general response to this thread

Posted Dec 3, 2015 17:53 UTC (Thu) by faramir (subscriber, #2327)
Parent article: A referendum on GPL enforcement

Rather then commenting individually to the article or comments, I'm going to do a single response:

1. Re: good ideas out there
I've suggested multiple ideas to people at the SFC and in general have been informed why they won't/can't work. In any case, an idea isn't enough and it seems clear that there aren't many people and/or money out there to do anything related to GPL enforcement.

2. Re: making the violators pay to prosecute themselves
The people at the SFC seem philosophically opposed to this. Since they are the ones doing all the work, it seems petty to fault them for this. I've also been told that the SFC has deliberately not taken money from companies who refuse to come into compliance for all GPLed software. i.e. Yes, you can have the busybox code, but no we won't give you our kernel modifications. Should they take the money anyway?

In any case, nothing is stopping copyright holders from doing any type of enforcement action they want. The VMware case involves the SFC funding a developer's case as the SFC owns no copyrights and therefore has no right to take action on its own. Personally, I would be happy to help crowdfund targeted GPL enforcement efforts brought by developers. But legal work in the USA is expensive, so the community is going to have to pony up the resources somewhere.

3. Re: lack of new code releases due to GPL enforcement
While lots of new functionality would be nice, when I put on my end user hat; just being in the position to make minor changes to the GPL based firmware in the products that I purchase would be great. The incomplete source code releases that companies typically put out make this extremely difficult. Who hasn't found a firmware based product that almost met your requirements?

4. Re: GPL using companies should voluntarily fund enforcement
While this would be nice, it is rare for any company to spend money on something that doesn't benefit them economically in the relatively short term. It's not clear how RedHat (for example) would benefit from me being able to modify the firmware on my home router. And it would probably actively hurt their efforts to make sure that VMware and RedHat software worked well together to have funded the current VMware enforcement case.

5. Re: why do these cases take so long
Companies stall and for both practical (costs) and philosophical (educate/not litigate) reasons, the SFC isn't in a position to hurry things along.

6. Re: other SFC work and their funding issues
It should also be noted that the SFC's primary activities involve providing support services for a myriad of small and large free software development projects. It seems that SFC's GPL enforcement efforts have resulted in a drastic reduction in corporate funding. This isn't just going to hurt the only organization actively enforcing GPL, it is also going to cause problems for projects like SAMBA, Mercurial, Git, QEMU and others. Even if you are ambivalent about GPL enforcement, there are any number of other reasons to support SFC.

general response to this thread

Posted Dec 4, 2015 7:47 UTC (Fri) by alison (subscriber, #63752) [Link] (2 responses)

faramir comments:
> This isn't just going to hurt the only organization actively enforcing GPL, it is also going to cause problems >for projects like SAMBA, Mercurial, Git, QEMU and others.

That aspect worries me, too. I wonder if having a separate organization supporting SFC member projects would not be a good idea? The current situation encourages organizations like LF to argue, "We signed up to support Git and Jquery and Samba, not GPL enforcement." There is some merit to such an argument given that enforcement is (AFAIK) a new activity for SFC. I support both SFC's older mission and GPL enforcement, but can see how there may have been donors to SFC who were surprised to learn that they were underwriting enforcement and wondering about further 'mission creep.'

general response to this thread

Posted Dec 4, 2015 15:58 UTC (Fri) by bkuhn (subscriber, #58642) [Link]

Conservancy member projects always have the right to leave Conservancy to form their own org, or switch to another non-profit organization.

As for characterizing licensing compliance as a "new activity", actually, is inaccurate. Conservancy has done license compliance activity for its member projects since about 6 months after its founding (which was nearly a decade ago). Indeed, all the project named at the beginning of this subthread have received some form of license compliance activity from Conservancy. Samba, for example, has a long history even before Conservancy of caring deeply about license compliance.

Ensuring license compliance really is a key service that Conservancy provides to our member projects. The point of Conservancy was to provide key services that other organizations don't provide, including license compliance. Our member projects would have picked other fiscal sponsors if they didn't want these additional services.

general response to this thread

Posted Dec 4, 2015 16:37 UTC (Fri) by jra (subscriber, #55261) [Link]

Alison, enforcement isn't new for Conservancy. They've been doing this for Samba ever since we joined. It was one of the benefits of being in Conservancy that persuaded us to become a part of it.