach to GPL enforcement. Good, if it works for them. It didn't work for Harald, and what he's doing now does.
OLS: Enforcing the GPL Posted Jul 28, 2004 8:57 UTC (Wed) by pm101 (guest, #3011) [Link] >I doubt that. Debian probably has much more experience with global legal>implications of various licenses. I'm not sure what you mean by Eben is one of the top law professors in copyright law in the nation. He specializes in copyright. He's brilliant. I understand debian-legal has law students. Nevertheless, there's a bit of a gap between a law student and a famous law professor. >"political/tactical situation" -- are you trying to imply that RMS good at I don't see why this matters, or should even be brought up. RMS is head of the FSF, and he's a very smart guy. He knows he's not good at some things, and very good at others, and he knows how to delegate. RMS isn't the best person to negotiate a delicate situation, but Eben is. Eben is brilliant at this sort of thing, and he's the FSF's lawyer, so he handles it. >The Free Software Foundation has the longest standing experience in dealing Actually, they are. You assign them the copyright (so they have the legal standing to deal with it), and they will deal with it. In general, the FSF has been very prompt at responding to me in the past (e-mails to RMS or Eben get a response in 24 hours, usually). >The FSF have already shown themselves untrustworthy with their continued >pushing of non-free licenses like the GNU FDL. If I want the best for my >GPLd software, I will pursue my methods of dealing with infringement, that >do not involve an irrelevant third party like the FSF. Fair. Your choice. Many people don't have the time and money to do this. If you do, more power to you. No reason to bash the FSF.
OLS: Enforcing the GPL Posted Jul 26, 2004 18:53 UTC (Mon) by dvdeug (subscriber, #10998) [Link] Darl McBride is making vague claims over software he didn't create, and suing over it. We're making specific claims over software we did create; we are in the right to be doing this.
OLS: Enforcing the GPL Posted Jul 28, 2004 4:10 UTC (Wed) by stock (guest, #5849) [Link] Darl McBride is making vague claims over software he didn't create, and suing over it. We're making specific claims over software we did create; we are in the right to be doing this.I use Darl McBride as role model example here. Everyone in the Linux/FOSS camp hates this guy. Don't become the most hated GPL law-enforcer in a total insane GPL software abuse witch-hunt, is what i ment to say. It will earn you some cash (remains to be seen) but be carefull not to earn global hatred too. Don't send your seize and desist GPL-enforcement letter to any software company which you know to exist. Only come in action when known _proof_ of GPL abuse does exist. Robert
OLS: Enforcing the GPL Posted Jul 28, 2004 7:50 UTC (Wed) by piman (subscriber, #8957) [Link] No one is doing that. All the cases pursued are clear violations of the GPL. Money be damned, I want free code.
|
|||||||||||||