Trademarks and their limits
The core idea behind a trademark is that it gives the owner the exclusive right to apply the trademarked name to a product or service. Thus, for example, the Mozilla Foundation owns the trademark for the name Firefox as applied to "computer programs for accessing and displaying files on both the internet and the intranet"; a quick search on the US Patent and Trademark Office site shows other owners of the name for use with skateboards, bicycles, wristwatches, power tools, and vehicular fire suppression systems. Within the given domain, the Mozilla Foundation has the exclusive right to control which programs can be called "Firefox". The Foundation's trademark policy has been seen by some as being overly restrictive (almost no patches can be applied to an official release without losing the right to the name); that is why Debian's browser is called "Iceweasel" instead. But those same restrictions allow the Mozilla Foundation to stop distribution of a program called "Firefox" that sends credit card numbers to a third party.
The Document Foundation (TDF) owns a trademark on "LibreOffice" in the US, while the Apache Software Foundation (ASF) owns "Apache OpenOffice" and "OpenOffice.org". Both foundations have established trademark usage policies (TDF, ASF) intended to ensure that users downloading their software are getting what they expect: the software released by the developers, without added malware. Without this protection, it is feared, the net would quickly be filled with corrupted versions of Apache OpenOffice and LibreOffice that would barrage users with ads or compromise their systems outright.
How effective is this protection? To a degree, trademarks are clearly working. Reports of systems compromised by corrupt versions of free office suites are rare; when somebody attempts to distribute malware versions, trademarks give the foundations the ability to get malware distributors shut down relatively quickly. It seems hard to dispute that the application of trademark law has helped to make the net a somewhat safer place.
Questionable distributors
One might ask: safer from whom? Consider, for example, a company called
"Tightrope Interactive." Tightrope was sued by
VideoLan.org (the developers of the VLC media player) and Geeknet (the
operators of SourceForge) in 2010; they were accused of "trademark
infringement, cyberpiracy and violating California's consumer protection
law against spyware
". Tightrope had been distributing "value-added"
versions of VLC from its site at vlc.us.com; it was one of many unwanted VLC redistributors during that time.
That litigation was settled
in 2011; the terms are mostly private, but they included the transfer of
vlc.us.com over to VideoLan.org, ending the use of that channel by
Tightrope.
On Friday, April 15, 2011, Oracle announced
that OpenOffice.org would be turned into a "community project" of an (at that
point) unspecified nature. On April 18 — the next business day —
Tightrope Interactive filed for ownership of the OpenOffice trademark in
the US. That application was eventually abandoned, but not willingly; as
Apache OpenOffice contributor Rob Weir
recently noted in passing, "It took
some special effort and legal work to get that application
rejected.
" Companies in this sort of business clearly see the value
in controlling that kind of trademark; had Tightrope Interactive been
successful, it would have been able to legally distribute almost any
software under the name "OpenOffice."
The fact that the project successfully defended
the trademark in this case should impede the distribution of corrupted
versions of Apache OpenOffice in the future.
![[OpenOffice download ads]](https://static.lwn.net/images/2013/openoffice-ads.png)
|
| Sample OpenOffice ads |
A quick search of the net will turn up complaints (example) about unwanted toolbars and adware installed by redistributed versions of OpenOffice, including Tightrope's version. This apparently happens often enough that the Apache OpenOffice project felt the need to put up a page on how to safely download the software, saying:
This problem is not restricted to Apache OpenOffice; a search for LibreOffice will turn up a number of similar sites. Given that, one might well wonder whether trademarks are actually living up to the hopes that have been placed on them. Isn't this kind of abusive download site just the sort of thing that trademarks were supposed to protect us from?
One answer to that question can be found on one of the LibreOffice download sites, where it is noted that clicking on the "Download" button will start with the "DomaIQ" installer. This bit of software is described in these terms:
Herein lies the rub. The version of Apache OpenOffice or LibreOffice offered by these sites is, most likely, entirely unmodified; they may well be shipping the binary version offered by the project itself. But the handy "installer" program that runs first will happily install a bunch of unrelated software at the same time; by all accounts, the "suggestions" for "additional free software" tend to be hard to notice — and hard to opt out of. So users looking for an office suite end up installing rather more software than they had intended, and that software can be of a rather unfriendly nature. Once these users find themselves deluged with ads — or worse — they tend to blame the original development project, which had nothing to do with the problem.
The purveyors of this software are in complete compliance with the licensing and trademark policies for the software they distribute; at least, those that continue to exist for any period of time are. That software is unmodified, links to the source are provided, and so on. What they are doing is aggregating the software with the real payload in a way that is quite similar to what Linux distributors do. Any attempt to use trademark policies to restrict this type of aggregation would almost certainly bite Linux distributors first.
Consider an example: a typical Linux distribution advertises the fact that it includes an office suite; it also comes with an installer that can install software that presents advertisements to the user (the music stores incorporated into media players, for example, or Amazon search results from Unity), phones home with hardware information (Fedora's Smolt) or exposes the system to external compromise (Java browser plugins). It is hard to imagine a trademark policy that could successfully block the abuses described in this article while allowing Linux distributors to continue to use the trademarked names. Free software projects are generally unwilling to adopt trademark policies of such severity.
As a result, there is
little that the relevant projects can do; neither copyright nor trademark
law can offer much help in this situation. That is why these projects are
reduced to putting up pages trying to educate users about where the
software should actually be downloaded from.
The conclusion that one might draw is that trademarks are only partially
useful for the purpose of protecting users. They can be used as a weapon
against the distribution of overtly compromised versions of free software
programs, but they cannot guarantee that any given distribution is safe to
install. There is still no substitute, it seems, for taking the time to
ensure that one's software comes from a reliable source.