OPINION

How NOT to Push a New Open Source License, Part 1

Bruce Perens recently introduced what he calls a “Covenant” open source license on behalf of Lexis-Nexis, owned by Reed Elsevier (readers may know them better as “the scientific journal paywall people”), for one of Lexis-Nexis’ internal projects.

It didn’t take long for readers on both slashdot and lwn to rip it apart. Of particular concern was the requirement that contributors assign their copyrights to Lexis-Nexis so that Lexis-Nexis would gain the exclusive right to commercialize the code. Contributors would only be able to use their own code under an AGPL license.

When I proposed that it would protect the authors’ rights more if the author

  1. kept his or her copyright, or
  2. granted a dual license right to the company that terminates if the conditions are not respected,

Perens claimed, “In general, companies want to be able to enforce the copyright of the entire product,” and “the risk and legal load for the company are appreciably higher than what I have proposed.”

The Heavy Burden of Licensing

I pointed out to him that this simply isn’t true. Most commercial software companies don’t own the copyrights to all the components in the products they sell. For everything from software written in Java or using Windows libraries to media players using h.264 decoders, quicktime libraries, or other code licensed from third parties, licensing — not copyright assignment — is the norm.

Businesses that take out a license instead of getting copyright assigned to them also have legal recourse against the licensor if any of the licensed code is found to be infringing. Microsoft has gone to court many times, and paid plenty of judgments, to protect its users and licensees. Perens’ arguments are ill-informed at best.

In a follow-up, he also claimed that”the added burden on L-N to try to manage all the licenses would probably make it easier to forgo open sourcing their codebase.”My first thought was “Wow, maybe the BSA (Business Software Alliance) should knock on their doors to see if all their Windows software is properly licensed.” Instead, I pointed out that parent company Reed Elsevier is a US$9 billion dollar business that derives the bulk of its earnings from managing data, copyrights and licenses. It can certainly manage a few more license grants from contributors.

Checking With the Lawyers

Readers were also concerned that the whole “covenant” was too vague on many points, as well as being lopsided in favor of Lexis-Nexis. Perens’ response to lwn reader lutchann revealed why:”When you are working with a company as large as that (LN is a big division of huge Elsevier) with as many separate stake-holders in legal, management, etc., it’s always a negotiation. That’s what I could get.”Sad.

It didn’t help his case that Perens was also telling two different stories about the effects of copyright assignment — one to readers of lwn, another to slashdot. Two hours after he wrote lwn poster iabervon to say”this isn’t a problem because of a key feature of copyright law: A developer is always free to grant their own work to others under his/her own terms. The covenant doesn’t make you promise not to do so,”… he wrote on slashdot,”I agree that licensing your contribution back to you is desirable. I’ll include that in the feedback I’m sending them.”Perens is apparently a bit confused as to whether developers would need a license back. The answer is yes, because copyright doesn’t work the way he pretended it does. Original developers are not free to continue to grant rights to their work after they’ve assigned their rights to someone else. That’s the key point of a copyright assignment.

This probably explains why Perens wrote several times that he had to check with the lawyers to see what the various terms of the covenant really mean. It’s becoming painfully obvious that he doesn’t really understand “his own” license.

If this license is so complicated that he doesn’t understand it, shouldn’t it be fixed? And why would he be publicly advocating others use a license he doesn’t fully understand? This doesn’t inspire confidence.

Hand Over Those Assets

In reality, it is obvious that the covenant is not a meeting of the minds between equals, but a deal drafted by Lexis-Nexis to take as much and give back as little as possible. The “snatch-and-grab” was revealed in a follow-up to slashdot poster Roger W Moore, who wrote:”I fail to understand the need to assign copyright. Surely the developer can just give HPCC a license to the code which includes the right to relicense the code under any commercial license they wish so long as they continue to support and release an open source version. Call this the HPCC Turkish Delight license and then just say that you are releasing your code under this license instead of GPL/…. By assigning copyright HPCC could use the code in a different, closed source product without compensating the developer in anyway.” (emphasis added) Perens pretty much admitted it when he replied,”In building a balance that will motivate multiple parties to participate, you have to consider all of their needs. In the case of HPCC’s needs, this allows them to continue to own their entire product, and to list their entire product as an asset.” (emphasis added)The real reason for demanding copyright assignment instead of a license is to add to its copyright portfolio so it can list those additional copyrights as business assets, and also open up the ability to license the assigned copyrights individually outside of the project.

Think of it — how would you react if your neighbor asked for your blender for a party?Neighbor: I’m having a party. I need your blender.You:        Sure, you can borrow it.Neighbor: No, you don’t understand — I want you to give it to me                permanently.You:        Why would I do that?Neighbor: Because I’m having a big party and I’m going to make lots of $$$.You:       So just borrow it. You don’t need to keep it forever.Neighbor: But if I don’t own it outright, it will prevent me from having lots of                parties and making lots of money!You:       ???Neighbor: Don’t worry — I’ll let you borrow it back…You:       Gee, you’re so generous.Neighbor: — but only for your own personal use. You can’t use it with guests                or to throw parties or make money with it.You:       Enough! You’re giving me a headache. Just. Go. Away.

Open Source Magic

Does Perens really believe this is a great deal? What’s good for the goose is good for the gander, so I made him the same offer that his “covenant” provides:”assign ME your copyrights and I’ll give you a grant-back to use all the copyrights in the pool under the AGPLv3. I’ll go one further than Loopy-Noopy — I’ll even give you a grant-back to use them under a separate GPLv2 or later license, so you can contribute to projects like Linux, which is GPLv2 only. What could possibly go wrong?”He hasn’t yet taken me up on my oh-so-generous offer. I guess when the shoe is on the other foot, it doesn’t fit so well…

There are still some people who think that slapping “open source” on something will magically attract coders as sure as manure attracts flies. It doesn’t, but freetards won’t accept that. Coders that work on the sort of projects that Perens is proposing cost six figures a head. A one-sided “covenant” won’t interest them, and it just inflames everyone else.

This whole “covenant” shows disrespect for both the work and the rights of authors. Add to that the way that each iteration of the GPL adds more restrictions, and maybe it’s time for yet another license — but Bruce Perens’ covenant isn’t it.

And now for something completely different…

Part 2: The Respect The Programmer License (RPL) Version 0.3

Barbara Hudson's daughters and her dogs are a large part of who she is. As for computers, she's been writing code for longer than she really wants to admit. Now that she's returned to independent development, her current focus is on creating simpler and more secure code libraries. Her dream project? Creating the ultimate chess program. You can contact her at barbara.hudson@milsecure.org.

2 Comments

  • Look at "Barbara Hudson’s" last article, and how Perens panned it in comments at

    http://www.technewsworld.com/perl/board/mboard.pl?board=lnitalkback&thread=5582&id=5583&display=1#message_5583

    So, it looks like Hudson spent an entire evening attacking Perens on Slashdot in revenge, and then replayed her evening in this article.

    Perens idea is brand new. Maybe we should give him some time to work on it, and then have someone who isn’t angry at him analyze it.

    Peter Grafix

    • Anyone who cares to do a bit of research will find that he was pushing almost the same "license covenant" in February 2008 at another of his failed projects located here: http://kiloboot.com/company/press/releases/shhh/

      "We require copyright assignment to accept modifications to our software. This is necessary so that we can vend a commercial license. Unlike almost everyone else who requires copyright assignment, we covenant with the developer to continue to make an Open Source version of their contribution available as long as we (or our assigns) continue to develop our commercial version. This provides a fair quid-pro-quo for the contributor. Of course, the main incentive for contributing a modification that you have made to our products is that we’ll maintain it as part of our main code tree, and you won’t have to."

      So, an almost-4-year-old "covenant" that also falsely claims to require copyright assignment in return for making both an open and paid version available.

      As for the rest of Perens claims, he has pretty much demonstrated he doesn’t really know what his own 4-year-old license means ("I have to ask the lawyers" for even simple questions), so why would anyone trust his insight on *any* licensing questions?

      And no Peter, I did not spend "an entire evening attacking Perens" – it was only after he refused to answer questions from many of us that I realized that he was purposefully dissembling and decided to call him out on it.

      I also notice that you don’t have a single counter-point to the ones I made in the article 🙂

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Which cybersecurity hazard do you fear the most as an individual?
Loading ... Loading ...

LinuxInsider Channels

More Open Source Jobs Remain Vacant With Scarcity of Skilled Linux Talent

open-source talent is in high demand by employers

If you have the Linux skills to bolster a solid IT foundation, you will be in high demand for a job working in the open source software industry.

Hiring is rebounding in the wake of the pandemic, as organizations look to continue their digital transformation activities. This is evidenced by 50 percent of employers The Linux Foundation surveyed who stated they are increasing hires this year.

However, employers must be ready to face two significant challenges.

First, with 92 percent of managers reporting difficulty finding enough talent, they also struggle to hold onto existing talent in the face of fierce competition.

Second, the rapid adoption of open-source software is widening the skills gap in the market. This is especially true for cloud native application development and operations skills, topping the list of 46 percent of hiring managers.

Open Source Jobs Report

The Linux Foundation this week released its ninth annual “2021 Open Source Jobs Report,” examining the demand for open-source talent and trends among open-source professionals.

To produce the report, The Linux Foundation teamed with edX, a massive open online course (MOOC) provider started by Harvard and MIT — and a trusted platform for learning Linux.

LF officials planned to highlight the full report later this month at the yearly Open Source Summit. But it leaked early.

“Open-source talent is in high demand, encouraging the most experienced pros to look for new opportunities while hiring managers battle it out for the most desirable candidates,” Jim Zemlin, Linux Foundation’s executive director, told LinuxInsider.

What’s Inside the Report

Besides leads on some great jobs this year, the report details growth in cloud adoption and demand for talent in that and other areas. It also shows a big spike in use of DevOps, increased demand for certifications, worsening diversity issues in the open-source community, and more.

“This year’s report makes it clear that Covid-19 has only exacerbated skills gaps and hiring needs that were bubbling to the surface pre-pandemic, especially in the high technology sector,” said Johannes Heinlein, chief commercial officer and senior vice president of strategic partnerships at edX.

It is promising to see that employers are meeting these needs by increasing training and learning opportunities, he said about edX’s focus on Linux and open-source education.

“We need to empower organizations to invest in this type of training in order to meet the tech talent demands of today and tomorrow,” he added.

The jobs report examines trends in open-source careers, which skills are most in-demand, the motivation for open-source professionals, and how employers attract and retain qualified talent.

This year’s report features analysis of data from more than 200 hiring managers at corporations, SMBs, government organizations, and staffing agencies across the globe. It also includes responses from more than 750 open-source professionals worldwide.

Job Report Highlights

Key findings from the “2021 Open Source Jobs Report” show that qualified open-source talent is still in short supply. The LF and edX report reveals half of all participating companies accelerated hiring as talent shortages persist.

The open-source talent shortage is no better this year. An overwhelming number of hiring managers (92 percent) report difficulty finding sufficient talent with open-source skills.

Last year’s report found that the same percentage of hiring managers could not fill available job roles. Two years ago, only 48 percent of hiring managers reported that hiring problem.

Cloud and container technology skills are most in demand by hiring managers. That category surpassed Linux for the first time in the history of this report, with 46 percent of hiring managers seeking cloud talent.

Discrimination is a growing concern in the community. The number of open-source professionals reporting they have been discriminated against or made to feel unwelcome in the community increased to 18 percent this year. That is a 125 percent increase over the past three years.

Best Job Leads

For job seekers looking for the best career paths, it is evident that cloud native computing, DevOps, Linux, and data security hold the most promising opportunities, according to Zemlin.

DevOps has become the standard method for developing software. Nearly all open-source professionals (88 percent) report using DevOps practices in their work. This represents a 50 percent increase from three years ago.

Demand for certified talent spikes this year. Managers are prioritizing hires of certified talent (88 percent), with a similar percentage of managers willing to pay for employees to obtain certifications.

Training is increasingly helping close skills gaps, the report found. Large numbers of professionals are demanding more training opportunities from their employers, demonstrated by 92 percent of managers reporting an increase in requests.

Employers also report that they prioritize training investments to close skills gaps, with 58 percent using this tactic. By comparison, 29 percent bring in external consultants to close their skill gaps.

The full “2021 Open Source Jobs Report” is free to download here.

Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open-source technologies. He is an esteemed reviewer of Linux distros and other open-source software. In addition, Jack extensively covers business technology and privacy issues, as well as developments in e-commerce and consumer electronics. Email Jack.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Related Stories