OPINION

How NOT to Push a New Open Source License, Part 1

Bruce Perens recently introduced what he calls a “Covenant” open source license on behalf of Lexis-Nexis, owned by Reed Elsevier (readers may know them better as “the scientific journal paywall people”), for one of Lexis-Nexis’ internal projects.

It didn’t take long for readers on both slashdot and lwn to rip it apart. Of particular concern was the requirement that contributors assign their copyrights to Lexis-Nexis so that Lexis-Nexis would gain the exclusive right to commercialize the code. Contributors would only be able to use their own code under an AGPL license.

When I proposed that it would protect the authors’ rights more if the author

  1. kept his or her copyright, or
  2. granted a dual license right to the company that terminates if the conditions are not respected,

Perens claimed, “In general, companies want to be able to enforce the copyright of the entire product,” and “the risk and legal load for the company are appreciably higher than what I have proposed.”

The Heavy Burden of Licensing

I pointed out to him that this simply isn’t true. Most commercial software companies don’t own the copyrights to all the components in the products they sell. For everything from software written in Java or using Windows libraries to media players using h.264 decoders, quicktime libraries, or other code licensed from third parties, licensing — not copyright assignment — is the norm.

Businesses that take out a license instead of getting copyright assigned to them also have legal recourse against the licensor if any of the licensed code is found to be infringing. Microsoft has gone to court many times, and paid plenty of judgments, to protect its users and licensees. Perens’ arguments are ill-informed at best.

In a follow-up, he also claimed that”the added burden on L-N to try to manage all the licenses would probably make it easier to forgo open sourcing their codebase.”My first thought was “Wow, maybe the BSA (Business Software Alliance) should knock on their doors to see if all their Windows software is properly licensed.” Instead, I pointed out that parent company Reed Elsevier is a US$9 billion dollar business that derives the bulk of its earnings from managing data, copyrights and licenses. It can certainly manage a few more license grants from contributors.

Checking With the Lawyers

Readers were also concerned that the whole “covenant” was too vague on many points, as well as being lopsided in favor of Lexis-Nexis. Perens’ response to lwn reader lutchann revealed why:”When you are working with a company as large as that (LN is a big division of huge Elsevier) with as many separate stake-holders in legal, management, etc., it’s always a negotiation. That’s what I could get.”Sad.

It didn’t help his case that Perens was also telling two different stories about the effects of copyright assignment — one to readers of lwn, another to slashdot. Two hours after he wrote lwn poster iabervon to say”this isn’t a problem because of a key feature of copyright law: A developer is always free to grant their own work to others under his/her own terms. The covenant doesn’t make you promise not to do so,”… he wrote on slashdot,”I agree that licensing your contribution back to you is desirable. I’ll include that in the feedback I’m sending them.”Perens is apparently a bit confused as to whether developers would need a license back. The answer is yes, because copyright doesn’t work the way he pretended it does. Original developers are not free to continue to grant rights to their work after they’ve assigned their rights to someone else. That’s the key point of a copyright assignment.

This probably explains why Perens wrote several times that he had to check with the lawyers to see what the various terms of the covenant really mean. It’s becoming painfully obvious that he doesn’t really understand “his own” license.

If this license is so complicated that he doesn’t understand it, shouldn’t it be fixed? And why would he be publicly advocating others use a license he doesn’t fully understand? This doesn’t inspire confidence.

Hand Over Those Assets

In reality, it is obvious that the covenant is not a meeting of the minds between equals, but a deal drafted by Lexis-Nexis to take as much and give back as little as possible. The “snatch-and-grab” was revealed in a follow-up to slashdot poster Roger W Moore, who wrote:”I fail to understand the need to assign copyright. Surely the developer can just give HPCC a license to the code which includes the right to relicense the code under any commercial license they wish so long as they continue to support and release an open source version. Call this the HPCC Turkish Delight license and then just say that you are releasing your code under this license instead of GPL/…. By assigning copyright HPCC could use the code in a different, closed source product without compensating the developer in anyway.” (emphasis added) Perens pretty much admitted it when he replied,”In building a balance that will motivate multiple parties to participate, you have to consider all of their needs. In the case of HPCC’s needs, this allows them to continue to own their entire product, and to list their entire product as an asset.” (emphasis added)The real reason for demanding copyright assignment instead of a license is to add to its copyright portfolio so it can list those additional copyrights as business assets, and also open up the ability to license the assigned copyrights individually outside of the project.

Think of it — how would you react if your neighbor asked for your blender for a party?Neighbor: I’m having a party. I need your blender.You:        Sure, you can borrow it.Neighbor: No, you don’t understand — I want you to give it to me                permanently.You:        Why would I do that?Neighbor: Because I’m having a big party and I’m going to make lots of $$$.You:       So just borrow it. You don’t need to keep it forever.Neighbor: But if I don’t own it outright, it will prevent me from having lots of                parties and making lots of money!You:       ???Neighbor: Don’t worry — I’ll let you borrow it back…You:       Gee, you’re so generous.Neighbor: — but only for your own personal use. You can’t use it with guests                or to throw parties or make money with it.You:       Enough! You’re giving me a headache. Just. Go. Away.

Open Source Magic

Does Perens really believe this is a great deal? What’s good for the goose is good for the gander, so I made him the same offer that his “covenant” provides:”assign ME your copyrights and I’ll give you a grant-back to use all the copyrights in the pool under the AGPLv3. I’ll go one further than Loopy-Noopy — I’ll even give you a grant-back to use them under a separate GPLv2 or later license, so you can contribute to projects like Linux, which is GPLv2 only. What could possibly go wrong?”He hasn’t yet taken me up on my oh-so-generous offer. I guess when the shoe is on the other foot, it doesn’t fit so well…

There are still some people who think that slapping “open source” on something will magically attract coders as sure as manure attracts flies. It doesn’t, but freetards won’t accept that. Coders that work on the sort of projects that Perens is proposing cost six figures a head. A one-sided “covenant” won’t interest them, and it just inflames everyone else.

This whole “covenant” shows disrespect for both the work and the rights of authors. Add to that the way that each iteration of the GPL adds more restrictions, and maybe it’s time for yet another license — but Bruce Perens’ covenant isn’t it.

And now for something completely different…

Part 2: The Respect The Programmer License (RPL) Version 0.3

Barbara Hudson's daughters and her dogs are a large part of who she is. As for computers, she's been writing code for longer than she really wants to admit. Now that she's returned to independent development, her current focus is on creating simpler and more secure code libraries. Her dream project? Creating the ultimate chess program. You can contact her at barbara.hudson@milsecure.org.

2 Comments

  • Look at "Barbara Hudson’s" last article, and how Perens panned it in comments at

    http://www.technewsworld.com/perl/board/mboard.pl?board=lnitalkback&thread=5582&id=5583&display=1#message_5583

    So, it looks like Hudson spent an entire evening attacking Perens on Slashdot in revenge, and then replayed her evening in this article.

    Perens idea is brand new. Maybe we should give him some time to work on it, and then have someone who isn’t angry at him analyze it.

    Peter Grafix

    • Anyone who cares to do a bit of research will find that he was pushing almost the same "license covenant" in February 2008 at another of his failed projects located here: http://kiloboot.com/company/press/releases/shhh/

      "We require copyright assignment to accept modifications to our software. This is necessary so that we can vend a commercial license. Unlike almost everyone else who requires copyright assignment, we covenant with the developer to continue to make an Open Source version of their contribution available as long as we (or our assigns) continue to develop our commercial version. This provides a fair quid-pro-quo for the contributor. Of course, the main incentive for contributing a modification that you have made to our products is that we’ll maintain it as part of our main code tree, and you won’t have to."

      So, an almost-4-year-old "covenant" that also falsely claims to require copyright assignment in return for making both an open and paid version available.

      As for the rest of Perens claims, he has pretty much demonstrated he doesn’t really know what his own 4-year-old license means ("I have to ask the lawyers" for even simple questions), so why would anyone trust his insight on *any* licensing questions?

      And no Peter, I did not spend "an entire evening attacking Perens" – it was only after he refused to answer questions from many of us that I realized that he was purposefully dissembling and decided to call him out on it.

      I also notice that you don’t have a single counter-point to the ones I made in the article 🙂

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Which review rating influences you most when researching a business?
Loading ... Loading ...

LinuxInsider Channels

IT Heads Wary Big Tech Will Taint Trust in Open Source: Report

A global study of IT business leaders praised the growing merits of open-source software amid concerns that big tech supporters could undermine its open qualities and collaboration.

Perhaps one of the main takeaways is the optimism IT execs (82 percent) feel about the future of open source. But that praise comes with a dire warning. Three-quarters (76 percent) of IT workers cited the involvement of big tech players in open source could erode confidence and trust in the open-source community.

Open-source infrastructure and application delivery vendor Suse, the company behind one of the oldest Linux distributions, on June 14 released the results of its open-source report. Suse CEO Melissa Di Donato the same day released an open letter to the world’s business leaders seeking their adoption of open source to spur more innovation and productivity.

The Suse study cataloged responses of 800 IT professionals in companies with at least 250 employees across a range of industry sectors. Researchers interviewed respondents in March/April this year.

Key findings from the research indicate that IT leaders (76 percent) are under even more pressure to deliver tangible outcomes for the business than last year. It showed security and remote access infrastructure concerns high on the list of challenges. In fact, non-stop IT and infrastructure have become more important than ever, according to the report.

“It’s no surprise that today’s IT leaders are facing more pressure than ever to deliver outcomes to their respective businesses than in 2020. One of the many findings from our research report showed that the opportunity to overcome these pressures is by simplifying how the business is run. And to do so, many leaders have turned to open source to help accelerate their initiatives,” Brent Schroeder, Global CTO for Suse, told LinuxInsider.

To solve these challenges, Suse’s research shows that IT leaders see an open-source strategy featuring containers, multi-cloud, and edge computing technologies as vital to supporting their priorities, observed Schroeder.

Top Tech Priorities Disclosed

The biggest technology challenges in the last 12 months, Schroeder said the report disclosed, include maintaining security and data access controls (43 percent), demands on remote access infrastructure (34 percent), pressure to reduce operational costs (34 percent), maintaining service availability/performance (33 percent) and reduced IT resource/staffing (33 percent).

“We have also identified that around four in five organizations (79 percent) say they feel like they always need to compromise between lowering costs and achieving better business outcomes,” he said.

The most important tech investment pillar remains simplifying how business leaders run their operations (61 percent), their rate of accelerating change and scaling the business (51 percent).

Tech approaches seen as important in supporting these investment pillars include multi-cloud strategy (85 percent), high performance computing (83 percent), 5G/enhanced connectivity (81 percent), DevOps (81 percent), automated AI (81 percent), and edge computing (80 percent).

Schroeder noted that the research revealed key elements about IT leaders’ perceptions of open-source technology. Those include:

  • 85 percent agree that open source enables innovation at the edge and is a way to cost-effectively drive innovation in general;
  • 78 percent are looking to migrate from proprietary to open-source solutions wherever possible; and
  • 30 percent of IT leaders report a lack of open source skills in the market while 32 percent want to develop their own skills and experience in open source.

Pandemic Challenges

Covid-19 has accelerated or increased tech innovation in 60 percent of organizations. It has continued at the same pace for 32 percent.

As a result, initiatives have been delayed or canceled for eight percent. That outcome led 86 percent to say non-stop IT and infrastructure stability is more important than ever.

“The pandemic undoubtedly had a profound impact across industries worldwide. As business leaders looked to revamp and pivot their strategies, we continued to see more investment as well as a shift in thinking towards a digital-first approach,” noted Schroeder.

“In order to do [that], IT leaders understood they needed to harness the power of technology to overcome challenges brought on by the pandemic,” he added.

Multi-Cloud and Edge Computing Essential

Interest is growing rapidly in multi-cloud and edge computing. A large majority of organizations (69 percent) say they currently have a multi-cloud strategy, and 28 percent are working on this in the next two years.

Key drivers for this strategy include cost-effectiveness (45 percent), increased flexibility and agility (44 percent), improving resilience/minimizing downtime (36 percent), and taking advantage of best-of-breed solutions (35 percent).

A major concern for IT is building cloud competencies and skills in the IT team (55 percent). A clear cloud adoption vision and plan is targeted by 48 percent of respondents. Other target areas are to modernize and migrate applications and processes (47 percent) and to identify and resolve any organization roadblocks (45 percent).

Innovating at the edge is another magnet for IT development. On a personal level, 43 percent of IT leaders say they are excited about the possibilities that edgecomputing presents. Nearly half (49 percent) say they are interested in the possibilities. Only seven percent are skeptical.

Key concerns about edge computing include security and accessibility, control and management, and data storage/access.

Big Tech Companies’ Looming Threat

Open source is gaining traction and relevancy in the global tech ecosystem. But it is important to recognize that not all open source is created equal, remarked Shroeder in response to IT worries about how big tech companies could erode its openness.

“Rather than look at this as a looming threat, we recognize this as an opportunity to showcase not only the value of open-source technology but how openness and inoperability are critical to the success of every industry,” he offered.

That is why Suse is asking business leaders from around the world to join the company “Choose Open,” he added. “The campaign drives forward the notion that openness, not technology alone, must be at the heart of all digital transformation as well as emphasizes that open source not only is critical for innovation, but brings out the best creativity and ingenuity in all of us.”

Dear World, Use Open Source

Along with releasing the Suse report, CEO Melissa Di Donato also penned an open letter to the world’s enterprises urging IT to maximize the power of open source. The notion of “openness” represents our society’s limitless possibilities, she began. This openness inspires diverse communities to come together, bringing ideas to life, she wrote.

“Openness, not technology alone, must be at the heart of all digital transformation. The magnitude of challenges facing businesses and governments today can no longer be solved behind closed doors. They require the speed and scale of innovation that only the open-source model with its rich community of over 56 million contributors — can provide,” she added.

That is why open source has become the foundation for many businesses. For instance, 99 percent of Fortune 500 firms currently use open source, she noted. Suse believes that borders should exist only on maps, not in our heads. Society is stronger and more resilient with thought diversity of thought to drive innovation, flexibility, and choice.

“I invite you to find out. I invite you to Choose Open,” offered Di Donato in closing her open letter to technology users.

Unleashing Open Source’s Potential

Open-source software has become more relevant now than ever, the Suse report acknowledged. As the software comes with full access to the underlying source codes, it means organizations can enable their developers to optimize and enhance a solution to fit their exact needs and requirements.

Unlocking the potential of open source was a key focus of IT for enabling innovation at the edge (85 percent). The same percentage (four out of five organizations) see open source as a way to cost-effectively drive innovation.

That sentiment repeated strongly across all of the regions surveyed. Almost the same number (83 percent) say open source is becoming increasingly important in their tech initiatives.

Suse’s research shows that open-source migration is well underway globally. For example, three key regions are leading the way in the open-source adoption trend. Brazil’s and Singapore’s adoption rate is 85 percent. The U.S. adoption rate is 81 percent, according to the report.

The downside is 30 percent of IT leaders report a lack of open-source skills in the market. Some 32 percent are looking to develop their own skills and experience in open source.

For Free Often Primary Attraction

What most business leaders care about with open-source software is being able to use it for free, according to Robin Schumacher, vice president at Netdata. They will cite other OSS benefits such as collaborative innovation, but practically, cost reduction with open source is what they care about most on a daily basis.

“There is no doubt that if an 800-pound tech gorilla becomes the primary developer behind an OSS project, they have a number of tactics at their disposal to push users of that project towards their paid-for versions that commercialize the OSS core,” Schumacher told LinuxInsider.

The primary antidote to mitigate that risk is a vibrant community that participates in the project. That community should have no problem making the decision to fork the project if the primary tech vendor deliberately stagnates the project, he suggested.

However, the key to making that happen is the community must possess the technical prowess needed to intelligently advance the project without the primary contributor.

He sees signs, though, signaling large tech companies have turned the corner with how they value and participate in OSS. For example, Microsoft called Linux a cancer back in 2001. Today, however, it is a different story.

Microsoft acquired GitHub in 2018 and runs Linux on its Azure cloud. Microsoft has measurably become the top open-source contributor on earth, noted Schumacher.

“This was arguably done to keep the company’s love affair with developers as red hot as possible,” he said.

Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open-source technologies. He is an esteemed reviewer of Linux distros and other open-source software. In addition, Jack extensively covers business technology and privacy issues, as well as developments in e-commerce and consumer electronics. Email Jack.

1 Comment

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Related Stories